FCA publishes proceeds of fraud report
The Financial Conduct Authority has published its research into payment account providers’ systems and controls against money mule activity.
A money mule is someone who is recruited by criminals to move illegally obtained money. Money mules, knowingly or not, play a crucial role in the process of cashing out the proceeds of fraud.
The report focused on Payments Service Providers and Electronic Money Institutions (firms) and on the systems and controls firms have in place to detect and prevent money mule activity. Amongst the good practices the FCA established were the following.
- Systems and controls: firms were using new technology and the National Fraud Database as part of their onboarding processes.
- Use of intelligence: many firms were engaging with various external bodies to discuss intelligence and emerging threats.
- Training: some firms dedicated training for staff on financial crime and specifically fraud.
Areas marked for improvement include the following.
- Governance, management information (MI) and risk assessment: where firms had more mule accounts than their peers, a lack of senior management oversight and a lack of MI reporting was apparent.
- Onboarding: some firms were carrying out few checks, relying instead on customers’ subsequent behavior; some were not capturing all relevant information; some were not establishing why a few customers were using virtual addresses; some were not questioning why multiple customers were using the same device to access accounts or used the same physical address; some were not confirming addresses by checking to see if a card sent there had been activated.
- Transaction monitoring: some did not have adequate inbound transaction monitoring processes hence may miss where, for example, a dormant account is suddenly in receipt of significant funds; device profiling, geolocation and behavioral biometrics systems were often absent; some firms were not able to explain the workings of machine learning tools they had introduced to monitor transactions; some firms had transaction monitoring alerts that had been activated without rule parameters having been met; some analysts within firms were uncertain about the specific criteria that triggered alerts in the machine learning tool being used; some firms were not acting quickly enough to rectify these issues; and, where alerts’ were investigated, often poor reporting meant that there was an inadequate audit trail.
- Reporting: some firms do not always respond quickly and efficiently to other firms raising the alert via relevant reporting systems (such as the National Fraud database); in some instances, Suspicious Activity Reports (SARs) were not raised at all or were not raised as quickly as the regulator expects. The regulator also found a lack of data sharing between some firms that are not part of similar UK reporting or data sharing initiatives.
- Resourcing: some firms would benefit from dedicated resource.
- Communication and awareness: some firms were not adequately informing customers about the impact and risk of fraud.
- Training: the regulator has concerns in relation to the effectiveness of fraud alert investigations within some firms.
The FCA notes under Next Steps that: “We will use our full regulatory tools, including appropriate enforcement, should we identify a firm failing to maintain proportionate and adequate controls and thereby allowing its services and customers to be exploited by fraudsters. Crucially, firms must consistently adapt their detection and monitoring methodologies, prioritizing the identification of money mule activities alongside educating consumers about the inherent risks involved.”
Hedge fund manager guilty of Ponzi scheme
Michael Williams, the former CEO of Highguard Capital and Guardian Opportunity Management, has pleaded guilty to wire fraud and faces up to 20 years in prison.
Williams convinced victims to invest more than $3 million in his funds, but used their money for undisclosed and unauthorized purposes, including to settle civil lawsuits and repay investors from other funds that he had lost money on.
In early 2021, Williams convinced one investor to invest $1 million in Guardian Opportunity Management, even though he knew that the fund had recently lost 90% of its assets under management. He also failed to inform her that he intended to use her money to repay other investors who were threatening to sue him.
ECB confirms next stage of digital euro
The European Central Bank has published a new report summarizing the main findings of the digital euro investigation phase and presenting the arguments for moving to the next phase of the digital euro project. The next phase – the preparation phase – will start on 1 November 2023 and will initially last two years. It will involve finalizing the digital euro rulebook and selecting providers that could develop a digital euro platform and infrastructure. Following the two-year preparation phase, the expected next steps would be decided by the Governing Council based on the results of the first stage and developments in the legislative process.
A selected summary of key developments for regulated financial institutions
Access all of our daily regulatory content by using the login button below.
To find out more about how CUBE can help your business click here.