News

Bank of England fines Citigroup £44m Over Poor Financial Information

Oliver Smith
November 28, 2019
2 minutes read
3395

The Bank of England has fined the UK branch of the US bank, Citigroup, a record £44m because the bank submitted incomplete and fallacious regulatory information to the Bank between 2014 and 2018.

According to the Bank of England, Citigroup didn’t come up to the expected standards between the above mentioned years and the problems were ‘serious and widespread in nature’ and the bank hadn’t presented an authentic picture of its monetary position.

The Bank’s Prudential Regulatory Authority (PRA) fined the Citibank, which is responsible for monitoring the financial stability of about 1500 banks, building societies, credit unions, large investment firms and insurers in the UK. This is the biggest fine ever imposed by the Bank of England.

According to the PRA, the bank’s systems were incompetent and Citi didn’t have enough people working for the regulatory accuracy, there was no proper documentation and that Citi’s failure and governance ‘fell significantly below the standards expected’. The errors and oversights included ‘six substantive matters’, which is the reason for notable errors.

Citibank is a New-York based bank and is the third biggest bank in the US which has $2tn in assets and operations in 100 countries. It is considered as a ‘global systematically important bank’.

According to the PRA,

“The pervasiveness of the errors and misstatements identified in the firm’s returns raised fundamental concerns about the effectiveness of Citi’s UK regulatory reporting control framework.”

Citibank would have faced a fine of £62.7m but since the bank cooperated with the PRA, it was given a 30% discount. It should be pointed out that Citi has better liquidity and capital requirements than the Bank demands at all times.

Sam Woods, deputy governor for prudential regulation and chief executive of the PRA said,

“Accurate regulatory returns from firms are vital for the PRA in fulfilling our role. Citi failed to deliver accurate returns and failed to meet the standards of governance and oversight of regulatory reporting which we expect of a systemically important bank.”

Citibank has been extremely compliant with the PRA and the spokeswoman for Citi said,

“Citi has fully remediated the past regulatory reporting issues identified by the PRA and settled this matter at the earliest possible opportunity.”

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
Defendants plead guilty of allegations in Medicare Fraud in U.S. District Court
Two defendants, Jessica Jones from Colorado, and Elizabeth Putulin from Florida pleaded guilty to healthcare fraud allegations. Senior Judge, George A. O’Toole at the U.S. district course, proposed the sentencing for May 19, 2021.

Jones and Putulin were found guilty of partnering with Juan Camilo Perz to bag $109 million in false claims for medical equipment, including knee, shoulder, arm, and back braces. Last year in October, Perz paid kickbacks after declaring himself responsible for a fraud scheme in the federal healthcare program in the US, Medicare. The offender is to be sentenced on March 4, 2021.

The two women confessed to helping Perz submit bogus and false Medicare claims through shell companies spanning over a dozen states in the States. Perz hired Jones and Putulin to provide fictitious names and act as corporate directors to present their shell company as a Durable Medical Equipment (DME) service provider. They acquired foreign and domestic patient records from different call centers, targeting an older group of patients.

Moreover, they also used the call centers to ask medicare beneficiaries for offers regarding arm, shoulder, and knee braces at a very cheap price. Later, Perz tendered the Medicare claims on behalf of those patients without their consent or a prescriber’s recommendation. This gave a notion that the braces were medically necessary.

Also, the offenders were charged with filing insurance claims of the deceased, and the same people repeatedly. Perz failed to provide convincing evidence for DME offerings of more than $7.5 million. This was because when he provided DME to patients, they were charged 12 times more than the actual price of the equipment.

The court ended the proceedings by sentencing the fraudsters to 10 years in prison with a fine of $250,000. The sentence penalty was decided in light of the standard U.S. Sentencing Guidelines.

Recent Posts

Blog
Healthcare is the New Target of Criminals - What's the Solution?
The healthcare sector has been facing many challenges due to coronavirus pandemic. Cybercrimes have significantly increased and this industry has become the primary target of fraudsters. Modern technology has brought several conveniences in the healthcare sector. However, criminals are also using advanced technology to fulfil their malicious intent. The rate of cybercrime rate has skyrocketed in 2020 and the predictions for 2021 are not very satisfying either. According to BBC, healthcare will be on the frontline of cybersecurity in 2021. Different reports have revealed that there is an approximately 50% increase in cyberattacks on the healthcare sector. Fraudsters will figure out better ways to execute their plans but there is a way that can help the health sector in combating them.

Let’s take a look at some of the cybercrimes that have been reported repeatedly, a solution to combat these fraudulent activities, and the regulations to enhance the security of the sector.
What are the Crimes in the Healthcare Sector?

Criminal activities in the healthcare sector are more or less the same as in any other industry. However, the results of these crimes are more severe than what one could expect. Some major crimes in this sector include:

Data breach

Ransomware

Medical identity theft

Phishing attacks
Ransomware in Healthcare

In a ransomware attack, the criminal injects a virus using three methods; phishing attack, clickbait, malvertising (user clicks on a malicious advertisement). The tactics, techniques, and procedures (TTP) keep evolving with time but the healthcare facility has to bear with the loss. By sending a phishing email or using another ransomware method, the fraudsters gain access to the facility’s database and acquire all the patient records. Many cases of healthcare ransomware were reported in 2020. One of them was the GBMC’s case.

GBMC Healthcare Under Ransomware Attack

As reported on December 9, 2020, by Healthcare IT Security, GBMC healthcare in Maryland was under a ransomware attack on December 6, 2020. The malware was injected in the facility’s IT systems and the hospital claimed that they have been maintaining robust security measures to protect patients’ data. However, there were some procedures scheduled for Monday that had to be postponed.

Data Breach in Healthcare

The average cost of a data breach in healthcare is $158 per record. The staggering numbers make Protected Healthcare Information (PHI) even more valuable than PII. A data breach is an incident in which fraudsters illegally acquire access to the company’s database and use the available information for other illegal activities like identity theft. Only at the end of 2020, the healthcare data breaches rose up to 45% and the healthcare sector overall accounts for 79% of the data breaches reported annually. The top 10 data breaches reported last year exposed millions of records and DCA alliance data breach won the race.

DCA Alliance Breach Exposed 1,000,000 Records

This data breach was reported in early December. DCA is a third-party vendor that supports over 320 affiliated facilities across 20 states. On October 11, some suspicious activity was reported that spurred an investigation. Upon inquiring, it was found out that hackers gained access on September 18 that lasted until October 13. The reports reveal that patient names, billing details, bank account numbers, and health insurance data may have been compromised.

Medical Identity Theft

Medical identity theft is a crime that occurs when fraudsters acquire information of patients and use it for claiming health insurance and other benefits. This fraud results in erroneous entries in the facility’s records and a list of fictitious medical records is created in the victim’s name. Data breaches and ransomware attacks generally result in identity theft and the staggering numbers are raising concerns for regulatory authorities now.

Laws for Countering Crime in the Healthcare Sector

Certain rules and regulations have been structured to ensure the security of all the stakeholders in the healthcare sector. Let’s take a look at some of the regulations that are assisting the health industry in securing facilities.

NHS Good Practices Guidance

NHS Good Practices Guidance provides guidelines about patient verification and their representatives for online services. This guideline provides three identity verification methods; vouching, vouching with confirmation, and identity documents, authorisation guidelines, details of the identity verification process, record keeping, etc.

HIPAA Act 1996

The act has five rules as security measures of patients’ identity; privacy rule, transaction and set rule, security rule, employer identifier rule and enforcement rule. On December 10, 2020, the US Department of Health and Human Services (HHS) released changes to the HIPAA privacy rule. These changes emphasize on strengthening the access of individuals to their information, greater caregiver involvement, and improving access to PHI.

How to Secure the Healthcare Sector?

Securing the healthcare sector is the utmost need of the hour and the industry requires robust identity verification measures to secure patients from medical identity theft. Know Your Patient verification is one solution for ensuring that every patient that requires your facility’s attention is legitimate. KYP is recommended by state laws and in case not employing this ID verification check, hefty penalties have been settled as well. According to the aforementioned regulations, the healthcare facilities must follow the patient identification protocols. With KYP, you can ensure:

Medical identity fraud prevention

Responsible selling of prescription drugs

Better compliance with regulations

Maintain updated patient records

To protect your facility from data breaches, you need a secure data storage service like on-premises service. This does not store any patient’s information over third-party cloud storage and only the hospital or clinic’s personnel can access it.

Summing It Up

All in all, healthcare has become the primary target of fraudsters and protecting healthcare service providers is the need of the hour. Ransomware, data breaches, phishing attacks, and identity theft are on the rise. Due to the pandemic, the rate of these frauds significantly increased. In 2021, the majority of predictions are threatening for all the hospitals, clinics, and pharmacies. Fraudsters will be using the COVID-19 pandemic in their phishing attacks, whereas other frauds will become more sophisticated. Hence, a robust solution that can fight fraudsters is what this sector needs and KYP is one of the best options. It verifies the identities of all the patients who reach out to you and ensures the legitimacy of patients as well.

Get in touch with us and learn everything about Know Your Patient (KYP) verification today.

Talk to us

Bank of England fines Citigroup £44m Over Poor Financial Information

Ransomware in Healthcare

GBMC Healthcare Under Ransomware Attack

Data Breach in Healthcare

DCA Alliance Breach Exposed 1,000,000 Records

Medical Identity Theft

Laws for Countering Crime in the Healthcare Sector

NHS Good Practices Guidance

HIPAA Act 1996

How to Secure the Healthcare Sector?

Summing It Up

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.

Sweden

Cyprus

United Kingdom

Dubai

Бесплатный 15-дневный
тестовый доступ

Bank of England fines Citigroup £44m Over Poor Financial Information

What are the Crimes in the Healthcare Sector?

Ransomware in Healthcare

GBMC Healthcare Under Ransomware Attack

Data Breach in Healthcare

DCA Alliance Breach Exposed 1,000,000 Records

Medical Identity Theft

Laws for Countering Crime in the Healthcare Sector

NHS Good Practices Guidance

HIPAA Act 1996

How to Secure the Healthcare Sector?

Summing It Up

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.