I welcome and applaud that the ABA/ABA Money Laundering Enforcement Conference expanded this year to include the important roles fraud professionals play within their financial institutions to identify and root out fraud. There is no greater advocate on the importance of focusing on the nexus between fraud and money laundering than FinCEN. It really speaks to the core of FinCEN's mission to safeguard the integrity of the financial system, and has been an area I have personally focused on since I became Director of FinCEN three and a half years ago.
I am honored to be speaking again before you. In my previous remarks, I have touched on a variety of issues-including our efforts to increase regulatory effectiveness and efficiency, the rationale behind our approach to enforcement actions as an integral part of promoting regulatory compliance, and the importance FinCEN places on increasing our dialogue and outreach with the financial industry.
I recognize that our current economy is very different from what it was when I first spoke at this conference three years ago, and that some of the issues within FinCEN's area of focus perhaps are not at the forefront of the day-to-day operations of your financial institutions. But I hope today to be able to highlight a few issues related to FinCEN's ongoing focus on fraud to add in a meaningful way to your discussions in these coming days. I will also speak today for a few minutes about some of the more recent regulatory developments that have come from FinCEN over these past few months, which may impact each of you in varying ways.
Fraud and Money Laundering
Since FinCEN's establishment over twenty years ago, a great deal of our focus on the analytical side, both in providing direct support to law enforcement and in uncovering trends through our analysis of Bank Secrecy Act (BSA) data, has been in the area of fraud. Why is that? The answer is simple: the motivation of the criminal committing fraud and most any other financial crime is profit, and the proceeds of that fraud or other crime are laundered through the financial system to try to benefit from the crime. FinCEN is able to apply some of the same methodology to fraud as any other financial crime to follow the money and work with law enforcement to ensure whenever possible that crime does not pay.
In FinCEN's daily interaction with financial institutions, we have seen a growing awareness from the business side of the logic of close coordination among those with anti-money laundering (AML) and anti-fraud responsibilities, but the different approaches, in part, reflect different roots. Countering fraud and related security measures are integral to protecting the business model and have some longstanding regulatory requirements. In contrast, money laundering requirements have developed more recently. In remarks I delivered more than two years ago, FinCEN first began discussing in detail the importance of fraud and AML professionals working together-and harnessing the similar information both are collecting for their own purposes.1
For some of the smallest banks, coordination is obvious as the same individual may wear multiple hats. But some other financial institutions would stand to benefit further in protecting themselves and the broader financial system, while also potentially reducing costs, by further exploring the synergies between AML and anti-fraud, and I hope this conference promotes that good.
In July 2009, I spoke to the Association of Certified Fraud Examiners about the important role fraud professionals play in detecting and investigating fraudulent activity.2For those fraud professionals here today that may not be as familiar with the work of FinCEN, I hope you will visit our website - www.fincen.gov - and that you will find it is a helpful resource as you work to help protect your institution from falling victim to fraud.
A few months ago, I was asked by a trade magazine how the financial crisis and the changed market environment have affected fraud management at financial institutions.3My response was that financial institutions are seeing benefits in leveraging their fraud resources with their anti-money laundering efforts and starting to take advantage of the significant efficiencies available through this leverage. Moreover, a corollary to leveraging anti-fraud and AML resources is that nothing should prevent a bank from multitasking regulatory tools. That is, using them for both compliance and either cost-reduction or increased profitability.
So over the years, we've seen more and more recognition of the important nexus between fraud and money laundering. The financial crisis and market environment have driven this home. The analysis we are doing at FinCEN continues to bear this point out as well.
One troubling trend in the fraud area that FinCEN first highlighted almost a decade ago is identity theft. Our June 2001 SAR Activity Review: Trends, Tips and Issues focused on identity theft activity reported in SARs filed by depository institutions.4In fact, this ongoing upward trend in identity theft reporting within the SAR prompted FinCEN to add identity theft as a characterization of suspicious activity on its depository institution SAR form in July 2003, and on its securities and futures industries SAR form (SAR-SF) in May 2004.
We know that identity theft takes a devastating toll not only on its victims, but on the businesses and financial institutions that are also impacted. A Javelin Strategy and Research study found that 11.1 million Americans were victims of identity theft in 2009, a surge of 12 percent from the previous year, with an estimated $54 billion cost to the U.S. economy.5
And identity theft is a crime rarely committed as an end in and of itself. Instead, identity theft is nearly always a means of facilitating another crime ? usually a financial crime that enriches the perpetrator at the expense of its victims.
In November 2007, the Federal Trade Commission (FTC) published the results of a study intended to gauge the impact that identity theft has had on the general public.6In April 2007, The President's Identity Theft Task Force released a report on identity theft typologies and their scope, and on potential remedies to lessen the incidence of identity theft.7Subsequently, the U.S. Department of the Treasury, the Federal banking agencies, and the FTC jointly issued Identity Theft Red Flag Reporting Rules for all businesses holding customer financial accounts potentially vulnerable to identity theft.8The rules went into effect on November 1, 2008. And this week is National Protect Your Identity Week, an initiative of the National Foundation for Credit Counseling (NFCC) and the Council of Better Business Bureaus (BBB), which brings together the public and private sector to help raise identity fraud awareness.9
As part of our ongoing efforts to provide feedback to financial institutions, today FinCEN is issuing a baseline report on identity theft and the trends, patterns, and typologies reported in SARs filed by depository institutions.10For the study, FinCEN analysts conducted database research to identify SARs filed between January 1, 2003, and December 30, 2009, in which filers specified identity theft as a characterization of suspicious activity.
Between 2004 and 2009, the number of SAR filings reporting identity theft increased by 123 percent (from 16,051 in CY 2004 to 35,771 in CY 2009.)11Compared to an 89 percent increase in the overall incidence of SAR filings during this same time period,12it is clear that reports of identity theft have been rising over the years at an alarming rate.
Along with identity theft, credit card fraud was the most frequently co-reported suspicious activity characterization, appearing in over 45.5 percent of sample filings.13That means that in just under half of our sample of SARs indicating identity theft, the filer also indicated credit card fraud. About 30 percent of these filings reported the successful takeover of an existing credit card account, and 17 percent reported the successful unauthorized set up of a new credit card account where the alleged identity thief added his/her name to the account as an authorized user.
In terms of spotting fraudulent activity before the loan is funded, analysis of sample filings indicated that filers reporting auto loan fraud facilitated by identity theft identified these loans as fraudulent nearly 50 percent of the time before funding took place. This data suggests that financial institutions making auto loans are remaining vigilant and have shown significant success in identifying such fraudulent loans before they are funded. Similarly, filers reporting student loan fraud facilitated by identity theft identified the loans as fraudulent prior to funding in nearly 55 percent of filings.
FinCEN will continue to monitor BSA filings related to identity theft and expects to issue additional reports on SAR reporting of identity theft by the securities and futures industries, casinos, and money services businesses. In addition, FinCEN plans to use the data and findings reported in this study as a baseline for a future study to determine the effects that the Identity Theft Red Flag Reporting rules have had upon identity theft-related SARs filed after the rules took effect in November 1, 2008.
While FinCEN has been focused on mortgage fraud for many years,14our efforts to help law enforcement hold criminals accountable have been amplified significantly in the past year, following the creation of the Financial Fraud Enforcement Task Force.15FinCEN continues to engage heavily within the FFETF as co-chair of the Training and Information Sharing Committee and at the working group level. Based on our strong foundation of sharing information with our law enforcement partners, we are working diligently to support the efforts of our Federal, State and local colleagues who are working hard to investigate and prosecute this criminal activity. FFETF Mortgage Fraud Summits held across the country have repeatedly confirmed that SARs are the number one source of lead information for identifying and targeting criminal suspects for mortgage fraud.
In addition to helping law enforcement to target and allocate resources as well as providing tactical support in some individual case investigations, we continue our efforts to analyze the SAR filings more broadly to provide feedback on trends and patterns within the data. This past July, FinCEN released its 2009 Mortgage Loan Fraud Update which found the number of mortgage fraud SARs filed in 2009 grew 4 percent compared with the number of mortgage fraud SARs filed in 2008, including a 6 percent increase in the fourth quarter of 2009.16
Beyond seeing an increase in SAR mortgage loan fraud filings, the analysis shows an increase in the prevalence of post origination loan reviews by a variety of mortgage market businesses other than mortgage lenders. FinCEN's analyses of these filings also reveal that mortgage loan purchasers and providers of mortgage insurance, certificate insurance, or similar credit enhancement have taken an increasing role in detecting potential fraud or misrepresentations.
FinCEN is continuing to monitor mortgage fraud SARs so we are able to report trends and identify potential illicit activities. Future reports will further dissect SAR data on a geographic basis with respect to more current activities. Aside from the mortgage fraud reports, FinCEN will expand its efforts with law enforcement partners to further examine the impact of SARs detailing older activities and their contribution to investigations.
A compilation of FinCEN products and other resources available to financial institutions to combat mortgage loan fraud is available on our website at www.fincen.gov.17
Health Care Fraud
In addition to mortgage fraud, the widespread growth of health care fraud throughout the United States has become an increasing focus and area of concern. In response, a national federal law enforcement strategy to combat this crisis was launched in May 2009.
The Health Care Fraud Prevention and Enforcement Action Team (HEAT) includes investigators and prosecutors from the Department of Justice (DOJ) and the Department of Health and Human Services (HHS) who are working to strengthen existing programs and investigations to combat fraud and invest in new resources and technology designed to prevent future fraud, waste, and abuse.
FinCEN is partnering closely with law enforcement in this initiative to identify increasingly complex large-scale fraud schemes. Through BSA data analysis, FinCEN is working to identify the most egregious individual perpetrators and organized groups defrauding the health care system. Through our analysis, FinCEN is able to provide investigators with an overall assessment of the jurisdictions as well as the sophisticated and complex organizations and individuals that are suspected of being engaged in health care fraud schemes.
FinCEN is working hard to support some of the most high-profile health care fraud investigations in the country.18In July of 2010, the Department of Justice and other federal law enforcement agencies announced the largest health care fraud take down in history throughout the United States with the arrest of 94 individuals.19FinCEN contributed analytical case support to the investigations in Brooklyn, New York that were part of this massive take down. Through extensive BSA analysis, FinCEN was able to connect multiple investigations either through financial transactions or to a previously unknown third party. Both the HHS-OIG case agents and the United States Attorney have advised FinCEN that the analytical product and link analysis charts were of tremendous value to the investigations. You will be hearing more on the subject of combating health care fraud.
Lastly, I just spoke a few weeks ago on the continued need for both the financial industry and the government to focus on check fraud.20After suspected money laundering, check fraud is the second most commonly cited suspected suspicious activity indicated on the depository institution SAR form, and accounts for more than 600,000 SAR filings since 1996. And when you include the related activities of check kiting and counterfeit checks - the number of depository institution SAR filings surpasses 1 million.
In FinCEN's most recent SAR Activity Review, By the Numbers, published in June 2010 and covering all of calendar year 2009, it was noted that 27% of the suspicious activity reported by depository institutions in 2009 can be attributed to fraud-related activities, and that check fraud was one of only two categories that has seen an increase in SARs every year between 1996 and 2009. The other category was suspected mortgage loan fraud.21
And while we know a lot about the individual ways criminals continue to engage in check fraud, perhaps of greater concern is the interrelationship with other types of criminal activity for which we frankly do not know enough. I believe few in this audience would disagree with the proposition that most check fraud activity is unlikely to involve a single instance of criminal behavior. Rather, most suspect that check fraud often occurs as a serial or repeated activity.
So my appeal to the banking industry and all other financial institutions plagued by check fraud is for concrete suggestions as to what more the industry and government working together can do to combat this financial crime.
Now that I have covered some of the more recent areas in which we have focused on fraud, I would like to turn to some of our more recent regulatory initiatives. As you know, one of our biggest challenges on the regulatory front generally is to find a way to strike the right balance. A balance between expanding financial inclusion and ensuring appropriate transparency into financial transactions for law enforcement, while staying mindful of the obligations and costs to the industry in complying with regulatory requirements-and the related potential inconvenience passed down to customers.
First, I can safely say that the number one question asked of me when I first arrived at FinCEN was, "What are you doing with all of these reports we are sending you?" This is a legitimate question, and one that has resulted in a very productive and ongoing dialogue with the financial industry over the years. FinCEN's revamped website is replete with information on the utility of the data-and even in my remarks today, I hope I have provided you with additional insight into how the data you are reporting is a vital component to the work we are doing in the fraud area.
But just as important as it is for us to show you the value of the data, it is also important for us to take affirmative steps to identify information that is not as useful. In December 2008, FinCEN published a rule intended to simplify and clarify the process by which financial institutions exempt the transactions of certain persons from the requirement to report transactions in currency in excess of $10,000.22The amendments aimed to reduce the cost of the exemption process to depository institutions by eliminating the need to file a Designation of Exempt Person (DOEP) for certain customers and to enhance the value and utility of the remaining CTR filings for law enforcement investigative purposes by removing filings that FinCEN determined to have little or no value.
Consistent with FinCEN's commitment to promote regulatory efficiency and effectiveness, after a year of experience we took a step back to examine whether this rule had its intended effect. In July 2010, FinCEN released its assessment which found that fewer CTR filings were made on transactions of limited or no use to law enforcement, while higher value CTRs are becoming easier to identify.23And overall, CTR filings fell nearly 12 percent from 15.5 million in 2008 to 13.7 million in 2009, while certain classes of filings most valuable to law enforcement increased. We also saw for the first time in 2009 a slight decrease in the number of SAR filings?the first decrease since reporting began in April 1996, while the quality of information reported in SARs continues to increase, reflecting FinCEN feedback and guidance as well as ongoing financial institution diligence.
Electronic Transmittals of Funds
Moving on to a new proposal - when Congress passed the Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA),24Section 6302 directed the Secretary of the Treasury to study the feasibility of "requiring such financial institutions as the Secretary determines to be appropriate to report to the Financial Crimes Enforcement Network certain cross-border electronic transmittals of funds, if the Secretary determines that reporting of such transmittals is reasonably necessary to conduct the efforts of the Secretary against money laundering and terrorist financing." As you are aware, these transactions have long been subject to FinCEN recordkeeping obligations, and are regularly subpoenaed and reviewed in the context of individual law enforcement investigations.
To comply with this mandate from Congress, FinCEN conducted an extensive study of the technical feasibility to the government of imposing such a requirement and in January 2007 published a report affirming the feasibility of the reporting system.25Then, with the participation of both the financial services industry and law enforcement, FinCEN conducted a follow on study to determine and quantify both the benefits to the public of the system and the implications to parties affected by any such potential regulatory requirement.26
FinCEN then worked to develop a proposal, also taking into account the experiences of other countries that already collect this information, including from affiliates of some of the institutions here today. FinCEN's Notice of Proposed Rulemaking, published in the Federal Register on September 30, 2010, would require certain depository institutions and money services businesses (MSBs) to affirmatively provide records to FinCEN on international wire transfers.27As required by the statute, FinCEN also will work to ensure that all technical capacity issues are addressed.
Under the proposal, the subset of banks and money transmitters that handle the cross-border component of these transactions would be required to submit to FinCEN a copy of records that they already keep in the normal course of their business. Additionally, all depository institutions would be required to report taxpayer identification numbers associated with the international funds transfers on an annual basis, which will make the transactions data more readily useful, particularly in support of efforts to reduce U.S. tax evasion involving offshore accounts.
FinCEN looks forward to working with the financial industry in better understanding the practical and especially technical solutions that would facilitate appropriate use of this information to protect our financial system from criminal abuse.
Another pending rulemaking addresses prepaid access. After several years of extensive study and collaboration with the law enforcement and regulatory communities, on June 28, 2010, FinCEN issued its NPRM which proposed new rules that would establish a more comprehensive regulatory framework for non-depository institution prepaid access.28
Under FinCEN's proposal, non-bank providers of prepaid access would be subject to comprehensive BSA regulations similar to depository institutions. And while the focus of this rulemaking is on non-depository institutions, there are two aspects that impact depository institutions: 1) banks still serve many of the non-depository institution providers, and 2) where banks have similar products, we look forward to working with the banking industry to ensure that analogous products have appropriate controls to mitigate risks.
The comment period for the NPRM officially closed on August 27, 2010. FinCEN received over 75 comprehensive comments from interested parties, including the American Bankers Association, and is continuing to closely review the information provided in those comments. Generally, the comments focused on issues such as the importance of identifying which party is acting in a provider role, the impact of including retail sellers within the scope of the rule, and the practicalities perceived by the industry with closed loop cards and international use. FinCEN is in the process of discussing relevant issues that were raised during the comment period with many different offices within the Department of the Treasury as we discuss the appropriate next step in this rulemaking process.
Chapter X Final Rule and SAR Modernization
Finally, as I mentioned at the outset of my remarks, one of the areas I initially focused on upon arriving at FinCEN was increasing the efficiency and effectiveness of the regulatory process. I know BSA rules can be technical, and it would be unreasonable for a financial institution to comply with a rule that is difficult to follow or understand. So, it is in everyone's best interest to increase the clarity of the regulations by making them more understandable. FinCEN believes this step will promote compliance with the regulations, especially among financial sectors with newer regulatory requirements, and provide a foundation for more logical evolution over time.
Today, FinCEN is announcing the pending publication of a final rule which would centralize its regulations in a new chapter?Chapter X?of the Code of Federal Regulations. 29The rule streamlines the BSA regulations into general and industry-specific parts, ensuring that a financial institution can identify its obligations under the BSA in a more organized and understandable manner. I know this is an initiative that the American Bankers Association has supported and we appreciate the thoughtful comments that were submitted as part of the rulemaking process.
The final rule will take effect in March 2011, and until that time, the regulations remain under 31 CFR Part 103. To help facilitate the transition for financial institutions, we have created a Chapter X page on our website which includes helpful information for financial institutions,30including Chapter X Frequently Asked Questions.31FinCEN is also making available a Web tool which will provide an automated way for financial institutions to translate a regulatory citation from 31 CFR Part 103 to 31 CFR Chapter X and vice versa.32
Promoting clarity, understandability, and standardizing the terms of the information that you provide us is also a goal of our IT modernization efforts, as reflected in our recent outlining of efforts to modernize the data input for SAR reporting.33This notice does not propose any new regulatory requirements or changes related to current suspicious activity reporting. But, we are seeking input from the financial community on technical matters as FinCEN transitions from a system originally designed for reporting by paper forms to a dynamic IT environment for electronic reporting.
I know I have covered a great deal of ground this morning, but I felt it was important to raise some of the current issues we are seeing in the fraud area in light of your focus on this important topic this week. I also wanted to touch on some of our recent work on the regulatory front, as it impacts you as well. In addition to these recently published actions, we continue to move forward on developing a proposal to extend BSA requirements to non-bank mortgage lenders and originators, following an Advance Notice of Proposed Rulemaking issued last year and the helpful comments received, and we expect to be releasing a proposal for comment in the near future.34
But in closing, I want to thank you?for your ongoing diligence in reporting suspicious activity and fraud?and for being so engaged in the rulemaking process. Your perspectives truly do help us in the work that we do. The Department of the Treasury welcomed the American Bar Association House of Delegates' adoption of "Voluntary Good Practices Guidance for Lawyers to Detect and Combat Money Laundering and Terrorist Financing" in August 2010.35And we would also like to thank the Gatekeepers Task Force for the hard work they put in on this initiative. The Treasury Department looks forward to the ABA continuing to raise awareness of the threat of illicit finance and the important role played by gatekeepers, including attorneys, in this effort, and to working with both the American Bankers Association and the American Bar Association to further safeguard our financial system.
I'd also like to thank the dozens of depository institutions with assets under $5 billion that have participated in our most recent outreach initiative, which we announced at this conference last year. Teams from FinCEN have traveled around the country throughout the year to learn how these smaller institutions implement their AML programs and the unique challenges they face, and we have gained tremendous insights that will shape our ongoing partnership.
I wish you productive discussions this week on the inter-relationship between AML efforts and fraud. Thank you.