Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On June 10, the Federal Bureau of Investigation issued a Public Service Announcement (PSA) cautioning mobile banking application users to remain vigilant of cyber activity. Specifically, the PSA indicated, with a more than 50 percent increase in mobile web application usage since the start of the year, that cyber actors may attempt to steal login credentials through the introduction of trojans embedded in other software and the deployment of fake banking applications, designed to trick consumers into entering their credentials. The PSA provides three recommendations for all mobile banking application users and organization: (i) use strong passwords (at least eight characters); (ii) use multifactor authentication and not share multifactor PINs; and (iii) contact the financial institution if a banking application appears suspicious. Finally, the PSA reminds consumers that financial institutions will not ask for login credentials over the phone.
On May 21, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled “Combating Illicit Financing By Anonymous Shell Companies Through the Collection of Beneficial Ownership Information.” The Committee heard from the same panel of witnesses who testified in November on the need for modernization of the Bank Secrecy Act/Anti-Money Laundering regime. (Covered by InfoBytes here.) Committee Chairman Mike Crapo opened the hearing by stressing the need to discuss ways in which beneficial ownership information collected in an effort to deter money laundering and terrorist financing through anonymous shell companies can be made more useful. Panelists from the Financial Crimes Enforcement Network, the FBI, and Office of the Comptroller of the Currency all emphasized the importance of creating a regime in which beneficial ownership is collected at the corporate formation stage and, for foreign entities, upon the time of registration with U.S. states to conduct business or upon establishing an account with a U.S. financial institution.
On May 31, the North American Securities Administrators Association (NASAA) announced it will hold a cybersecurity roundtable for industry experts to discuss latest developments as well as strategies for investment advisers and broker-dealers to protect personal client information. In addition to convening representatives from state securities agencies and the financial services industry, roundtable discussions will also feature representatives from the FBI, Treasury, and the SEC. The event will take place June 23 from 9 a.m. to 3:30 p.m. in Washington, DC. Registration information can be accessed here.
On May 4, the FBI’s Internet Crime Complaint Center released a public service announcement (I-050417-PSA) citing losses to U.S. businesses of nearly $1.6 billion due to social engineering wire transfer and other payment scams between October 2013 and December 2016, with approximately one fifth of the losses coming in the last seven months of 2016. The FBI defines the crime as Business E-mail Compromise (BEC), a sophisticated scam targeting businesses that regularly perform wire transfer payments and/or work with foreign suppliers, and often specifically involves E-mail Account Compromise (EAC) of individuals that perform wire transfer payments. Victims range from small businesses to large corporations and deal in a wide variety of goods and services. According to the FBI, the five main BEC/EAC scam scenarios are: (i) a business working with a longstanding or trusted foreign supplier, where a perpetrator may impersonate the supplier and seek a change in payment instructions by e-mail, phone or fax; (ii) a high-level business executive whose e-mail account is compromised receiving or initiating a request for a wire transfer; (iii) a third party business contact receiving fraudulent correspondence, such as requests for invoice payment, through a compromised email account; (iv) impersonation of a business executive or attorney; and (v) data theft. The FBI also cites 2016 trends including a 480 percent increase in complaints filed by title companies targeted by scammers as part of a real estate transaction, a 50 percent increase in complaints filed by businesses working with dedicated foreign suppliers, and a large increase in W-2 and PII phishing occurring during the 2016 tax season.
- Jonice Gray Tucker to moderate “Pandemic relief response and lasting impacts on access, credit, banking, and equality” at the American Bar Association Business Law Section Spring Meeting
- Jeffrey P. Naimon to discuss "Post-pandemic CFPB exam preparation" at the Mortgage Bankers Association Spring Conference & Expo
- Jonice Gray Tucker to discuss "Making fair lending work for you" at the Mortgage Bankers Association Spring Conference & Expo
- Jonice Gray Tucker to discuss "Reading the tea leaves of President Biden’s initial financial appointees" at LendIt Fintech
- Moorari K. Shah to discuss “CA, NY, federal licensing and disclosure” at the Equipment Leasing & Finance Association Legal Forum
- Jonice Gray Tucker to discuss "Compliance under Biden" at the WSJ Risk & Compliance Forum
- Sherry-Maria Safchuk to discuss UDAAP at an American Bar Association webinar
- Jonice Gray Tucker to discuss “The future of fair lending” at the Mortgage Bankers Association Legal Issues and Regulatory Compliance Conference