Skip to Main Content

Supervision News Flash

December 2021

Law Enforcement Webinar Recap

Case file stamped "file closed"

On September 15, 2021, the BSA Coalition hosted its highly regarded law enforcement webinar. Law enforcement panelists from the U.S. Secret Service, Northern Virginia Financial Initiative, and the IRS discussed suspicious activity report (SAR) filings on Paycheck Protection Program (PPP) fraud as well as tips to avoid cyber fraud. Highlights included control breakdowns to look out for, red flags, tips for filing an effective SAR, and resources. While the fraud examples below are related to PPP lending, these lessons learned are relevant for financial institutions’ day-to-day lending operations.

The IRS started by discussing a car dealership case involving a $1.5 million PPP loan obtained where the dealership submitted falsified payroll documents. The second case involved a borrower who was sentenced to 18 months in prison for a filing a fraudulent non-profit PPP application for a firm that was not a nonprofit.

Internal control breakdowns related to these two examples:

  • In the first case, the financial institution should have required tax forms instead of relying on Excel documents reportedly from a third-party payroll company.
  • In the second case, the financial institution should have verified the applicant’s non-profit status on the IRS Form 990 submitted as part of the application via the IRS website.

The panelists also shared a tip and discussed other red flags that institutions could be on the lookout for related to PPP lending:

  • Tip: Log IP addresses for every communication throughout the lending process to provide an audit trail.
  • Red flag: A customer receiving multiple CARES Act deposits in one or multiple accounts controlled by the same person.
  • Red flag: Moving significant amounts of money out of an account after a CARES Act deposit.

Next, the Secret Service discussed the increasing incidents of cyber fraud and shared several important tips that financial institutions can implement to be prepared WHEN a cyber incident occurs. The tips include:

  • Routinely update or patch system hardware and software
  • Limit administrative privileges
  • Train staff to be alert for red flags
  • Remove default passwords
  • Use multi-factor authentication
  • Establish and test your incident response plan

In addition to the internal control tips above, the Secret Service panelist urged institutions to:

  • Know who to call (FBI or Secret Service) and establish a relationship NOW
  • Engage with a local law enforcement task force or fraud group

All panelists agreed that the narrative is the key to an effective or useful SAR. Important components of a narrative should be:

  • Concise and complete – if more than one page, begin with a summary paragraph
  • Explain potential links to criminal activity
  • Attach a spreadsheet listing transactions vs. including transactions in the narrative
  • Reference account opening documents, correspondence, customer contact, etc.

In addition, all panelists expressed gratitude to the financial institutions as the cases would be more difficult to investigate and successfully resolve without the SARs. Additional tips, helpful links, and resources, as well as the full slide deck, can be found by visiting the BSA Coalition website.