FAQ #17 - got it
ok, so a customer reports they allowed someone they thought was a support tech person onto their computer, they then gain access to the online banking, and move money from one internal account to another - obvious intention is to remove, steal, procure or otherwise affect funds of the targeted customer. should we file a SAR regardless of if we know the amount of money moved? If we mark box 38a "ACCOUNT TAKEOVER" does that automatically mean we are completing 42b? As far as #43 and #44 what would should be considered here?
just looking for a clearer understanding of when a FI would file a SAR in regards to these types of suspicious activity. I am also reaching out to auditors and examiners with the same.
_________________________
plan your Work and Work your Plan