Increased External Fraud Activity Targeting the Federal Banking System: OCC

Samantha: Hello, this is Samantha Shares.

This episode covers

A portion of The O C C's Semiannual
risk perspective Special topic

Increased external fraud activity
targeting the federal banking system.

The following is an audio version
of that portion of the report.

This podcast is educational
and is not legal advice.

We are sponsored by Credit Union
Exam Solutions Incorporated, whose

team has over two hundred and
forty years of National Credit

Union Administration experience.

We assist our clients with N C
U A so they save time and money.

If you are worried about a recent,
upcoming or in process N C U A

examination, reach out to learn how they
can assist at Mark Treichel DOT COM.

Also check out our other podcast called
With Flying Colors where we provide tips

on how to achieve success with N C U A.

And now the letter.

The special topic focuses on
the increasing trend in external

fraud activity targeting consumers
and the federal banking system.

The frequency of both traditional
and novel, more sophisticated fraud

activities targeting customers
and banks continues to increase.

Banks should maintain sound fraud risk
management practices through prudent

controls and appropriate fraud monitoring
capabilities to identify, investigate,

mitigate, and report fraudulent activity.

Banks can also support their customers
by providing educational information

about trending fraud activities
and ways to protect themselves.

Criminals continue to exploit
traditional payment methods through

check and wire transfer schemes.

The Financial Crimes Enforcement
Network (F I N C E N) September 2024

"Financial Trend Analysis" analyzed
threat patterns and trend information on

mail theft-related check fraud incidents
over a six-month period in mid-2023.

The report noted that financial
institutions filed 15,417 B S A reports

on mail theft-related check fraud, 13,618
(88 percent) of which were filed by banks.

It described several types of check
fraud such as bad actors altering

stolen check payees and amounts, using
the stolen check to create counterfeit

checks, fraudulently signing the check,
and selling the check or its identifying

information on dark web marketplaces
or encrypted social media platforms.

Furthermore, the O C C's Customer
Assistance Group observed an

increase in the number of check
fraud-related complaints submitted

by consumers over the past year.

Federal banking system-related wire
transfer complaints that consumers

submitted to the Customer Assistance
Group reflect an increasing trend.

For wire transfer schemes, the
fraudster often poses as a trusted

business, government agency, or even
a bank employee, fabricating scenarios

that require immediate action and
convincing, with urgency, victims to

wire money to a fraudster's account.

In most cases, once the wire transfer is
complete, the funds cannot be retrieved.

While artificial intelligence (A I)
can enhance fraud risk management

capabilities, reduce costs, and
improve efficiency, this and other

new technologies are also being
used to enable increasingly more

sophisticated and frequent fraud tactics.

Fraudsters could use A I to implement
sophisticated frauds by digitally

altering voices, biometric systems, or
images (also known as "deepfakes"), or

to facilitate social engineering schemes,
identity theft, and impersonation of a

trusted business or government agency.

For example, deepfakes through voice
replication have been used to perpetrate

fraud by tricking voice biometric
systems or by convincing a victim they

are dealing with someone they know
and trust, such as a family member.

Increasing product and service
digitization can also heighten fraud risk,

including fraud targeting peer-to-peer
(P2P) and other fast payment platforms.

P2P payment platforms can provide enhanced
capabilities and convenience to consumers

and other users for managing payments.

However, criminals also have exploited
the faster, more streamlined payment

capabilities and the irreversible and
irrevocable nature of these payments.

Effective fraud risk management
includes appropriate internal controls,

such as authentication, customer
identification and verification

processes, fraud monitoring, and
open lines of communication between

bank departments responsible for
researching unusual activities.

It is critical for banks to
promptly identify, investigate,

and resolve suspicious activities
and potential fraudulent concerns.

Banks should also continue to promptly
identify, investigate, report, and

resolve fraud concerns in accordance with
applicable laws and regulations, including

the B S A, Expedited Funds Availability
Act (Regulation C C) and Electronic

Fund Transfer Act (Regulation E).

Recent increases in the volume of
fraud cases have led to heightened

unfair or deceptive acts or practices
(U D A P) risk as some banks

may take prolonged timeframes to
complete investigations or implement

broad account access limitations,
preventing customers---including

those who are not victims of
fraud--- from accessing their funds.

If banks on either side of the
transaction do not complete

investigations expeditiously, customers
may not have access to funds for

extended periods of time, which may
create financial hardship for them.

Banks can continue to support customers
by providing information about scam

and fraud trends and education of
potential preventative measures.

For example, to address the prevalence
of text messaging and bank impostor

scams, it can be beneficial to inform
customers about how the bank will

contact its customers regarding potential
fraudulent transactions, as well as the

strengths and limitations of various
authentication methods and how to

identify potential fraudulent schemes.

Banks can also develop policies and
procedures regarding what and how to

communicate with customers when the bank
determines that account access should

be limited, taking care not to reveal
the existence of any suspicious activity

report (S A R) filing, and ensuring that
the communication is otherwise consistent

with safe and sound banking practices.

Communications can provide
critical information to customers

seeking to access their funds.

In addition, staff can be trained to
identify and respond to customers seeking

to conduct unusual transactions that have
signs of fraud, such as a large withdrawal

or wire transfer that may be outside of
a customer's usual transaction habits.

Employee training may also include
identifying red flags for different types

of financial exploitation, providing
proactive approaches to detecting and

preventing elder financial exploitation,
and detailing actions for employees

to take when they have concerns.

When multiple departments are responsible
for researching unusual account activities

across functions such as B S A compliance,
fraud prevention, consumer protection,

and open lines of communication
between the bank's departments are

important and may result in enhanced
coordination and expedited resolution.

This concludes the fraud
portion of this report.

If your Credit union could use assistance
with your exam, reach out to Mark Treichel

on LinkedIn, or at mark Treichel dot com.

This is Samantha Shares and
we Thank you for listening.

Increased External Fraud Activity Targeting the Federal Banking System: OCC
Broadcast by