Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

Washington
FinCEN offers help to ID report account-takeovers
VIENNA, Va. (12/28?11)--The Financial Crimes Enforcement Network (FinCEN) is issuing an advisory to assist credit unions and other financial institutions in identifying account-takeover activity and reporting the activity by filing Suspicious Activity Reports (SARs).

FinCEN, in its alert, notes that cybercriminals are increasingly using sophisticated methods to obtain access to accounts, including the use of malware--the computer-ese for malicious software--SQL injection attacks (SQLIA), spyware, Trojans, and worms. These attacks aim to exploit a member's or customer's account and, often, to gain seemingly legitimate access to another customer's account.

FinCEN says that through ongoing monitoring, financial institutions may be able to identify inconsistencies with normal account activity, which could indicate illicit intrusions into an account. Such irregularities might include, but are not limited to, unusual ATM activity, clustered Automated Clearing House transactions in different geographic areas, sudden wire transfers, or changes to customer and account profiles.

Account-takeover activity is different than other forms of computer intrusion because it is the accountholder, rather than the financial institution maintaining the account, that is the primary target of the fraud.

FinCEN says that a financial institution is required under the Banker Secrecy Act to file a SAR if it: Knows, suspects, or has reason to suspect" that a transaction conducted or attempted by, at, or through the financial institution involves funds derived from illegal activity or an attempt to disguise funds derived from illegal activity, is designed to evade requirements under the BSA, or lacks a business or apparent lawful purpose, the financial institution may be required to file a SAR.

When completing SARs on suspected account takeover activity, financial institutions should use the term "account takeover fraud" in the narrative section of the SAR and provide a detailed description of the activity.

Use the resource link below to read more of the FinCEN advisory and to see more examples of possible account-takeover red flags.
Other Resources

RSS





print
News Now LiveWire
Registration is now open for the online livestreaming of @TheNCUA March 19 open board meeting. http://t.co/yOuqdXHlxj
1 hour ago
Registration is now open for online viewing of @TheNCUA's March 19 board meeting. https://t.co/mMZoXSFjMe
1 hour ago
.@CFPB Director Richard Cordray's testimony that he will deliver before the #HFSC this afternoon. http://t.co/NA1aEOPAeh
3 hours ago
Consumer spending flatlines, savings ramp up #Market #NewsNow http://t.co/94kPuBpMRK
3 hours ago
.@Cornerstone_CUL in 2014: $9K in savings per member #NewsNow #CUSystem http://t.co/7LnsV876cs
5 hours ago