Progress is never easy or fast, but the rewards are well-worth the effort (and patience)! With the advent of new inventions, innovations and technology, we are continuously improving the quality of our lives and the freedoms we enjoy – both in our personal and business lives, which are inextricably intertwined.
Did you know that the audio-visual technology that makes it possible for families and friends to stay in touch across the globe, as well as the video-conferencing platforms that enable employees to work at home while remotely collaborating, took root from an idea to transmit images and audio over wire that was conceived by Bell Labs in the 1870s? Step by step, that idea became a reality over time, eventually giving rise to the smartphones and smartphone apps with video conferencing in the 2000’s, and then given a catalytic push in 2020 by the Coronavirus pandemic and the need for videoconferencing to allow workers to safely isolate while still conducting business remotely.
Similar to the evolution of videoconferencing, the development of the U.S. money rails has had a profound effect on the way we live and do business. I remember my mother saying how she thought the invention of the credit card was life-changing during her youth! In the U.S., the financial system has been relatively slow to evolve, but within the last 10 years it has picked up speed and there have been some amazing technological advances, such as Real Time Payments (RTP) and FedNow, the Federal Reserve’s version of RTP, which is on the cusp of being publicly rolled out. These newer payment rails, along with the convenience of modern payment methods – like PayPal, Venmo, Apple Pay and others – hold great promise for transforming the real estate and title insurance industries, and we want to share some special insights with you.
If you’d like to see where we’ve come from, and get a good idea of where we may be headed, then be sure to read the white paper, “Moving Money in a Real Estate Transaction.”
In a November report to Congress on business email compromise (BEC) and real estate wire fraud (REWF), the FBI announced enhanced efforts to put the brakes on what has become one of the most financially damaging crimes in the United States.
According to the FBI report, BEC has been the largest dollar loss by victim crime typology reported to IC3 in the past several years, with over $2.4 billion of losses in 2021.
“For comparison, the second highest dollar loss category reported to IC3 was investment fraud, with losses of approximately $1.45 billion,” the FBI reported. “In other words, dollar losses associated with BEC were over 65% more than dollar losses associated with investment fraud.”
The FBI noted in its report that criminals have been refining their exploitation of technology, especially the internet, to carry out financial crimes, logging substantial increases in internet-enabled financial frauds such as bank account takeovers, synthetic identity related frauds, money laundering through virtual currency, and BEC.
“The FBI has pivoted its approach to address this issue through gathering intelligence, utilizing advanced investigative techniques in conjunction with traditional financial crimes investigative techniques, using proactive public and private partnerships, and education and awareness campaigns,” the agency noted in the report.
Real estate wire fraud in the crosshairs
REWF is a sub-category of BEC, in which criminal actors target individuals or companies executing large wires related to real estate transactions. As our agents are aware, the criminals pose as parties to the transaction and directly communicate with the other parties to steal funds intended to pay for the real estate.
According to IC3 complaint data, victims participating at all levels of a real estate transaction have reported such activity, including title companies, law firms, real estate agents, buyers, and sellers. The FBI has specifically focused on addressing REWF due to its prevalence in the U. S. and the effect it can have on the individual victims of the REWF schemes, who may be home buyers wiring their life savings.
In its report to Congress, the FBI updated its preventative measures to include the following recommendations:
Use secondary channels or two-factor authentication to verify requests for changes in account information.
Ensure the URL in emails is associated with the business/individual it claims to be from.
Be alert to hyperlinks that may contain misspellings of the actual domain name.
Refrain from supplying login credentials or PII of any sort via email.
Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender’s address appears to match who it is coming from.
Ensure the settings in employees’ computers are enabled to allow full email extensions to be viewed.
First published in 2017 and fully updated by Alliant National’s Compliance, Risk and Education teams, the paper provides information, tips and suggestions to help you better understand the current threat environment and create a comprehensive plan that addresses the realities we face in our industry.
Filling in the Gaps
The FBI has had considerable success in reclaiming lost funds through the IC3’s Recovery Asset Team (RAT) program, since its inception in 2018.
The RAT is designed to assist FBI field offices with the rapid recovery of funds for victims who made transfers to domestic accounts. In 2021, the RAT reported just over 1,700 incidents, with losses approaching $445 million. According to the FBI, the RAT was able to recover more than $328 million of the $445 million.
But there is more work to be done and the FBI has identified vulnerabilities which, if addressed, would bolster the ability of U.S. law enforcement to effectively address a wide range of threats, including BEC.
The first is getting access to beneficial ownership information to track funds that end up in accounts controlled by shell companies.
“The Corporate Transparency Act (CTA) provides for the creation of a national, non-public database of underlying beneficial ownership information for U.S.-registered businesses that meet specific criteria,” the FBI noted. “The data collected will be made available to U.S. law enforcement, subject to certain guardrails, offering a critical resource for identifying participants in a BEC scheme.”
On Sept. 29, the Financial Crimes Enforcement Network (FinCEN) issued the first of three rulemakings to implement the CTA, governing who must report and what information they must report to FinCEN. The final rule will take effect on January 1, 2024.
The effectiveness of this reporting requirement is as yet unknown, and there is some concern that the CTA exempts from its reporting requirements various types of entities, including trusts, which may affect efforts to identify the beneficial owners of trusts or other entities engaged in REWF.
The FBI is also recommending that UCC 4A-207 be redrafted to require banks to properly identify the name and number of the beneficiary and to determine they are in fact the same individual or entity. Currently, a bank may simply rely on the number as the identifier, without requiring a check to see if it is actually connected to the named beneficiary.
Cyber security #1 priority in 2023
As the threat from cyber criminals continues to escalate, it is imperative that our agents review their procedures for protecting client funds.
You can begin today to assess your systems and educate your staff to make sure every possible precaution has been put into place. We hope our Escrow Fraud/Social Engineering White Paper will be helpful in this work. Alliant National is committed to updating our agents to help you understand and respond to the current threat environment. Feel free to reach out to your agency representative, or any member of the Alliant National team if you have any concerns.
After years of incrementally slow progress on the e-mortgage front, the pandemic succeeded in catapulting the mortgage and settlement services industry into the digital mortgage and closing age in short order. As state legislatures quickly rushed through a variety of pending remote online notarization (RON) laws, more agents jumped at the chance to add this capability to their tool belt.
In an April 12 release, ALTA reported that the number of title professionals offering digital closings more than tripled over the past two years, from 14% participation prior to 2019, to more than 46% in its most recent survey.
The question for agents is, do your partners and potential customers know about your new digital closing capability? And how can you get the word out?
MISMO has provided a national solution that you can capitalize on immediately to ensure potential customers who are looking for a service provider with RON capability can check on your status.
The MISMO e-Eligibility Exchange was created to accelerate industry-wide adoption of digital closings. According to a recent release from MISMO, the e-Eligibility Exchange provides centralized access to acceptance criteria that enables lenders and other industry participants to easily determine the right type of digital mortgage closing for each loan, including the use of electronic promissory notes (eNotes) or RON.
How Can Agents Get Into the e-Eligibility Exchange?
The only way to get into the exchange is by first getting registered in the ALTA Title and Settlement Agency Registry. ALTA announced that it will be the sole provider of title and settlement data to MISMO through the registry, which currently includes more than 9,000 locations, with more than 2,000 of them indicating they have RON capability.
The registry is free and ALTA membership is not required. After you register, your underwriter will confirm your information. According to MISMO, this verification, along with the uniqueness of the ALTA ID, ensures the accuracy of the data in the e-Eligibility Exchange for users.
If you are not yet signed up with the ALTA registry, here’s what you need to know:
Visit alta.org/registry to learn more about the ALTA Title & Settlement Agency Registry.
Download materials to register on the ALTA resources site to begin the registration process.
ALTA will provide you with a unique 7-digit identifier, called the ALTA ID, which is automatically assigned to each new database record as a permanent ID number.
ALTA ID numbers are available for free to title agents and to real estate attorneys.
Once you are registered, your underwriters will be contacted to confirm your status.
Recent legislation has helped grow adoption of e-recording and e-notarization, but the lack of uniformity still makes it difficult for lenders to universally adopt electronic practices, forcing lenders to make a loan-by-loan decision about what documents can be electronically signed.
MISMO’s e-Eligibility Exchange helps address this challenge by allowing lenders to quickly assess requirements for individual loans.
More importantly for you, it allows lenders to identify the availability of title and settlement agents with electronic capabilities. Hop on the digital train in 2022. With the advent of the e-Eligibility Exchange, you now have the perfect opportunity to put yourself front and center for digital closing opportunities in the coming years.
The FBI’s Internet Crime Complaint Center (IC3) 2021 report released in March highlighted an “unprecedented increase in cyberattacks and malicious cyber activity” resulting in a dramatic escalation in financial losses.
In 2021, IC3 received 847,376 complaints from consumers and businesses – a 7% increase from 2020 – with potential losses exceeding $6.9 billion. Most significantly for the title insurance industry, business email compromise (BEC) schemes resulted in losses of nearly $2.4 billion, up 33% from 2020.
In its report, the IC3 identified Russia as a hot spot for cyberattack actors in 2021. In recent weeks, the risk of those cyberattacks has grown exponentially in retaliation for the many sanctions imposed on Russia following its invasion of Ukraine on Feb. 24.
On March 21, President Biden released a statement highlighting the imminent threat to our nation’s cybersecurity. That same day, Deputy National Security Advisor Anne Neuberger said in a press briefing, “We’ve previously warned about the potential for Russia to conduct cyberattacks against the United States, including as a response to the unprecedented economic costs that the U.S. and allies and partners imposed in response to Russia’s further invasion of Ukraine. Today, we are reiterating those warnings, and we’re doing so based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on critical infrastructure in the United States.”
These imminent threats are a reminder of how important it is to take the necessary steps to protect your agency and your customers.
Alliant National has just released a white paper titled Escrow Fraud/Social Engineering: Recent Schemes and Prevention Tipsto provide our agents with information, risk factors and protocols that will help you partner with consumers, real estate agents and lenders to defend against the fraudsters.
In addition, the Biden Administration released a Fact Sheet, urging companies to take immediate steps to protect their systems, including:
Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system
Deploy modern security tools on your computers and devices to continuously look for and mitigate threats
Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities
Change passwords across your networks so that previously stolen credentials are useless to malicious actors
Back up your data and ensure you have offline backups beyond the reach of malicious actors
Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack
Encrypt your data so it cannot be used if it is stolen
Educate your employees on common tactics that attackers will use over email or through websites
Encourage employees to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly
Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents
The Biden Administration also encourages IT and security leaders at all companies to visit the websites of CISA and the FBI to access technical information and other useful resources. These heightened threats represent a clear and present danger for all of us. We encourage all of our agents to download the Alliant National Escrow Fraud/Social Engineeringtoday and share this information with your staff and customers.
First published in 2017 and fully updated by Alliant National’s Compliance, Risk and Education teams, the paper provides information, tips and suggestions to help you better understand the current threat environment and create a comprehensive plan that addresses the realities we face in our industry.
Time to assess cyberattack risk in light of Ukraine invasion
The paper’s release comes at a critical time as U.S. businesses brace for potential cyber warfare corresponding with recent violence in Europe. The Department of Homeland Security (DHS) issued a bulletin in January warning of the increased risk of cyberattacks in the U.S. as Russia was poised to invade Ukraine.
“We assess that Russia would consider initiating a cyberattack against the Homeland if it perceived a U.S. or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security,” the agency said in the bulletin released to law enforcement partners and obtained by The Hill.
In response, the American Land Title Association warned in a recent blog that the risk of spillover cyberattacks against non-primary targets could become much more widespread.
2022: Growth of BEC/EAC
Against this backdrop of international tension, Alliant National agents continue to report an increase in attempted wire fraud schemes. These attacks are part of a growing fraud threat targeting businesses of all sizes and the general public.
The FBI refers to this threat as Business Email Compromise/Email Account Compromise (BEC/EAC). BEC/EAC fraudsters focus on organizations that perform wire transfers, making real estate especially vulnerable.
According to the FBI Internet Crime Complaint Center’s (IC3) most recent report, the center received a record number of complaints from the American public in 2020: 791,790, with reported losses exceeding $4.1 billion. This represents a 69% increase in total complaints from 2019. Business Email Compromise (BEC) schemes continued to be the costliest: 19,369 complaints with an adjusted loss of approximately $1.8 billion. Phishing scams were also prominent: 241,342 complaints, with adjusted losses of over $54 million.
Protect Your Agency
Given the increased incidence of BEC/EAC scams and ransomware attacks over the past several years, it is imperative that prevention be addressed at every level. State and federal entities, as well as most of the top tech companies are creating alliances and workgroups to stem the tide.
Title insurance companies and agents also have a role to play. Given the current nationwide threat, we encourage all agents and their staff to remain on high alert for attempted fraud, particularly when it comes to seller proceeds. We also urge agencies to remain vigilant regarding possible attempts to obtain consumer or employee PII.
Here are some immediate steps to consider:
Identify the risks your agency faces and make sure your systems are protected
Maintain strict policies and procedures for verification of wire instructions
Educate your staff and consumers about what to do when they suspect fraud
Establish protocols to quickly detect fraud and recover diverted funds
Obtain appropriate insurance, including Cyber Liability coverage
Cyber Security is Mission Critical
There is nothing more important than protecting our clients’ funds and personal information. It is mission critical for a title company to make security its highest priority in 2022. You can begin today to assess your systems and educate your staff to make sure every possible precaution has been put into place. We hope our Escrow Fraud/Social Engineering White Paper will be helpful in this work.
In addition to the release of the White Paper, Alliant National will provide updated materials throughout the year to help agents understand and respond to the threat environment we face. Of course, we’re always ready to discuss the threats we are seeing, and steps you might consider for your business. Feel free to reach out to your agency representative, or any member of the Alliant National team.