Criminal groups have been quick to adapt to Covid-19. Trade in counterfeit medical supplies has soared, while lockdown regimes are changing patterns in cybercrime, fraud and money laundering. John Basquill examines how the pandemic has altered criminal behaviour, and how banks can minimise their risk of exposure to illicit activity.


In early May, border force officers at the UK’s bustling Dover port intercepted a shipment described as “medical supplies”, apparently addressed to a London hospital.

However, concealed under medical dry ice, police found more than a quarter of a tonne of cocaine, carrying a street value of as much as £10mn.

The country’s National Crime Agency (NCA) says it is continuing to seize “significant quantities of drugs at the border”, as well as illegal weapons including semi-automatic firearms and an AK47 assault rifle.

Criminals appear to be working under the assumption that efforts to contain the pandemic have left authorities distracted, particularly at ports, and so think there is an opportunity to import larger quantities, the NCA suggests.

But regulators and law enforcement authorities around the world have been vigilant in warning that the virus is quickly changing the ways criminals seek to move illicit goods and funds across international borders.

Reports of counterfeit medical equipment sales, in some cases in large international shipments, have been prominent as unprecedented demand for medicines and protective equipment creates new avenues for fraud.

At the same time, criminals have sought to target staff working remotely through impersonation fraud, phishing and cyberattacks.

That creates both primary risks for banks – as they may unwittingly process payments or even provide financing on behalf of fraudulent traders – and secondary risks, as perpetrators attempt to launder the proceeds of crime through the financial system.

The Financial Action Task Force (FATF), an influential global organisation that sets standards for fighting economic crime, issued a detailed report in May stating that the pandemic “is creating new sources of proceeds for illicit actors”.

Drawing on evidence supplied by 48 jurisdictions around the world, the task force says: “Measures to contain Covid-19 are impacting on the criminal economy and changing criminal behaviour so that profit-driven criminals may move to other forms of illegal conduct.”

It identifies the increased misuse of digital financial services such as cryptocurrency, efforts to bypass remote customer due diligence measures, and attempts to misappropriate emergency financial aid being supplied at government level as threats to banks.

The FATF adds that criminal groups are likely to “move into new cash-intensive and high-liquidity lines of business in developing countries”.

Business at OECD – a membership group that advises the Organisation for Economic Co-operation and Development (OECD) on private sector matters – has warned that supply chain disruptions for certain goods has “resulted in unprecedented opportunities for criminals to increase their already significant illicit activities in areas such as the life science and healthcare sectors, fast-moving consumer goods, excisable products, frauds, and cybercrimes”.

Within the EU, the European Banking Authority (EBA) has singled out international trade as a risk area. Following the publication of a report on the subject in March, a spokesperson for the EBA told GTR that this is due to restrictive measures put in place by governments to manage the spread of Covid-19.

“This means that financial flows from many companies that are involved in international trade will be expected to reduce,” the regulator explained.

“Where against expectations they do not, the statement makes clear that institutions should examine the background and purpose of those unexpected – unusual – transactions to determine if they give rise to suspicion or if instead an economic reason or lawful explanation can be found.”


Fast cash: pharmaceutical fraud

Trade in counterfeit medical goods is not a new phenomenon. OECD research suggests that in 2016, the value of fake or pirated pharmaceuticals totalled US$4.4bn, with China and India the primary producers. The United Arab Emirates, Singapore and Hong Kong were identified as “transit economies”, while Africa, Europe and the US were the main targets.

However, Covid-19 appears to have significantly increased the intensity of medical supply fraud. Global police agency Interpol says the outbreak “has offered an opportunity for fast cash, as criminals take advantage of the high market demand for personal protection and hygiene products”.

Interpol’s Operation Pangea, an annual week-long police effort against pharmaceutical crime, found an increase of 18% in seizures of unauthorised antiviral medication in 2020. Seizures of unauthorised chloroquine – the antimalarial that has been publicly backed by US President Donald Trump as a potential cure for coronavirus – increased by more than 100%.

Other supplies seized included more than 34,000 counterfeit or substandard surgical masks, as well as fake medicines and so-called ‘corona spray’ – and Interpol secretary general Jürgen Stock says the operation “reveals only the tip of the iceberg”.

Similarly, the US Financial Crimes Enforcement Network (FinCEN) – a powerful money laundering and terrorist financing authority that sits within the Department of Justice – says it has received numerous reports of fraudulent transactions related to healthcare.

Other products flagged include disinfectant for homes and Covid-19 testing kits, with FinCEN adding: “Some of these scams may be perpetrated by illicit actors who recently formed unregistered or unlicensed medical supply companies.”

In the UK, the Financial Intelligence Unit – which sits within the NCA and collects reports of suspicious activity from banks – says it has seen multiple cases where banks suspect criminals are turning to fake protective equipment “to obscure their involvement in money laundering, due to the current high demand for supplies”.

In terms of value, the sums involved are likely vast. Even prior to the pandemic, OECD figures show counterfeit goods amounted to 3.3% of world trade in 2016, and nearly 7% of EU imports.

Kristen Alma, a policy analyst at FATF, said during a recent briefing that the watchdog is “seeing a rise in this particular procedure of generating financial crime because of the profitability of it”.

“Criminals are able to access millions of euros or dollars through the fraudulent procurement of personal protective equipment,” she said. “It’s quite a profitable crime and that’s why we’re seeing this shift in the criminal landscape towards these areas.”

For banks supporting international trade of medical supplies – particularly to areas in desperate need of humanitarian aid – it is not easy to distinguish between legitimate and fraudulent transactions.

Timothy O’Toole, a lawyer at Miller & Chevalier in Washington, DC and leader of the firm’s white collar defence practice, says financial institutions “have to balance multiple risks”.

“There is so much pressure to move humanitarian items quickly – particularly into sanctioned countries, because many of those are where the virus has been the worst,” he tells GTR. “That has resulted in pressure to relax due diligence in order to let these items in.”

One notable example is Iran, which is currently subject to US sanctions after the breakdown of the 2015 historic nuclear deal. Iran was one of the first countries outside China to experience a severe outbreak of Covid-19, and as of press time had experienced more than 8,000 deaths.

Even before the crisis, O’Toole says there were a number of US sanctions cases involving transactions that were disguised as humanitarian aid, but in reality were financing trade in oil or other restricted products.

“That risk is even higher now,” he says. “There’s only so much diligence that you can do, and I do think that, especially in a time of crisis, financial institutions don’t want to be seen as stopping humanitarian goods getting into countries.”

Another complication in detecting fraudulent cargo is that large numbers of companies around the world have paused existing production lines and started producing medical supplies instead.

In the UK alone, engineering firms and large-scale manufacturers such as Aston Martin, BAE Systems and Jaguar Land Rover have started producing protective equipment, ventilators and other crucial materials.

“Banks can always do a detailed red flag review, and if the company providing humanitarian goods is not one that would normally do so, they might have to dig a little deeper and see whether it has transitioned because of the crisis,” O’Toole suggests.

“That does make things more difficult, but banks can still then carry out a review of any transactions and find out whether the companies involved are ones they would expect, that the price matches the quantity of goods, and that the recipient is an organisation that should be receiving those goods.”


Technology and shifting fraud patterns

Coronavirus-related fraud has not been restricted to counterfeit goods trade. In the US, FinCEN says criminals have used the pandemic as a “lure” for fraud schemes, targeting both companies and vulnerable individuals.

The agency says groups were able to take advantage of lockdown measures by targeting people working remotely, “leverag[ing] altered business operations, decreased mobility, and increased anxiety to prey on those seeking critical healthcare information and supplies, including the elderly and infirm”.

In the UK, as of early June the police’s Action Fraud service had received more than 2,000 reports specifically linked to Covid-19. Karen Baxter, head of economic crime at the City of London Police, told a parliamentary committee hearing that those cases resulted in losses of nearly £5mn.

For banks, the concern is not simply staff being targeted. FinCEN warns that cybercriminals “predominantly launder their proceeds and purchase the tools to conduct their malicious activities via virtual currency”, such as bitcoin.

That could mean financial institutions that connect cryptocurrency exchanges to the formal banking system are at greater risk of handling the proceeds of fraud and other crime. Blockchain analytics firm CipherTrace estimates the amount generated by crypto-related crime totalled US$1.36bn in the first five months of this year.

Miller & Chevalier’s O’Toole agrees the use of crypto as a means of laundering illicit funds is a concern for banks. “It’s much harder to travel now so it’s harder to move cash,” he says. “The worry is that virtual currencies will become more prominent as a money laundering tool as everything digitises.”

Another technology-related threat identified by FinCEN is the increasing sophistication with which criminals are “working to undermine know your customer processes in the remote environment”.

The agency says firms should remain vigilant of criminals attempting to target onboarding and authentication processes, citing the use of so-called “deepfakes” – which use artificial intelligence to manipulate digital images – as a way of taking over legitimate accounts.

“Financial institutions should consider the risks of the current environment in their business processes, and the appropriate level of assurance needed for digital identity solutions to mitigate criminal exploitation of [their] products and platforms,” the authority adds.

“Even financial institutions that typically manage their lines of business remotely, such as some virtual currency exchangers, may find themselves more exposed given the changing threat environment.”

Miller & Chevalier’s O’Toole says that means banks’ responses must be multi-faceted. Primarily, he says, his law firm is advising its clients to ensure they are protected from hacking attempts.

“Because of the lockdown restrictions, cyberattacks are the easiest method to disrupt financial systems for those who are inclined to do so,” he says. “One of the things we’re recommending is that banks review their cyber procedures and don’t have any holes, particularly in terms of people working from home.”

To stop the proceeds of fraud and cyberattacks, however, the lawyer adds that “it’s probably a time for more due diligence rather than less” within the financial sector.

“Even though a lot of compliance systems are pretty stressed right now,it is still vitally important to do the sort of due diligence that you would do beforehand,” he says. “There are new infusions of capital into the system that banks need to check out.”

In the case of fraudulent trade, digitisation of documentation has long been touted as a way of easing checks and cutting out fraud, smuggling and money laundering through over or under-invoicing – though experts caution that is not a cure-all.

“For many, including customs authorities and shippers, paper has been a very comfortable means of doing things – and we still can’t have electronic bills of lading in many jurisdictions,” says Geoffrey Wynne, a partner at Sullivan and head of the law firm’s trade and export finance group.

“Also, though there has been an acceleration towards electronic and digitised documents. What always goes hand in hand with any improvements you make is that the devious are always there or thereabouts – or annoyingly, already ahead,” Wynne tells GTR.

Other technology is currently being considered by officials. An OECD task force on illicit trade, active for nearly a decade, includes the use of blockchain, artificial technology and predictive analytics to combat crime.

However, for Sullivan’s Wynne, there is a risk that if financial institutions are required to continue bolstering their financial crime controls with new rules and emerging technology – in effect policing the financial system themselves – the added costs could result in unwanted consequences for international trade.

“Monitoring and compliance is costly,” he says. “To make that more costly, or to make it more onerous, means we would be in danger of seeing the continuation of banks de-risking, not involving themselves in emerging market finance, in classic trade finance.”