Advisory outlines 20 ‘red flags’ for identifying, preventing coronavirus-related criminal activity

Aiding financial institutions in detecting, preventing, and reporting potential COVID-19-related criminal activity is the aim of an advisory issued Thursday by the Treasury’s top financial crimes enforcement arm.

The Financial Crimes Enforcement Network (FinCEN) said the advisory is based on the agency’s analysis of COVID-19-related information obtained from data collected through Bank Secrecy Act (BSA) reports filed by financial institutions and others, open source reporting, and law enforcement partners.

In particular, the advisory states, cybercriminals are employing malware and phishing schemes, extortion, business email compromise (BEC) fraud, and exploitation of remote applications, especially against financial and healthcare systems. The advisory points out 20 specific “red flag” indicators to help financial institutions identify (and prevent) suspicious transactions.

The advisory also makes a pitch for filing of suspicious activity reports (SARs), which it calls “is crucial to identifying and stopping financial crimes, including those related to the COVID-19 pandemic.” “Financial institutions should provide all pertinent available information in the SAR and narrative,” the advisory states, and it lays out the procedures for effectively filing the reports.

FinCEN Advisory Covid Cybercrime 508 FINAL.pdf