News & Commentary

10:12 AM
David Wallace, SAS
David Wallace, SAS

Financial Crimes Investigation Units: The Front Line in the War on Financial Crimes

The 8th Annual Terrorism Financing and Money Laundering Forum aims to bring together banks and law enforcement to fight financial crime.

Financial Crimes Investigation Units: The Front Line in the War on Financial Crimes

The 8th Annual Terrorism Financing and Money Laundering Forum aims to bring together banks and law enforcement to fight financial crime.

Recent estimates of global money laundering, cited by such groups as the Council on Foreign Relations, can stagger one’s imagination. One figure in the council’s report was a UN study estimating that global funds available for laundering was about 2.7 percent of global gross domestic product (GDP), equating to $1.6 trillion as of 2009. That amount is about one-third larger than the total contribution of finance and insurance to the GDP of the US ($1.2 trillion), as reported by the Bureau of Economic Analysis.

The front line of the war against global financial crimes includes members of financial intelligence units (FIUs) in banks and other financial institutions, as well as national law enforcement agencies. During the recent 8th Annual Terrorism Financing and Money Laundering Forum – sponsored by Ally Financial, Bank of America, U.S. Department of Justice, PNC Bank, SAS and Teradata – a group of nearly 400 attendees came together for a day-long discussion on the state of global money laundering and the financing of terror groups.

Dan Soto, Chief Compliance Officer of Ally Financial, welcomed the audience with reminders to “continue to be diligent” and to not “lose sight of the fact that what really matters are the transactions and the customers we see every day.” Soto highlighted the recently published US Senate Permanent Subcommittee on Investigations (PSI) report on money-laundering vulnerabilities. The lengthy report highlighted five issues in which correspondent banking in the U.S. is affected by anti-money laundering (AML) and terrorist financing:

-- Opening US correspondent accounts for high-risk affiliates without conducting due diligence.

-- Facilitating transactions that hinder US efforts to stop terrorists, drug traffickers, rogue jurisdictions and others from using the US financial system.

-- Providing US correspondent services to banks with links to terrorism.

-- Clearing bulk quantities of US dollar traveler’s checks despite signs of suspicious activity.

-- Offering high-risk bearer share corporate accounts.

Best Practices for FCIUs

One of the most noteworthy forum discussions was on current trends and best practices in financial crimes investigation units (FCIUs). Jim Candelmo, Executive Compliance Director and BSA/AML Officer for Ally Financial, explained that technology was “front and center to any meaningful discussion of holistically addressing financial crimes intelligence” and it must be “scalable, versatile was well as usable” to make FCIUs “more of a reality than ever.”

The emerging trend of shell company activity was also examined. Analytics was highlighted as a helpful tool used by FCIUs to detect patterns such as jurisdiction of parties involves in correspondent banking transactions to differentiate between suspicious and legitimate activity. Another trend is the consolidation of functions related to AML, BSA, FCIU, OFAC, etc. as being a best practice. The benefit of consolidation allows a common approach to glean intelligence and patterns from data for a holistic view of all threats.

Bill Ward, Executive Vice President and Chief BSA and Security Officer for Union Bank, sees an uptick in interest from regulatory agencies focused on financial crimes risk management and the continued need for consumer protection from fraud, such as Ponzi schemes. While groups in the past operated in silos, he believes convergence is crucial, so groups combatting fraud, AML, corruption and sanctions can learn more about financial crimes. Ward highlighted the importance of architecture, management, data and governance for FCIU success; he said that Union Bank uses “SAS® Analytics to feed its warehouse.” His concluding recommendation was to invest in a robust analytics team that includes a full-time modeling professional.

The Takeaway

The best indication of a conference’s value is when attendees come back year after year. That was truly the case at this forum, which has steadily grown over eight years to the point of filling the facility. The two best takeaways of the event were experiencing the audience’s passion for the discussion topics and witnessing the close collaboration among the attendees, who representing financial institutions, law enforcement agencies and branches of the federal government. In our present “age of disappointment” that exists for both private and public institutions, it is heartening to see a group of passionate professionals with a strong desire to protect customers and citizens against the ever-expanding threats of terrorism and financial crimes.

David Wallace is Global Financial Services Marketing Manager for SAS

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.