“I encourage each … of you to be bold, try new methods and techniques, and be willing to fail now so you can succeed later,” said Jennifer Shasky Calvery, Global Head of Financial Crime Threat Mitigation (FCTM) at the global bank, HSBC, during the opening session on Monday, June 19. The ACFE presented Calvery with The Cressey Award for a lifetime of achievement in the detection and deterrence of fraud.
“I think we are at critical point in our ability to detect, deter and combat financial crime, and we must attack the challenge with decisiveness and resolve,” she said. “If we all approach our goals this way, who knows what we can achieve together?”
Calvery, who headed the U.S. Financial Crimes Enforcement Network (FinCEN) after a long career with the U.S. Department of Justice, began FCTM — a new HSBC function responsible for identifying, analyzing and investigating financial crime.
“Many of you work at or closely with financial institutions,” Calvery said. “We all recognize that criminals of all colors — whether terrorists, corrupt officials, proliferators or fraudsters — need to secretly move money to profit from or facilitate these activities. No one has better line of sight into the movement of these illicit funds than financial institutions.”
Calvery talked about HSBC’s efforts in combating the burgeoning “business email compromise” (BEC) scheme in which fraudsters posing as executives try to infiltrate organizations to trick employees and others into wiring money or disclosing sensitive information.
“Because BEC fraudsters trick bank customers into making what they believe at the time is a genuine payment, banks can’t rely on their traditional approaches to combat BEC,” Calvery said. “These criminals are challenging us to develop unique approaches to successfully prevent or disrupt this kind of fraud.”
Calvery recommended several steps for bank clients and fraud examiners to help combat BEC:
- Be on guard for payment requests that are unexpected or irregular, whatever the amount involved.
- Take the time to verify any change of details for existing suppliers to avoid redirection of funds to a BEC mule account.
- Check unusual payment requests directly, ideally in person or over the phone — no matter who the request is from — to confirm the instruction is genuine.
- Restrict what is publicly available — attackers use social media and publicly available information to impersonate executives, support functions, government departments and software companies.
- Reach out to their bank immediately if they suspect they are a BEC victim. Time is critical and fraudsters rapidly move these funds out of the U.S. into mule accounts, which are often located in jurisdictions that don’t typically cooperate with the U.S. government.
Curiosity, courage, cooperation
Calvery said HSBC’s senior leadership recently listed qualities that their employees needed to detect money launderers and other criminals from attacking their bank. “Problem solving. Tenacity. Curiosity. Courage. These were just a couple of values we identified, but these particular qualities are at the core of taking risks as we think about new ways to combat financial crime.”
Calvery said many global private and public sectors have a clear appetite to cooperate as they build partnerships. “Over the last 18 months, over 20 governments around the world have committed to develop public-private information sharing partnerships that bring together law enforcement agencies, regulators and the financial sector to detect and disrupt financial crime.
“Winston Churchill said it best … ‘To improve is to change; to be perfect is to change often.’ Let’s change often, and collaborate with one another, in our approach to combating financial crime.”