Going beyond technical indicators, institutions could share information
■ ■ ■ Synthetic identity fraud;
■ ■ ■ Mule accounts;
■ ■ ■ Email addresses;
■ ■ ■ hone numbers, and
■ ■ ■ Physical addresses.
In due course, including more technical data in SAR reporting assists law
enforcement in compiling the whole picture, and it also serves as a way for
individual institutions to identify technical indicators and networks of repeat
offenders which may not be in the scope of fraud operations. Currently,
college students and romance-fraud victims represent a good portion of the
steady pipeline of mule accounts which are subsequently used to launder
proceeds of cyber-crime around the world.
Doing the Right Thing
This topic is highly relevant to all stakeholders affected by threat actors oper-
ating in the virtual environment; financial institutions, information sharing
entities, regulators, law enforcement, and the intelligence community. Like
many mission-oriented fields where leadership outcomes have a societal
impact, leadership in information sharing within the financial crimes and
compliance community is of critical importance. Dr. Charles VanDeeper
notes in his writings on intelligence and decision-making processes, that
our society is in an age of “an abundance of information” and “daily access
to advanced information technologies.”
The challenge is clearly not a lack of technology or expertise. Instead, it
is in the synthesizing and sharing of information to render it valuable and
actionable. In such instances, fraud investigations teams work hard to recover
stolen funds to return them to rightful owners. Fraud investigators often
labor under tight time constraints, with conflicting data presented to them.
Where these funds are not able to be recovered, complex money laundering
schemes have been identified which muddy the trail to the final beneficiary
of cyber crimes. AML investigators, on the other hand, often look at this data
through a different lens; they are excellent at uncovering hidden patterns and
networks. Through yet another lens, information security teams can look at
technical data and tell what the logs mean that are connected to an account or
network activity—highlighting the absolute importance of fraud, AML, and
information security teams working together. Each unit has essential skills
and datasets needed to combat these threats, which ultimately might need to
be shared with other financial institutions connected to a particular scheme.
What are the high-level basics needed to get started in sharing cyber-enabled financial crimes information?
4. Register with FinCEN Secure Information Sharing System (SISS) and
comply fully with all requirements and operational practices.
5. Designate a 314(b) point of contact in your institution.
6. Break down operational silos in your institution and open up 314(b) to
fraud, AML, and information security team members.
7. Ensure the entity you wish to share information with is a 314(b) participant.
Finding Common Ground
Finding common ground in the areas of information security, fraud, and
AML use cases and datasets that make it possible to connect the dots
in criminal activity. As technology and artificial intelligence grow ever
more sophisticated, it will be teams and organizations who work together
(and make sense of the noise), that emerge successful in fighting financial
crimes. When companies share data relating to threat actors and the ac-
counts they cultivate (for fraud, money laundering, or terrorism), the best
opportunities for identifying and reporting threat actors emerge. Evolving
to address cyber threats safely and efficiently should yield actionable intel-
ligence shared in a rapid, scalable, and secure manner which can reduce
risk and losses for financial institutions, and assist law enforcement in a
more meaningful way. ■
ABOUT THE AUTHOR
KELLEY CHAMBERLAIN, CAFP, leads a team within Wells Fargo’s Global
Financial Crimes Intelligence Group focusing on cyber-enabled financial
crimes. The primary mission of the team is to provide strategic and tactical intelligence reporting and collaborative partnerships to combat financial
crimes. Prior to joining Wells Fargo, Ms. Chamberlain was an Associate at Booz
Allen Hamilton supporting cyber threat intelligence, financial intelligence, and
open source intelligence endeavors. Ms. Chamberlain is a veteran of the United
States Marine Corps. Additionally, she has held FINRA Series 7 and Series 66,
and COMPTIA Security+ certification, and is currently pursuing a Master of
Science in Applied Intelligence.
All views expressed by Ms. Chamberlain in this publication are her personal views and
do not necessarily reflect the views of Wells Fargo Bank, N.A., its parent company,
affiliates and subsidiaries.
1 Gray, D. (2015). “Leveraging Threat Intelligence to Support Resilience, Risk, and Project
Management.” Carnegie Mellon University Software Engineering Institute. Retrieved from:
2 Uniting and Strengthening America by Providing Appropriate Tools Required
to Intercept and Obstruct Terrorism (USA PATRIOT AC T) Act of 2001. (2001).
[ Washington, D.C.: U.S. G.P.O.: Supt. of Docs., U.S. G.P.O., distributor, 2001].
3 Sales, N. A. (2010). “Share and Share Alike: Intelligence Agencies and Information
Sharing.” The George Washington Law Review 78, 279.
4 Feldman, N. (2002) “Choices of Law, Choices of War”, 25 Harvard Journal of Law
& Public Policy 457, 482; Hayden, M. (2005). “Balancing Security and Liberty: The
Challenge of Sharing Foreign Signals Intelligence” 19 Notre Dame Journal of Law
Ethics & Public Policy 247, 257-60; Kris, D. (2006). “The Rise and Fall of the FISA
Wall,” 17 Stanford Law & Policy Review. 487, 518, 521-22; Lerner, C. (2003). “The USA
PATRIOT Act: Promoting the Cooperation of Foreign Intelligence Gathering and Law
Enforcement,” 11 George Mason Law Review 493, 524-26; Seamon, R. & Gardner,
W. (2005). “The PATRIOT Act and the Wall Between Foreign Intelligence and Law
Enforcement, “ 28 Harvard Journal of Law & Public Policy 319, 458-63; Swire, P. (2006)
“Privacy and Information Sharing in the War on Terrorism,” 51 Villanova Law Review.
5 Sales, N. A. (2010). “Share and Share Alike: Intelligence Agencies and Information
Sharing.” The George Washington Law Review 78, 279.
6 Sales, N. A. (2010). “Mending Walls: Information Sharing After the USA PATRIOT Act.”
Texas Law Review, 88( 7), 1795-1854.
7 Korte, J. (2017). “Mitigating cyber risks through information sharing. Journal of Payments
Strategy & Systems,” 11( 3), 203-214.
8 Author’s personal interviews with Dr. Shane Shook during 2017 to 2018.
9 Crosman, P. (2015). “Spike in Fake ID Schemes Confounds Banks’ Fraud Filters.”
American Banker, 180( 19), 1.
10 Evans, L. L. (2017). “Identity Theft Services Offer Some Benefits but Are Limited in
Preventing Fraud.” GAO Reports, 1-65.
11 ID Analytics, L. (2017). “ID Analytics Finds Problem of Synthetic Identities is on the
Rise.” Business Wire.