The Financial Crimes Enforcement Network (FinCEN) has honed in on identity theft in its recent Financial Trend Analysis. Released in January, the report relates to threats and trends in 2021.
FinCEN found that an overwhelming number of crimes reported related to identity-related suspicious activity, amounting to around 1.6 million, or 42% of around 3.8 million total Bank Secrecy Act (BSA) reports. In monetary terms this was equivalent to $212 billion in suspicious activity.
Typology | Number of BSA reports | Total suspicious amounts |
---|---|---|
General fraud | 1.2 million | $149 billion |
False records | ~423,000 | $45 billion |
Identity theft | ~222,000 | $36 billion |
Third-party money laundering | ~154,000 | $18 billion |
Circumventing standards | ~110,000 | $12 billion |
Total | 2.1 million | $260 billion |
The key findings were:
- Most attackers have impersonated others to defraud victims: 69% of identity related reports indicate that attackers impersonated others as part of efforts to defraud victims; 18% of identity-related reports describe attackers using compromised credentials to gain unauthorized access to legitimate customers’ accounts; 13% of identity-related BSA reports (approximately 323,000 filings) report attackers exploiting insufficient verification processes to advance their schemes.
- Depository institutions have filed the greatest number of identity-related BSA reports: 54% of reports were filed by depository institutions, reporting $201 billion in suspicious activity. Money services businesses (MSBs) are the next largest category of filer, filing 21% of identity-related BSA reports.
- Fraud was the most reported typology: Of 14 commonly reported typologies, the most reported were general fraud (approximately 1.2 million), false records (approximately 423,000), identity theft (approximately 222,000), third-party money laundering (approximately 154,000), and circumventing standards (approximately 110,000);
- The impact of identity-related exploitations by BSA report volumes and cited US dollar values are significant and vary by type: Attackers most frequently use impersonation tactics, followed by compromise during authentication, and finally, circumventing verification to evade detection. In contrast, compromise has a disproportionally large monetary impact compared to impersonation and circumvention.
In accordance with the AML Act of 2020, FinCEN has engaged with the private and public sectors to assess opportunities to explore the risks and challenges emerging technologies present to financial institutions for preventing and detecting identity compromise.
This includes employing emerging technologies such as digital identity, AI, and Privacy-Enhancing Technologies (PET) to help mitigate customer identity process exploitations and combat a wide variety of illicit finance typologies.
Note: The Financial Trend Analysis focuses on pattern and trend information identified in Bank Secrecy Act (BSA) data linked to identity-related suspicious activity reported in 2021.