As Tax Season Approaches, Credit Unions Should Remain on Alert for Tax Refund Fraud
Watch for several red flags, including multiple direct deposit tax refund payments.
As people begin to file their 2018 taxes, fraud is a concern and credit unions should watch for several warning signs. The Financial Crimes Enforcement Network (FinCEN) issued Advisory Fin-2013-A001 to remind credit unions of information concerning tax refund fraud and the reporting of such activity by filing Suspicious Activity Reports (SARs).
Credit unions are critical in identifying tax refund fraud, and to assist credit unions in identifying potential tax fraud, FinCEN has identified the following red flags:
- Multiple direct deposit tax refund payments, directed to different individuals, from the United States Department of the Treasury (Treasury) or state or local revenue offices are made to a demand deposit or prepaid access account held in the name of a single accountholder.
- Suspicious or authorized account opening at a depository institution, on behalf of individuals who are not present, with the absent individuals being accorded signatory authority over the account. The subsequent deposits are comprised solely of tax refund payments. This activity often occurs with fraudulent returns for the elderly, minors, prisoners, the disabled, or recently deceased.
- A single individual opening multiple prepaid card accounts in different names, using valid TINs for each of the supplied names and having the cards mailed to the same address. Shortly after card activation, Automated Clearing House (ACH) credit(s) from Treasury, state, or local revenue offices, representing tax refunds, occur. This is followed quickly by ATM cash withdrawals and/or point-of-sale purchases.
- Business account holders processing third-party tax refund checks in a manner inconsistent with their stated business model or at a volume inconsistent with expected activity. Similarly, individuals processing third-party tax refund checks through a personal account with no business or apparent lawful purpose.
- Business account holders processing third-party tax refund checks and conducting transactions inconsistent with normal business practices, which may include:
- A large volume of Treasury refund checks or bank checks being deposited, in contrast to other checks, such as payroll checks;
- A large volume of refund checks bearing addresses of customers who reside in another state;
- Multiple refund checks for the same or almost the same dollar amount;
- Treasury refund checks or bank checks representing electronic refunds with sequential or close to sequential numbers;
- The dollar amount of checks being deposited is not commensurate with the amount of currency being withdrawn to cover the cashing of these refund checks.
- Multiple prepaid cards that are associated with 1) the same physical address [individuals involved in criminal activity may also contact the customer service department requesting to change their address for their permanent prepaid card shortly after opening their temporary prepaid card account on-line]; 2) the same telephone number; 3) the same e-mail address; or 4) the same Internet Protocol (IP) address, which receive tax refunds as the primary or sole source of funds.
- The opening of a business account for a check cashing business at a financial institution, which subsequently processed a high volume of tax refund checks issued to individuals from other states.
- A sudden increase in volume involving the cashing of tax refund checks issued to individuals from across the United States, moving through the account of an existing check cashing service.
- Individuals using bank accounts where the majority of the transactions are ACH federal tax refunds or refund anticipation loans.
- Individuals attempting to negotiate double endorsed Treasury tax refund checks with questionable identification.
- Individuals accompanying multiple parties to the bank to negotiate Treasury tax refund checks. Such items may or may not be double endorsed checks.
- The freezing or closure of a personal or business account due to suspicious activity involving either Treasury tax refund checks or ACH Treasury deposits.
- The signature/endorsement on the back of the check(s) does not match the identification of the individual conducting the transaction.
- The same signature/endorsement is used on multiple checks, with multiple names.
Employees of financial institutions may also facilitate tax refund fraud by conducting transactions inconsistent with normal activity through the following practices:
- Tellers who regularly process large quantities of Treasury tax refund checks. This may include one or more tellers during a specific time frame.
- Credit union employees who open multiple bank accounts that received a large quantity of Treasury tax refund checks.
- Credit union employees who did not follow proper identification procedures or accepted apparent fraudulent identification when opening an account.
Credit unions that know or have reason to suspect that potential tax refund fraud is occurring are required to file a SAR. When completing SARs on suspected tax refund fraud, credit unions should use the term “tax refund fraud” in the narrative section of the SAR.
Due to the time sensitive nature of these transactions, a credit union may also wish to contact their local IRS Criminal Investigation Field Office to alert them that a SAR has been filed related to tax refund fraud. In order to obtain contact information for your local IRS Criminal Investigation Field Office, credit unions can call the FinCEN Regulatory Helpline.
Additional questions or comments regarding the contents of this advisory should be addressed to the FinCEN Regulatory Helpline at 800-949-2732. Credit unions wanting to report suspicious transactions that may relate to terrorist activity should call the Financial Institutions Toll-Free Hotline at (866) 556-3974 (seven days a week, 24 hours a day). The purpose of the hotline is to expedite the delivery of this information to law enforcement. Credit unions should immediately report any imminent threat to local-area law enforcement officials.
Questions? Contact the Compliance Hotline: 1.800.546.4465, email@example.com.