Instant payments: Enormous Potential versus Financial Crime Risks

Instant payments: Enormous Potential versus Financial Crime Risks

   

The world of banking continues to evolve at a breathtaking pace and is becoming ever more competitive. Once a new technology has come to market, banks are faced with a dilemma: do we embrace it and run with it, or do we let our competitors gain a first-mover advantage? Delay implies a commercial risk. But the operational and compliance risks that you take on as a first mover may be even greater.

Given the harmonisation of national payment systems across regions, the focus has shifted to international payments and to improve the overall user experience like speed, cost, reliability and traceability. Therefore, payment processors today are seeing some major developments, with new tools appearing such as SWIFT’s gpi and SEPA’s instant payment. These instant cross border payment initiatives are a prime example of what will become the norm in payments.  

The rapid pace of digitalisation of payments brought growing market pressure which have led cross-border payments to undergo significant infrastructure modernisation. The overall trend in digital transactions which are increasing at 6% per year alone in Europe. Total number of traceable transactions in Europe increased from 2013 to 2017: from 113B in 2013 to 144B in 2017 (+27,4%; CAGR +6%)

Number of Digital Payments: Global E-Payments increased from 28,6B in 2013 to 56,5B in 2017 (CAGR: 18,6%); Global M-Payments increased from 24,6B in 2013 to 70,4B in 2017 (CAGR: 30,1%)

Banks that offer this service will gain a competitive advantage over banks that don’t provide it. Clients want their payments to be processed quickly because for them it increases efficiency, transparency, convenience, and financial control. For small and medium-sized companies, this form of payment processing helps alleviate liquidity stress and counter party risk. And, in general, people have grown accustomed to things moving fast, so they have little patience and understanding when payment processing is slow.

Instant payment allows sellers and buyers to exchange money and purchase services in seconds. Funds are received in the payee bank account almost immediately, instead of requiring few business days. That can make a significant difference to a small business’s cash flow, in particular, and it means less time spent waiting for money to clear from the buyer’s point of view. Fast transactions are a common requirement in the new economy, especially with increased mobility: the current generations of customers (so-called millennials and beyond) want to be able to make payments anytime, anywhere, using their mobile devices.

So, what’s not to like about instant payment?

Well, quite a lot, actually. Instant payment processing makes it more difficult to detect financial crimes like money laundering and financial fraud. Criminals want to move money as quickly as possible through a number of accounts at different international banks to disguise the origin of funds. There is no faster way to do this than with instant payments. How can a bank possibly detect money laundering activity in a real time world when transaction monitoring is conducted in a batch process needless to mention the more complex criminal activity?

The Bangladesh Bank heist is a perfect illustration of the future complexity involved in monitoring instant payments.

From the $ 81 million stolen from the Bangladesh Bank in February 2016 only $ 15 million has been recovered and there is still no word on who was responsible. Cyber attackers illegally transferred US$ 81 million from the Central Bank of Bangladesh (CBB), to several fictitious bank accounts around the world, by subverting their SWIFT accounts. The hackers used the SWIFT credentials of the CBB to send dozens of fraudulent payments to fake accounts in the Philippines, and other Asian banks. This was without questioned a well-planned attack that used time differences and regional holidays brilliantly.

How will current anti-money laundering systems work in a world of instant payments?

Its difficult enough for financial institutions to monitor against money laundering violations when it takes three to five days for a transaction to be cleared, or at best overnight. With instant payment, the near-impossible becomes totally impossible using conventional methods as transactions clear in a matter of milliseconds. By conventional, we mean here rule-based approaches, where suspicious transactions are put in a queue and investigated in batch mode.

Even in a world operating in batch, traditional AML systems generate too many false positives (typically between two and 15% of all transactions) and therefore imposes a huge workload on banks and investigators.

Number of Suspicious transactions reported to UIF: +51% (’12-16), from 67K in 2012 to 101K in 2016

With instant payment, this problem is greatly increased because banks are under pressure from customers and consumers to clear transactions as quickly as possible in order to meet the agreed level of service.

Transaction monitoring systems built on current technology and based on machine learning offers the only credible answer. By creating algorithms that learn from past results with the expertise and knowledge of AML compliance officers, the system learns to identify false positives, and compliance officers can focus on alerts where there is a higher probability that money laundering is actually occurring.

Another technology-based approach that has been developed recently, called visual mapping, provides insights into how instant payments are moved around. Suspicious payments can be tracked as they move between bank accounts, regardless of whether the payment amount is split between multiple accounts, or those accounts belong to the same or different financial institutions. The software creates a visual map of where and when money has moved, providing new insights and intelligence for fraud and compliance teams to take action.

By bringing together transactional data from multiple financial institutions and running sophisticated algorithms, such solutions can identify the so-called “mule accounts” that are used for money laundering and other illegal activity. Many of these accounts are not set up directly by the criminals themselves but via a number of scams including phishing, spam email, instant messaging etc.

It is worth pointing out that while technology is a necessary condition for successful AML compliance in the new world of instant payment, it is not a sufficient condition. In addition, financial institutions will need to review their compliance procedures and their service offerings to strike the optimum balance between competitiveness and security.

What should be the upper threshold for an instant payment?

Should they give priority to VIP and profitable customers when reviewing suspicious transactions? What about social and political issues? (For example, Muhammad is the world’s most common name, and also appears a lot on sanctions list. But that also means a significantly large number of false positives, which could lead to claims of unfair profiling.) And finally, even with advanced technology and effective redesign of processes and procedures, banks may still need to increase their staffing in order to meet the challenge. They need to ensure that they have enough staff with sufficient knowledge and authority to be available to review transactions quickly.

Some banks have offshored or outsourced simple customer due diligence functions to keep pace. That said, the trend is definitely towards investment in more technology. As a recent article in The Economist put it, “Now, the biggest question for bank controllers is how many humans they can replace with bots without compromising compliance […] Banks are going into partnership with some of the hundreds of ‘Regtechs’ that have sprouted in recent years.” Technology must be a large part of the solution, but banks will just need to take care and seek expert independent advice in reviewing the new Regtech apps: the regulators and the markets will penalize them should their techno-experiments fail.[1]

For more articles on financial crime and Anti-Money Laundering join the AML Knowledge Centre at https://www.linkedin.com/groups/8196279/


[1] “The past decade has brought a compliance boom in banking”, Economist 2 May 2019.

Crypto Crimes: ICO Scams, Robbery, and Money Laundering

Crypto Crimes: ICO Scams, Robbery, and Money Laundering

The rising popularity of cryptocurrency and blockchain technology has brought many benefits to the world; however, this hasn’t come without a few downsides. Along the way, we have also seen a rise in the number of cryptocurrency crimes. From kidnappings to money laundering and many more types of crime, police and governments around the globe are looking to coordinate efforts in order to stop crypto criminals. In this article, we’ll take a look at some example cases and how law enforcement is handling them.

ICO Scams

ICO scams are one of the most common types of cryptocurrency crimes. Oftentimes, project teams are completely fictitious. As during any ICO, investors send ETH, BTC, USD, and/or other currencies to the wallets of the project. The only difference is that fake projects keep the funds and give no tokens whatsoever in return. Most often, these scams involve fake project team profiles, which sometimes even include big-name entrepreneurs like Richard Branson.

One ICO for a project called Miroskii used a photo of actor Ryan Gosling for a profile of a fake graphic designer named “Kevin Belanger”. While it might appear evident to some or even most people that this was a fake profile, this fraudulent ICO actually claimed to have raised $830,000. Little is known about the consequences of such a scam since there is currently no info online about any charges against the project. Even the project website is still running; however, you won’t find the profile for “Kevin Belanger” or anyone else on the team any more.

The ICO scam issue is so bad that the United States Federal Trade Commission (FTC) will be discussing this as part of its workshop in Chicago on June 25, 2018, at DePaul University. One of the biggest problems with ICO scams is the overall lack of regulatory framework in place for public fundraising at a national level. In the US, for instance, states like Texas have been the most proactive in banning certain cryptocurrency projects and ICOs that are deemed to be fraudulent.

Robbery

It’s bad enough when someone loses money due to a cryptocurrency exchange hack or an ICO scam but there are even worse ways to get funds stolen. There have been quite a few incidents of robbery and kidnappings involving cryptocurrency. During one such incident in Dubai, a gang of ten individuals pretended to be in charge of issuing mandated trade licenses for the cryptocurrency. Two brothers who were looking to purchase trade licenses were carrying around $1.9 million in cash. The gang impersonating the trade license issuers stole the cash from the two brothers and also assaulted them. Since that time, the ten suspects have been apprehended and referred to public prosecutors.

 

In another incident, Louis Meza, a man from New Jersey, even kidnapped his friend and stole $1.8 million in cryptocurrency. Meza lured his friend into a minivan and a gunman pointed a pistol at the friend, demanding his 24-word passphrase to access the victim’s Ledger Nano S wallet. Meza also looted the victim’s apartment, stealing a ledger and other information. While a lot of cryptocurrencies are designed to make the transfer funds untraceable or at least rather difficult to track, Meza made two key mistakes.

First, there was surveillance video showing him enter the victim’s apartment. Second, he used a popular cryptocurrency exchange to transfer stolen funds from ETH to BTC. The account’s public address included his own name, which gave a lot of evidence linking Meza to the crime. Meza pleaded not guilty to grand larceny, kidnapping, robbery and related counts at his arraignment in the Manhattan Supreme Court in December 2017. The judge ordered $1 million bond or $500,000 cash bail.

Money Laundering

There have already been a few large-scale cases for money laundering via cryptocurrency. Thomas Mario Costanzo allegedly used cryptocurrencies to launder proceeds for drug dealers. Costanzo was arrested during a USDHS-coordinated raid in April 2017. Evidence also shows that Costanzo used crypto to buy drugs and offered an online cryptocurrency exchange service for other people to purchase drugs without adding the required KYC authentication process.

The possible sentence for such crimes is rather hefty. The five charges placed on Costanzo can bring a maximum sentence of 20 years in prison, a $250,000 fine, or a combination of the two. In addition, any cryptocurrencies used in these crimes could be taken away by the U.S. Justice Department. The sentencing will take place on June 11, 2018.

There have even been some cases requiring international law enforcement cooperation. One recent example involved authorities from Finland, Spain, the United States, and Europol. In this case, 137 individuals were investigated and 11 were ultimately arrested in April 2018. Originally, criminals laundered drug money from Spain to Colombia using credit cards.

The group realized quickly switched to cryptocurrencies after realizing the easy traceability of traditional bank accounts. Nonetheless, law enforcement officials from Europol were able to track down criminals by monitoring crypto-to-fiat exchange transactions (Colombian pesos). Europol has stated that it is committed to giving additional cryptocurrency crime detection training to its officers. It will also continue to coordinate to stop such crimes both within the EU and beyond.

 

The Future of Crypto Crimes

Undoubtedly, crimes related to cryptocurrency will continue to rise as the popularity of cryptocurrency in general rises. Even though there are many good aspects of a crypto-based economy (i.e. greater transaction privacy, users control over funds, and freedom of capital flow), these same benefits do bring new potential challenges to stopping crimes of the present and future. In some instances, criminals might still leave behind evidence that can be tracked.

However, it is also likely that cryptocurrency crimes will become more intricate and potentially even more difficult to stop than traditional crimes attached to fiat currency. As criminals become smarter, it is clear that law enforcement agencies will have to remain on top of changes in emerging technologies as they relate to criminal activity.

written by Delton Rhodes

This article was originally published on Coincentral: https://coincentral.com/crypto-crimes-ico-scams-robbery-and-money-laundering/

 

“Top Misconceptions of Cryptocurrency as a Payment System”

 

Which can be read on Amazon Kindle Unlimited for Free  You can find more interesting articles by visiting us on one of the following platforms: AML Knowledge Centre (LinkedIn) or Anti-Bribery and Compliance at the Front-Lines (LinkedIn)