Finance & Banking , Fraud Management & Cybercrime , Industry Specific

Apparent Pig-Butchering Crypto Scam Took Down a US Bank

Kansas Bank Forced to Close After CEO Allegedly Embezzled Nearly $50 Million
Apparent Pig-Butchering Crypto Scam Took Down a US Bank
The head of a failed Kansas bank appears to have bankrupted the institution by falling for a pig-butchering scam. (Image: Shutterstock)

The CEO of a Kansas bank that failed in August is facing up to 30 years in prison after a new watchdog report said he had embezzled nearly $50 million as part of an apparent cryptocurrency scam known as pig butchering.

See Also: Protecting Financial Services Mobile Apps

A significant breakdown of internal controls and the influence of Heartland Tri-State Bank CEO Shan Hanes as a prominent local financial executive ultimately led to the bank's failure last year, according to a regulatory review published this month by the internal watchdog of the Federal Reserve's Consumer Financial Protection Bureau. Court filings charge Hanes with carrying out a series of high-value cryptocurrency purchases using funds stolen from a local church and investment club.

Those wire transfers "significantly impaired Heartland's capital and liquidity, causing the bank to become insolvent," the inspector general said in its report. The Kansas Office of the State Bank Commissioner closed Heartland on July 28, 2023. The bank had about about $139 million in assets before its failure.

Hanes has been indicted on a federal criminal charge of embezzlement by a bank officer and is set to make his first court appearance on Feb. 28.

Heartland could be the first bank in the U.S. to have suffered a failure caused by pig butchering, in which scammers spur victims into investing in supposedly legitimate cryptocurrency investment opportunities (see: 'Pig Butchering' Online Scam Sweeping English Speakers).

The FBI issued a warning in December about pig butchering and other cryptocurrency scams, and it details how scammers build trust and rapport with their victims before convincing them to make fake investments in high-yield crypto opportunities and eventually stealing their money.

After Hanes initially purchased cryptocurrency with his own money "and funds potentially belonging to other entities," the watchdog report said, he initiated 10 wire transfers - each for more money than the last one - and eventually caused the bank to fail. Hanes managed to allegedly steal $47.1 million, circumventing the bank's wire transfer limits. Prosecutors say the number of fraudulent wire transfers added up to "at least 11."

"Despite the atypical recipient and the dollar amounts of each transfer significantly departing from prior wire activity and established limits, Heartland's chief financial officer and other bank employees approved the wire transfers," the report says. It describes Hanes as having "a dominant role in the bank" and says he was "a prominent figure in the community."

The report also found that the internal authorization structure for wire transfers, as well as the CEO's role and reputation, "contributed to the employees' reluctance to raise questions or report the suspicious activity sooner."

The inspector general called on the Federal Reserve Board of Directors to provide new guidance that identifies prevalent cryptocurrency scams and enhanced training for examiners on virtual currency and pig-butchering scams.

A lawsuit filed earlier this month claims JPMorgan Chase failed to protect two elderly women from a $2.2 million pig-butchering scam that left at least one of the victims in severe financial insecurity.


About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.