Virtual Financial Crime Conference - Thursday 30th September 2021 Challenges and best practices 17 SEPTEMBER 2020 | 13:30 - 16:30 BST - UK.COM
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Virtual Financial Crime Conference Thursday 30th September 2021 SM&CRand Challenges post-implementation best practices forum 17 SEPTEMBER 2020 | 13:30 - 16:30 BST
Financial crime – the evolving landscape and practical lessons learned Katie Stephen, Partner Andrew Reeves, Partner Thursday 30 September 2021 Norton Rose Fulbright LLP
Agenda The evolving landscape and emerging trends: • AML • Market abuse • Fraud • Vulnerable customers 3
AML – recent developments Home Office Dear CEO guidance on CPS guidance letter re AML SARs and on failure to systems and disclosure in report controls civil litigation First criminal Consultation proceedings on AML under MLRs regime 2007 4
AML – practical takeaways Be aware of evolving risks Document arrangements and rationale Systems and controls reviews Role of senior managers 5
Market abuse – recent developments Communication Inside information Market volatility channels Recording, Controls and Calibration of monitoring, retaining surveillance surveillance 6
Market abuse – practical takeaways What should firms be thinking about? Adequacy of market Messaging systems abuse controls Support for senior and social media managers 7
Fraud £754m stolen from bank customers in H1 2021 Fraud level “a Law Commission national security consultation threat” (UK Finance) Recent developments Practical steps by Misuse of Covid- firms related schemes Increasing expectations on firms 8
Vulnerable customers and financial crime – recent developments FCA guidance FCA on the fair warnings and Recent treatment of campaigns decisions vulnerable customers The new Financial Consumer abuse code of Duty practice 9
Vulnerable customers & fraud – key takeaways Training Record keeping Governance, oversight and reporting Emerging tools Customer communications, feedback and complaints 10
11
Contacts Katie Stephen Andrew Reeves Partner Partner Katie.stephen@nortonrosefulbright.com andrew.reeves@nortonrosefulbright.com 020 7444 2431 020 7444 3138 12
Law around the world nortonrosefulbright.com Norton Rose Fulbright US LLP, Norton Rose Fulbright LLP, Norton Rose Fulbright Australia, Norton Rose Fulbright Canada LLP and Norton Rose Fulbright South Africa Inc are separate legal entities and all of them are members of Norton Rose Fulbright Verein, a Swiss verein. Norton Rose Fulbright Verein helps coordinate the activities of the members but does not itself provide legal services to clients. References to ‘Norton Rose Fulbright’, ‘the law firm’ and ‘legal practice’ are to one or more of the Norton Rose Fulbright members or to one of their respective affiliates (together ‘Norton Rose Fulbright entity/entities’). No individual who is a member, partner, shareholder, director, employee or consultant of, in or to any Norton Rose Fulbright entity (whether or not such individual is described as a ‘partner’) accepts or assumes responsibility, or has any liability, to any person in respect of this communication. Any reference to a partner or director is to a member, employee or consultant with equivalent standing and qualifications of the relevant Norton Rose Fulbright entity. The purpose of this communication is to provide general information of a legal nature. It does not contain a full analysis of the law nor does it constitute an opinion of any Norton Rose Fulbright entity on the points of law discussed. You must take specific legal advice on any particular matter which concerns you. If you require any advice or further information, please speak to your usual contact at Norton Rose Fulbright.
THE CHALLENGES OF FRAUD PREVENTION IN THE AFTERMATH OF A PANDEMIC Amber Burridge, Head of Fraud Intelligence, Cifas
A challenging 18 months – a changing landscape 15 • According to action fraud, £34.5 million lost to COVID scams – from PPE scams, to return to work, to the vaccine roll out • Bank transfer fraud losses surge to £479m in 2020 thanks to the pandemic • In the FY2020/21, £2.2 million was lost to holiday scams – that’s £1,242 • Up to June 2021, 1,085 reports of ticket fraud had been made so far this year, equating to an average loss of £850 per victim. • Victims have lost over £15 million this year alone to bogus investment scams on dating platforms. • Every day, there are 65,000 attempts to hack SMEs, around 4,500 of which are successful. • Vulnerabilities with remote working as reports suggests 85% of employees are more likely to leak sensitive files now than before the COVID-19 pandemic
A challenging time – 2020 16 Cifas members recorded one case to the national fraud database every two minutes. 60% of cases were identity fraud – 26% increase in companies being impersonated in 2020. 78% of misuse cases on bank accounts in 2020 had intelligence that indicates money mule activity. 21% increase in facility takeover – predominately online retail and telecom products targeted. For the Insider threat, Unlawful obtaining or disclosure of personal data rose by 43% in 2020.
17
Victims of Impersonation 18
19
2020 vs 2021: Cases where intelligence indicates mule activity 20 76% 78% 32% 24% -1% 36%
21
Victims of Takeover 22
Focus on Investment and savings products 23 • In the first six months of 2021, cases on savings products rose by 41%, predominately in relation to personal savings accounts. • Identity Fraud rose by 57%. Most filing reasons are for impersonation, current address fraud • Misuse of facility rose by 13%. This is mainly for funds received, conduct unexplained • In the first six months of 2021, identity fraud on personal savings rose by 58%. • 42% of victims of impersonation are aged 61+ and predominately male. • Law enforcement continue to report on high levels of scam investments particularly in relation to digital currency. Victim aged 60+ continue to be a key target for this kind of activity. Identity Fraud • Some victims are exploring these ‘investment opportunities’ to help reduce the financial impact of inheritance tax. • Courier fraud where the victim is contacted by the FCA stating their financial advisor is under investigation and they need further details about them and their accounts. • 47% of misuse of savings accounts have intelligence that indicates mule activity. • A third are recorded within 3 months of application date. • 38% tend to be aged between 21 and 30 years old • Recent intelligence suggests “piggyback fraud” cases involving threat actors opening a new savings product through a mule account Misuse of Facility • Experian also said that fraudulent openings for savings accounts were three times the rate in Q2 2021 compared to the previous quarter
Key intelligence on Investments and Savings 24 • Reports of fake investments being promoted through dating apps. Once matched, a scammer the threat actor will gain a level of trust and turn the conversation to finance and potential investments, offering ‘tips’ and instructing the recipient to download a fake trading app. The fraudster will provide incentives, such as promising their victim can reach a premium "Gold" or "VIP" status • Reports of an increase in investment frauds where customers are duped into signing up to invest in cryptocurrency. Advertisements for these investments are seen across social media but specifically Instagram and Snapchat. In some cases individuals are instructed to download fake trading apps • Threat actors posing as a well known investment firm targeting victims with cloned websites and fake documents. A closer look at the impersonation shows that the website provided in the emails sent to potential victims looked like an exact copy of the genuine Interactive investor website.
25
26
Key insider threat intelligence 27 • Reports of staff members being approached via social media and offered money to provide customer details on specific accounts. They also noted a number of staff members changing details on accounts to help facilitate fraud. • Instances where staff members where claiming they needed to self isolate as a result of being "pinged" by the app or because they have tested positive. Investigations revealed they had been out socialising when they said there at home self-isolating and unable to work. • Instances where staff have falsely added themselves to the system indicating they attended a key meeting whereby a product was recently sold to a customer in order to profit from commission payments. • Reports of staff redirecting customer investments in to accounts in their control • Offboarding is also an issue – a member of staff who was working their notice period had started working for another organisation. The employee had sent across a number of large customer data sets to their new company email.
Key Challenges 2021 - cases up 13% first half of 2021 28 • In the first six months of 2021, identity fraud has risen by 11%. • Unprecedented volume of phishing, smishing and vishing • Impersonation scams purporting to be from bank or other authority figure Identity Fraud • Spoofing of brands and investment scams • Subscription based criminal services offering sophisticated products • The number of those involved in this type of activity has risen by 57% in 2021 in the first six months of 2021. • Social media channels being used to recruit money mules • Receipt Generators Misuse of Facility • Individuals taking out products with no intention to pay and abusing “buy now pay later” schemes • This has increased by 14% in 2021, with 44% via telephony channels. • Spoofed text numbers to obtain personal and financial information • Paid adverts directing customer queries to malicious (including spoofed) websites Facility takeover • Social engineering of both customer and contact centre staff • Attitudes already suggest that as many as 30% of job applicants include fake references on their resumes • Organisations adopting more agile working longer term and associated vulnerabilities • Poor cyber security measures/protection and threats posed by use of personal devices Insider Threat • Staff approaches in economic uncertainty
Defending yourself and your organisation: Key takeaways 29 ✓ Bolster digital and telephony channels ✓ Consider reviewing verification checks ✓ Carry out checks to see if your brand is being abused ✓ If a consumer makes changes to their account, carry out full checks ✓ Screening staff throughout their employment journey is essential. ✓ Are your working from home policies sufficient? ✓ Are you part of a fraud prevention community?
www.tisa.uk.com Dakota House, 25 Falcon Court, Preston Farm Business Park, STOCKTON-ON-TEES, TS18 3TX 01642 666999 | enquiries@tisa.uk.com
You can also read