This web page can be viewed better with javascript enabled. header image

To download Adobe Acrobat Reader, download PowerPoint Viewer or download Excel Viewer, please visit Accessibility page.

To view or print PDF content, download the free Adobe Acrobat Reader.

Download PDF Version PDF     Print this page Print


Issued: March 30, 2011
Subject: Advisory on Activities Potentially Related to Commercial Real Estate Fraud

The Financial Crimes Enforcement Network (FinCEN) is issuing this Advisory so that financial institutions may better assist law enforcement when filing Suspicious Activity Reports (SARs) on activities potentially related to commercial real estate fraud (CREF).

To assist law enforcement efforts in targeting this type of fraudulent activity, this Advisory provides examples of common CREF schemes, and suggests a key word for financial institutions to use when completing SARs involving potential CREF.

Potential Indicators and Examples of Commercial Real Estate Fraud Schemes

This Advisory highlights some types of behavior that may signal fraudulent commercial real estate activity, but does not provide an exhaustive list of all CREF schemes. The indicators and examples found below have been partly derived from information supplied by law enforcement and also by analyzing SARs for commonly filed-upon activity.1 It is important to view any indication of potentially suspicious commercial real estate activity in context with the entire financial transaction. Financial institutions should consider all facts and circumstances, such as the specific role of the financial institution within the commercial real estate transaction(s), when reporting activity. These schemes may also involve multiple actors, which may include property management companies, real estate investment companies, developers, title companies and/or appraisers. Examples of some common types of reported suspicious activity related to CREF include:

Misrepresentations: Subjects make false statements and/or submit falsified documents including rent rolls, tax documentation, appraisals, draw requests, lien waivers, and financial statements to bolster loan applications. Subjects may also make fraudulent disbursement requests, including fraudulent invoices and receipts, to receive loan proceeds. This activity may occur across multiple banks using multiple accounts.

Misappropriation of Funds: Borrowers misappropriate funds by diverting those funds to other projects for which loans or payments were not directed. This activity may be discovered during site inspections of customers’ property.

Bank Insider Collusion: Bank insiders facilitate loan approval processes and disbursement of funds for accomplices. Bank insiders’ suspicious client bases may move with them from employer to employer.

Flipping and Straw Buyer Schemes: : Subjects may use straw buyers who “flip” the property to generate equity for another purchase, for profit, or to improve borrowers’ creditworthiness.

Collateral Transfer: Borrowers sell collateral without disclosure to the lender or fail to forward proceeds of collateral sales to the lender, hide or convey the collateral to associates, or quit-claim deed the collateral to another entity. This may involve transferring ownership to family members or trust accounts, diverting funds for collateral improvements to other projects, or inflating collateral values, any of which would negatively affect the banks’ financial positions.

Advance Fee Schemes: Subjects engaging in advance fee schemes target borrowers, lenders, and companies unable to obtain commercial real estate financing. These schemes may involve fraudulent business proposals and financial instruments.

Suspicious Activity Reporting

Consistent with the standard for reporting suspicious activity under the Bank Secrecy Act, if a financial institution knows, suspects, or has reason to suspect that a transaction conducted or attempted by, at, or through the financial institution that involves funds derived from illegal activity or that appears to be indicative of money laundering, terrorist financing, or other violation of law or regulation, the financial institution should file a SAR.2 As noted in FinCEN's SAR Narrative Guidance Package,3 financial institutions must provide complete and sufficient descriptions of known or suspected criminal violations or suspicious activity in the SAR narrative sections.

To assist law enforcement in its efforts to target this type of fraudulent activity, FinCEN requests that when reporting this type of activity, financial institutions include the specific term "CREF" within the narrative portion of all relevant SAR filings and report the exact dollar amount(s) associated with the commercial real estate activity. Even though the SAR form used by depository institutions lists “commercial loan fraud” as a check-box , using the term “CREF ” better assists FinCEN and law enforcement with monitoring trends in suspicious activity that are not solely related to commercial loans. The “CREF” term also allows non-depository financial institutions to identity this activity when a specific check-box is not available on their respective forms. We further request that the Suspect/Subject Information Section in the SAR filing include information available for all parties suspected of participating in this fraudulent activity.

Questions or comments regarding the contents of this Advisory should be addressed to the FinCEN Regulatory Helpline at 800-949-2732. Financial institutions wanting to report suspicious transactions that may relate to terrorist activity should call the Financial Institutions Toll-Free Hotline at (866) 556-3974 (7 days a week, 24 hours a day). The purpose of the hotline is to expedite the delivery of this information to law enforcement. Financial institutions should immediately report any imminent threat to local law enforcement officials.

1 For more information on real estate and mortgage fraud, please see FinCEN’s website at, which includes links to recent analytical reports on commercial real estate fraud.
2 See, e.g., 31 CFR § 1020.320.
3 See