fraudsters’ accounts malek costa, cpa head of group compliance blom bank sal
TRANSCRIPT
Fraudsters’ Accounts
Malek Costa, CPA
Head of Group Compliance BLOM Bank sal
2
Table of Contents Beneficiary’s Bank Account opening process “Mule” Money or Accounts Returning your client’s money
04/21/23 3
Beneficiary’s Bank
• Big or Small Bank• Bank’s Jurisdiction • Bank’s AML/CFT Controls in place
Accounts’ opening process
• Type of Accounts:– Non Face-to-Face
– Face to Face
• Customer Identification Program (CIP) of the Bank.– The CIP must be written, incorporated into the institution's Anti-
Money Laundering program, and approved by the institution's board of directors.
– The CIP must include risk-based procedures to verify the identity of customers (generally persons opening new accounts).
– Procedures in the program should describe how the bank will verify the identity of the customer using documents, non-documentary methods, or a combination of both
– The procedures should reflect the institution's account opening processes - whether face-to-face or remotely as part of the institution's e-banking services.
Accounts’ opening process
– As part of its nondocumentary verification methods, a financial institutions may rely on third parties to verify the identity of an applicant or assist in the verification. The financial institution is responsible for ensuring that the third party uses the appropriate level of verification procedures to confirm the customer's identity. New account applications submitted on-line increase the difficulty of verifying the application information
Accounts’ opening process
• Many institutions choose to require the customer to come into an office or branch to complete the account opening process. Institutions conducting the entire account opening process through the mail or on-line should consider using third-party databases to provide:
• Positive verification to ensure that material information provided by an applicant matches information available from third-party sources,
• Logical verification to ensure that information provided is logically consistent, and
• Negative verification to ensure that information provided has not previously been associated with fraudulent activity (e.g., an address previously associated with a fraudulent application ).
“Mule” Money or Accounts
• Mules are the ones who receives the cash or goods from a fraudulent operations and transfer them back to the fraudster.
• “Bank Drop” and “Item Drop” Scenarios
• Mules are a crucial part of the work of fraudsters
• Money mules are often unaware that they are accomplices to a crime.
“Mule” Money or Accounts
• Mule Herders: fraudsters who specialize in recruiting mules and managing mule networks. Fraudsters realized they could recruit mules more easily by doing what they do best: scamming them over the internet.
– fraudsters create and advertise a fake “work from home” opportunity.
– create a fake website for a nonexistent company (usually in the shipping field)
– spam job seekers’ emails.
– advertise the opportunity to work from home as an “account manager”, “Financial manager”
– claim that the position is designed to help the company’s foreign customers receive funds from banks
“Mule” Money or Accounts
– Interested parties are interviewed by phone or email and then receive a contract to sign, largely to make it appear as though the entire operation were legitimate
– When the mule starts working, they provide the fraudster their bank account details, and the cybercriminal in turn uses the mule’s bank account to send fraudulent transfers.
– Once the money is received in the mule’s account, the mule picks it up and forwards it. His or her “salary” is a percentage of the transferred sum, which the fraudster absorbs as an expense
– The mule is usually operational until the bank realizes the account is used as a mule (which can take some time, considering it’s the mule’s personal account which has a legitimate activity history), at which point the bank shuts the account down.
“Mule” Money or Accounts
• Mules can also be recruited as witting accomplices, usually from poorer countries. These mules are flown someplace with tickets paid for by the fraudster, and in return they either need to open bank accounts or pick up items. Mules are also flown by fraudsters to the foreign countries where they open a bunch of mule accounts, extract the fraudulent funds, and fly out.
• Money mule, who is left holding the bag, faces criminal charges, while the cyber criminal, residing in a different country, under a different jurisdiction, gets away scot-free.
“Mule” Money or Accounts
• Identifying unwitting mules can be very easy by asking simple question before they can open bank accounts. It is the same as security screening found in airports, where weird sets of questions are asked; questions that are not designed for liars but for certain individuals who were cheated and place into a particular situation. For example:– Asking the potential customer whether someone else told him or
her to open a banking account in this bank.– Asking if opening this particular bank account is related into a
particular job offer he or she received on the internet or even in the real life.
– OR any other questions that would raise an alarm for the bank.
Returning your client’s money
• The ordering customer should sign a declaration letter stating that he was exposed to a fraudulent transaction, ask his bank to claim for the amount from the beneficiary’s bank under his full responsibility and bearing the consequences that may occur from this process.
• The Ordering and Beneficiary banks sign a “Hold Harmless and indemnification Agreement” .– Stating that transaction is erroneous/improper/ unauthorized.– The ordering bank is requesting a debit for the full amount from
beneficiary’s account and remit the funds back to the ordering customer accounts.
– The ordering agree to keep the beneficiary’s bank indemnified against all actions, proceedings, claims , losses, etc…
THANK YOU