Latest Trends in U.S. Passport Card Fraud: What Financial Institutions Need to Know

On April 15, 2024, the Financial Crimes Enforcement Network (FinCEN), in close coordination with the Department of State’s Diplomatic Security Service (DSS), issued Notice FIN-2024-NTC1 to financial institutions regarding identity theft and U.S. passport card fraud schemes. This Notice:

  1. Provides an overview of typologies associated with U.S. passport card fraud,
  2. Highlights technical, behavioral, and financial red flags to assist financial institutions in identifying and reporting suspicious activity,
  3. Reminds financial institutions of their reporting requirements under the Bank Secrecy Act (BSA).

What is a U.S. Passport Card?

The U.S. Department of State began issuing passport cards in July 2008 as a less expensive, smaller, and more convenient alternative to the U.S. passport book for those who travel frequently to Canada, Mexico, the Caribbean, and Bermuda. It can also be used for purposes of identity, proof of U.S. citizenship, and domestic air travel.

U.S. Passport Card Fraud Overview

According to the Notice, since 2018, DSS has identified an increase in the use of counterfeit U.S. passport cards by individuals and fraud rings to gain access to victim accounts at financial institutions nationwide. Passport card fraud usually occurs in person and involves an individual impersonating a victim by using a counterfeit U.S. passport card that has the victim’s actual information. DSS assesses that from 2018 to 2023, these schemes have resulted in $10 million in actual losses and $8 million in additional attempted losses, with over 4,000 victims in the U.S. However, DSS and other law enforcement agencies assess that losses associated with U.S. passport card fraud and associated identity theft are likely significantly greater and seek increased reporting by financial institutions to identify additional illicit activity.

Typologies Associated with U.S. Passport Card Fraud

  • Impersonation at Financial Institutions: The illicit actor uses the counterfeit U.S. passport card containing the victim’s personal identifiable information (PII) but their own photo to impersonate the victim at the victim’s bank to gather information, such as balance and withdrawal limits, about the victim’s account. The fraudster will often try to do this at bank branches where the victim is not likely to be recognized to avoid detection.
  • Fraudulent Withdrawals and Transfers: Once the victim’s account information is obtained, the fraudster will quickly make large cash withdrawals just below the Currency Transaction Reporting (CTR) threshold, purchase cashier’s checks or money orders, or initiate wires.
  • Check Cashing Schemes: The fraudster cashes stolen or forged checks to obtain funds from the victim’s account.
  • Establishment of Joint Accounts: The fraudster creates a new joint account with a second fraudster as a joint owner, using the victim’s account information. Once created, the fraudster will transfer funds from the victim’s existing account into the newly created joint account, which is then wired to other accounts wholly controlled by the fraudster.

In each of these cases, the objective is to quickly remove funds from the victim’s account and move on to the next target with a new counterfeit U.S. passport card and repeat the fraud scheme.

Red Flag Indicators

In consultation with DSS, FinCEN has identified select technical, behavioral, and financial red flags intended to assist financial institutions in identifying and reporting suspicious activities associated with the use of counterfeit U.S. passport cards in fraudulent schemes.

However, when evaluating potential red flags for illicit activity, it’s crucial not to jump to conclusions based on just one indicator. Rather, a broader context should be considered. This includes reviewing the customer’s past financial activities, checking whether their transactions align with typical business practices, and looking for the presence of multiple red flags before determining if a transaction or attempted transaction is indicative of identity theft and passport card fraud scheme or is otherwise suspicious.

Technical Red Flags

  • Photo Quality: The photo on the U.S passport card has a white, blurry border, a dark gray square surrounding the photo, or is in color. Legitimate U.S. passport cards feature a clear and crisp grayscale portrait image that is laser engraved.
  • Mismatched Photo: The photo of the account holder on file does not match the individual presenting the counterfeit U.S. passport card.
  • Textural Differences: The card bearer’s date of birth and other areas of text are flat and do not feel raised when touched. Legitimate U.S. passport cards have tactile text on certain areas of the card and should feel textured.
  • Incorrect Seal: Missing or incorrect holographic U.S. Department of State seal.
  • Secondary Portrait Issues: The smaller portrait on the card is blurry and does not contain micro-printed text with information specific to the bearer of the card, or the portraits are of different people. On legitimate U.S. passport cards, the secondary photo is a complex image that contains personalized details that are microprinted to create the image.
  • Mismatched Signatures: The card bearer’s signature does not match the customer’s signature card on file.

Behavioral Red Flags

  • Lack of Personal Knowledge: The individual may not know or be able to reference personal identifiers, including date of birth or social security number.
  • Account Ignorance: Even when the individual knows or is able to reference personal identifiers, they exhibit a lack of basic account knowledge while showing excessive interest in specific details about their account balances and withdrawal limits.
  • Directed by Third-Party: Appears to be following directions over the phone from a third-party while conducting transactions.
  • Unusual Joint Accounts: Opens a new joint account with someone they have no prior relationship with.
  • Unusual Geographical Activity: Engages in transactions typical of U.S. passport card fraud at branch locations outside of their usual geographical footprint.

Financial Red Flags – After presenting a U.S. passport card as a form of identification, the customer:

  • Large, Unjustified Transactions: Engages in transactions involving large cash withdrawals, purchases of cashier’s checks or money orders, or wire transfers for a large amount without a clear business or lawful purpose.
  • Uncharacteristic Check Negotiation: Attempts to negotiate an unusually large volume of checks made payable to cash.
  • Inquiry and Rapid Transactions: Asks for daily withdrawal and transfer limits, and then quickly makes significant withdrawals, initiates wire transfers, or purchases cashier’s checks made payable to a third party.
  • New Joint Account Activity: Transfers funds out of an existing account to a new joint account, with subsequent rapid withdrawal or wire transfer of these funds to another unrelated account.
  • Multiple Location Withdrawals: Makes withdrawals from an account at multiple branch locations without a business or apparent lawful purpose.
  • Structuring to Evade CTR Requirements: Alters or cancels transactions when informed of the CTR filing requirement or engages in structuring activities like making multiple cash withdrawals below $10,000 in a single day or otherwise engages in behavior that suggests attempts to evade CTR requirements.

Suspicious Activity Reporting (SAR) Filing Request

When filing a SAR associated with counterfeit U.S. passport card fraud, FinCEN requests that financial institutions indicate a connection between the suspicious activity being reported and the U.S. passport card fraud activities highlighted in the Notice by including the key term “FIN-2024-NTC1” in SAR Field 2 (Filing Institution Note to FinCEN) and in the narrative, and by selecting SAR Field 34(z) (Fraud – other) as the associated suspicious activity type and including the term “Passport Card” in the text box.

In addition to filing a SAR, FinCEN encourages financial institutions to refer their customers who may be victims of U.S. passport card fraud to DSS.

Thought Leadership

Related Articles

OFAC Shakes Up Sanction Rules: Here’s What It Means for You!

The Office of Foreign Assets Control (OFAC) has amended its Reporting, Procedures, and Penalties Regulations, mandating electronic filing through the OFAC Reporting System for specific reports like blocked property and rejected transactions. The rule, effective August 8, 2024, also clarifies definitions, expands reporting requirements, and introduces a streamlined process for addressing property blocked in error. Comments are welcomed until June 10, 2024.

Learn more

2024 Telemarketing Compliance: Understanding New TSR Requirements

The U.S. Telemarketing Sales Rule (TSR) was amended in April 2024 to enhance consumer protection and adapt to technological changes. Effective May 16, 2024, telemarketers and sellers must maintain detailed records of advertisements, call details, customer information, and consent for five years. These records aim to increase transparency and aid in identifying responsible parties and linking call content to regulations. Businesses must review their practices and update procedures to ensure compliance.

Learn more

AI Washing: From Marketing Hype to Regulatory Crackdowns

AI washing is the misleading practice of rebranding products or services as AI-powered to capitalize on the technology’s hype. Companies do this for marketing, competitive, and investment advantages. Regulators like the SEC are cracking down on AI washing, particularly in the investment industry. Enforcement actions have been taken against firms making false AI claims. Other regulations like UDAP, UDAAP, and TSR also address false advertising. Companies should implement policies, be transparent, and monitor communications to avoid AI washing.

Learn more
Compliance Core

Partner with Compliance Core

We’re happy to answer any questions you may have and help you determine which of our services best fit your needs.

Your benefits:
What happens next?
1

We Schedule a call at your convenience 

2

We do a discovery and consulting meting 

3

We prepare a proposal 

Request More Information