On May, 2020, the FATF published new money laundering and terrorist financing threats and vulnerabilities arising from the COVID-19 crisis. The document highlights how fraud, cybercrime, misdirection of government funding and international financial assistance are opening the way for illicit actors to create new sources of funds/proceeds. This is challenging the ability of the private and government sectors to effectively comply with AML/CFT obligations, comply with regulations, suspicious activity reporting and international cooperation.
Money laundering and terrorist financing threats and vulnerabilities arising from the COVID-19 crisis pose the following risks:
- Bypassing Customer Due Diligence (CDD) measures. Illicit actors are finding ways to bypass CDD measures due to the challenges in internal controls caused by remote working situations to conceal and launder funds.
- Misusing online financial services and virtual assets to move and conceal illicit funds.
- Exploiting economic stimulus measures and insolvency schemes as a means for natural and legal persons to conceal and launder illicit proceeds
- Using an unregulated financial sector as individuals move money out of the banking system due to financial instability leading to an increased use of the unregulated financial sector and creating opportunities to launder illicit funds.
- Misusing and misappropriating domestic and international financial aid and emergency funding
- Moving into new cash-intensive and high-liquidity lines of business in developing countries for money laundering, funding of operations and claiming (fraudulently) to be charities to raise funds online.
Examples of Fraudulent Activities
- Impersonating officials: by person, email, or telephone to obtain personal banking information or physical cash.
- Counterfeiting: on-line scams for medical supplies and medicines requesting credit card information for payment or a shipping fee but never deliver the goods
- Fundraising for fake charities: emails requesting donations for COVID-19-related requesting credit card information or making payments through the suspect’s secure digital wallet.
- Fraudulent investment scams: promotions falsely claiming that products or services of publicly traded companies can prevent, detect or cure COVID-19.
- Email and SMS phishing attacks: inserting malware on personal computers or mobile devices to obtain personal account, usernames, and passwords.
- Business email compromise scams: gaining access to a business customer contact and transaction information by requesting payment for legitimate goods and/or services and directing payment into an illicit account.
- Ransomware attacks: inserting ransomware on personal computers and mobile devices using malicious websites and mobile applications that appear to share COVID-19 related information to gain and lock access to victims’ devices until payment is received.
COVID-19 is challenging Financial Institutions with new risks and vulnerabilities
The FATF Report presents AML/CFT policy response activities such as:
- Domestic coordination for assessing the impact of COVID-19 on AML/CFT risks and systems. The public and private sectors ought to strengthen communication and work together to identify, monitor, and communicate during the changing risk landscape.
- Encouraging the full use of a risk-based approach to customer due diligence.
- Supporting electronic and digital payment options.
Given the current uncertain and volatile environment, a Financial Institution’s risk assessment process is critical to an effective well-designed compliance program. Financial Institutions ought to reinforce and update all compliance efforts, policies, and procedures.
Employee training and regular tested continuing education to mitigate risks is imperative.
Consult your Compliance Expert.