A lonely woman falls for a silver-haired gentleman-the face of a criminal enterprise in Africa-in one of the most common romance scams known to law enforcement. She loses her house and her savings. She is devastated both financially and emotionally, taken in by shysters who understand the vulnerabilities of the lonely. And in this true case, the lonely woman is also a victim of the American banking system.
When we first meet "Ms. Gray" she is sitting pretty on the cusp of retirement. She owns her home, has money in the bank, and at 65, will soon be receiving Social Security. Life is good, except for the loneliness. Within 6 months she will have lost her home, her savings, and her sense of safety. Being taken in by the handsome white-haired gentlemen who gained her trust on an Internet chat room was bad enough. What troubles her even more is the fact that one of the largest banks in the world-despite numerous strong red flags-enabled the financial fraud leaving her financially broken and the fraudsters financially whole.
This was a multi-bank scam involving sophisticated megabanks that included wire transfers, automated clearing house (ACH) transactions, high-risk countries and out-of-profile activity by our victim. And yet they failed to detect the fraud. The fraudsters were also sophisticated-in the psychology of lonely people and in bank payment systems. They operate out of cavernous rooms filled with computers, the perpetrators reading from scripts, luring people from chat rooms, dating sites, social media in general. They know human nature. More importantly, they know precisely how transactions flow from bank to bank, country to country, within and between application software. In this article we'll focus on what happens within a bank and how banking software should have been used to detect, stop and mitigate this crime. 1
Under Know Your Customer (KYC) mandates the victim's bank (MegaBank1) would have created a profile of Ms. Gray and assigned her a risk category. The bank will have assessed various facets of her as a customer: her account types; her transaction types; typical dollar amounts of transactions; and which countries may have been involved in her transactions. They also would have determined a baseline of her transactional activity (behavior) to set a pattern against which future transactions or account changes would be compared. Any time she acted outside of her profile, a transaction monitoring or fraud detection system would issue an alert to notify bank staff that something may be amiss and that a Suspicious Activity Report may have to be filed with the Financial Crimes Enforcement Network (FinCEN)2.
Ms. Gray, being over 60, employed, and a home-owner, was computed by the bank's scoring algorithms to be low risk. Her account types and transactions were considered to be low risk as well. She had a checking account with a balance of approximately $1,500 and a Home Equity Line of Credit (HELOC) supported by the value of her home, worth over $600,000. Over the course of two years her accounts were almost dormant. There were fewer than 30 low-dollar transactions through her checking account; she had not activated her HELOC; and she had not used the Internet/telephone banking feature that came with the checking account. She had never made a wire transfer or used the Automated Clearing Houses (ACH) for regular debits/credits to or from another bank.
And then...a barrage of high-dollar transactions involving multiple banks and countries hit her account. The fraudsters had convinced Ms. Gray that money needed to be wired to Ghana so that her love interest could get his son out of the country. When she demurred, they told her they would put money into her account and then she should wire the money to a financial institution in Ghana (which was 90% owned by a bank in Nigeria). Not only was Ms. Gray's profile "shattered" by the following transactions in general (volume, dollar value), she (actually the fraudster) was transacting with high-risk financial institutions and countries.
These transactions were red flags, glaring to a trained anti-money laundering (AML) or fraud specialist, that nevertheless eluded detection. The bank had not created detection algorithms in their application software to identify the fraud:
1. In a span of three weeks, 15 ACH transactions were made by telephone transfer, deposits into her HELOC. Each of the transfers, for just under $20,000, was a debit against a concentration account (for an offshore Caribbean bank, held at another bank, MegaBank2). A third bank, MegaBank3, was the settlement bank for these ACH transfers3.
2. Ms. Gray was instructed to transfer these funds from her HELOC into her checking account so she could then wire the funds out. She did this in the same time period, in five large-dollar amounts ($20,000, $20,000, $10,000, $40,000 and $80,000).
3. The final step was three wire transfers for $40,000, $45,000 and $80,000 in the final two weeks of this cycle. Ms. Gray went to a branch of her bank, MegaBank1, to do this. In her instructions to the teller, she stated that the funds should be routed through MegaBank2 on the way to the bank in Ghana.
Disaster struck Ms. Gray when MegaBank2, who held the concentration account for the Caribbean bank, disputed the 15 ACH transactions which were invalid according to ACH rules. These transactions were then reversed, through the settlement bank, MegaBank3, and her checking account went into a serious overdraft situation. Ms. Gray's bank, MegaBank1, then debited her Home Equity Line of Credit for the amount of the 15 ACH transactions, causing her to default on her mortgage. Ms. Gray not only lost her home, she also lost a significant amount of cash along with her dashed dreams for a future with her handsome suitor.
All three megabanks in this sad story denied any fault, and all were made whole despite the known pattern of fraud perpetrated by these fraudsters. In an ensuing article we'll look more at the superstructure and processes of the payment systems involved, but for now it's important to understand that Ms. Gray's bank is the financial institution that not only had the legal requirement to detect patterns of fraud and money laundering, per the Patriot Act and the Bank Secrecy Act, they clearly should have seen the egregious red flags that pointed to the crime as it was being carried out.
This was a preventable fraud that is being perpetrated against innocent people every day. There were clear signs of fraud-a known typology-that should have been detected by this sophisticated bank's transaction monitoring/fraud detection systems. Detection scenarios look for individual high-risk things as well as patterns that fit known fraudulent schemes. The bank should have uncovered the following anomalies:
Ms. Gray's bank is a large multi-national financial institution that clears millions of transactions daily. They have a duty to know and detect the patterns of financial fraud. Although banks may typically focus on monitoring their customers as the possible originators or perpetrators of financial crime, detection scenarios must also look for patters of fraud from a victim's point of view. Everything about Ms. Gray, her accounts and her transactions, spoke of a low-risk person. And then came the out-of-profile, high-risk activity that screamed fraud.
The case described in this article is not an aberration; the statistics are staggering. The most recent report from the FBI's Internet Crime Complaint Center (IC3) shows that in 2014 Confidence Fraud/Romance Scam losses exceeded $86,000,0004. This figure only includes those crimes that are reported; many victims are too embarrassed to do so. The vast majority of victims are female. Demographic trends suggest a worsening picture, as the baby boom population gets older and widowhood, with its concomitant loneliness, increases. The next victim may be your mother, your aunt, your sister.
1 A subsequent article will look at this crime at the macro level-how bank-to-bank payment systems were used for the ACH and telephone banking transactions in this fraud.
2 In this case the SAR category would be "elder financial exploitation."
3 These 15 ACH transactions were backward ACH "TEL" transactions; they were debits against a commercial account from her personal account, illegal under ACH rules. A "TEL" is a one-time consumer-authorized payment to a vendor. As the ACH settlement bank, MegaBank3 should have understood the transactions to be invalid, and MegaBank1's telephone banking system should not have allowed them in the first place. This will be expanded in the second article.
Marie G. Kerr specializes in Financial Fraud. She is a Certified Financial Crime Specialist, Certified Anti-Money Laundering Specialist (CAMS), and Project Management Professional (PMP). Ms. Kerr is a financial industry veteran with a deep understanding of how financial institutions work. She has served as a Homeland Security Program Advisor and Fraud Detection Subject Matter Expert (SME) and an IT and AML Advisor for a three-bank merger.
©Copyright - All Rights Reserved
DO NOT REPRODUCE WITHOUT WRITTEN PERMISSION BY AUTHOR.