#2253018 - 04/27/21 02:28 PM
Who is the suspect on unauthorized checks?
|
Anonymous
Unregistered
|
A trucking company customer is alleging a series of checks cleared which involved the account signer's signature on the front of the checks being forged. The customer claims they have no idea who this payee is. There is one individual on each of the checks; meaning it's all just one payee. The customer says they have no way to prevent any of their legit payees from copying their checks, and they deal with people in all walks of life, etc.
The determination was already made before today that the customer's claim is believed, that these checks are in whatever way unauthorized, and the customer has no idea who might have forged or coordinated all this. This matter totals over $7,000, if you combine all disputed checks. We failed to detect the SAR was needed, in part because no single item was over $1,000, and in part because the customer's personal banker failed to report this internally through the proper channels to get a SAR filed. The SAR, if required, would have needed to be filed over 6 months ago. The employee who failed to report this through proper channels is to be counseled in writing, if we conclude that this omission will lead to a late SAR filing. We may also assign that person a training course, and send a staff reminder to the entire bank about the proper way to report suspicious activity internally. Other than that, I'm not sure what else to do to placate our regulators about a single instance of late filing.
So here's the question: is the SAR threshold for this $5,000 or $25,000 (for an unknown subject on a non-AML matter)? Let's also start with the assumption that I really, really need the threshold to be $25,000, otherwise we're filing a SAR that is 6 months late, with no good excuse for our failure to file it on time. And we never file voluntary SARs. If a matter is below threshold, we do not file.
Can you find any logic at all that would conclude that despite the presence of the one payee on disputed checks totaling over $5,000, we don't really have a known suspect?
In other cases in the past, where there are numerous small-dollar checks ($200 to $500) each payable to a different random individual, with perhaps dozens of payees per case, we have indeed concluded that the "real" suspect - the person who coordinated the theft or forgery - is unknown. The various payees on the small checks could be viewed as likely money mules - therefore "victims" but not necessarily suspects - who were sent legit funds as far as they knew, for whatever scam they believed, and then they were instructed to forward most of the funds soon after receipt.
Would you agree or disagree, with using one or more of the below to conclude this case involves an unknown suspect and a SAR threshold of $25,000?
1 - Payee is a possible money mule, therefore presumed to be a victim not a suspect.
2 - Why would a forger this sophisticated use their real name or identity as the payee? Our presumption would be that the forget didn't do so.
3 - Customer has made the additional claim that even the payee's endorsement is forged - which means the payee is not a confirmed suspect of criminal activity.
4 - As to how the customer would have knowledge for #3, well, I conclude the same: although each check is payable to the same payee, every single signature on the back is different, and, they cleared through various banks in various cities. So the payee is assumed to point towards one or more unknown criminals, rather than directly to any real person named on the face of the check.
|
Return to Top
|
Reply
Quote
Quick Reply
Quick Quote
|
|
|
#2253088 - 04/27/21 11:03 PM
Re: Who is the suspect on unauthorized checks?
Anonymous
|
Gold Star
Joined: Mar 2018
Posts: 338
|
1 - Payee is a possible money mule, therefore presumed to be a victim not a suspect. This may be true but it doesn't sound like you have evidence to support it. Additionally, money mules are acting illegally to launder money on behalf of someone else, so in my opinion they should be listed as a subject regardless.
2 - Why would a forger this sophisticated use their real name or identity as the payee? Our presumption would be that the forget didn't do so. A bad forger would do this, and I'm sure that like most banks you've seen plenty of altered checks where exactly this happened. Regardless, if it was not the forger, see #1.
3 - Customer has made the additional claim that even the payee's endorsement is forged - which means the payee is not a confirmed suspect of criminal activity. I would not defer to the customer in this.
4 - although each check is payable to the same payee, every single signature on the back is different, and, they cleared through various banks in various cities. So the payee is assumed to point towards one or more unknown criminals, rather than directly to any real person named on the face of the check. This is often the case in mobile bank fraud, but again, see #1.
In my opinion, this is a SAR. The payees all likely benefitted from the fraudulent checks, whether they themselves created the checks or under what pretenses they negotiated them (or possibly more likely, under what pretenses someone else negotiated them on their behalf). If it's just a synthetic identity operated by a criminal, you don't have evidence of that and it's for law enforcement to discover, which they can only do if you give them the information you have.
I also think that everything you listed for remediation is appropriate. You have a system of internal controls, but they failed due to an employee's inaction, and that employee has been counseled and retrained. You can consider whether there are any procedural changes you need to make to avoid this again, but there may not be. This is hardly a systemic issue, and trying to explain it away after the fact (that may not be a fair interpretation of your question, but an examiner may review this non-file and view it that way) is likely to draw more criticism than just resolving it, documenting it and moving on.
Last edited by ColoradoAML; 04/27/21 11:04 PM.
|
Return to Top
|
Reply
Quote
Quick Reply
Quick Quote
|
|
|
|
|