I was reading a fascinating true fraudulent situation on ‘U.S Charges Eight with Multi Million-Dollar cybercrime’ dated June 12, 2013 in CIO Magazine. Essentially hackers were able to gain access into the accounts of various banks and organizations which included the U.S Military’s Defense Finance and Accounting Service. In addition, the hackers allegedly submitted fraudulent tax returns to the U.S Internal Revenue Service seeking refunds.
The funds received from these institutions were then directed on to pre-paid debit cards and various bank accounts. In the case of the pre-paid debit cards, money was obtained from ATM withdrawals and purchases which were converted into cash. Cash was then deposited into bank accounts in amounts below reportable thresholds limits.
Apart from reading this ingenious scam operation, I could not help but think of the consequences to our legitimate business. Once the funds were in bank accounts and even the pre-paid debit cards, it could have easily been used to purchase products or services offered by our institutions. And even applying the standard Know Your Customer rules when conducting business with a new client, I can imagine that there is a possibility of such activity still passing through our business unwittingly.
We would then only be aware of a problem when the authorities made their investigation. And at this point, the scenario becomes a regulatory nightmare for any legitimate business which would have accepted these transactions. Apart from possible financial losses we would then be faced with a regulatory issue of how we could have allowed this transaction to be passed through our organization.
The end result is that business in general is tough as it is. But with sophisticated cybercrime, we now have additional financial and regulatory problems.
– Allan Ramlall