The director of the Financial Crimes Enforcement Network (FinCEN), Kenneth A. Blanco, gave a speech at the 2019 Federal Identity (FedID) Forum and Exposition on Tuesday (Sept. 24), to talk about digital identity today, how safe it is and what the agency is doing to protect it against financial crimes, according to prepared remarks.
One of the biggest problems, Blanco said, is account takeover.
“Account takeover, which involves the targeting of financial institution customer accounts to gain unauthorized access to funds, is an extremely common cybercrime affecting U.S. financial institutions,” he said. “FinCEN is seeing around 5,000 account takeover reports each month involving approximately $350 million,” he said. “These are attempts, and, often because of diligent work by bank compliance officers, do not represent actual losses. With billions of compromised credentials exposed online, there is a high likelihood that most users of the U.S. financial system have had some information about themselves … compromised at some point.”
Criminals will get this info through hacking or by social engineering and phishing. Most will target banks because of the high number of accounts, but casinos, customers, insurance companies and money services are all attractive targets.
There are also a lot of illegal activities involved with wire, credit card and automated clearing house (ACH) fraud.
“By using stolen data to create fraudulent accounts on fintech platforms, cybercriminals are able to exploit the platforms’ integration with various financial services to initiate seemingly legitimate financial activity while creating a degree of separation from traditional fraud detection efforts,” he said. “Some criminals are also monetizing stolen credit card information through fraudulent merchant accounts to charge victims’ cards, or are simply creating fraudulent user accounts on fintech platforms as part of identity theft or synthetic identity fraud.”
FinCEN said it is committed to fighting hacking and other illicit activities, and that it regularly talks to stakeholders in the financial technology space to make sure that engagement is up to par and to promote digital identity solutions.
FinCEN has developed and continuously updates “one of the most effective AML [anti-money laundering] and CFT [combatting the financing go terrorism] regimes in the world,” Blanco said. “But, as strong as our AML/CFT framework is, malicious actors will continue to attempt to exploit any vulnerability to move their illicit proceeds undetected through legitimate financial channels, in order to hide, foster, or expand the reach of their criminal or terrorist activity.”
Blanco said vigilance is important for everyone and that his organization will work to secure regulatory gaps that allow for illicit activities to take place.