B2B Payments

BEC Targets BSA Officials At Credit Unions

Even Bank Secrecy Act officials are in the crosshairs of scammers, according to news of recent email “phishing” campaigns. Separately, the saga over the alleged accounting scandals at Wirecard continues, with raids at company offices in Singapore. Elsewhere, taxpayer dollars go missing in Ukraine amid allegations via government reports of “gross mismanagement.”

Fraudsters and hackers are nothing if not ambitious and audacious. To that end, phishing attacks, more commonly known as business email compromises (BECs), have been aimed at Bank Secrecy Act (BSA) officials at credit unions.

Krebs on Security noted that the emails sent to officials at the United States credit unions looked like they were being sent by other BSA officials. The emails asked those targeted officials to review a PDF that, in turn, linked them to malicious sites.

As reported, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) has known about the BEC, and has cautioned against opening such phishing emails.

As noted in this space late last year, five federal agencies spoke out, and presented a statement that detailed how credit unions and banks could share resources to make Bank Secrecy Act compliance efforts more streamlined. Those agencies include the aforementioned FinCEN, the Federal Reserve, the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA) and the Office of the Comptroller of the Currency (OCC).

“Collaborative arrangements, as described [by the agencies],” they said in October, “generally are most suitable for banks with a community focus, less complex operations and lower-risk profiles for money laundering or terrorist financing. The risk profile is bank-specific, and should be based on a risk assessment that properly considers all risk areas, including products, services, customers, entities and geographic locations.”

Separately, an investigation in its early stages has alleged that three executives and several others within British Telecom’s Italian operations — as reported by Reuters — were aware of fraud.

Italian prosecutors made the allegations in a document this past week, alleging that the trio exaggerated revenues and presented fake supplier transactions that were designed to meet bonus targets. The newswire stated that, under Italian law, the preliminary probe is the “final step” to be set in place before charges may be filed against the alleged network. Those named in the initial document include the former chief executive and chief financial officers of BT, along with 23 others.

The unit ultimately wrote off $685 million. The document also said that the Italian partner of PwC, which served as auditor to the BT unit, is under investigation as well for allegedly falsifying the audit.

In reference to the ongoing Wirecard saga over allegations of fraud, Reuters reported this week that, in Singapore, police have raided the German firm’s operations there. This came against the background of reports in the Financial Times (FT) that such activities had included forgery and fake accounting — and that “round tripping” had inflated revenues.

The company has since said it would sue the FT. Wirecard CEO Markus Braun said there has been no evidence uncovered that points to misconduct from Wirecard’s compliance team, or separately by the firm Rajah & Tann.

Beyond individual company news, Newsweek reported that, per the U.S. Department of State out of Ukraine, officials at U.S. Army Europe have been accused of trying to conceal the “gross mismanagement” of $1.4 million in taxpayer dollars. The publication said that documents detailing the allegations of the U.S. Embassy indicated that the funds were spent without proper documentation and authorization.

“By Embassy standards, the scope of the violation is quite large,” Newsweek said.



Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.