Department of the Treasury’s Financial Crimes Enforcement Network Alerts Financial Institutions to ERC Fraud

The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) is tasked with safeguarding the financial system from crime and terrorism and promoting national security through financial intelligence. On November 22, 2023, a FinCEN press release explained that “in close coordination with the Internal Revenue Service Criminal Investigation (CI), issued an alert to financial institutions on fraud schemes related to the COVID-19 Employee Retention Credit (ERC). The alert provides an overview of typologies associated with ERC fraud and scams, highlights select red flags to assist financial institutions in identifying and reporting suspicious activity and reminds financial institutions of their reporting requirements under the Bank Secrecy Act (BSA).”

The full alert states that “CI has identified ongoing fraud and scams related to the ERC that, to date, have resulted in 323 investigations involving more than $2.8 billion of potentially fraudulent ERC claims” and that the alert “provides an overview of typologies associated with ERC fraud and scams, highlights select red flags to assist financial institutions in identifying and reporting suspicious activity.”

FinCEN delineates ERC fraudulent claims into several main categories. The first are those in which individuals have filed using shell companies or fabricated or dormant entities. For example, the case in which a Hollywood, California man claimed more than $65 million in ERC based on non-existent employees he claimed worked for his entity.

The second type of fraud described by FinCEN are “ineligible businesses”:

“As noted previously, there are specific requirements that a business must meet to qualify to receive the ERC. Still, business owners may knowingly apply for the ERC hoping that they will obtain an ERC they are not eligible to receive. For example, businesses that received a Paycheck Protection Program (PPP) loan through the IRS during the pandemic cannot use the same wages they counted in the PPP loan to apply for the ERC. Despite this, some businesses may file amended tax returns that misrepresent the businesses’ eligibility for the ERC, including falsifying staff wages during the pandemic or their status as a business that had operations fully or partially suspended by government orders during the pandemic.”

However, this description actually includes three distinct potential problems: (1) The incorrect calculation of qualified wages by including wages included in a PPP forgiveness application; (2) falsifying staff wages, which was really included in the first type of fraud described; and (3) the representation that the business was fully or partially suspended by government orders when it was not.

The third type of fraud involves the unscrupulous tactics of so-called “ERC mills.” Here, FinCEN describes a number of troubling marketing tactics but also notes that “Promoters may also submit claims on behalf of businesses without their knowledge or using stolen information. ERC mills may also steal the taxpayer’s personal information from an ERC claim to use in other identity theft schemes.”

The FinCEN alert then proceeds to list ten red flags for financial institutions to look for and for which they would be required to report suspicious activity:

1. A business account receives more than one ERC check deposit over multiple days.
2. Small business accounts receive an ERC check deposit that is not commensurate with the size of the business, the number of employees, and the volume of transactions.
3. A large ERC is deposited into a business account and is subsequently transferred using P2P services or to an online banking institution, or withdrawn as cash at an ATM. Funds may be subsequently transferred from the account into separate accounts or payments may be made to new businesses that a customer has not had transactions with prior to receiving an ERC check deposit.
4. The account receiving an ERC check deposit has no deposits other than Treasury-issued checks, or the account has no regular business transactions.
5. A customer attempts to deposit an altered Treasury ERC check, or financial institutions are unable to verify the validity of the checks that customers attempt to deposit.
6. The ERC check is deposited into a new business account that did not exist in 2020 or 2021.
7. A new business account is created for an established business, but no other business activity occurs in the account except the deposit of the ERC. This may be indicative of identity theft, where the established business was used as a fraudulent front to file for the ERC.
8. A dormant business account suddenly receives an ERC check deposit.
9. An ERC is deposited into a business account with no payroll history.
10. A customer reports or provides documents indicating that their ERC was obtained by a third-party firm whose credentials cannot be verified or is the subject of adverse media.