The Treasury’s Financial Crimes Enforcement Network (FinCEN)
released a financial trend analysis (FTA) indicating 42 percent of Bank Secrecy
Act (BSA) reports filed in one calendar year involved identity-related
suspicious activity.
The FTA, compiled as part of FinCEN’s Identity Project, found
that approximately 1.6 million of 3.8 million reports related to identity and
equated to $212 billion in suspicious activity.
“This report reveals the existence of significant
identity-related exploitations through a large variety of schemes,” FinCEN
Director Andrea Gacki said. “Robust customer identity processes are
foundational to the security of the U.S. financial system and critical to the
effectiveness of financial institutions’ programs to combat money laundering
and counter the financing of terrorism. Financial institutions are encouraged
to work across their internal departments to address these schemes.”
The FinCEN Identity Project investigates how malicious
actors exploit other people’s identities to open and gain access to accounts
and process transactions under their names.
The agency identified 14 common types in identity-related
BSA reports. The top five are fraud, false records, identity theft, third-party
money laundering and circumvention of verification standards. These constituted
88 percent of all identity-related BSA reports and contributed to 74 percent of
the total identity-related suspicious activity reported in 2021. Fraud was the
most reported type, encompassing 1.2 million reports.
The FTA also revealed the following:
·
Depository institutions accounted for about 54
percent of all identity-related BSA reports. Money services businesses (MSBs) recorded
the second most filings, accounting for 21 percent of identity-related BSA
reports.
·
MSBs reported circumvention of verification as
their top identity-related BSA dataset whereas impersonation was the most
commonly reported among other institutions.
·
Compromised credentials have a disproportionate financial
impact compared to other types of identity exploitation.
The approximately 1.3 million filings by depository entities
equated to $201 billion in suspicious activity in 2021, according to the
report.
Attackers most frequently use impersonation tactics, the
report notes. The second most common tactic is compromising accounts during
authentication with the third being circumventing verification to evade
detection. Compromised credentials have a disproportionally large monetary
impact compared to impersonation and circumvention, the report notes.
FinCEN’s FTAs are created using information filed by
financial institutions in accordance with the BSA.