The FCA has said firms need to maintain efforts to identify and remedy weaknesses in their anti-fraud detection systems, or face regulatory consequences.
This latest review from the FCA follows the outlining of the national Fraud Strategy and Economic Crime Plan 2 (2023-2026), a successor to the first plan, which develops on the collaboration of government, law enforcement, supervisory agencies, and the private sector. The new Plan also draws on the 2022 Economic Crime Act, designed to facilitate the tracking of illicit funds.
A money mule essentially allows criminals to use their bank account to transfer funds. In the UK, fraud currently accounts for 40% of all crime, according to the FCA, while ONS figures showed 3.7m incidents in 2022. According to research from Lloyds Bank, most money mules are under 24 and many are unaware of the consequences of their actions, which could be as much as a 14-year prison sentence.
“Many of the money mules we’ve caught had no idea they were engaging in criminal activity.”
Liz Ziegler, Consumer Fraud & Financial Crime Director, Lloyds Bank
There has reportedly recently been a sharp increase in 31-39 year olds (+26%) and over-40s (+29%) acting as mules. “Many of the money mules we’ve caught had no idea they were engaging in criminal activity,” Liz Ziegler, Consumer Fraud & Financial Crime Director, Lloyds Bank, said. “The promise of quick and easy cash was enough to tempt them into moving money through their bank account in exchange for a fee or a cut of the funds.”
While most firms use the National Fraud Database as part of their onboarding checks, they don’t always promptly make a report when they identify a suspected mule account. Strengthening controls during onboarding, improving transaction monitoring to detect suspicious activity involving money mules, and optimizing reporting mechanisms for swift action could all mitigate this problem.
Key areas to improve
The FCA advised that firms focus on improvements in the following areas.
- Governance, management information (MI) and risk assessment. Firms which reported more mule accounts than their peers had a lack of senior management oversight and MI reporting.
- Onboarding. There can be few checks and an over-reliance on monitoring customers’ behavior; lack of device monitoring; not checking if cards are activated; and onboarding of multiple customers at the same address.
- Transaction monitoring. Firms are overly focused on outbound transactions and inadequate inbound monitoring.; heavily reliant on ML; and analysts are uncertain about criteria that trigger alerts.
- Reporting. Issues are often not raised in an efficient manner or at all.
- Resourcing. Some firms would benefit from having a dedicated resource allocated to investigating money mules.
- Use of intelligence, industry engagement and data sharing. There is a lack of sharing of information between firms.
- Communication and awareness. Customer education and awareness is not a priority for firms, and the cost-of-living crisis could lead customers to provide their banking details unwittingly.
- Training. There are concerns around the effectiveness of fraud alert investigations.
The review concluded by saying firms need to have a proactive approach to identifying and swiftly remedying any weaknesses identified in their anti-fraud systems and controls. The FCA also threatens regulatory action against firms failing to maintain proportionate and adequate controls, thereby allowing its services and customers to be exploited by fraudsters.
Firms must consistently adapt their detection and monitoring methodologies, the FCA says, prioritising the identification of money mule activities alongside educating consumers about the inherent risks involved.