The financial sector has an identity problem, according to officials at the Treasury Department bureau tasked with combing through financial intelligence to combat money laundering and other illicit activities in the financial sector.
“Gaps and breakdowns” in identity processes are “[enabling] illicit finance to occur through financial institutions,” said Kay Turner, chief digital identity advisor at the Financial Crimes Enforcement Network — or FinCEN — at AFCEA’s FedID event last week before previewing initial numbers from ongoing work at FinCEN to catalog the problem as part of its identity project.
Financial institutions are required to submit suspicious activity reports, or SARs, about certain “suspicious” activities, like money laundering or fraud, so that the government can take action as needed.
Of the 3.8 million reports in 2021, 1.6 million — or 42% — were related to identity. That’s equivalent to $212 billion, said Turner.
Cybercrimes and cyber-enabled crimes are outplacing overall filings under the Bank Secrecy Act, which includes SARS, according to Dara Dane, intelligence division acting associate director at FinCEN.
Fraud, false records, identity theft and third-party money laundering were among the most frequently reported identity-related suspicious activities done by evading weak verification processes, compromising credentials and impersonating others, she said. The problem is fueling cyber-enabled crime.
“To get financial services right, we need to get identity right,” said Turner. She called “emerging” government services like mobile driver’s licenses “tremendously encouraging.”
“We’re exploring ways to leverage these authoritative source documents and services, which benefit from a permanence of identity and a tamper-resistant cryptographic signature, to combat fraud and support institutions’ ability to operate with effective integrity,” Turner said.
Still, “the rise in remotely delivered financial services has presented challenges to digitizing a patchwork system of largely paper-based federal, state and local government identifiers and credentials used in the customer identification processes,” she said.
“As the public sector and the government improve their identity processes, it definitely will help the financial services system,” Mary Ann Miller, fraud and cybercrime advisory and VP of client experience at Prove Identity, told Nextgov/FCW.
“It is hand in hand — if we don’t get identity right on the public sector side, we will never get identity right on the banking side,” she said.
Jeremy Grant, who leads identity policy-focused trade group the Better Identity Coalition, said during the same event that the government needs to take a more all-encompassing approach to digital identity, particularly by digitizing government-issued identity documents like drivers licenses, as opposed to focusing on how to solve identity-related fraud in government alone.
“I think hearing what [Turner] just shared … proves that this is something that goes beyond just government services issues,” he said.
Although there are “pockets of excellence” in government, “the lack of this overarching strategy to guide agencies and drive collaboration and make common investments — this is kind of a problem,” said Grant. “There’s no common vision right now in the U.S. for what good looks like in digital identity or how we get everyone there.”
At FinCEN, Turner said the agency is planning to use its findings to inform policy and mitigate problems. It plans to do more analysis, too.
This isn’t the only work that the bureau is doing on identity. Already, it hosted a tech sprint with the FDIC meant to find solutions to measuring how effective digital identity solutions actually are.