BID® Daily Newsletter
Feb 8, 2022

BID® Daily Newsletter

Feb 8, 2022

Key Reminders To Protect Your Institution From Money Mules

Summary: Last year, the FBI reported it had pursued 2x the number of people involved in money mule activities vs. those in 2020. While they were able to recover $3.7MM in fraud funds, money mules are still actively recruited, wittingly and unwittingly. Here are three critical tips to protect your institution.

Mules, a cross between a horse and a donkey, are smarter and more patient than a donkey. It can withstand the weather elements much better than horses, with thicker skin. Due to its strength, it has been used in pulling plows and carrying heavy loads. According to the softschools.com website, a mule also “has very good sense of self-preservation, which means that it easily detects dangerous situations and tries to avoid them.
That may be true of mules, but mules of another type — money mules — are in the thick of dangerous situations regularly and are an increasing threat to the financial industry. The use of money mules by criminal enterprises is growing rapidly and straining the defenses of community financial institutions (CFIs). They have many different faces, demeanors, and ways of working. To stay on top of this important issue, we give you the latest details along with three critical tips, to keep you aware and protect your institution.
Bigger problem than ever

The FBI defines a money mule as a person who transfers money at the request of another person to “assist criminals with laundering proceeds from illegal activity and are often promised easy money for their participation in moving funds.” Money mules are the foot soldiers in the global epidemic of bank fraud and their ranks are growing.
In December, the FBI said it had pursued over 4,750 people participating in money mule deeds during a crackdown over the previous 10 weeks. That is double the number in the previous year’s initiative. Through these efforts, law enforcement was able to recover $3.7MM.
To help fight this issue, in December, the FBI launched a campaign aimed at fighting the problem, called “Don’t Be a Mule.” The initiative seeks to assist individuals in avoiding becoming unwitting mules through such gambits as dating sites and phony work-from-home offers (a particularly effective recruitment tool during the pandemic).
Who the money mules are

Romanced mules. Meet Glenda, an 81Y old money mule. Her story is that she met the love of her life online. When he said he needed help with his business in Nigeria, she readily agreed, opening personal and business accounts for him. These accounts were then used to launder money. Glenda was an unwitting money mule, solicited by a fraudster through a favorite trick: the romance scam. Money mules can also be “romanced” by illicit, “too good to be true” work-from-home opportunities, often advertised on signs with simply a phone number.
Willing mules. Others are willing participants, recruited by scammers, who get a cut of the proceeds in exchange for opening accounts to launder criminal cash. People who are looking for a quick way to make money are likely targets. These days, many of the recruited mules are younger individuals hunting for jobs and neglecting to ask the right questions.
Professional mules. There are also professional mules who hire themselves out and may travel from state to state setting up fake accounts for thieves to launder money. These mules know what they are doing, but consider the rewards worth the high stakes. They could be the hardest to catch, since they know how the system works.
Challenges in defending against money mules

Lack of compliance personnel. CFIs can be opportune financial institutions for mules, who may try to avoid larger banks with more robust anti-fraud defenses. Case in point, the Financial Crimes Enforcement Network levied an $8MM civil penalty against a CFI in TX for “willful violations of the Bank Secrecy Act.” At the heart of the complaint was the institution’s understaffed BSA analysis team. According to the complaint, the CFI had three BSA analysts who had to deal with 100 BSA alerts a day. They simply couldn’t keep up. This is a serious problem for many CFIs right now — finding compliance employees. For compliance officers in the US, the annual average unemployment rate fell to 2.4% in 2021 from 3.5% in 2020, according to the U.S. Bureau of Labor Statistics’ current population survey.
Cryptocurrency’s rising role. One of the latest twists in money laundering is the use of cryptocurrency in the pipeline. A criminal enterprise may obtain cryptocurrency, deposit it into a more obscure crypto exchange, and then employ a mule to open an account into which money can be transferred from the exchange. Sometimes the account will function for just a few hours — time enough to make the transfer from the crypto exchange into the account and then immediately be withdrawn as cash.
How CFIs can stay protected
  1. Ensure you have the right resources for BSA/AML compliance. Artificial intelligence could help process the first steps allowing more experienced employees to cover the complex cases. If you find you need more employees and can’t find them, you could try a temporary agency which has a broader selection of part-time employees, in a pinch.
  2. Be extra cautious with deposits from crypto. When a transfer of funds indicates the sending institution is a cryptocurrency provider or exchange, take a little extra time to review the details. More criminals are using this channel first before depositing into a CFI account. 
  3. Stay informed on any new scams to recruit unsuspecting money mules. With technology, it gets easier to fool people for nefarious purposes. Keep up-to-date on the latest tricks so that your staff can ask the right questions when red flags arise. The FBI’s website is a good one to bookmark for updates and their Advisory on Money Mule Schemes is worth a re-read.
Subscribe to the BID Daily Newsletter to have it delivered by email daily.

Related Articles:

Serious Hack-Attack-You Have 36 Hours to Report It
CFIs and other banks now have 36 hours to report serious hacks, including those that may disrupt operations, cause material losses or even threaten the stability of the entire financial system. Is 36 hours enough time for CFIs?
The Big Picture on Synthetic Image Fraud
Synthetic images have become so sophisticated that people and facial recognition systems are no longer able to tell the difference between AI-generated faces and real ones.