Home » Topics » Data Protection & Privacy » Rapid change, but the same threat: money laundering is a rapidly evolving challenge

Rapid change, but the same threat: money laundering is a rapidly evolving challenge

Avatar photoby Ben Rossi

Globalisation and the internet have shrunk the world. It’s now possible to buy almost anything from almost anywhere using electronic payments that can be completed in minutes – and it’s just as easy and fast to transfer money across borders. For criminals and terrorists, this is a huge opportunity.

For financial institutions and governments, it’s a huge problem – and, increasingly for banks, a huge risk, especially with the emergence of multi-billion-dollar fines for institutions that fail to meet compliance obligations.

Organisations that have to meet government regulations on money laundering must keep their Anti-Money Laundering (AML) and Counter Terrorist Financing (CTF) programmes relevant, or face stiff penalties.

But what are AML and CTF protecting against? The goal of money launderers is to sneak their capital into the world’s legitimate banking systems with as limited scrutiny as possible, making their assets – which include, but are most definitely not limited to, cash – legal tender.

The way money launderers operate is anything but rigid or fixed, because they constantly need to change their tactics to avoid detection. In order to keep up with this, financial institutions must understand the changing threat landscape.

Current trends in money laundering

Techniques used to fund terrorism and launder money evolve rapidly. At the moment, new payment methods, specific conventional banking areas and even charities and non-profit organisations are all targets for launderers.

New payment methods can offer anonymity, high acceptance and convenience of funds, supported by global access to cash via ATMs. All of these things make them very attractive to launderers. To compound the challenge to authorities and banks, not all of the new payment types are regulated by the same agencies as the financial institutions.

Pre-paid cards, virtual currencies, mobile payments and internet payment products mean money can change hands very rapidly. Because credit risk tends not to be assessed when accounts are created, the money can come into the banking system from unscrupulous sources because proper due diligence of the money mover was not done.

But the action isn’t just confined to the latest and greatest trends – traditional banking areas are also under attack. Trade finance is being exploited to raise credit and secure funds for inventory that never existed to begin with – or was undervalued or overvalued in the trade transaction. Correspondent banking is being exploited to transfer funds through nested accounts that had direct ties to drug traffickers to launder their cash.

There’s another threat – cyber attacks are being used to create vulnerabilities through which money can be laundered. The Spring 2014 bulletin from the Office of the Comptroller of the Currency in the United States warned of this possibility: “Banks continue to be attractive targets of coordinated and sophisticated cyber attacks… There is concern that cyber criminals will transition from disruptive attacks to attacks that are intended to cause destruction and corruption.”

Directly corrupting banking systems via a cyber-attack in order to bypass AML measures is a new direction for cyber criminals, and one that would represent a significant challenge.

Finally, charities and not-for-profits can be exploited to innocently distribute money and services to terrorist networks. This assumes the charity or non-profit is legitimate in the first place, and not a criminal or terrorist front organisation with a useful set of tax exemptions. While the majority of charities and the transactions that flow through them are legitimate, they remain a potential target for terrorist financing, and the harm this can do to innocent parties – and the people the charity might be trying to help in the first place – can be severe.

How technology can help

Identifying when something is not quite right in this context takes more than a sharp-eyed employee. Increasingly, and not just for huge multinational banks, it requires sophisticated, specialist technology.

A key part of fighting money laundering is knowing one’s customers, and understanding the risk they represent – a combination of the relationship they have with your business, the products they buy and where they transact business. This sort of risk profiling isn’t something that can be done once and then filed away. It is vital to update the risk rating of each customer as the nature of what they do, and where they do it changes.

>See also: Cyber security guide to the 10 most disruptive enterprise technologies

Sophisticated technology that combines financial and non-financial data and information that provides context and background helps analysts understand why an alert may have been raised. The challenge for any technological solution is to avoid false positives and give the humans involved in the AML or CTF process the chance to analyse, understand and act.

Understanding sanctions can also be a huge task, not least because world events and the people caught up in them change so rapidly. The range of different sanctions in place changes constantly, as does the list of Politically Exposed Persons (PEPs) that financial institutions need to be aware of and monitor. Given the amount of data involved, cross checking sanctioned names and entities against the known lists effectively is best done using list matching technologies.

Keeping up to date

Your financial institution’s AML and CTF programmes need to keep pace with the plans and tactics of criminals and terrorists – adversaries who never play fair, or do things by the book. But they also need to keep up with the wealth of new products, services, and customers that your financial institution engages with. Finally, you need to have AML systems that are able to change and grow as your business does.

Responding to these various challenges is vital in order to prevent money laundering and meet compliance requirements. Understanding the risks involved in doing business is a matter of organisational survival for all companies but, by having the right systems and technology in place, it should not be a source of pain or drama in the process.

 

Sourced from Laurie Gentz, CAMS, head of Compliance, BAE Systems Applied Intelligence

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Data Breach
Financial Services

Related Stories

Data Protection & Privacy

The future of private AI: open source vs closed source

As regulation of artificial intelligence evolves, the future of AI could be private in nature - here's how adoption of open and close source capabilities would compare

Blockchain

How fully homomorphic encryption can solve blockchain’s privacy problem

Jason Delabays explains how fully homomorphic encryption can help businesses innovating with blockchain ensure privacy long-term.

Data Protection & Privacy

Combining Qumulo integration with open source backup software

Software development automation platform Yuzuy has been looking to drive value from integration with Qumulo and customer partnerships

Data Protection & Privacy

Class action lawsuit filed against OpenAI over “stolen private information”

OpenAI, developer of ChatGPT, has been hit with a class action lawsuit alleging misappropriation of personal data scraped from the web