UK Financial Conduct Authority Retrenches on Criminal Investigations

Over the past 18 months, the Financial Conduct Authority (FCA), as the United Kingdom’s conduct regulator for nearly 60,000 financial services firms and financial markets and prudential supervisor for nearly 50,000 firms, has sent markedly conflicting signals about its commitment to pursue criminal as well as civil investigations under the Money Laundering Regulations 2017 (MLRs).

In April 2019, the FCA’s Director of Enforcement and Market Oversight, Mark Steward, publicly stated that he thought it was “time that we gave effect to the full intention of the [MLRs] which provides for criminal prosecutions.”  He further disclosed “that we are now conducting ‘dual track’ AML investigations” (i.e., investigations into suspected MLR breaches that could give rise to either criminal or civil proceedings).” At the same time, Steward commented that he “suspect[ed] criminal prosecutions, as opposed to civil or regulatory action, will be exceptional.”

Subsequent events have shown just how exceptional criminal enforcement by the FCA would be.  In its 2019/2020 annual report, the FCA, while declaring its aim to be “to make the UK’s financial markets robust against criminal activity,”  acknowledged that its Regulatory Decisions Committee had received 26 percent fewer cases of all types since the 2018/2019 reporting period, including only 5 criminal cases.

Moreover, the Financial Times recently disclosed that the FCA had discontinued seven of its 14 criminal investigations into MLR breaches since January 2020, and had yet to bring a single prosecution.  Five of the terminated investigations were “single track” (i.e., exclusively criminal) investigations, and the remaining two were “dual track” investigations.

As for the remaining seven investigations, only one single-track investigation was still underway, and the other six were dual track.  Furthermore, to date there reportedly have been no criminal prosecutions under the 2017 MLR, and only one criminal prosecution under the prior 2007 money laundering rules.

In response to the Financial Times reporting, an FCA spokesperson said that the FCA “only brought prosecutions ‘in the most egregious cases,’ and pursued civil or regulatory sanctions in all others.”  The spokesperson also noted that decisions on some of the remaining criminal investigations were expected “by the end of this year.”

No one expects the FCA, as a regulatory agency, to vie with the National Crime Agency or police services in conducting large numbers of criminal investigations.  But the FCA needs, as Steward commented in his 2019 speech, “to enliven the jurisdiction if we want to ensure it is not a white elephant and that is what we intend to do where we find strong evidence of egregiously poor systems and controls and what looks like actual money-laundering.”  So far, the FCA’s stance and record on criminal investigations appear remarkably elephantine.

Too Local to Prosecute?: Justice Department Obtains Indictment Against Ready-Mix Concrete Company and Individuals for Price-Fixing, Bid-Rigging, and Market Allocation

Of the many mistakes that companies can make when considering to enter into price-fixing or bid-rigging arrangements with competitors, one of the simplest may be the belief that their conspiracy is “too local”  or “too small” to attract the attention of antitrust enforcers.

Many of the price-fixing, bid-rigging, and market allocation cases that the U.S. Department of Justice and Federal Trade Commission bring are nationwide and even international in scope.  The prominence of such cases, however, may lead some companies to think that collusion confined to a single state or city will fly under the radar of federal enforcers.

Last week, the Justice Department announced the return of a federal indictment in the Southern District of Georgia that shows that the Department will not shy away from prosecuting locally-organized collusive conduct.  The indictment names one ready-mix concrete company and four individuals for their roles in a long-running conspiracy to fix prices, rig bids, and allocate markets for ready-mix concrete in the greater Savannah, Georgia area.

According to the indictment, from as early as 2010 until approximately July 2016, the charged individuals, on behalf of their three competing companies, participated in a conspiracy to fix prices, rig bids, and allocate markets for sales of ready-mix concrete.  The conspirators reportedly submitted rigged bids and accepted payments for ready-mix concrete sold through contracts and on projects that were affected by the alleged conspiracy.  In order to carry out the conspiracy, the conspirators used one of the individual defendants “as a conduit to exchange price-increase letters and other competitive information between the defendants and other co-conspirators for the purpose of coordinating price increases, rigging bids, and allocating jobs.”

One of the elements that the government must prove for a criminal violation under section 1 of the Sherman Act is that the charged conspiracy was in unreasonable restraint of interstate or foreign commerce.  In this case, although the defendants reportedly worked in the Savannah area, the indictment alleges, among other things, that (1) defendant companies engaged in the manufacture and sale of ready-mix concrete in the Southern District of Georgia “and elsewhere,” that (2) the defendants and co-conspirators (a) bid from Georgia on projects to be performed outside of Georgia and (b) sold ready-mix concrete from Georgia to locations outside of Georgia, and (3) the defendants’ and co-conspirators’ business activities in connection with ready-mix concrete “were within the flow of, and substantially affected, interstate and foreign trade and commerce.”  Such allegations, if proved, would satisfy the “restraint of interstate commerce” element.

For that reason, antitrust practitioners and compliance attorneys should integrate this case into their antitrust guidance to clients, to emphasize that there is no “too local to prosecute” defense to per se violations such as bid-rigging, market allocation, and price-fixing if those violations affect interstate or foreign commerce.

Australian Accountant Arrested for Role in Business Email Compromise Schemes

For more than a decade, one of the most persistent and successful online fraud schemes has been business email compromise (BEC) schemes.  BEC schemes typically involve two phases: (1) the use of phishing or hacking techniques to obtain identifying information about executives in a particular business or other organization; and (2) the use of “social engineering” techniques to persuade someone with appropriate authority in that business to issue and send checks to scheme members, or make outbound wire transfers to bank accounts that members of the scheme have established.  BEC schemes are also often linked to other types of online fraud directed at individuals, such as romance schemes, employment-opportunity schemes, and lottery schemes.

BEC schemes have proved fairly simple and highly profitable for cybercrime operations.  The APWG’s most recent quarterly report on phishing schemes stated that the average wire transfer attempt in BEC attacks is increasing, from $54,000 in the first quarter this year to $80,183 in the second quarter – a 48.4 percent increase.  One particular Russian BEC operation reportedly has sought an average of $1.27 million from its corporate victims.

For the most part, participants in BEC schemes, based on information from a limited number of U.S. criminal investigations, appear to range in age from mid-twenties to mid-forties.  A recent arrest by police in the Australian state of Queensland, however, shows that older persons may also become involved in BEC schemes.

In this case, Queensland police arrested a 65-year-old Brisbane accountant on charges of money laundering, for her role in a series of BEC schemes in which at least seven organizations and individuals, including senior care providers and a superannuation (pension) fund, were deceived into sending more than AU$3.3 million offshore.  One victim reportedly lost AU$1.1 million.

According to the police, the accountant, who had no relation to the victims, received her instructions online from hackers.  She allegedly caused fraudulently obtained funds to be transferred into at least 50 Australian bank accounts before she directed the money offshore.  A police search found a number of computers and mobile phones that she allegedly used to facilitate money laundering.

While there has been no trial or conviction in this particular case, the initial report of the arrest provides a timely reminder of key points that businesses and individuals should bear in mind to protect themselves against BEC schemes:

  • Never give out personal or company information to any caller when you don’t know the caller.
  • Just because an incoming email purports to come from a person in authority, such as a senior executive in your company, does not mean that it actually came from that person.  Hovering over the incoming email address with your mouse or touchpad, or pressing “reply” (without actually sending a reply) to that email address, can reveal the true address of the sender.
  • Just because a caller’s voice sounds like he or she could be a real person within a company tells you nothing about whether he or she is that real person.  Trust only the voices of people you know personally, and to protect your company from possible BEC schemes, the company should establish points of contact with third parties or vendors with the company regularly deals to allow voice-to-voice communications regarding requests for outbound funds transfers.

APWG 2Q 2020 Report: Cybercrime Gangs Attempting and Achieving Heists of Increasing Scale

On August 27, the APWG (formerly Anti-Phishing Working Group) published its Phishing Activity Trends Report for the Second Quarter 2020.  The Report analyzes phishing attacks and other identity theft techniques, as reported to the APWG from a variety of sources.  The Report’s principal overall observation was that cybercrime gangs have been attempting and achieving heists of increasing scale. Key findings in the APWG Report included the following:

  • Phishing Sites: In 2Q 2020, the number of phishing sites detected was 146,994.  This total represented an 11 percent decrease from the 165,772 sites detected in 1Q 2020.
  • Most Targeted Industry Sectors: Software as a Service (SAAS) and webmail sites were most frequently targeted (34.7 percent of all attacks). Financial institution sites accounted for 18.0 percent, payment sites 11.8 percent, and social media 10.8 percent of all attacks.
  • Business Email Compromise (BEC) Attacks: The average wire transfer loss from BEC attacks is increasing. The average wire transfer attempt in 2Q 2020 was $80,183 – a 48.4 percent increase from the average attempt of $54,000 in 1Q 2020.  In addition, 34 percent of BEC attacks in 2Q 2020 were sent from email accounts hosted on domains registered by scammers.  More than three quarters (76 percent) of those domains were registered at just five domain registrars: Namecheap (25 percent), Google (20 percent), Public Domain Registry (17 percent), NameSilo (7 percent), and Tucows (7 percent).  The Report also stated that one documented Russian BEC operation, which “attacks large multinational organizations, many of which are Fortune 500 and Global 2000 companies,” has sought an average of $1.27 million when it targets companies.
  • Phishing Attacks in Brazil: Although the banking and financial sector “is still the primary target of phishing attacks in Brazil,” the Report noted that there were 9,572 unique phishing cases in Brazil in 2Q 2020 (a decrease from 10,910 unique phishing cases in 1Q 2020), and that a decrease in cases of digital fraud in June 2020 was most evident in the banking and financial sector.
  • Phishing Sites’ Use of HTTPS: Since 2016, according to APWG data, there has been a fairly consistent and substantial increase in the number of phishing sites that use the HTTPS encryption protocol.  In 2Q 2020, the percentage of phishing sites using Secure Socket Layer/Transport Layer Security certificates increased slightly to 77.6 percent (compared to 74 percent in 1Q 2020).

Note: This latest APWG Report points up a number of troublesome phishing trends, notably the increase  in the average BEC wire transfer losses and the increase in phishers’ use of HTTPS to enhance the credibility of their sites.  Information security officers should read this Report and share it with their information security teams.

Germany’s Financial Intelligence Unit Reports Substantial Increase in Suspicious Transaction Report Filings in 2019

On August 18, Germany’s Financial Intelligence Unit (FIU) announced that it had issued its Annual Report for 2019.  The Report (available here) stated that in 2019, it received 114,914 suspicious transaction reports.  That total represents an increase of 37,500 more suspicious transaction reports than the FIU received in 2018.

All in all, the FIU reported, it has seen the annual number of such reports increase almost twelve-fold since 2009.  The FIU commented that this increase “reflects the continuous awareness of those subject to the Money Laundering Act and the increasing automation at large credit institutions.”

The Report also included findings regarding the filing of suspicious transaction reports by the financial and non-financial sectors:

  • Financial Sector: The increase in the number of suspicious transaction reports applies to both the financial and non-financial sectors, as well as to authorities and other covered entities. Approximately 98 percent of all reports still come from the financial sector, from which the FIU received more than 35,000 more suspicious transaction reports than in 2018.
  • Non-Financial Sector: The absolute number of suspicious transaction reports that the FIU received from the non-financial sector increased in 2019, but still only accounts for approximately 1.3 percent of the total.  Gambling organizers and brokers were primarily responsible for the increase in the non-financial sector.  The FIU also received “[s]ignificantly more reports” from goods dealers in 2019, with a percentage increase “roughly in line with the overall trend.”  It also saw an increase in the number of reports from real estate agents and financial companies.
  • Cryptocurrencies: The FIU also saw “a slight upward trend” in the number of suspicious transaction reports relating to crypto assets.  Approximately 760 reports contained as a reason for filing “abnormalities in connection with crypto currencies.”  In particular, it deemed the forwarding of funds to trading platforms abroad to exchange the funds for crypto assets, ​​with subsequent further transfer, “abnormal.”

The director of the FIU, Christof Schulte, welcomed these developments.  He stated that the upward trend in the numbers of suspicious transaction reports being filed “shows that the FIU’s extensive awareness-raising and coordination measures are working.”

Schulte also noted that the FIU’s risk-based approach and associated legal filter function – both also included in the standards of the Financial Action Task Force (FATF) – “are of particular importance.”  As he put it, “Only the facts that are actually valuable are passed on to the responsible law enforcement authorities so that law enforcement can efficiently concentrate available resources on these facts.”

Schulte cautioned that he did not consider the reports filed by the non-financial sector to be sufficient, in light of the money laundering risks in that sector.  He further stated that in view of the increasing number of crypto-related reports, the FIU “will also increasingly investigate transactions that were carried out using new payment technologies with regard to money laundering and terrorist financing.”

Note:  This FIU report is instructive, not only for the statistical data regarding suspicious transaction report filings, but also for the comments by Director Schulte about the volume of reports from the non-financial sector and increasing FIU focus on crypto-related transactions.  Whether  the FIU’s concentration on analysis of these reports will translate into actual enforcement cases by German prosecutors remains to be seen.  As Director Schulte admitted in a recent media interview, “One problem for us is that the prosecution of money laundering in Germany isn’t traditionally well established.”

In any event, chief compliance officers at German financial institutions and other entities subject to German money-laundering legal requirements should review the FIU report closely, and share pertinent details with other senior executives in their firms.