Cybercriminals often exploit natural disasters by sending fraudulent communications via email or social media and by creating fake websites to solicit contributions.
Credit union officials, employees, and members should watch out for emails from potentially illegitimate charitable organizations requesting donations—even when they appear to originate from a trusted source. These fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to phishing or malware infected websites.
Credit unions should also beware of illegitimate crowdfunding platforms. Again, cybercriminals create copycat websites using designs or names that are practically identical to legitimate charities and relief organizations. The sites often end with .com or .net. Payments to these sites may indicate fraudulent activity. Most legitimate charities’ websites end in .org.
Suspicious activity reports
When filing a suspicious activity report (SAR) on these types of fraud, FinCEN requests, but doesn’t require, that filers reference the advisory FIN-2017-A007 and include the term “Disaster-related Fraud” in the SAR narrative and in field 31(z) (FraudOther) to indicate a connection between the suspicious activity being reported and the possible misuse of relief funds.
Credit unions are required to file a SAR with respect to:
►Criminal violations involving insider abuse in any amount.
►Criminal violations aggregating $5,000 or more when a suspect can be identified.
►Criminal violations aggregating $25,000 or more regardless of a potential suspect.
SARs are also required for transactions conducted or attempted by, at, or through the financial institution (or an affiliate) and aggregating $5,000 or more, if the institution or affiliate knows, suspects, or has reason to suspect that the transaction:
►May involve potential money laundering or other illegal activity (e.g., terrorism financing).
►Is designed to evade the Bank Secrecy Act or its implementing regulations.
►Has no business or apparent lawful purpose or is not the type of transaction that the particular customer or member would normally be expected to engage in, and the financial institution knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction.
The presence or absence of a red flag in any given transaction is not by itself determinative of whether a transaction is suspicious. Credit unions should consider additional factors such as a member’s overall financial activity and whether the transaction exhibits multiple red flags, as well as the specifics of their own risk profiles and business models.
In other words, take all of the relevant facts into consideration. Don’t presume fraud is involved just because one of the above-mentioned red flags is present.
VALERIE Y. MOSS is CUNA’s senior director of compliance analysis. Contact CUNA’s Compliance Team at firstname.lastname@example.org.