This special edition of Payments Pulse includes links to news stories and information relating to recent fraudulent payment activity that is impacting financial institutions across the country. Our goal is to provide guidance for you and your team, answers to your questions, and training recommendations (to enhance your fraud detection skills). We hope you find this helpful.
|
|
|
Industry News & Resources
Source: Dept of Treasury, IRS, US Secret Service and CISA
Source: Nacha
Source: Pymnts.com
|
|
|
Fraud During a Pandemic
We have received numerous reports of a well-organized international crime ring that is exploiting the COVID-19 pandemic by committing large-scale fraud against multiple state unemployment programs. The potential losses are in the hundreds of millions, according to the U.S. Secret Service. The activity caught the attention of many savvy payments professionals and your instincts to call TCHPA for guidance have been excellent. With your help, we have been able to work with our industry partners to piece together the details of this unique, elaborate scheme and the impact on our members.
|
Following is a high-level overview of our findings to date:
- Secret Service has confirmed a known fraud group who have managed to file fraudulent on-line unemployment claims in the names of unsuspecting individuals (many of whom are still actively employed).
- Identities used are likely synthetic, using pieces of various individuals’ Personally Identifiable Information (PII) to simulate one person.
- In some instances, it was a single transaction, while others reported 10 or more transactions to the same account in a single day. In the case where the account holder was watching for the credits, they have typically been newer accounts with low balances until these funds were received.
- In all cases, the payment was for the benefit of someone other than the account holder.
- In some cases, account holders have been enticed to act as a mule and to re-direct the received funds back to the fraudsters, with notable use of the Cash App as a way to complete the transaction. Others have been directed to withdraw the cash and mail it out of the country.
- Some transactions were returned R03 (No Account/Unable to Locate Account). Some RDFIs returned the transactions R23 (Credit Entry Refused by Receiver) after being contacted by their account holder who noticed the credit while checking their banking activity online. In other cases, your fraud detection techniques kicked in and you returned the transaction using the R17 return code (RDFI Believes the Item was Initiated Under Questionable Circumstances).
- Nacha, TCHPA and other payments associations are encouraging financial institutions to remember the various return timeframes and respond accordingly (ACH Rules, Page OR135). In the event fraudulent credits are unable to be returned in the appropriate 2 day time frame; the RDFI can make the decision to utilize the R23 for this instance only.
|
The plot thickens… This is not about ACH fraud. This scheme started with the filing of fraudulent unemployment applications thereby defrauding states with fictitious identities (identity theft), resulting in the states including these benefits in their properly formatted ACH files. This is also about money laundering as the fraudsters are using routing and account numbers for active accounts, and asking mules to then send the money back out of the country using various methods. You never know what they might do with that information next.
|
A reminder for RDFIs:
- Always alert your BSA/Compliance Officer when you recognize suspicious activity to ensure you follow proper procedures. As an RDFI you hold no warranties to the validity of the transaction; however BSA/AML calls out willful blindness and obligates the financial institution to take action!
- Your job is to react to suspicious/fraudulent activity in a timely manner, unless you need to freeze the account for an investigation. Consult your account disclosures to ensure you are covered.
- Return what you can using the BEST POSSIBLE return code.
- Counsel your account holders on how to avoid these traps in the future. You might consider establishing a new account for them, since their current account number is known.
|
|
|
TCHPA Education No charge for members!
Scheduled Session:
- BSA/AML Compliance Virtual Workshop (Webinar)
June 4 9:00am-4:00pm ET Previously scheduled as a face-to-face event, this session will now be presented as a live, virtual event.
Session presenter, Nancy Lake from Compliance Anchor, is an expert in what every financial institution needs to know to implement and maintain a comprehensive BSA/AML program. Topics will include risk assessments, CDD/EDD, Fraud, Elder Abuse, Human Trafficking, Marijuana and more.
On-Demand Recorded Training:
|
|
|
Member Support
Remember, when you need support from The Clearing House Payments Authority (TCHPA), you can reach our Member Services staff directly by calling 800-875-2242 and choosing option 3, or by emailing education.services@theclearinghouse.org. Although our staff is working remotely due to the COVID-19 pandemic, we’re still available to provide the support you need in a timely manner!
|
|
|
|
|