FinCEN Issues Alert on COVID-19 Employee Retention Credit Fraud

On November 22, 2023, FinCEN, in close coordination with the Internal Revenue Service Criminal Investigation (CI), issued an alert to financial institutions on fraud schemes related to the COVID-19 Employee Retention Credit (ERC). The alert provides an overview of typologies associated with ERC fraud and scams, highlights select red flags to assist financial institutions in identifying and reporting suspicious activity and reminds financial institutions of their reporting requirements under the BSA.

The ERC was authorized by the Coronavirus Aid, Relief, and Economic Security (CARES) Act as a tax credit to encourage businesses to keep employees on payroll during the COVID-19 pandemic. CI has identified ongoing fraud and scams related to the ERC that, to date, have resulted in 323 investigations involving more than $2.8 billion of potentially fraudulent ERC claims throughout tax years 2020, 2021, 2022, and 2023.

FinCEN has identified the following financial red flag indicators to assist financial institutions in detecting, preventing, and reporting suspicious transactions associated with ERC fraud:

  • A business account receives more than one ERC check deposit over multiple days.

  • Small business accounts receive an ERC check deposit that is not commensurate with the size of the business, the number of employees, and the volume of transactions.37

  • A large ERC is deposited into a business account and is subsequently transferred using P2P services or to an online banking institution, or withdrawn as cash at an ATM. Funds may be subsequently transferred from the account into separate accounts or payments may be made to new businesses that a customer has not had transactions with prior to receiving an ERC check deposit.

  • The account receiving an ERC check deposit has no deposits other than Treasury-issued checks, or the account has no regular business transactions.

  • A customer attempts to deposit an altered Treasury ERC check, or financial institutions are unable to verify the validity of the checks that customers attempt to deposit.

  • The ERC check is deposited into a new business account that did not exist in 2020 or 2021.

  • A new business account is created for an established business, but no other business activity occurs in the account except the deposit of the ERC. This may be indicative of identity theft, where the established business was used as a fraudulent front to file for the ERC.

  • A dormant business account suddenly receives an ERC check deposit.

  • An ERC is deposited into a business account with no payroll history. 

  • A customer reports or provides documents indicating that their ERC was obtained by a third-party firm whose credentials cannot be verified or is the subject of adverse media.  

Read FinCEN’s news release here.

The Alert can be found here.

FinCEN Joins International Task Force to Disrupt Financial Flows to Hamas

FinCEN Announces Settlement with Binance for BSA/AML Violations