US: Identity-Related Exploits Amount To $212bn

January 19, 2024
Back
The US Financial Crimes Enforcement Network (FinCEN) received 1.6m reports related to the exploitation of identity processes, the latest statistics show.

The US Financial Crimes Enforcement Network (FinCEN) received 1.6m reports related to the exploitation of identity processes, the latest statistics show.

The Financial Trend Analysis (FTA), published on January 9, 2024, is part of FinCEN’s Identity Project. It estimates the 1.6m incidents filed in 2021 under the Bank Secrecy Act (BSA) is equivalent to $212bn in suspicious activity.

Highlighting the vulnerability of these processes during transaction processing, as well as opening and accessing accounts, the incidents accounted for 42 percent of the 3.8m reports.

The report found more than 14 typologies commonly indicated in identity-related reports.

The five most frequently reported involved fraud, false records, identity theft, third-party money laundering and circumvention of verification standards. These five accounted for 88 percent of identity-related BSA reports and 74 percent of the total identity-related suspicious activity amount reported in 2021.

Aggregate data based on 2.4m reports involving $351m in suspicious activity indicated that around 1.7m or 69 percent of identity-related filings reported attackers impersonated others to defraud victims. 

Around 446,000 of the identity-related reports described attackers using compromised credentials to gain unauthorised access to legitimate customers’ accounts. Another 323,000 filings, or 13 percent, reported bad actors exploiting insufficient verification processes.

Compromised credentials have a disproportionate financial impact compared with other types of identity exploitation, the analysis found, as they accounted for 18 percent of the reports but 32 percent of the value of suspicious activity at $112bn. Impersonation accounted for 57 percent at $200bn and circumvention accounted for 11 percent at $39bn.

Although identity-related suspicious activity affected all types of financial institutions, depository institutions filed around 54 percent of the reports. 

Although most financial institutions reported impersonation as the most prevalent identity exploitation, money services businesses, which filed 21 percent of the reports, most often reported circumvention of verification.

“Robust customer identity processes are foundational to the security of the US financial system, and critical to the effectiveness of financial institutions’ programs to combat money laundering and counter the financing of terrorism,” said FinCEN director Andrea Gacki. 

“Financial institutions are encouraged to work across their internal departments to address these schemes.”

FinCEN pointed to innovations in verifying digital identities as having the potential to help banks and other financial institutions more effectively identify and report illicit financial activity. 

The enforcement network, which is a bureau of the US Treasury, is working with private and public-sector organisations to assess opportunities and explore the risks that emerging technologies such as digital IDs present to financial institutions, including through the BSA Advisory Group, FinCEN Exchanges and Innovation Hours.

Our premium content is available to users of our services.

To view articles, please Log-in to your account, or sign up today for full access:

Opt in to hear about webinars, events, industry and product news

To find out more about Vixio, contact us today
No items found.