SardineCon SF/2026

Learn More
Fraudology

Unlocking Real-Time Collaboration: FinCEN’s Historic 314B Fraud Guidance Update

Podcast graphic for Fraud/ology episode #410, featuring guest Hailey Windham and host Karisse Hendrick.

Welcome back to Fraudology.

In this episode, I’m sitting down with Hailey Windham to talk about something that may sound like a compliance update on the surface, but could become one of the most important fraud-fighting shifts we have seen in a long time: FinCEN’s updated 314(b) fraud guidance.

For years, fraud teams, AML teams, and financial institutions have talked about the need for better information sharing. We all know fraud does not happen inside one institution at a time. Scam networks move across banks, fintechs, payment platforms, mule accounts, and customer touchpoints. By the time one institution sees the full picture, the money may already be gone.

FinCEN’s new guidance clarifies that Section 314(b) information sharing can include suspected fraud, not just traditional money laundering or terrorist financing activity. It gives participating financial institutions a clearer path to share fraud indicators, cyber-related fraud data, account activity, and other signals that may help stop scams before they spread.

This conversation is really about what that means in practice. Because guidance is only useful if teams understand how to operationalize it. The opportunity here is not just to say, “We can share more.” The opportunity is to build better real-time collaboration between financial institutions, fraud teams, AML teams, compliance leaders, and investigators who are all seeing different pieces of the same problem.

What you’ll hear in this episode:

  • Why FinCEN’s 314(b) fraud guidance update matters for fraud teams, AML teams, and financial institutions.
  • How 314(b) information sharing can support faster collaboration when suspected fraud is moving across institutions.
  • Why the Section 314(b) safe harbor matters, and what it does and does not solve.
  • How fraud information sharing between financial institutions could help with scam activity, mule accounts, account takeover, and cyber-related fraud data.
  • Why SAR confidentiality and 314(b) still need to be handled carefully.
  • What financial institutions should be thinking about when it comes to 314(b) registration requirements and participation requirements.
  • Why this guidance could help bridge the operational gap between fraud prevention and AML/CFT information sharing.

You should listen to this episode if you:

  • Work in fraud prevention, AML, investigations, compliance, or financial crime operations.
  • Have ever seen scam activity move across institutions faster than your team could respond.
  • Want to understand how 314(b) fraud information sharing may support real-time collaboration.
  • Are trying to connect fraud indicators, mule account information sharing, and money mule detection across institutions.
  • Need a clearer way to think about FinCEN fraud guidance without turning it into a purely legal or compliance conversation.
Episode notes & key takeaways

FinCEN’s 314(b) fraud guidance gives financial institutions clearer room to collaborate

The biggest takeaway from this episode is that FinCEN’s updated 314(b) fraud guidance gives financial institutions much-needed clarity around suspected fraud information sharing.

Fraudsters collaborate. Scam networks collaborate. Money mule rings collaborate. But the institutions trying to stop them are often limited by uncertainty, internal risk concerns, privacy questions, or fear that sharing the wrong thing could create regulatory exposure.

Section 314(b) safe harbor has existed for years, but many institutions have historically treated it as an AML tool first. This update helps clarify that fraud can also be part of the information-sharing conversation when it may involve money laundering, terrorist financing, or other specified unlawful activity.

Real-time information sharing fraud workflows are the real opportunity

The phrase that matters most here is real-time. Fraud is not waiting for quarterly working groups, slow escalations, or after-the-fact case studies. Scams move fast. Mule accounts move fast. Social engineering moves fast. Account takeover moves fast. And once the money leaves one institution and starts moving through another, the window for recovery gets smaller by the minute.

If one institution sees a suspicious pattern, and another institution is seeing the next hop in the movement of funds, those teams need a way to compare signals quickly and responsibly. That might include account identifiers, transaction patterns, device signals, IP addresses, behavioral indicators, payee details, or other fraud indicators that help institutions understand whether they are looking at isolated activity or part of a larger network.

This is also where fraud operations and AML/CFT information sharing need to work together more closely. Fraud teams may see the customer-facing activity first. AML teams may understand the broader movement of funds. Compliance teams may understand the rules around what can be shared, how it should be documented, and who needs to be involved.

The power of 314(b) fraud information sharing is not just in the legal permission. It is in the operational design that comes after it.

The Section 314(b) safe harbor does not remove the need for governance

One of the most important parts of this conversation is that 314(b) fraud safe harbor does not mean “share anything with anyone.” That is not how this works.

Financial institutions still need to understand 314(b) compliance requirements, registration requirements, and participation requirements. They need policies. They need controls. They need documentation. They need to know who inside the institution is allowed to share information, under what circumstances, with which other participating institutions, and for what purpose.

This is especially important when teams are dealing with SAR confidentiality and 314(b). Institutions need to be careful not to disclose the existence of a SAR or reveal protected SAR-related information. That does not mean teams cannot collaborate. It means they need to collaborate correctly.

If the process is too restrictive, teams will not use it. If the process is too loose, institutions create new risk. The goal is a practical framework that lets teams move quickly without being careless.

Fraud information sharing between financial institutions can help expose networks, not just transactions

Fraud teams are often forced to look at one customer, one account, one transaction, or one event at a time. But modern fraud rarely works that way. The same device, mule, phone number, IP address, email pattern, synthetic identity, or receiving account may touch multiple institutions before anyone realizes the connection.

A single institution might only see one strange login, one suspicious new payee, one unusual transfer, or one victim report. But when multiple institutions compare information, the larger pattern may become visible. That is especially true for money mule detection, account takeover information sharing, cyber-related fraud data sharing, and scam networks that rely on speed and fragmentation.

This is also where suspected fraud information sharing can help institutions move from reactive case handling to proactive network detection. The challenge now is making sure institutions have the internal structure to use it well.

This guidance could help bridge the gap between fraud and AML

One of the things I care about most in this space is making sure fraud and AML teams are not operating like they are solving completely separate problems. They have different mandates, yes. They have different reporting obligations, yes. But the activity they are looking at is increasingly connected.

Fraud generates proceeds. Those proceeds move. They are layered, cashed out, transferred, converted, or pushed through mule accounts. If fraud teams only focus on the victim event and AML teams only focus on downstream suspicious activity, both teams may miss the full story.

That is why this FinCEN fraud guidance matters beyond compliance.

It gives institutions a better reason to connect fraud prevention, AML fraud information sharing, AML/CFT information sharing, and investigations strategy. It also gives teams a way to think about 314(b) not as a narrow compliance process, but as a bridge between teams that need to work together more often.

The fraud fight is moving from institution-by-institution defense to networked collaboration

If there is one bigger theme in this episode, it is that fraud defense cannot stay institution by institution forever. That model benefits the criminals. It lets scam networks exploit the gaps between financial institutions, payment platforms, fintechs, banks, and consumers.

The 314(b) fraud guidance update is important because it recognizes something fraud fighters already know: financial institutions are often seeing suspicious activity in real time, but they need better ways to connect those signals before the damage spreads.

This is not about making fraud teams reckless with data. It is about making collaboration more usable, more timely, and more effective.

The institutions that take this seriously should be thinking now about how to build a 314(b) fraud information sharing process that is practical, compliant, and operationally useful. That means looking at registration, participation, governance, SAR confidentiality, fraud indicators, scam escalation paths, and the day-to-day workflow between fraud and AML.

Final takeaway:

FinCEN’s updated 314(b) fraud guidance is not just another regulatory update. It is a signal that fraud information sharing between financial institutions needs to become faster, clearer, and more useful.

And honestly, that is overdue.

Fraudsters already collaborate across platforms, accounts, institutions, and borders. If financial institutions are going to keep up, they need responsible ways to collaborate too. Section 314(b) safe harbor is one of the tools that can help make that possible, but only if teams understand how to use it.

So if you are in fraud, AML, compliance, investigations, or financial crime leadership, this is one of those episodes I would not just listen to and move on from. Bring it back to your team. Ask how your institution is using 314(b) today. Ask whether your fraud team knows when and how to use it. Ask whether your AML team and fraud team are aligned. Ask whether you have a process that can move at the speed of scams.

Because the guidance matters. But what institutions do with it next matters even more.

Connect with Hailey Windham, CFCS | LinkedIn

  • Host of the Fraud Forward Podcast
  • Banking Community Lead at Sardine
  • Certified Financial Crimes Specialist (CFCS)
  • 2023 Credit Union Rockstar, CU Magazine
  • Continuous Improvement Award, SAFE Federal Credit Union, 2023
  • Top 20 Professionals Under 40, The Sumter Item, 2022

Connect with Karisse Hendrick | LinkedIn

  • Host of the Fraudology Podcast
  • Award-Winning Cyberfraud Expert
  • Ecommerce Fraud Prevention Consultant
  • Startup Advisor, Keynote Speaker, and
  • Consultant to Fortune 500 merchants


Host
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
Ecommerce Fraud Prevention Consultant

Guests

Hailey Windham
Hailey Windham
Fraud Forward, Sardine
Episode transcript
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
00:02
Welcome to Fraudology Podcast where we dive into the science and study of online fraud from the perspective of an e-commerce fraud fighter. I'm Karisse Hendrick. Welcome back to the Fraudology podcast. I am so excited to have Hailey Windham here with me today. It's been a little while since Hailey's been on the podcast. I know we did a joint episode for Fraud Fight Club back in April, but before that I think it was back in 2025. And if you haven't heard Hailey before, she's been on the community banking side and credit union side of fraud prevention for several years and she very recently, as in the end of last year, started a full time position with Sardine. So welcome, Hailey, to the podcast again.
Hailey Windham
Hailey Windham
00:50
Thank you so much. It's always a pleasure to join you on Fraudology.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
00:53
Yes, you are. I can't remember the first time you came on the podcast, but was it three years ago at least?
Hailey Windham
Hailey Windham
01:01
Yeah, I think it was three years. And I was just a little small town credit union girl who was inspired by you to create her own internal podcast. And there's been a lot of changes, but you've, you've stirred up a lot of inspiration and motivation in me, so I'm always eternally grateful.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
01:17
Oh, well, I just love getting to see your growth. It's been so exciting to me. And you had, you were the host of the Banking on Fraudology podcast and now it's called Fraud Forward. And really the vision for that podcast is similar to Fraudology, but specifically for banks. Let's go ahead and start with what you've been up to. I mean, I kind of gave a little bit of a overview of what you've been up to since you were last on the podcast. But how is it being at Sardine going from the banking side to the vendor side?
Hailey Windham
Hailey Windham
01:50
Well, it's been a whirlwind, but in the best way possible. Honestly, from the banking practitioner side, I was afraid to come over on this side, you know, afraid of that, thought of, you know, she's a sellout or, you know, she's gone over to the dark side and now we don't want to talk to her. But it hasn't been like that at all. And mainly one of the main reasons why I joined Sardine was because of that I was told, you know, and since then it's been true. But I was told that we don't want you to try to sell anything. We just want you to keep doing what you're doing. We want to help give you, help you at scale, right? Instead of helping one credit union, help multiple. And making sure that we can get the information out. So I'll say, you know, my role is the community lead for banking. And so I have been focused on, you know, building the resources that are actually useful for fraud practitioners and not just vendors. So it's not just a, hey, this is what's going on in the industry. Let me sell you something. It's, hey, this is what's going on in the industry. Here's how you can make it operational, here's some practical takeaways for you. And just leading with knowledge and information first. Versus over, you know, fear tactics, trying to make you think, oh, the next best technology is the answer. So, you know, obviously the podcast got a facelift, so it's now called Fraud Forward, just a rebranding. But I think the message is pretty clear that fraud isn't static. Right. It evolves constantly. And, you know, the goal was simple. Still have those practitioner led conversations that help move the industry forward. So we've had guests from financial institutions, fintechs, law enforcement, even had consumer advocacy organizations. And I think the one thing that I'm really proud of is that we've been able to balance those strategic conversations with operational reality. So, you know, if someone listens to an episode, I want them to walk away with something they can use tomorrow morning at work. I think that that's very important for any conversation I have. At least that's recorded and other people can hear.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
03:47
Well, and you and I are so aligned in so many of those things as far as, you know, giving back to the industry. I know that you are currently working on promoting a benchmarking survey for credit unions and community banks. You know, right now they're responding to it. You don't have all of the data gathered yet, but you're getting there. And I think, you know, to my knowledge, there's never been anything like that before. Just like there hadn't been anything like my fraudology benchmarking study for merchants back in, I think it was 2023 now. It was very unique because it asked the questions that merchants wanted to know, not that vendors wanted to know about merchants. And I think that's exactly your goal with the banking survey. And I'm really excited for you to get those results and for them to help people move the needle forward within their organization, to share it with their leadership, to say, hey, we're over here, this is where everyone else is, or, hey, we're actually doing really good. You should give me a raise. Using it for practicality, I think is really exciting when that gets to happen 100%.
Hailey Windham
Hailey Windham
04:57
So this is actually the project that I'm most excited about. And one of the things that whenever, you know, Sardine asked Hailey, what's one thing you want to do? And I was like, I really want a benchmarking report. And so this is another promise they've kept to me. And so again, we launched this. It's the industry's first practitioner built fraud benchmarking survey. And specifically for community banks and credit unions, we're focusing on 10 billion and under. The goal is to finally answer questions like how many alerts should an investigator handle, you know, efficiently? What does normal staffing look like? How much are institutions actually losing to scams? And you know, early data from the benchmarking, it's confirming what we've already known and felt that they're being asked to do more with less. I will say though, I have to give a shout out to my credit unions right now because 80% of my respondents have been credit unions. So I need my community banks to step it up. But again, you know, fraud teams, I don't think that they've lacked benchmarks necessarily. There are some that are available that are industry, but it's from my experience they were really vendor led versus practitioner led. So it was, hey, here's our, here's our current benchmarking on fraud. And it's like, okay, who'd you poll for this? Like, I follow you guys and you didn't poll me for this information, so where did it come from? You know, that was just one of the things that always bugged me. And then I'll never forget reading one of the industry benchmarks that said, okay, ACH fraud, here's how much they lost. And I was like, is there not a breakdown of, you know, EFT, you know, transferred external transfers that we sent out or member to member internal transfers? Like there's not a breakdown of what is actually happening, like online versus origination with ACH. We just categorized it into one that's not helpful. So I wanted to make sure that I brought some of those, you know, again, just practice practitioner insights into this benchmark so that we could actually take it back and again, use that information tomorrow to help our programs. And so far, the responses, again, I'd love to have a few more before we close it out officially, but I'm really excited to see the insights we have so far and really look forward to posting that, that full benchmark report that'll come out soon.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
07:08
I remember years ago when I was working for a nonprofit organization, a trade association for e-commerce merchants and fraud. One of my friends that was working at Twitter at the time said, Karisse, your job is to help me do my job better. And that has stuck with me. And even though I don't work for that nonprofit or that, you know, trade association anymore, that's still how I think through things, right? With MFA, coming up with the podcast with those type of things. And I think that's the lens that you look through too, is how can I help my people do their job better.
Hailey Windham
Hailey Windham
07:42
I love that you mentioned that, that it also leads me to the other two things that I built since starting at Sardine. You know, one thing that I think now that I'm really diving into content is that some people like to, you know, receive it a different way. You know, either through video, podcast, or audio. Or maybe it's reading things or just quick little sound bites. So I've kind of embraced all of it, trying to see, you know, what, what's best received, but also just trying to give back to the industry in the way that they want to receive it. So I also have a newsletter out now. It's called the Monday Fraud Fix. So again, this just kind of helps practitioners start their week informed. So I cover, you know, regulatory updates, industry trends, of course, podcast highlights, and any actionable insights that I find. Again, I just wanted something that was short enough to read with a cup of coffee, but substantive enough to matter. And then on Fridays, I now have five minutes of Fraud, which is just a short form content series. I try to keep it under five minutes, but you guys know me, I talk a lot. So sometimes 5 minutes and 50 seconds, sometimes. I got a message from my boss the other day and he said, he circled it, it said five minutes of fraud, but it was 10min and 51 seconds. And I was like, look, I got on a rant, okay? I couldn't help it. But you know, during that five minutes or less, wink, wink, can't hint, you know, I'll try to break down a, you know, major fraud trend. Again, just a regulatory update or a scam I'm seeing, you know, the fraud world moves quickly and not everyone has time for that hour long podcast. So why not give, just it something in short form? You know, fraud fighters are busy. Sometimes you only have five minutes. Again, I try to, I try to meet that goal of five minutes, but sometimes I just get too excited. But I, I want those short minutes to count for those, so again, just those other two things that, that I felt were ways to give back. And Sardine has fully embraced that and it's given me the platform to do it.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
09:39
I love that. Yeah, I, I know that people like short form, but I just can't do short form. I have to do long form conversations. So I'm like, that's what you get. But, you know, the transcripts are actually about to all be released online for Fraudology, as well as synopsises of every single episode. I think we're at. I think this one is 407. I actually like completely blazed past the 400 mark and didn't even take time to celebrate it. I didn't notice till it was like 403 and I was like, whoops. Oh, I didn't realize I was close to that.
Hailey Windham
Hailey Windham
10:13
Never too late to celebrate what you've done, Karisse. Truly.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
10:16
Yeah, I suppose I'm not good at celebrating myself. I'm very. I love celebrating other people and their success, but that's just not my. It's not something I think about. But so tell me, what you know, because you are so dialed in to community banks and credit unions. What are some of the things that they're worried about? What are they, what are they working on? What are they worried about? Is it external fraud threats? Is it internal, you know, fraud operations? Is it justifying their job to senior leadership? Like, what are their concerns right now?
Hailey Windham
Hailey Windham
10:50
So I'll tell you, the concerns kind of stayed the same from whenever I was a practitioner. I know that I focused heavily on how in the world do I even get them to understand that fraud is important? But because fraud and scams are just at an all time high, the scams and social engineering aspect is like the number one issue for fraud people right now. And it's because executives are finally paying attention. You know, the industry has gotten better at detecting stolen credentials and account takeover. But scams are different because the customer is often, you know, authorizing that transaction themselves. So, you know, fraud teams are asking how, how do we detect scams? How do we educate customers and who ultimately bears the loss? Because there's the struggle of, and I faced this whenever I was the practitioner, it's, you know, here I have this, this member that came in. They received a call from someone impersonating our organization and eventually had them log on with these codes or said, hey, what's this code that we're about to send to you? We just want to authenticate to you. But in reality, that was part of the MFA. It was part of them trying to make sure, hey, here's the code was a one time password we've sent out. And then the fraudsters use that information from that phone call and now they've, you know, accessed the account. But that person was tricked or social engineered because they were impersonating the financial institution from the mirrored phone number. So it looks like it was a legitimate one, but that person gave access by giving over the code. So who bears that loss and how do we justify those answers? And then how do we make sure that we are consistently applying it across the board? Because that's where we really mess up in regards to Reg E. If you don't apply it consistently, that's where you have trouble. And so trying to make sure that happy medium or trying to understand how we interpret the regulation is really a big issue. And which again just early insights from that benchmarking survey did find that scams were overwhelmingly identified as a top threat for community banks and credit unions. The other thing that I think is top of mind is the AI opportunity and risk. Community bankers are excited about the potential of AI, but they're also pretty cautious. You know, they're asking how do we deploy AI responsibly, what governance is needed and how do we explain AI decisions to regulators making sure that they are, you know, fully intertwined with whoever their vendor is or their solution provider. And again, most institutions, they don't want AI replacing the humans, but they do want AI augmenting investigators. So, you know, how can we use it to help us to, you know, a lot of times we are fraud fighters of one. I need help. So let me, let me automate a few things. And I think that the overall theme that we always see of course is the doing more with less. You know, because teams are dealing with the growing fraud losses, the faster payments, staffing shortages, budget constraints. Many fraud teams are at or beyond capacity while expectations continue to rise. So fraud isn't growing linear anymore, it's growing exponentially while our resources aren't.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
13:59
Yeah, I think that's something that no matter what side of fraud you're on, whether it's merchant side, banking side, smaller bank, bigger bank, all those things, I think those are challenges that we all face, right, that fraud is growing exponentially and at scale and we don't have new resources, we still have duct tape and bailing wire. We still have to figure it out. No, those are really good insights and things that I think other types of fraud fighters can really relate to. Sometimes we get distracted by the shiny things but at the end of the day, the things that really are creating systemic pain points are, you know, the same old, same old things that we just don't fix or haven't found a way yet.
Hailey Windham
Hailey Windham
14:43
Very true. I also think that at least from the community banker, credit union side, one thing that I just, I don't know how we get beyond it other than we've got to start pushing back on these core providers, but we are stuck in these legacy cores that won't really integrate well with other solutions that we need and we feel like we can't leave them. Right. We've, we've been with these cores 20, 30 years and it's like, man, it's so scary getting out of that comfort zone. But we have to, in order to, to stay afloat and to stay in front of this fraud problem, we've got to try to be in that proactive, you know, innovative side of the, of the world and where we could be versus being stuck. So that's just another call out that I feel I would be remiss if I didn't mention that the legacy core issue is on the infrastructure. I mean, we've got to get that part figured out so that we can have layered controls and bring in more solutions that can help us augment some of these things.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
15:41
Yeah, e-commerce companies don't necessarily have legacy cores in the same way that banking does, but they do have legacy systems that just aren't detecting the fraud of today as much as they used to. They're not able to see behavior biometrics and device intelligence and the signals that they need to be able to identify things like card testing and enumeration or account takeovers, you know, more sophisticated account takeovers and things like that. So that we can relate to you as well for sure. So one of the things that came out actually as recently as yesterday from when we were recording, but last week from when people are going to listen, is that it was pretty big. I mean, I remember seeing multiple posts about it just, you know, being like, oh my gosh, I can't believe this happened. That FinCEN came out, you know, so that's in the US came out with updated guidance that seems to have kind of reinvigorated and excited people in banking fraud. Can you explain what the updated guidance was and kind of what, why it's such a big deal?
Hailey Windham
Hailey Windham
16:51
Absolutely. I actually just did a quick little blurb about it in my newsletter and I titled it a little louder for the people in the back. You know, so it happened on June 12, which was my mom's birthday, by the way, Benson dropped. I figured that was important for everyone to know because my mom thinks it's important, but so on June 12, Benson dropped a new fact sheet clarifying how 314(b) actually works. And I mean, I'm here to say I want more fraud fighters to know that this exists, if they don't already, and that they can and should use it. So it wasn't just like a minor tweak. It expands on and replaces the 2020 guidance and directly addresses three things that practitioners have been asking about for years, which are whether real time information sharing is permissible, under what circumstances fraud related information can be shared and how to actually use it. So, you know, I've sat in enough rooms and I've heard enough calls to know that 314(b) information sharing is wildly underutilized. And it's not because people don't care, but because there's been a real confusion about what's actually permissible. There's always just been this fear of being burned by the regulators for sharing information when maybe it wasn't the right circumstance. And I mean, Vincent hurt us, right? So they finally provided that clarity that we've been asking for. And so it's section 314(b) of the USA Patriot Act. It lets financial institutions share information with each other under a liability safe harbor to identify and report potential money laundering and terrorist activity. And now it includes fraud. So the updated fact sheet is something the industry has needed truly for a long time. Practitioners have been asking for that clearer language, clearer permission, and clearer protection. And so what we got clarified are four different things that I want to highlight. And one is that fraud is explicitly now in the scope. So information sharing can cover activity tied to specified unlawful activities, which includes fraud against individuals, organizations or governments, and computer fraud. So you don't need a confirmed money laundering case to share. You just need a reasonable basis to believe that activity may involve money laundering or terrorist activity, which is huge for us. Right? Because again, we've had those scenarios where it's like, man, I just want to call my next door neighbor bank and say, hey, this is what's going on. I know they're 314(b) compliant, but my compliance officer is telling me, hey, they don't share that unless it is for sure following money laundering or has this or that, you know, qualifications. The other thing that this new guidance addresses is now we don't need certainty to, to participate. So this is one that I think that the institutions definitely have to internalize so you don't have to have it all figured out before you pick up the phone. Reasonable suspicion is enough. Sharing early, even on incomplete information is the point. Right. Because how else are we going to get in front of it? The third thing is that real time information sharing is permissible. So this is not just written, not just formal verbal. We can use video surveillance footage, IP addresses, you know, attempted transaction. These are things that are happening in real time that we can utilize in our information sharing to determine, hey, this is kind of suspicion enough, reasonable suspicion enough. All of it is fair game under the safe harbor as long as you've registered and are using the information appropriately. And then the fourth thing is that non bank entities can form associations too, which is huge. Right? Compliance service providers and industry groups can now organize 314(b) associations, meaning that financial institutions don't have to go at it alone. I think that the point of this all is that, you know, fraud doesn't stop at one institution. It moves across your network. Your neighboring credit union, the community bank across the street, any merchant name insert here, you know, they share tactics, they test and they pivot and it's time that we do the same. So the 314(b) now gives us a legal framework to collaborate in real time. And the updated guidance, at least for me, it, it removes the excuses.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
21:07
Hmm, that's great. Is it real? Is it collaboration through like picking up the phone and calling another financial institution? Or, and, or is it collaboration through technology like you know, sharing negative lists, things like that, like on a bigger scale?
Hailey Windham
Hailey Windham
21:26
Yep. So before it was definitely through the technology we could do that. We could, I remember working through different case management solutions where we could go into the 314(b) section and if we had a joint customer or member that maybe was also a member at a neighboring fi, if they participated through this one case management system, we could communicate through there and that, that case management could let us know, hey, there's a potential that you guys have the same person committing fraud against you. And we would be notified of whenever if say bank A closed an investigation and they closed it for fraud, that's whenever all the other banks, Bank B and C would then get a notification, hey, you've got someone that matches this, that they just had a case that was closed for fraud. Do you want to initiate an information sharing request? But now it says that we can share in real time, meaning we don't necessarily have to wait. We could, we could definitely call and we could say, hey, and one thing that I think about this is like the check 21 systems that we use or the. I can't remember exactly, but whenever we're onboarding and we're trying to look to see, hey, does this person have, you know, financial institutions or whatever? And we can see that one was closed. We don't know the reason they were closed, but we could call. So I'm thinking of all these elder people now who've had their accounts closed because they were participating in investment scams. And the FI did all they could, but now the only option was to close them out. Well, then they go to the next bank. Now the next bank can say, hey, this is a great customer. What happened? Why'd they close? And now it's, you know, we can get that information in real time to know, hey, there was a potential scam and. Or a scam going on, potential fraud. We don't need to, you know, be careful going forward.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
23:11
Is that an acceptable reason for closing an account? So if bank A tells bank B, hey, we just closed this account for John Smith due to fraud, and bank B says, oh, John Smith opened an account last week. Now we want to close the account because bank A told us that his account there was fraud. Are you. Does this guidance give you the ability to cancel if you were bank B to cancel John Smith's account? Or is it more, hey, you have to flag it and then really, you know, scrutinize the behavior and see what it's doing and then close for your own reasons?
Hailey Windham
Hailey Windham
23:50
Yeah, so those are different things. So the 314(b) is only giving us the ability to share information where we couldn't before.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
23:57
Okay.
Hailey Windham
Hailey Windham
23:57
The guide. And so that comes on your own. So the financial institutions or a bank is different from a credit union. The bank can close an account for any reason that they want. It's at their discretion. But the credit unions, they operate in a different capacity. Every member is a member of that cooperative. So they can't necessarily close the account, but they can limit convenient services. So convenient services could be debit card transactions, wires, ach, credits and debits. You know, anything that is not necessarily cash in and cash out could be considered a convenient service that the credit union could use. And again, that information sharing is just to let another FI know, hey, we had fraud here. So it just is a way for us to be on high alert for potential suspicious activity.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
24:43
Yeah, because I can see if you used that to close an account based on another financial institution's account or, you know, or what their experience, that that could cause blowback, you know, in the form of lawsuits or in the form of other things where, you know, every financial institution and e-commerce merchant for that matter, have their own criteria of what constitutes fraud. So if you're taking their word for it and you're now shutting down the business, you know, or their access to their accounts because somebody else said that they were done wrong, that would pose more problems than, hey, huge heads up. I think we have this account or this cardholder too. Here's the information I've pulled, but then also here's the information I've pulled and here's what you can maybe not act on, but ingest and then flag. So, you know, hey, if we start to see suspicious activity on this account, that's there's just one more piece of data saying, well, Bank ABC already closed them down for fraud and hopefully you can mitigate your losses.
Hailey Windham
Hailey Windham
25:51
Yep. It's just another piece of data that can help us act in real time to again, just be more proactive and preventative versus reactive and you know, trying to recoup money or mitigate losses that way.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
26:02
Interesting. So how do you think this is going to change things? I mean, how do you think this is going to impact the industry?
Hailey Windham
Hailey Windham
26:09
Again? I think that the updated guidance just removes the excuses we had before. So basically it was internally we had fraud fighters who wanted to share the information with other fraud fighters in the industry by, you know, either reaching out or by saying, hey, this is fraud. And now I see that there is other money going to another financial institution like we need to let them know. But in the past it was, hey, this isn't necessarily money laundering, so we can't share this information. It had to meet those criteria. Now we've got it where fraud is a part of that criteria. And again that just reasonable suspicion is now enough, so we can now share that information, whether it's early or even incomplete, as long as we have reasonable suspicion that it is fraud.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
26:55
Interesting. And then as far as, you know, you had mentioned the organizations, you know, trade associations, outside organizations can, can now have these consortiums of sort. Do you think that we'll start seeing some of those pop up as well?
Hailey Windham
Hailey Windham
27:10
I think so. I think that we, we definitely already have, have some, you know, one in particular that I can think of off the top of my head obviously being Sonar and Sardine. A piece of Sardine is Sonar where there is that consortium data where we can share. So they are 314(b) compliant. I know that there are others that exist. But as you know, when we look externally, if we need to be able to share. And we're looking for a vendor that we can again, either receive more data from other FIs that say, hey, yeah, this is following patterns of fraud. We've got to have those vendors that have, that are 314(b) compliant. So I, I'm, I'm interested to see if there are more that pop up, but I do know that already exist.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
27:50
Okay, I see. I was thinking more, I guess of like trade associations or things like that where they might have an email list or might have, you know, something like where you could upload a Google spreadsheet of your top 20 biggest offenders or, or having roundtable calls where, you know, hey, has anybody dealt with Bob Smith at 1:23 Main, you know, Charleston, South Carolina? Oh yeah, me too. You know, that type of thing. I guess that's what I was picturing.
Hailey Windham
Hailey Windham
28:18
Yeah.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
28:19
But it's good that, you know, vendors like Sardine are 314(b) compliant so that they can just do it for you so the banks don't have to worry about integrating with each other one by one by one. Because that would be, it would take forever and it just wouldn't be sustainable. It wouldn't be scalable.
Hailey Windham
Hailey Windham
28:39
Yeah, so I pulled up that, that piece of it. So it does state who is eligible to participate in this information sharing and associations consisting of the financial institutions listed above. So. Yeah, you're exactly right. So if we think, you know, ACFE, we think the ACFCs, the IECECI, which I know the IFCI already does information sharing for the 314(a), which is with law enforcement. So being able to expand that with the 314(b) is really cool. As well as any of the other associations, maybe even the Knoble. That's one that would be really cool to start seeing some information sharing coming from. So. Absolutely. I think it opens it up.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
29:20
That's exciting. And I get why everyone was freaking out about it yesterday.
Hailey Windham
Hailey Windham
29:24
Yeah. Because it's, it was like finally.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
29:26
Yeah, yeah. It kind of came out of the blue and you know, it's six years later and a lot has happened in the world of fraud in the last six years and, and you know, there's just so much going on that it's important that the government catch up.
Hailey Windham
Hailey Windham
29:40
You know, I think that you just made another valid point. I think that, you know, there are some nonprofits that we are familiar with as well that I hope that they become more involved in these association type things so that they could share that information too. I think that'd be one of those things that would just be phenomenal. The one in particular I'm thinking about, of course, is Operation Shamrock, where they are constantly receiving information on accounts, you know, that are, have either, you know, facilitated the money movement or participated in it in some way. And it'd be great to get some information coming back from organizations like that. So I think that's great. You know, if we could get them involved in some of these associations to then share, that'd be really cool.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
30:20
Yeah, that's a good idea. I hadn't actually thought of that, but yeah, it'd be great to get them involved because, you know, they're seeing it on the ground from the victim before it's hit law enforcement or bank, you know, their bank or anything else like that.
Hailey Windham
Hailey Windham
30:36
Yeah, I just think about, like the way that they are already communicating and like some of these crypto platforms that are already communicating with law enforcement to say, hey, here's, here's a wallet that was used. Can we get an investigator on it? Imagine being able to do that as well. For the financial institutions with the information sharing. It's a phenomenal approach.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
30:55
Yeah, no, that's. That would be great.
Hailey Windham
Hailey Windham
30:57
Yeah.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
30:57
Well, that's exciting that they're moving forward. I know that there's been some forward movement from the Department of Justice on, you know, trying to prosecute some of these cases. I know that Google just filed lawsuits against, I believe it was Chinese nationals that owned a phishing platform called Outsider that was responsible for. Let me look at my notes because it was a crazy number, but it was responsible for the theft of over 3.87 million credit cards. And it was like over $1.9 billion in losses. And it was this one channel on Telegram that provides all the phishing resources you need. Right. Like to create a fake website or if you need hundreds of phone lines or, you know, whatever you need, they can provide it. And while law enforcement isn't going after them, Google is. So, you know, that's a start too. But you know, I was, as I was saying the Department of Justice has been cracking down more on fraud situations and these large scale operations. And I think the combination of that along with FinCEN saying, okay, fraud's bad enough. Now where we need to clarify this 314(b) and say you guys are good to communicate these things. And in Europe they have GDPR and one of their exceptions is for fraud as well. You know, hey, you need to keep things, you know, very private. But if it, when it comes to fraud, you, you can pursue that. So, you know, you can share Information as well is really what, you know, they say gdpr, you can, you can also cancel accounts due to GDPR due to fraud under GDPR as well. So it's, it's nice to see some of these governments catching up. I mean, I think that there's a long way that we can go, but it's nice to see, you know, them catching up and maybe listening to the industry too, who's just been saying the same thing over and over again.
Hailey Windham
Hailey Windham
32:55
Absolutely. I would like to give a bit of clarification on the onboarding piece that I was mentioning earlier. Yeah, I feel like I maybe missed a piece of like the conditional aspect of that. So I'll give kind of a scenario for it. If you think about like a community bank is onboarding a new business customer and they notice, you know, know, multiple identities that are tied to maybe the same device, suspicious IP addresses, connections to the known mule activity, and that the fraud indicators are kind of suggesting that it's maybe synthetic identity or account abuse. The bank could potentially contact another FI under 314(b) and ask, you know, we are evaluating whether to establish an account relationship with XYZ llc. Have you observed activity involving this entity that may relate to fraud, money laundering or other specified unlawful activity? And the, the reason why is to, it's especially relevant because the 314(b) explicitly allows sharing information to determine whether to establish or maintain an account or engage in a transaction. You know, FinCEN has long recognized this use case and the 2026 guidance further clarifies that suspected fraud falls under this scope. But again, there are the four conditions. One is that both institutions must be registered for 314(b). So you simply, you can't just simply call any bank, right? You need to verify that they're registered participants. There also has to be that reasonable basis for suspicion. So this is not intended for like routine due diligence or tell me if this customer is good. There should be fraud, AML or illicit activity indicators.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
34:36
Okay?
Hailey Windham
Hailey Windham
34:36
Fenceland does not require that certainty, but it does require the reasonable basis. The third thing is that the information must be used only for permissible purposes. So, such as identifying illicit activity, whether to establish or maintain an account, and then the supporting of AML compliance. And then the fourth thing was you still cannot disclose sars or reveal that a SAR was filed. So you can't say, you know, we filed a SAR on this customer. But what you can say is we've observed activity consistent with mule behavior and suspicious transfers. So again, I think that I suspect that we'll See more formalized 314(b) on boarding request emerge especially for those suspected synthetic identities, business account fraud mule activities, high risk fintech relationships and any kind of like first party fraud rings. I think historically, right, many FIs were hesitant to make these calls because they viewed 314(b) as strictly AML terrorist financing. But the new June guidance explicitly clarifies that fraud may encourage more proactive collaboration. So I just wanted to make sure that I called that out because I felt like maybe I was a little too broad in that earlier example.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
35:52
Yeah, no, it's interesting. It kind of makes my brain go two different directions. So one of them is, you know, we have something similar in the credit card processing world on the acquirer side, which is called the match list. And whenever a new, but this is more. I mean you had said that it's not to replace, you know, it's not to be in your SOPs, right. It's not supposed to be every single time. But in this case whenever some, an organization or an entity applies for credit card processing, the credit card processors have to go out to the match list and see or it's also called TM math list. I think that you know, to see if they've been shut down for fraud before, you know, they've had their account, their merchant account closed for suspicious reasons or confirmed reasons. The other thing that made me think of was just how, how it will really be helpful to a lot of companies to be able to, you know, validate themselves. Right. Like hey, we're seeing this suspicious behavior. Is it really as suspicious as we think? What does the other bank see from the other perspective getting all of that information? But one of the other things I see is do you think this is going to require more manpower on the financial institution side or can it be done with aging? You know, I mean as far as the manual piece of calling up another bank or sending them an information request or whatever it is. Or are you, are we just talking about using vendors that are 314(b) compliant that would say hey, go to your vendor in these cases, I guess just what's the workload on that like? Or do you know?
Hailey Windham
Hailey Windham
37:36
Well, I can just say from my personal experience, I think the workload probably going to be about the same for most fraud fighters because we were, we like to skirt the line because we felt like we needed to be proactive in that and Right. Would just face the repercussions from our compliance team. So I'll say that. But I do think, you know, you mentioned agents. I don't think that agents will be the ones responding or requesting the information, but I do think that they will be escalating those for review for the investigators to look at. Like, hey, this one, like, maybe we do onboarding and, you know, we're trying to do the due diligence. And then something just seems odd. It's flagged as, you know, potential synthetic identity, or, hey, this business was just opened and just established. Like, but we do see that there are other financial institutions attached. Something seems kind of odd here. Why are they opening up another account at another FI? You may want to reach out. And so just with all the indicators, again, utilizing behavioral biometrics, too, to say, hey, this device just kind of is doing some funky things. Maybe we just need to reach out and ask the other FI. Hey, we think that something's kind of suspicious going on. Can you confirm? Are we going crazy, or do you see the same thing? And so then it just becomes that collaborative effort that fraud needs anyways in order for us to be effective.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
38:54
That's great. Well, thank you for coming on and explaining that in more detail. I think it will be interesting to people in the financial institutions in case they didn't see the update guidance or maybe they didn't fully understand the fine print. But I also think it's interesting for, you know, online merchants or, you know, other sectors of fraud prevention because we're able to say, hey, you gave banks permission to do this, so, you know, I would like to also have permission to do this. Or, you know, how can we do this in a different way? Now, there are some fraud tools that have consortiums within them. They only will apply to the other merchants that use that same fraud technology. So there's not, you know, but usually merchants, while they're not regulated and they don't have FinCEN over them, their privacy officers or their legal team will say, no, no, no, don't be sharing any of that information, you know, on a phone call or in an email or anything like that. So similar issues on both sides as far as, you know, sharing information. And it's always very frustrating that fraudsters have no hoops they have to go through. They don't have any of these guidelines or, you know, laws or rules or privacy officers or anything else. But it's what we have to do to play by the rules and, you know, that we're given and. And do the best we can.
Hailey Windham
Hailey Windham
40:20
I agree completely. I'm so excited, though. I think that we're finally. The industry's finally moving in the right direction. Right. We're finally there where everybody is, starting to pay attention now to fraud, which is why I think, you know, I'll call it back out of the benchmarking, I think is just so important. But also just the way that you show up in your organization. I think culture's everything. Making sure that you show up consistently. I'm the fraud person. We've gotta, you know, have this, you know, the way that we conduct business. We wanna be consistent and we wanna make sure that when people reach out, they're gonna get the same Hailey that they get all the time. Otherwise, it's hard to build relationships that way. So I think in fraud, it's super important because you have one time to be too passionate and then you lose the buy-in from executives. So just making sure that you are consistent in your approach to how you have those conversations internally.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
41:15
That's a great note to end on. Well, Hailey, thank you again for joining me on the OG Fraudology podcast.
Hailey Windham
Hailey Windham
41:23
Always. My favorite podcast.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
41:25
Oh, I always enjoy our conversations whether they're on air or off air. But I will, I think everyone knows how to find you. You're most active on LinkedIn, but I will try to remember because I haven't been good about this the last few guests, but I will try to remember to put a link to your LinkedIn in the show notes. But people can find you just looking up Hailey Windham. I think you're the only one that's in fraud, so you're easy to find.
Hailey Windham
Hailey Windham
41:50
Okay, good. Yeah. Thank you again so much for having me on and for letting me talk through this. It was a topic that I was already really excited and geeking out about. So when you reached out, I was like, for sure, we can talk about it. So. Always happy to have a conversation.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
42:05
I'm glad I wasn't assigning you a research project like I accidentally did to Frank.
Hailey Windham
Hailey Windham
42:09
Oh, no. Well, I'm sure he dove into it anyways.
A smiling woman with short brown hair and glasses, wearing a black and white striped blazer.
Karisse Hendrick
42:13
He did. Head first, but I felt bad. I thought he already knew about it. So I was like, hey, can we talk about it this? And he was like, sure. And then he tells me I did a whole, I researched it all weekend. And I'm like, oh, no, I thought you knew. Oops. All right, well, I will talk to you again soon. And to everyone else, I will talk to you again next week.