Skip to content
BOL Conferences
Forums · Active Threads · Forum Rules · Mark All Read · Log In
BankersOnline.com Forums Banker Forums BSA/AML/CIP/OFAC Forum What name is listed as Suspect on SAR?
Thread Options
#1195547 - 06/03/09 10:15 PM What name is listed as Suspect on SAR?
NewTooBSA Offline
Platinum Poster
Joined: Nov 2005
Posts: 568
Texas
I have a new scenario and not sure whose name will be listed in Part II of the Suspect Information and what to report as the type of suspicious activity.
One of our customers who uses our cash management product had their computer hacked. The hacker was able to gain access to our customers login information for their online services and processed some wire transactions from their account.
I originally thought this would be reported as computer intrusion but after reading some of the SAR Activity Reviews I realize that refers to the banks computers being accessed so I assume we file it for wire fraud?

My main question is who will be listed as the suspect? Normally it would be our customer but since they are the victim instead of the suspect, how would we complete that section?

By the way, we were able to retrieve most of the funds and have tracked the IP address and are attempting to get further information. Anyone have suggestions on how to find the owner of an IP address?

Any help is appreciated.

Return to Top
BSA/AML/CIP/OFAC Forum
#1195553 - 06/03/09 11:00 PM Re: What name is listed as Suspect on SAR? NewTooBSA
rlcarey Online
10K Club
rlcarey
Joined: Jul 2001
Posts: 83,417
Galveston, TX
You have an unknown suspect - Part II will be blank and you check the "Suspect Information Unavailable" box.
_________________________
The opinions expressed here should not be construed to be those of my employer: PPDocs.com

Return to Top
#1195606 - 06/04/09 12:52 PM Re: What name is listed as Suspect on SAR? NewTooBSA
Buccs Offline
Power Poster
Joined: May 2009
Posts: 3,567
Ohio
you can run a "whois" search for the ip address (google is your friend)- but more likely than not the actual address you have isn't the one that the criminal was at- unless the person in question was incredibly stupid. Usually in that type of a situation they use a "proxy" to disguise their actual address- and the address you have would be that of the proxy rather than the acutal one used in the fraud, but by all means pursue it because stranger things have happened.

If the whois search turns up an ip address in the state, you can contact the provider listed (it will be the owner of the address) and see if they could help- but more often than not you'll need a subpoena. Good luck getting any cooperation if they're out of the country.

Return to Top
#1195637 - 06/04/09 01:20 PM Re: What name is listed as Suspect on SAR? Buccs
devsfan Offline
Diamond Poster
Joined: Jun 2004
Posts: 1,927
NYC
You also know who benefitted from this activity (beneficiaries of the fraudulent wires) and could provide their names as suspects and bank account information in the Narrative.

Return to Top
#1195926 - 06/04/09 04:37 PM Re: What name is listed as Suspect on SAR? devsfan
WonderWoman Offline
Diamond Poster
WonderWoman
Joined: Mar 2007
Posts: 2,108
gone fishin'
If you have a contact with your local SAR Task Force or FBI - they may be able to help you track it down.
_________________________
My opinions are my own, and not that of my employer.

Return to Top
#1196065 - 06/04/09 06:08 PM Re: What name is listed as Suspect on SAR? WonderWoman
NewTooBSA Offline
Platinum Poster
Joined: Nov 2005
Posts: 568
Texas
Thanks for the input.

Return to Top

Moderator:  Andy_Z