Financial Crime World

Title: FinCEN Warns of Increased Real Estate Sector Vulnerability to Business Email Compromise Scams

FinCEN’s Report on RE-BEC Scams and Money Laundering Typologies (March 2023)

The Financial Crimes Enforcement Network (FinCEN) released a new report on March 30, 2023, focusing on business email compromise scams (BEC) targeting the real estate sector (RE-BEC). Based on data from the Bank Secrecy Act (BSA), the report provides insights into typical money laundering practices used in RE-BEC attacks and offers guidance for financial institutions involved in real estate transactions:

  1. Key Findings and Statistics

    • BEC scams posed a significant cybercrime threat in 2022. per the FBI’s Internet Crime Report: total losses exceeded $2.7 billion, and the real estate sector was identified as the second most targeted sector (behind the healthcare industry).
    • Abnormal Security reported an 81% increase in recorded BEC attacks throughout 2022.

  2. Common RE-BEC Money Laundering Typologies

    • Money Mules
    • Romance Scams and Elder Abuse
    • Multiple Fraud Types
    • Alternative Payment Methods

  3. Impersonated Parties in RE-BEC Scams Title and closing entities represent around 40% of recorded attacks. Despite industry standards for remote communication and online transactions, scams targeting title agents, realtors, and investors remain prevalent.

  4. Title Fraud: A Rising Concern in Real Estate Title fraud, where a homeowner is impersonated and their property is sold without consent, is another emerging issue. At least 30 homes have been fraudulently sold in the Greater Toronto Area since late 2021.

  5. Prevention and Mitigation Measures Compliance staff should take the following steps to prevent and reduce RE-BEC risks:

    • Evaluate business processes and systems’ vulnerability.
    • Implement multi-layered transaction verification procedures.
    • Offer staff training and awareness programs for spear phishing attempts.
    • Report unauthorized and fraudulently induced wire transfers to law enforcement within 72 hours.
    • File Suspicious Activity Reports (SAR) with transactional details and cyber-related information.
    • Communicate and share information with other financial institutions.

Reporting and Contacts

To report RE-BEC scams, victims are advised to contact the FBI’s IC3 or the nearest United States Secret Service (USSS) field office. If there is any indication that the cyberactor may be sanctioned or maintain a sanctions nexus, contact OFAC.