Sydney hospital loses $2 million in alleged BEC fraud
A Sydney hospital lost $2M in a BEC scam. Learn how to protect your business with MFA, email authentication, and robust financial controls.
Some $3.1 trillion in illicit money was estimated to have moved through the global financial system in 2023, with negative impacts on businesses, governments and individuals.
The evolution of technology means criminals are finding increasingly sophisticated ways to launder money. But this also presents an opportunity for anti-money laundering (AML) compliance to evolve in turn.
Let’s explore five of the latest trends and tools shaping the anti-money laundering landscape and how they can revolutionise financial security.
Artificial intelligence (AI) and machine learning (ML) are on the frontline of anti-money laundering activities and compliance. As compliance costs for businesses increase, AI and ML analyse enormous datasets and look for anomalies in financial transaction data.
Artificial intelligence can be used to assess a customer’s risk level and streamline the onboarding process. With analysts required to review large and sometimes disparate datasets, the technology ensures that high-risk applicants do not evade detection and that alert backlogs are avoided.
Similar technology can also be used for customer-enhanced due diligence (EDD) and transaction monitoring. Some companies now utilise robotic process automation (RPA), which employs software robots to perform repetitive, rule-based tasks.
If a financial institution flags a customer for further investigation, for example, AI can be employed to conduct open-source intelligence (OSINT).
SINT is an ethical and compliant way to collect public information on the individual’s connections, behaviour, and risks as well as their expected turnover, occupation and the nature of their business.
Data sharing and collaboration enable financial institutions to establish a clearer picture of suspicious transactions and criminal networks.
According to Deloitte, data sharing enables financial institutions to reach the top of a data maturity ladder that also includes data remediation and data optimisation.
Data sharing is a key AML trend because criminals who launder money do not respect countries, borders or jurisdictions. By extension, the trend prevents criminals from exploiting data gaps as they engage with various domestic and international financial institutions.
Companies (and indeed countries) that pool data and access collaborative analytics can better understand, assess and mitigate money laundering activities. Importantly, these efforts respect existing legal frameworks (where such frameworks exist) for data protection and privacy.
In the Netherlands, for example, a governmental body known as the Financial Action Task Force (FATF) develops policies to combat money laundering.
In terms of data sharing, it advocates for cryptographic technologies like zero-knowledge proofs and homomorphic encryption to enable data to be shared between parties without revealing the private underlying data.
Other Blockchain-based technology will also play an increasingly important role in strengthening Know Your Customer (KYC) processes.
The global, decentralised and often pseudonymous nature of cryptocurrency makes it extremely attractive to criminals. In 2023, just over $22 billion worth of cryptocurrency was sent to fiat off-ramping services by illicit addresses and converted to cash.
While a substantial proportion of crypto money laundering is unsophisticated and simply involves funds sent to exchanges, more skilled criminals utilise a diverse range of crypto protocols and services.
Two methods that have increased in prevalence include funds sent from ransomware to gambling platforms and funds sent from ransomware wallets to bridges that enable criminals to transfer funds between different blockchains.
But cryptocurrency scams are not infallible, and some authorities have successfully implemented measures to address them. In late 2023, the UK Government introduced laws that afforded authorities more power to seize, freeze and recover crypto assets.
The Australian Federal Police also established a multi-agency taskforce that same year to target money laundering into cryptocurrency and also the encrypted communication channels criminals use.
Moving forward, businesses and governments need to stay abreast of the latest crypto technologies and how they may be exploited for nefarious purposes. An enhanced KYC approach for cryptocurrency that consists of customer identification, due diligence and continuous monitoring is an effective first defence.
Intelligent Automation (IA) is an advanced form of AML automation that combines robotic process automation (mentioned earlier) with:
The combination of these technologies enables verification systems to not only automate repetitive tasks but also perform more complex, decision-centric tasks that traditionally required human intelligence.
When performing a background check, for example, human investigators need to pull information from various databases and identify which data belongs to the application in question.
Identifying which information is attributable to the applicant and which is attributed to someone with the same name can be time-intensive.
Nevertheless, Intelligent Automation tech can differentiate between applicants with similar names by contextualising them with other critical data like occupation and date of birth.
IA has numerous benefits for a business’s bottom line. The technology is accurate, scalable, and consistent and saves money on compliance, manual labour and human error. It also improves the verification experience for both employees and customers.
Money mules are individuals who transfer illegally acquired money on behalf of someone else. Criminals recruit mules with the promise of financial gain to help them launder money obtained from various schemes such as:
Money mules laundered an estimated $3 billion in the United States in the first half of 2022 alone. Most are contacted with a simple request to receive money and then transfer it to another account or convert it into another form such as cryptocurrency.
At some point, the funds find their way back to the criminal having been sufficiently cleaned along the way.
While some may be unaware they are committing a crime, other participants deliberately break the law for personal gain. Nevertheless, the objective is to obfuscate the origin of the funds and make it difficult for authorities to trace them.
Financial institutions find this tactic difficult to detect. Mules often blend money laundering activities with legitimate bank account use or transfer small amounts of money to avoid being flagged. Schemes may also utilise multiple mules across numerous transactions to make the origins of the laundered funds near-impossible to track.
Though university students and financially disadvantaged individuals are easy targets, more sophisticated scams single out victims in the finance, eCommerce and banking industries.
These victims may have access to financial systems and bank accounts, while others may be employees of money transfer companies. The ease, speed and international reach of money transfers as a payment method makes it particularly vulnerable to money laundering.
Other at-risk entities include estate brokers, investment firms, fintech companies, building societies and iGaming businesses.
As we move further into 2024, anti-money laundering efforts continue to evolve in response to various trends and new technologies.
Enhanced due diligence, intelligent automation and data sharing are more important than ever as money laundering transcends boundaries and society creates enormous volumes of data to process.
While inherently attractive to money launderers, cryptocurrency may become less fallible over time as new legislation is introduced and businesses protect themselves from new methods of exploitation.
However, the money mule trend is harder to counter because it capitalises on the human tendency for a quick win. The solution to its persistence, for now, lies in public awareness campaigns and targeted law enforcement intervention.
A Sydney hospital lost $2M in a BEC scam. Learn how to protect your business with MFA, email authentication, and robust financial controls.
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Because LinkedIn is used as a professional networking platform, account holders don’t use the same caution as they would on Facebook or …
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.