In a recent and alarming development, a former anti-money laundering (AML) analyst at TD Bank has pleaded guilty to stealing sensitive customer data and distributing it to criminal networks. This breach not only compromised the personal information of numerous clients but also highlighted systemic vulnerabilities within financial institutions’ internal controls.

The TD Bank Incident: A Wake-Up Call

The ex-employee exploited their position within TD Bank’s AML department to access and disseminate confidential customer data. This insider breach has led to significant legal repercussions for the bank, including a historic $3 billion settlement with U.S. authorities over its role in facilitating money laundering activities .

This case underscores the critical need for robust internal security measures and vigilant monitoring of employees who have access to sensitive information.

The Growing Concern of Insider Threats

Insider threats, whether malicious or negligent, are becoming increasingly prevalent and costly for organizations:

• Prevalence: In 2024, 83% of organizations reported experiencing at least one insider attack, a significant increase from previous years .

• Frequency: The number of organizations experiencing 11-20 insider attacks rose from 4% in 2023 to 21% in 2024, indicating a troubling trend .

• Detection Challenges: A staggering 92% of organizations find insider attacks equally or more challenging to detect than external cyber attacks .

• Financial Impact: Approximately 60% of data breaches are attributable to insider threats, with the average cost of such incidents increasing by 31% since 2018 .

Mitigating Insider Risks: Best Practices

To protect against insider threats, organizations should consider implementing the following strategies:

1. Enhanced Monitoring: Utilize advanced analytics and monitoring tools to detect unusual behavior patterns among employees.

2. Access Controls: Implement strict access controls to ensure employees only have access to the information necessary for their roles.

3. Regular Audits: Conduct frequent audits of systems and processes to identify and address potential vulnerabilities.

4. Employee Training: Provide ongoing training to educate employees about security policies and the importance of safeguarding sensitive information.

5. Incident Response Plans: Develop and regularly update incident response plans to quickly address and mitigate the impact of any insider-related breaches.

Conclusion

The TD Bank data theft case serves as a stark reminder of the significant risks posed by insider threats. As financial institutions and other organizations continue to digitize and handle vast amounts of sensitive data, it is imperative to prioritize internal security measures and foster a culture of vigilance and accountability.

For more insights and resources on fraud prevention and detection, visit the Association of Certified Fraud Examiners (ACFE) Pacific Northwest Chapter website.

We are excited to invite you to the ACFE Pacific Northwest (PNW) Chapter’s Annual Conference, taking place on April 9, 2025, at the University of Washington-Tacoma Campus. This event promises a day filled with insightful sessions led by esteemed professionals in the field of fraud examination.

Conference Schedule:

• Session 1 (8:00 – 8:50 AM): Agency Anti-Fraud Controls & Communications

Speakers: Catherine Hom, CFE, IFDR, CFCI & Brandon McIlwain, CFE, CISA

Gain an overview of the Department of Revenue’s Fraud and Unclaimed Property programs, explore real-world fraud schemes encountered by government agencies, and delve into the Fraud Triangle to understand the motivations behind fraudulent activities. This session will also provide guidance on detecting manipulated documents and reporting fraud events effectively.

• Session 2 (9:00 – 10:45 AM): The Virtuous CFE… Some Cases

Speaker: Dr. Brian K. Steverson, John L. Aram Chair of Business Ethics, Gonzaga University

Explore the professional virtues outlined in the ACFE Code of Ethics. Dr. Steverson will discuss the significance of these virtues and examine their application through various case studies. This session fulfills two hours of the required ethics Continuing Professional Education (CPE) training.

• Session 3 (11:00 – 11:45 AM): ACFE PNW Chapter Spotlight

Speakers: PNW Chapter Board of Directors

Discover the latest initiatives and achievements of the PNW Chapter. Learn about upcoming opportunities, resources available to members, and strategies to maximize your membership benefits both regionally and globally.

• Lunch Break (11:45 AM – 1:00 PM)
• Session 4 (1:00 – 2:45 PM): Fighting Fraud with the Office of the Washington State Auditor

Speaker: Brandi Pritchard, CFE

Gain insights from recent government fraud case studies and learn how data analytics played a role in detecting significant misappropriations. This session will provide valuable techniques and tips to enhance your fraud detection efforts.

• Session 5 (3:00 – 4:45 PM): Keynote: Confessions of a CIA Spy: The Art of Human Hacking

Speaker: Peter Warmka, Former Senior Intelligence Officer with the CIA

Delve into the world of social engineering as Peter Warmka shares his experiences and insights on how threat actors manipulate individuals to breach organizational security. Learn strategies to protect your organization from such insider threats.

This conference offers a unique opportunity to enhance your knowledge, earn CPE credits, and network with fellow professionals dedicated to fraud prevention and detection.

For more details and to register, please visit our Annual Conference Schedule.

We look forward to welcoming you to an engaging and informative event!

The shift to remote work has introduced significant challenges in fraud prevention and detection. The absence of traditional physical and managerial controls has created new avenues for fraudulent activities. Below are some prevalent fraud risks associated with remote work environments, illustrated with specific case examples.

Time Theft

Time theft occurs when employees misrepresent their working hours, leading to productivity losses. In remote settings, the lack of direct supervision can make it easier for employees to engage in such behavior. For instance, an employee might log in to work but engage in personal activities during paid hours. Implementing achievement-based performance metrics and regular check-ins can help mitigate this risk. 

Payroll Fraud

Payroll fraud involves deceitful actions related to employee compensation, such as falsifying timesheets or creating ghost employees. In remote work scenarios, reduced oversight can make it easier for such schemes to go undetected. For example, an employee might log more hours than actually worked, leading to financial losses for the company. Regular reconciliation of payroll accounts and requiring managerial approval for timesheets can help prevent this type of fraud. 

Data Theft

With employees accessing company systems from various locations, the risk of unauthorized data access and theft increases. Remote work environments can lack the stringent security measures present in traditional office settings, making sensitive information more vulnerable. Implementing robust cybersecurity protocols, such as using VPNs and enforcing strong password policies, is crucial to mitigate this risk. 

Insider Threats

The physical distance in remote work can weaken organizational bonds, potentially leading to rationalizations for unethical behavior. Employees might feel less connected to their teams and more justified in committing fraud, especially if they perceive inequities or lack of appreciation. Fostering a strong organizational culture and maintaining open communication channels can help address this issue. 

External Threats

Remote work has also opened doors for external actors to exploit vulnerabilities. For example, North Korean operatives have been known to pose as remote IT workers to infiltrate companies, leading to data breaches and financial losses. Implementing rigorous identity verification processes and monitoring remote access can help prevent such infiltrations. 

Mitigation Strategies

To combat these fraud risks, organizations should consider the following measures:

• Enhanced Oversight: Implement regular virtual check-ins and performance reviews to monitor employee activities.
• Robust Cybersecurity Protocols: Utilize VPNs, enforce strong password policies, and ensure regular software updates.
• Clear Policies and Training: Develop comprehensive remote work policies and provide regular training on ethical behavior and fraud awareness.
• Data Access Controls: Limit access to sensitive information based on job roles and monitor data access logs.
• Identity Verification: Implement stringent verification processes during hiring and for ongoing access to company systems.

By proactively addressing these risks, organizations can better safeguard against fraud in remote work environments.

A recent investigation by the Organized Crime and Corruption Reporting Project (OCCRP) has shed light on a massive ecosystem of unregulated payment providers that enable scammers to collect money from their victims. This revelation highlights a significant challenge for organizations, financial institutions, and regulators worldwide.

The Problem: Unregulated Payment Networks

The OCCRP report uncovers how an intricate web of unregulated payment processors, offshore financial institutions, and shell companies are being used to facilitate the transfer of illicit funds. These entities are often located in jurisdictions with weak regulatory frameworks, making it difficult for authorities to track transactions and prosecute offenders.

Unregulated payment providers often function as intermediaries between scammers and their victims, using various methods to transfer money while evading detection. These providers facilitate transactions through methods such as online payment processors, prepaid cards, and even cryptocurrencies. By operating outside of traditional financial systems, they can bypass critical safeguards designed to prevent fraudulent activities, such as Know Your Customer (KYC) and Anti-Money Laundering (AML) protocols.

Investigations revealed that these unregulated networks often employ complex structures involving multiple layers of shell companies and financial institutions across various jurisdictions. This deliberate fragmentation of transaction pathways makes tracing money flows difficult for regulators and investigators alike. Furthermore, scammers frequently establish companies in countries with weak or non-existent regulations, providing them with a haven to process fraudulent payments without scrutiny.

The report highlights specific examples of scams involving investment frauds, online trading platforms, and high-yield investment programs that heavily rely on unregulated payment providers. Victims are persuaded to transfer money through seemingly legitimate channels, only to find that their funds have vanished through a web of opaque transactions.

These fraudulent schemes are not only limited to consumer scams but also extend to larger-scale financial crimes involving money laundering and tax evasion. Criminal enterprises leverage unregulated payment systems to obscure the origins of illicit funds, further complicating efforts to trace and recover assets. The absence of transparency in these transactions creates a significant barrier for authorities attempting to identify the true beneficiaries of fraudulent schemes.

The global reach of these unregulated networks poses a considerable challenge for enforcement agencies. Since transactions often cross multiple borders, they fall under various jurisdictions, each with its own set of regulations and enforcement capabilities. This fragmented regulatory landscape creates opportunities for scammers to exploit gaps in oversight, making it even more difficult to combat these schemes effectively.

Governments and regulatory bodies are increasingly aware of the need for comprehensive frameworks to address the risks posed by unregulated payment providers. Efforts to establish stricter reporting requirements, enhance information sharing between jurisdictions, and implement technology-driven solutions are underway. However, the adaptability of scammers and the continued evolution of payment technologies present ongoing challenges.

The findings from the OCCRP investigation underscore the importance of closing regulatory loopholes that allow fraudulent actors to exploit unregulated payment systems. Without coordinated international action and improved oversight mechanisms, these networks will continue to thrive and pose a substantial threat to financial integrity worldwide.

Final Thoughts

The unregulated payment ecosystem represents a growing threat to financial systems and legitimate businesses. The ability of scammers to operate with near impunity through these networks highlights the urgent need for global cooperation and strengthened regulations. As technology continues to advance, the need for vigilance and innovation in combating these schemes becomes even more critical.

In today’s digital age, real estate transactions have become prime targets for cybercriminals employing sophisticated wire fraud schemes. These scams can result in significant financial losses for unsuspecting buyers and professionals involved in property transactions. Understanding how these frauds occur and recognizing their warning signs are crucial steps in safeguarding your investments.

How Real Estate Wire Fraud Occurs

Real estate transactions typically involve multiple parties, including realtors, mortgage brokers, inspectors, appraisers, title companies, and attorneys. Communication among these parties often occurs via email, a medium that fraudsters exploit. According to a 2023 fraud summary from the Federal Trade Commission (FTC), email was the top reported tactic used by scammers to seek fraudulent payments.

Cybercriminals engage in “business email compromise” (BEC) by sending messages that appear to come from known real estate contacts, making seemingly legitimate requests. A common tactic involves sending instructions on how to wire a down payment, leading victims to transfer substantial funds to fraudulent accounts.

Signs of Real Estate Wire Fraud Emails

Fraudulent emails are often convincing and sophisticated, making them challenging to detect. Be vigilant for these red flags:

• Sender Email Domains: Check for slight misspellings or variations in email addresses. Fraudsters may create accounts that closely resemble legitimate ones, with minor differences that are easy to overlook.
• Urgency and Pressure: Be cautious of emails that create a sense of urgency or pressure you to act quickly without proper verification.
• Unusual Requests: Be wary of unexpected changes in payment procedures or requests for sensitive information.

Tips to Protect Yourself

To safeguard against real estate wire fraud:

• Verify Instructions: Always verify wiring instructions through a trusted and direct communication channel, such as a known phone number, before transferring funds.
• Be Skeptical of Changes: Be cautious of any sudden changes in payment instructions or procedures, especially if communicated solely via email.
• Secure Communication: Use secure methods for sharing sensitive information and avoid conducting such matters over unsecured or public networks.
• Educate and Train: Ensure that all parties involved in the transaction are aware of wire fraud risks and know how to recognize and prevent potential scams.

By staying informed and vigilant, you can protect your real estate investments from the growing threat of wire fraud.

For more details, read the full article here: Real Estate Wire Fraud – What You Need to Know.

In the evolving landscape of cyber threats, a new and concerning practice has emerged: Infrastructure Laundering. This term, introduced by cybersecurity firm Silent Push, describes a method where threat actors, masquerading as legitimate hosting companies, rent IP addresses from major cloud providers to conceal malicious activities. This tactic not only complicates detection efforts but also poses significant challenges to traditional security measures.

Understanding Infrastructure Laundering

Infrastructure Laundering involves cybercriminals leveraging the credibility of established cloud services to mask their illicit operations. By renting IP addresses from reputable providers such as Amazon Web Services (AWS) and Microsoft Azure, these actors integrate their malicious infrastructure within legitimate networks. This integration makes it difficult for defenders to distinguish between genuine and harmful traffic, as blocking IPs associated with well-known providers can inadvertently disrupt legitimate services.

The FUNNULL CDN Case

Silent Push’s research highlights the activities of the FUNNULL content delivery network (CDN) as a prominent example of Infrastructure Laundering. FUNNULL has reportedly rented over 1,200 IP addresses from AWS and nearly 200 from Microsoft Azure. While many of these IPs have been deactivated, FUNNULL continues to acquire new ones, often using fraudulent or stolen accounts. This persistent cycle enables them to maintain their operations despite takedown efforts.

The malicious activities facilitated by FUNNULL’s infrastructure are diverse and alarming:

• Money Laundering Services: Hosting platforms that assist in concealing the origins of illicit funds.
• Retail Phishing Schemes: Deceptive websites designed to steal personal and financial information from unsuspecting consumers.
• Pig-Butchering Scams: Sophisticated frauds where victims are enticed into long-term schemes, often involving fake investments, leading to substantial financial losses.

Challenges and Questions

The ongoing success of Infrastructure Laundering raises critical questions about the current capabilities of cloud service providers:

• Detection and Response: Why do cloud providers struggle to identify and halt the illicit rental of IP addresses in real-time?
• Post-Takedown Analysis: When a hosting account is terminated for fraudulent activities, are providers thoroughly investigating the associated content and monitoring for similar patterns within their networks?
• Continuous Acquisition: How can entities like FUNNULL repeatedly obtain new IP addresses from mainstream providers, even after previous accounts have been banned?

These concerns suggest potential gaps in the monitoring and enforcement mechanisms of cloud services, which threat actors are adeptly exploiting.

Mitigation Strategies

Addressing Infrastructure Laundering requires a collaborative and multi-faceted approach:

• Enhanced Monitoring: Cloud providers must implement robust systems to detect suspicious activities related to IP rentals and swiftly act upon them.
• Information Sharing: Establishing channels for real-time communication between cloud services and cybersecurity firms can aid in the rapid identification of emerging threats.
• Regulatory Oversight: Governments and regulatory bodies should consider frameworks that hold service providers accountable for the misuse of their platforms, ensuring they take proactive measures against such exploitation.

Conclusion

Infrastructure Laundering represents a significant evolution in cybercriminal tactics, effectively blending malicious activities within the fabric of legitimate cloud services. For professionals in the anti-fraud and cybersecurity sectors, understanding and combating this practice is imperative. By enhancing detection capabilities, fostering collaboration, and advocating for stringent oversight, the cybersecurity community can work towards dismantling these covert operations and safeguarding the integrity of our digital infrastructure.

Experiencing job loss can be challenging, but numerous resources are available in Washington State to support you during this transition. The ACFE Pacific Northwest (PNW) Chapter offers valuable programs and services, including career development, training, and networking opportunities within the fraud examination and investigation community.

1. ACFE Pacific Northwest Chapter Resources, Training, and Networking

As part of our commitment to supporting members and the broader community, the ACFE PNW Chapter provides several resources to assist you:

• Monthly Chapter Meetings & Networking Events: Connect with industry professionals, hiring managers, and fellow Certified Fraud Examiners (CFEs). These events offer excellent opportunities to network, share experiences, and learn about job openings. Check our Events Calendar for upcoming meetings.

• Fraud Training and Continuing Professional Education (CPE) Courses: Maintain and enhance your skills by participating in our webinars, workshops, and seminars. Explore upcoming sessions on our Training Page.

• ACFE PNW Chapter Mentorship Program: Receive guidance from experienced CFEs to navigate career transitions and explore new career paths. For more information, contact us through our Contact Page.

• Volunteer Opportunities: Enhance your resume and build new skills by volunteering with the ACFE PNW Chapter. Opportunities range from event coordination to blog writing and outreach. Visit our Volunteer Opportunities Page to learn more.

2. Employment Assistance and Job Search Support

• Washington State Employment Security Department (ESD): Offers unemployment benefits, job search support, and career retraining programs. Visit the ESD Website for more information.

• WorkSource Washington: Provides workshops, job search tools, resume assistance, and networking events. Explore services at WorkSource Washington.

• CareerOneStop: A U.S. Department of Labor resource for job listings and career exploration. Visit CareerOneStop to begin your search.

3. Financial Assistance Programs

• Unemployment Insurance (UI): Apply through the Washington State Employment Security Department. Visit the UI Application Page to start your application.

• COBRA Health Insurance: Continue your employer-provided health coverage temporarily. Learn more at the U.S. Department of Labor COBRA Information Page.

• Temporary Assistance for Needy Families (TANF): Provides cash assistance for families with children. Visit the Washington State Department of Social and Health Services TANF Page for eligibility information.

• Supplemental Nutrition Assistance Program (SNAP): Offers help with grocery costs. Apply via the Washington Connection Portal.

⚖️ 4. Legal Rights and Support for Terminated Employees

• Washington State Human Rights Commission: Assists with wrongful termination and discrimination claims. Visit the Human Rights Commission Website for guidance.

• National Employment Lawyers Association (NELA): Find an attorney specializing in employment law. Visit the NELA Find-A-Lawyer Directory to locate legal assistance.

• Legal Aid Services: Free or low-cost legal assistance for employment disputes. Visit Northwest Justice Project for resources and support.

️ 5. Resources for Whistleblowers

If your termination resulted from reporting misconduct or unethical behavior, you may be eligible for legal protections and support:

• Washington State Auditor’s Office – Whistleblower Program: Provides an avenue for state employees to report suspected improper governmental actions. Learn more at the Whistleblower Program Page.

• Washington State Human Rights Commission: Investigates claims of retaliation against whistleblowers. Visit the Human Rights Commission Website for more information.

• King County Ombuds Office: Offers guidance and support to whistleblowers within King County. Visit the Whistleblower Complaints Page for details.

• U.S. Department of Labor – Whistleblower Protection Program: Protects employees who report workplace violations. Learn more at the Whistleblower Protection Program Page.

❤️ 6. Emotional and Mental Health Support

Losing a job can be emotionally challenging, but support is available:

• Washington 211: Connects you with local counseling services, financial assistance, and support groups. Dial 211 or visit Washington 211 for assistance.

• National Alliance on Mental Illness (NAMI) Washington: Provides peer support groups and mental health resources. Visit NAMI Washington to find support.

• Employee Assistance Programs (EAP): If available, utilize your former employer’s EAP for short-term counseling and support.

7. Career Development and Training Resources

• Workforce Innovation and Opportunity Act (WIOA): Offers job retraining and skill development programs. Contact your local WorkSource office or visit WorkSource WIOA Information for details.

• edX, Coursera, and LinkedIn Learning: Explore online courses to build new skills and certifications.

• ACFE Membership Resources: Access industry publications, training discounts, and career tools. Visit the ACFE Membership Page to learn more.

Moving Forward with Support from ACFE PNW

Losing a job can be difficult, but it can also be a time for growth and new opportunities. Whether you need financial support, legal protection, career guidance, or networking opportunities, these resources can help you transition to your next chapter with confidence.

The ACFE PNW Chapter is here to support you through mentorship, training, and professional connections.

For additional resources, industry insights, and upcoming events, visit the ACFE Pacific Northwest Chapter website.

Fraud can happen in any organization, large or small, public or private. According to the Association of Certified Fraud Examiners’ (ACFE) Report to the Nations, organizations lose an average of 5% of annual revenue to fraud. Strengthening internal controls is one of the most effective ways to mitigate this risk, ensuring your organization is protected from fraud and operational inefficiencies.

Here are key strategies to strengthen internal controls in your organization:

1. Segregation of Duties

One of the simplest yet most effective internal control mechanisms is the segregation of duties (SoD). No single employee should have control over all aspects of a financial transaction, such as authorization, recording, and custody of assets.

•Why it matters: SoD prevents one individual from committing and concealing fraud.

•Example: Ensure that the person approving invoices is not the same person processing payments.

2. Regular and Surprise Audits

Audits are essential to assess whether policies and procedures are being followed, but the element of surprise adds an extra layer of deterrence.

•Why it matters: Employees are less likely to commit fraud if they know their work could be reviewed unexpectedly.

•How to implement: Schedule periodic audits while incorporating surprise checks into the routine.

3. Clear Policies and Procedures

Establish clear, documented policies for critical processes such as procurement, expense reimbursement, and cash handling.

•Why it matters: Policies provide a framework for employees to understand what is acceptable and expected.

•Tip: Regularly review and update these policies to reflect changes in your organization or industry.

4. Leverage Technology

Modern technology can play a pivotal role in fraud prevention. Implement tools like data analytics software and automated controls to monitor transactions and flag anomalies.

•Why it matters: Technology can identify unusual patterns or behaviors that might indicate fraud.

•Example: Use automated systems to require multiple approvals for high-value transactions.

5. Strong Whistleblower Programs

Encourage employees to report suspicious activities without fear of retaliation. A strong whistleblower program can uncover fraud early, before it escalates.

•Why it matters: The ACFE reports that 42% of fraud cases are detected by tips, making whistleblower programs the most effective detection tool.

•How to implement: Set up anonymous reporting channels and train employees on how to use them.

6. Ongoing Employee Training

Regular training on fraud awareness ensures all employees are vigilant and informed about the latest fraud schemes.

•Why it matters: Educated employees are more likely to recognize and report red flags.

•Tip: Include fraud prevention training as part of your onboarding process and conduct refresher sessions annually.

7. Perform Fraud Risk Assessments

Conducting regular fraud risk assessments helps identify and address vulnerabilities in your internal controls.

•Why it matters: Proactively identifying risks can prevent fraud from occurring.

•How to implement: Engage Certified Fraud Examiners (CFEs) to evaluate your organization’s processes and recommend improvements.

8. Monitor and Review Controls

Strong internal controls require continuous monitoring to remain effective. Establish a system for regularly reviewing and testing these controls.

•Why it matters: Fraud schemes evolve, and your controls should adapt to meet emerging risks.

•Example: Review access permissions periodically to ensure they align with employees’ current responsibilities.

Final Thoughts

Internal controls are your organization’s first line of defense against fraud. By implementing robust controls and fostering a culture of transparency and accountability, you can significantly reduce fraud risk. Certified Fraud Examiners (CFEs) are well-equipped to help organizations design, implement, and monitor these controls effectively.

If you’d like to learn more about strengthening internal controls or need guidance on assessing your organization’s fraud risks, connect with the ACFE Pacific Northwest Chapter. Let’s work together to build stronger, fraud-resistant organizations!

Stay informed on fraud prevention strategies and trends by visiting our blog regularly. Follow us on LinkedIn for updates and resources.

#FraudPrevention #InternalControls #ACFEPNW #FraudAwarenessWeek

The U.S. Department of Justice’s Fraud Section has released its 2024 Year in Review, highlighting its major fraud enforcement actions and evolving strategies to combat financial crime. This past year marked record-breaking corporate settlements, aggressive enforcement against high-level offenders, and enhanced investigative techniques, all of which have significant implications for fraud examiners and compliance professionals.

A Year of High-Impact Prosecutions

In 2024, the Fraud Section:

✔️ Charged 234 individuals for financial crimes, including corporate executives and professionals.

✔️ Secured convictions against 252 individuals, reflecting a high success rate in prosecutions.

✔️ Resolved cases with over $2.3 billion in corporate settlements, tripling the amount from 2023.

Notably, 35% of those charged were high-ranking executives, attorneys, accountants, and other gatekeepers, signaling a shift toward targeting those enabling fraud schemes rather than just individual perpetrators.

The Most Prolific Fraud Schemes in 2024

The DOJ’s Fraud Section targeted a wide range of financial crimes, but three key fraud schemes dominated enforcement actions in 2024:

1️⃣ Healthcare Fraud & COVID-19 Relief Fraud

The Healthcare Fraud Unit aggressively pursued individuals and entities exploiting federal programs:

•$1.2 billion in fraudulent claims uncovered, including Medicare/Medicaid fraud, kickback schemes, and unnecessary medical services.

•Convictions of doctors, medical professionals, and corporate executives involved in overbilling, false diagnoses, and illegal referrals.

•COVID-19 relief fraud remained a focus, with fraudsters exploiting PPP loans, unemployment assistance, and healthcare relief funds.

2️⃣ Corporate & Securities Fraud

Financial crimes affecting investors and markets resulted in high-profile corporate settlements and prosecutions:

•Market manipulation and insider trading schemes targeted major financial institutions and hedge funds.

•Convictions for executives engaging in fraudulent financial reporting, Ponzi schemes, and investment fraud.

•Increased use of data analytics to detect suspicious trading patterns, pump-and-dump schemes, and accounting fraud.

3️⃣ Foreign Corrupt Practices Act (FCPA) & Bribery

The DOJ’s anti-bribery enforcement surged, targeting international corporate misconduct:

•Resolutions with major multinational corporations spanning China, Germany, Brazil, Spain, Australia, Switzerland, and South Africa.

•The largest-ever corporate settlement for FCPA violations involving a major energy company.

•Introduction of the International Corporate Anti-Bribery (ICAB) Initiative to increase cross-border enforcement.

Cutting-Edge Enforcement Strategies

The Fraud Section introduced several key initiatives in 2024 to improve fraud detection and prosecution:

Corporate Whistleblower Awards Pilot Program – Encourages individuals to report misconduct, similar to SEC whistleblower incentives.

AI & Data Analytics in Fraud Investigations – DOJ analysts used AI-driven detection tools to uncover fraud patterns in market trading, healthcare billing, and financial transactions.

Enhanced Corporate Voluntary Disclosure Policy – Encouraging self-reporting and cooperation to mitigate corporate penalties.

Key Takeaways for Fraud Examiners

Increased Scrutiny of High-Level Executives – Expect more prosecutions of corporate gatekeepers such as accountants, attorneys, and compliance officers.

Data-Driven Investigations – The DOJ’s use of AI and analytics reinforces the importance of forensic accounting and fraud detection technology.

Global Expansion of Fraud Enforcement – The DOJ’s international cases highlight the growing need for compliance programs that address cross-border fraud risks.

As the DOJ Fraud Section enters its 70th year, its enforcement actions continue to shape the landscape of corporate compliance, financial fraud investigations, and anti-corruption efforts. Fraud examiners, compliance officers, and investigators should take note of emerging fraud trends and enforcement priorities to enhance their fraud prevention strategies.

For a full overview of the DOJ Fraud Section’s 2024 Year in Review, visit the Department of Justice website here.

Stay informed on the latest fraud trends and enforcement updates by following the ACFE Pacific Northwest Chapter.

The FBI has issued a public service announcement highlighting the increasing use of generative artificial intelligence (AI) by criminals to enhance the effectiveness and scale of financial fraud schemes. Generative AI enables the creation of highly convincing synthetic content, making it more challenging for individuals and organizations to detect fraudulent activities.

AI-Generated Text

Criminals leverage AI to produce realistic text, facilitating various fraudulent activities:

•Social Engineering and Phishing: Crafting persuasive messages to deceive individuals into revealing sensitive information or transferring funds.

•Fake Profiles: Generating numerous fictitious social media profiles to lure victims into financial scams.

•Enhanced Language Proficiency: Utilizing AI for language translation to minimize errors, thereby increasing the credibility of scams targeting individuals across different regions.

AI-Generated Images

The use of AI extends to creating realistic images that support fraudulent schemes:

•Deceptive Profiles: Producing authentic-looking photos for fake social media accounts involved in romance and investment scams.

•Fake Identification: Creating counterfeit identification documents to facilitate identity theft and impersonation.

•False Endorsements: Generating images of celebrities or influencers promoting counterfeit products or fraudulent services.

AI-Generated Audio and Video

Advancements in AI have made it possible to clone voices and create realistic videos:

•Vocal Cloning: Impersonating voices of relatives or authority figures to request urgent financial assistance or conduct ransom demands.

•Deepfake Videos: Creating videos of public figures to lend credibility to fraudulent schemes or misinformation campaigns.

Protective Measures

To safeguard against these sophisticated AI-driven frauds, consider the following steps:

•Verification Protocols: Establish secret codes or phrases with family members to confirm identities during emergencies.

•Scrutinize Content: Be vigilant for subtle inconsistencies in images, videos, or audio that may indicate manipulation, such as unnatural movements or mismatched lip-syncing.

•Limit Personal Exposure: Restrict the amount of personal information, images, and audio shared publicly online to reduce the risk of them being exploited for fraudulent purposes.

•Independent Verification: Always verify unsolicited requests for financial assistance or sensitive information by contacting the individual or organization directly through known and trusted channels.

As generative AI technology continues to evolve, it is crucial for individuals and organizations to remain vigilant and adopt proactive measures to detect and prevent AI-facilitated fraud. Staying informed about these emerging threats and implementing robust verification processes can significantly reduce the risk of falling victim to such schemes.

For more detailed information, please refer to the FBI’s official announcement.