Teamwork connects the dots to draw a picture of fraud

All fraud cases leave trails. It’s like a kid’s connect-the-dots puzzle. At first glance the puzzle looks like a bunch of randomly scattered spots. But you draw a line linking the specks in the proper sequence that reveals a clear outline of a picture. However, unlike the typical puzzle, in which the dots are usually located in one area, related dots in fraud cases are often scattered throughout multiple jurisdictions, financial institutions, bank accounts, transactions, witnesses, suspects and so on. It takes teamwork and collaboration to discover elaborate fraud schemes. Such was the situation in a case I investigated in 2013.

See something, say something

The offender, whom we’ll call Ms. Zee, was 47 years old and unemployed. She held deposit accounts at the bank where I worked as a regional fraud investigator. From February 2013 through February 2014, Ms. Zee participated in a rather lucrative fraud scheme that involved identity theft, theft of government property and money laundering.

Although she launched her scheme in February 2013, I didn’t detect her activity until May 2013 when I received a call from an astute staff member at one of our branches. She told me that Ms. Zee had just visited the branch to make larger-than-usual cash withdrawals from her savings and checking accounts. The sizes of the withdrawals weren’t normal for this customer, so the branch team member reviewed recent account activity and noticed two IRS tax refund credits that had recently posted to Ms. Zee’s savings and checking accounts.

Following up on clues and abnormalities leads to suspicions of identity theft

After I reviewed transaction details for each Automated Clearing House or direct deposit credit, I noticed that none of the intended tax refund recipients’ names or Social Security numbers matched Ms. Zee, who, according to bank records, was the sole owner or signatory on her accounts. I also determined that the collective total of the three suspicious direct deposits was a little more than $29,000.

Although my gut instinct told me that there was a dead cat on the line, it was plausible that Ms. Zee had legitimately received the tax refund credits to her account. Perhaps the intended recipients were her family members who didn’t have accounts of their own. Therefore, I wanted to conduct a brief interview with Ms. Zee.

I phoned her and left a voicemail requesting that she return my call. About half an hour later, she called me back. I told her I was concerned about her account activity and asked if she was acquainted with the intended payees. “The refunds were supposed to be in my name,” she said. “I should be listed as the intended payee or recipient on each direct deposit.”

I asked her: 1) If that’s the case, why are you receiving multiple tax refunds for the same tax period? 2) If you’re the rightful recipient, why is a different Social Security number referenced on each transaction, neither of which matches the one we have on file for you? She said that before she answered my questions she needed to seek some advice. She assured me that she’d call me back with answers, and then she abruptly ended the call. Something fishy seemed to be going on. So, I decided to wait until the end of the day to see if I’d hear from her, but I didn’t expect to.

Surprisingly, about 45 minutes later Ms. Zee called and attempted to rationalize her inability to answer my questions during our initial conversation. She claimed that she’d suffered memory loss from a concussion she sustained in a car accident a few months before. (I could never corroborate the accident.) She said she’d actually ended our early phone call because she needed time to look at her account transactions before she could remember the details — not that she needed to call someone for advice as she’d told me in the previous call.

Finally, she said that she and the intended payees were longtime friends and neither she, nor they, thought it would be a problem to have their federal tax refunds deposited into her accounts without them also being authorized signatories on the accounts. I told her that the activity was definitely a problem because it potentially placed her and the bank at risk if the rightful payees were to file claims alleging that they didn’t receive the funds.

I told her that due to the risky account activity she’d receive an official mail notification that our bank would be closing her deposit accounts. She didn’t challenge the decision to end the banking relationship, and we never heard another peep out of her.

Working with external players

I was overcome with the scent of fishiness after the second conversation with Ms. Zee, so I:

• Immediately pulled surveillance photos of Ms. Zee visiting our branch to withdraw funds associated with the suspicious tax refund credits.
• Initiated a Suspicious Activity Report (SAR). [The U.S. Bank Secrecy Act of 1970 requires financial institutions to file a SAR with the Financial Crimes Enforcement Network (FinCen) following incidents of suspected money laundering or fraud.]
• Contacted the IRS to alert them of the three suspicious income tax refunds because of the probable identity theft.

Linking independent investigations to develop the ‘big picture’

Fraud fighters can all agree on at least two things: 1) Fraud examinations often are extremely time-consuming, and 2) the wheels of justice can seem to turn at a snail’s pace. Regardless of any impediments, they must thoroughly perform required fraud examination processes.

Though my tax refund fraud case was lengthy and slow, details of an extensive fraud scheme were indeed coming together as additional financial institutions, the IRS, the FBI and the U.S. attorney’s office combined data from my examination with their findings.

In January 2015, IRS agents, on behalf of the FBI (which was leading the case), visited our branch where Ms. Zee had made withdrawals because they’d likely come across the SAR I’d submitted. They presented a subpoena, and I provided the requested data.

Several independent investigators discovered Ms. Zee had opened accounts with 11 financial institutions to orchestrate her considerably profitable crime. She used the identities of several individuals to file fraudulent federal income tax return forms and then requested the IRS to electronically deposit proceeds from the fraudulent returns into her accounts. According to the Federal Trade Commission, this crime is the most common form of identity theft reported. In 2012, CNBC reported that the inspector general estimated that the IRS could issue as much as $21 billion in fraudulent tax refunds from then until the end of this year — an accurate prediction. (See Tax Scam: IRS Pays Out Billions in Fraudulent Returns, by Eamon Javers, CNBC, Aug. 2, 2012.)

To illustrate a broader scope of Ms. Zee’s criminal contribution to tax-related identity theft fraud numbers, in October 2013 she used the identities of a couple to file a single bogus return for approximately $560,000, which the IRS actually paid. She then used a portion of the proceeds to purchase a $50,000 Lexus ES series car, which resulted in the money laundering charge against her.

Just as fraud fighters teamed up to build a solid case against Ms. Zee, she had a little help from her friends in carrying out her misdeeds. However, the indictment didn’t name any of them.

The trial had been set for late summer of 2015, but one of the investigating IRS agents called to tell me that Ms. Zee had taken a plea deal. She pleaded guilty to one count each of theft of government property and money laundering as part of the tax-refund scam. She was sentenced to 18 months in prison, ordered to pay $658,978 restitution to the IRS and complete three years of supervised release. She forfeited her Lexus because of a related civil action.

Dots connected

This case illustrates that disparate fraud examiners from various agencies and organizations can selflessly link together enough information to build a complete rendering of extensive fraud schemes. Banks and government agencies supplied dots of information that when connected built a case solid enough to obtain a guilty plea.

Some significant takeaways:

• Conduct every fraud examination, no matter how small, as if you’d present it in court.
• Don’t underestimate proper and thorough documentation, which is a key factor in presenting strong fraud reports for arguing and winning court cases.
• If policies and procedures permit, share information with other agencies or fraud-fighting groups.
• Encourage the “see something/say something” mentality within your organization. The smallest observance could be a significant dot in the grand scheme.

Dorothy Riggs, CFE, is a regional bank fraud investigator with Synovus in Tuscaloosa, Alabama. Her blog is: fraudsense.blogspot.com. Her email address is: fraudsense1@gmail.com.