How the Pandemic Fueled a Surge in Wire Fraud

According to the FBI’s most recent data and statistics, cases involving internet-enabled theft, compromised business emails, and other forms of wire transfer fraud have dramatically increased in recent years—especially since the onset of the pandemic.

The adjusted financial losses of these cases amount to approximately $1.8 billion, an astonishing figure, given that authorities estimate that some 12-15 percent of wire fraud cases go unreported.

Wire transfer fraud involves any plan to defraud someone through electronic communications for financial gain. Considered a federal crime, it may include multiple airwave or cable communication, utilizing phone lines, text messaging, email, and even social media platforms.

According to the U.S. Department of Justice, wire fraud statute (18 U.S.C. 1343) states that the actions become criminal if the attempt includes the intentional deception of another to achieve monetary or personal gain.

Because wire fraud employs the use of telecommunication to affect interstate commerce, it’s typically investigated and monitored by the FBI, but also extends to the Federal Trade Commission. The FBI’s white-collar crime division monitors wire fraud, relying on intelligence gathering, data analysis and partnerships with other law enforcement agencies such as the SEC, IRS, and the U.S. Postal Inspection Service.

These authorities are trained to look for financial irregularities by analyzing reams of data, focusing on unusual online banking activity. Individuals convicted of wire fraud can be fined up to $250,000 (double that amount for organizations), in addition to facing a sentence of up to 20 years in prison.

Strategies for Banks to Fight Wire Fraud

Continuous training for employees is the key to mitigating wire fraud cases. These efforts should include up-to-date cybersecurity training so that employees are not only aware of the most recent fraud techniques, but also well-versed with the bank’s wire transfer procedures and controls.

Banks should also be vigilant, familiar with their customer’s business needs and habits, and establish applicable user and daily limits as another mechanism to mitigate wire fraud losses. The bank’s customers are in the best position to know what they need and who they should trust with passwords and wire authorizations, and limits can play an important role in avoiding potential financial losses.

Banks should also routinely encourage and/or require their customers to update their own access points and e-mail systems with appropriate firewalls, antivirus and malware software, as well as to keep security patches current.

With the increase in compromised email cases, banks should be skeptical of accepting wire transfer instructions via email without first verifying instructions via phone to a trusted phone number. Never reply to the same email and be wary of any new phone numbers provided in the emailed wire instructions.

Employees should be particularly cautious of any last-minute modifications to wire instructions, urgent requests, or any customer’s alleged unavailability. Employees can and should be trained to review email addresses carefully, scanning them for the slightest variations, such as a hyphen or underscore. Wire transfer agreements with customers should always be evaluated and re-evaluated periodically.

These should not be considered static documents and need to be updated as technology and security controls evolve. It’s important to lay out the obligations of both the bank and customers’ respective obligations.

There are multiple security and control procedures that can and should be offered – such as call-back procedures to trusted numbers, or dual controls. If a customer declines to sign up for such controls, and banks allow them to opt-out, then the bank should rightfully require the customer to assume responsibility for any fraud that occurs as a result of their negligence to adapt to such controls.

PPP Loans Account for Biggest Surge in Fraud Cases

The massive disruption of business brought about by the global pandemic almost two years ago opened a veritable Pandora’s Box of wire fraud. The most common form can be traced back to the passage of the CARES Act, a legislative response to the pandemic.

One of the most widely utilized banking and financial provisions included in the massive relief bill was the Paycheck Protection Program or, as it commonly referred to, the PPP program—in which business owners were encouraged to work with their lenders to secure forgivable loans from the government.

One academic report now states that more than 15 percent of all loans may have been fraudulently obtained. Of the $800 billion in disbursements, this amounts to $76 billion.

The report also found the majority of questionable funds could be traced back to fintech lenders focused on digital lending, which became a fertile hunting ground for unscrupulous loan applicants.

The pandemic appears to have ushered in an opportunistic environment where internet-related cybercrime and wire fraud thrive.

Sarah Santos

Bad actors and unscrupulous loan applicants have taken to the airwaves of electronic communications and exploited them for personal and financial gain. But much like the recent trial and conviction of Elizabeth Holmes in the Theranos trial, not all of them were successful.

The government reported 1,084 new wire fraud prosecutions in the first 11 months of 2021—a number that’s sure to increase in 2022.

Sarah Santos is the co-founder and managing partner at the law firm of Davis & Santos. Sarah’s legal specialty is banking and commercial litigation, representing lending institutions and credit unions on policies and procedures related to risk management.