On October 13, 2020, FinCEN released its fourth in a series of advisories related to the COVID-19 pandemic on Unemployment Insurance Fraud During the Coronavirus Disease 2019 (COVID-19) Pandemic (Advisory). As provided in our Collection of FinCEN Guidance in Response to the COVID-19 Pandemic (Collection), FinCEN expects to release multiple advisories highlighting common typologies used in fraud, theft, and money laundering activities related to the pandemic. A summary of the Advisory is provided below and will be added to the Collection for ease of reference. Please contact the authors if you have questions.
October 13, 2020 – Advisory on Unemployment Insurance Fraud During the Coronavirus Disease 2019 (COVID-19) Pandemic
The Advisory highlights the ways in which FinCEN is seeing the COVID-19 pandemic being exploited through unemployment insurance fraud. The Advisory highlights five (5) representative types of unemployment insurance fraud FinCEN is seeing through its analysis of COVID-19-related information from Bank Secrecy Act (BSA) data, open source reporting, and law enforcement. It includes a list of 10 associated financial red flag indicators. The Advisory also provides SAR filing instructions related to the reporting of COVID-19-related unemployment insurance fraud.
Unemployment Insurance Fraud Typologies:
- Fictitious employer-employee fraud – "Employee" falsely claims employment with a legitimate company or creates a fictitious company and submits fictitious records to apply for unemployment insurance benefits.
- Employer-employee collusion fraud – Employee receives unemployment insurance payments while continuing to be paid reduced, underreported wages.
- Misrepresentation of income fraud – Employee returns to work and does not report income to continue receiving unemployment insurance or claims a higher wage than earned to receive higher unemployment insurance payments.
- Insider fraud – Use of credentials of state employees to inappropriately access or change unemployment insurance claims.
- Identity-related fraud – Use of stolen or fake identity on unemployment insurance applications to perpetrate an account takeover.
Unemployment Insurance Fraud SARS
- Insert "COVID-10 UNEMPLOYMENT INSURANCE FRAUD FIN-2020-A007" in SAR field 2 and the narrative.
- Select SAR field 34(z) (Fraud – other) as the suspicious activity type and include "unemployment fraud" in the field.
- Include the following in addition to standard transaction data:
- Relevant email addresses
- IP addresses with their respective time stamps
- Login information with location and time stamps
- Cyber-related information and technical indicators
- Virtual currency wallet addresses
- Mobile device information (e.g., device IMEI)
- Phone numbers
- Description and timing of suspicious electronic communications
- Follow FinCEN's May 18, 2020 Notice Related to the Coronavirus Disease 2019 (COVID-10) specific to COVID-19-related SARs more generally.