Kevin did more than “hope to accomplish”. He slayed the Flash Webinar today. Hemp Customer Due Diligence Update.
Now the agenda. What we are going to hope to accomplish today is to walk through, at a high level in about a half hour and talk through the difference between legalized marijuana and hemp. We’re going to talk through the guidance that’s available, where we have some concrete information and where you have to make your own program, so to speak. We’re going to go through the farm bill, and how that changed him in the last couple of years. And then also discuss how do you manage that risk. If you are participating in that aspect of the Ag world, you need to understand how it works so you can make sure you’re managing that risk appropriately. We’re going to discuss Enhanced Due Diligence because the guidance does say that a hemp producer is a high risk customer, so you need to manage them appropriately. And then we’re going to talk through some of the specific SAR expectations and red flags.
On July 7, 2020, FinCEN issued an Advisory on Imposter Scams and Money Mule Schemes Related to COVID-19. These two types of consumer fraud have been observed to be on the rise during the current pandemic. The advisory provides explanations of how these scams and schemes work, red flags that may help identify such activity, as well as, how to report these types of scams/schemes on the Suspicious Activity Report.
Click on the video to listen to Micaela explain more.
I’m here today to talk about FinCEN’s new advisory that came out in July 7th, and it relates to imposter scams and money mule schemes as it relates to COVID-19.
What exactly is an imposter scam? An imposter scam is when there’s essentially an actor that targets someone acting in some type of an official capacity. For example, the IRS, the CDC, the World Health Organization, or WHO, and they then use that false position to encourage their target to either provide valuable information, provide money, get them to click on suspicious links or open suspicious attachments in an email, and then their computer would become infected with malware in those situations. And so what FinCEN has been seeing is an uptick in these scams with the COVID-19 fear attached to it. And so they’ve issued seven different red flags that you can use and share with your tellers, your bankers, to help identify this activity and make sure it gets reported.
In general, these red flags relate to the verification, the processing, or the expedition of government payments, so either the stimulus checks, unemployment, that type of stuff. It’s usually trying to get action to happen quickly to essentially expedite those funds into someone’s account. Particularly, the vulnerable are susceptible to this, so the elderly, the unemployed, those that may be a little bit more desperate in this COVID-19 environment that we’re living in that are really needing those funds. And so that’s the imposter scam.
The other side of this guidance touches on money mule schemes. A money mule is someone that either transfers illegally acquired money on behalf of someone or at the discretion of someone else. A money mule can relate or a money mule can be someone that is either unwitting or unknowing all the way up to someone who is entirely complicit and aware that they’re part of a larger criminal scheme.
With the money mule schemes, usually a customer’s account activity becomes atypical quickly and any funds that are put into the account are quickly then taken out of the account either via wire transfer, ACH, something of that nature. It usually happens very quickly and these money mule schemes are definitely seeing an uptick as they relate to the unemployment insurance benefits. For example, there might be a bank customer that receives deposits of what appears to be unemployment insurance income into their accounts. The name or on the benefit of what those insurance checks are supposed to be, or who they’re supposed to be to, that might not match your customer’s name. The state that it’s coming from might not match where your customer lives or works or information that you would otherwise know about your customer. And so that’s an example of where then that customer is being used then to transfer that money elsewhere.
Where we’re seeing these schemes might be with unemployment insurance income, again. It might be with students. They might be working at home schemes, that type of stuff, and this is something that we’ve seen as part of Bankers Compliance Consulting. We’ve seen that some of our clients, these money mule schemes happening and they’re having to report on them. We haven’t quite seen as much of the imposter stuff, but the money mule, we’ve definitely been seeing so keep your eyes peeled for that.
With relation to the money mule, there are an additional 11 red flags that FinCEN issued to help banks identify this. Those can be found in the advisory. Those are on pages six and seven. Go ahead and distribute those to your staff. Make sure your tellers are aware of it as it’s usually your frontline staff that are going to pick up on this most quickly.
Lastly, as it relates to whether it’s the imposter scam or the money mule scam, FinCEN is asking that when you file SARS on this activity, that you follow a set of specific instructions. This is by putting or relating this memo in certain key fields and in the narrative and specific guidance on that can be found in the advisory as well. There’s a short summary on the front page, and then the very last page has a step by step details.
Again, new guidance seems to be there’s no shortage of new guidance in this environment that we’re living in, but keep your eyes open. This is something that’s happening and your customers can be taken advantage of. And so FinCEN’s really looking for your help and getting it identified and getting it stopped. Thanks, everyone.
“Why” Suspicious Activity Monitoring & Reporting Training
Kevin Edwards taught the All About Suspicious Activity Monitoring & Reporting. Here he talks about the “Why”. Get it on-demand.
Monitoring Systems Reporting Systems Types of Suspicious Activity & Reporting Triggers Decision Making & Timing Requirements Form Completion Best Practices & Quality Control Board Notifications Continuing Activity Record Retention Confidentiality & Consequences of Non-Compliance
Designed for BSA/AML personnel, management, compliance officers, auditors and other risk management or operations personnel.
With that, let’s get started. We’ve got a lot of ground to cover, but I always like to start off with why is this so important? It’s always worth starting off with a why. Now, since this is a BSA specific webinar, I really don’t need to explain to you from a regulatory perspective why this is so important because everybody knows that suspicious activity reporting element of your BSA AML program, it’s really the cornerstone. And a lot of how your system is going to be judged from a regulatory perspective is based on how well this suspicious activity reporting is working and how well you’re documenting it, because it’s really a vital element of the program.
Even as we have seen some slight deregulation in the banking industry, you’ve noticed that they’re actually ramping up the expectations from a BSA perspective. So it’s not slowing down even in the deregulatory swing of the pendulum. The other thing that you might want to write down on the front of your page is just remember that, for the first time ever, there was personal liability assigned to a compliance officer for failings in a BSA program. So if you don’t know what I’m talking about, look at the US Bank regulatory enforcement action, because it’s pretty interesting. FinCEN, for the first time, cited someone individually and had a pretty hefty monetary fine levied against somebody because they really had some major failings in their BSA AML program. Things like inadequate SAR monitoring and failure to report SARs. So it really relates to some of the things we’re going to talk about today.
Now, that’s the in-house regulatory perspective, but then also there’s the criminal justice element to the BSA program. There are a lot of bad actors out there. There’s a lot of crime that banks are in a special position to monitor for. So, in the back of your head, as we’re going through this, keep in mind, this is a vital element into fighting things like human trafficking, terrorist financing, money laundering that’s tied to organized criminal activity. And the other thing to keep in mind is that we just got in exam manual update that provided us a little more detail. And one of the areas that it enhanced was the concept of the MLTF and other illicit financing. There’s a new acronym out there that we’re going to get into detail later today, but that acronym should work its way into your monitoring program. So we’ll talk about it a little more when we get there.
On June 29, 2020, FinCEN released some new customer due diligence guidance for your hemp-producing customers. With all the COVID craziness, maybe it’s been awhile since you’ve looked at the expectations for hemp and/or marijuana related businesses. This new guidance for hemp customers really lays a ground work as to the types of questions you should be asking and monitoring you should implement.
Click on the video to listen to Kevin explain more.
Well, because it keeps changing. Just for everybody, the next item there, there’s a link in your material that takes you to the brand new FinCEN guidance on hemp-related businesses. We had some guidance back in December that this is updating and kind of a partner with. But just to get you up to speed, they were providing a little more detail on what the customer due diligence requirements are for hemp-related businesses. This has been a murky area for quite some time. Back in 2014, we got the guidance on marijuana-related businesses.
The Grey Area of Hemp Laws
Then over the years, they’ve kind of been messing with things. We’ve had a number of law changes that really carved out hemp from the definition of marijuana. Now, there are some definitions that are in there that are a little tricky. But really in October, this was streamlined, where states were given the authority to basically license hemp producers. So they’re in charge of making sure that they’re following all the rules, and they’ll issue a license, and they’re monitoring. There’s also a federal program now. So if your state hasn’t created a licensing program, they can actually go to the feds. You’re going to see more and more hemp producers coming into your institutions and wanting to talk about financing and things along those lines.
The good news is, this new guidance that came out, gave us a little more detail on what exactly they’re expecting to see on the bank side. Because even though a hemp-related business is less risky than a marijuana-related business, it’s still a higher risk customer, and you’re still going to have to have some special customer due diligence in place.
Hemp Laws Becoming a Bit Clearer
The nice thing as you read through it, it gives the banks a little bit of leeway to determine what the risk with that individual producer is. So if you have a customer coming in, I would say this has some good guidance. Things like how do you determine that the hemp producer is validly licensed? Well, the guidance says you can go through and obtain a written attestation from the hemp producer that they have a valid license. That would be one option. Or you could get a copy of that license on a rolling basis. These were things that we were guessing previously, if you remember. If you attended our webinar a couple of months back, it was when we were kind of in a gray area, taking wild guesses on what exactly a bank should do to protect themselves. Fortunately, this actually provides us something we can point to and say, “These are steps that are adequate.”
We’re actually working on a flash webinar. It’s going to be a half hour, where we’re going to go through and get into the weeds on this a little bit more. Depending on the risk assessment of the producer, you can have a lower level of monitoring for some hemp producers, and you may have a higher level of monitoring for some that you’re not as comfortable with. It’s kind of laid out in that guidance.
Bank Regulations for Hemp Businesses Will Become Easier to Understand
I didn’t want to spend a whole lot of time on it because we could sit and talk about hemp producers and the varying risk all day long. But one interesting thing they did point out is that if you have a hemp-related business, you should be monitoring them to see whether or not they may be mixing things with a marijuana-related business. There are some red flags that they suggest that you look for. So take a look at it. We’re getting a little more guidance. So I would say, it’s good news