Common AML Schemes: Cybersecurity Tactics
Money laundering and financial crimes pose large risks to financial firms, both from a reputational and regulatory perspective. However, these schemes can take many forms making it difficult for firms to do their due diligence to protect themselves and their investors.
We’ve put together a series of the most common forms of money laundering and financial crimes and what firms can do to combat each one.
Money Laundering & Cybersecurity
Cybercrime and money laundering are often related to cybercriminals using various online platforms and technologies to facilitate the laundering of illicit funds. One way that cybercriminals may use online platforms to launder money is using virtual currencies, such as Bitcoin or Ethereum. These currencies are decentralized and anonymous, making them attractive to individuals who wish to conceal their identity or the source of their funds. Cybercriminals may use virtual currencies to transfer illicit funds between accounts or to make purchases on the dark web, where they can often be more difficult to trace.
Another way cybercrime and money laundering may be related is through online banking and payment systems. Cybercriminals may use these systems to transfer illicit funds between accounts or to make purchases that are difficult to trace. For example, they may use prepaid debit cards or virtual credit cards to make purchases online, or they may use online payment systems such as PayPal to transfer funds between accounts.
Overall, the relationship between cybercrime and money laundering is complex and multifaceted. Cybercriminals often use a variety of online platforms and technologies to facilitate the laundering of illicit funds, and financial institutions and law enforcement agencies must be vigilant in detecting and preventing such activities. One example of a cybercrime in which money laundering may be involved is a phishing attack. In a phishing attack, a cybercriminal sends fraudulent emails or text messages that appear to be from a legitimate source, such as a bank or government agency. The messages may contain links to fake websites or attachments that, when clicked, install malware on the victim's computer or device.
Once the malware is installed, the cybercriminal may be able to access the victim's personal and financial information, including login credentials and account numbers. The cybercriminal may then use this information to gain access to the victim's accounts and transfer funds to their own accounts or to accounts controlled by accomplices. By doing so, the cybercriminal may be able to launder the stolen funds and conceal their illicit origin. This type of cybercrime is a serious threat to individuals and organizations, as it can result in significant financial losses and damage to a person's reputation and credit rating. Financial institutions and law enforcement agencies must be vigilant in detecting and preventing such attacks, and individuals must take steps to protect themselves from falling victim to phishing scams.
Cybercrime and Money Laundering Trends:
- Use of complex financial structures: Money launderers may use complex financial structures, such as trusts or shell companies, to conceal the true ownership of assets or the source of funds. These structures may be used to transfer funds or assets between different entities to make it more difficult to trace the origin of the funds.
- Cybercrime and cyber-enabled money laundering: Money launderers may use online platforms and technologies, such as virtual currencies or online payment systems, to facilitate the transfer of illicit funds. Cybercriminals may also use these platforms to gain access to financial information or to solicit funds under false pretenses.
- Professional enablers: Money launderers may use the services of professionals, such as lawyers, accountants, or real estate agents, to facilitate the laundering of funds. These professionals may be unaware that they are facilitating money laundering activities, or they may actively participate in the scheme.
- Cross-border activities: Money launderers may try to transfer funds or assets across borders to hide their illicit origin. This can make it more challenging to detect and prosecute money laundering activities and may require the cooperation of law enforcement agencies in multiple jurisdictions.
- Increased scrutiny and regulation: There is increasing scrutiny and regulation of money laundering activities, leading to increased efforts by law enforcement and regulatory agencies to detect and prevent these activities. Financial institutions, including broker dealers, are under pressure to implement robust anti-money laundering (AML) programs to prevent their businesses from being used to facilitate money laundering.
- Technology: Money launderers are increasingly using technology, including online platforms, virtual currencies, and mobile payments, to facilitate their activities. This can make it more difficult for financial institutions and law enforcement agencies to detect and prevent money laundering, as traditional AML systems and controls may not be designed to address these types of transactions.
- Cybercrime techniques: Money launderers may use a variety of cybercrime techniques, such as phishing scams, malware attacks, and ransomware, to gain access to financial accounts or to facilitate the transfer of funds between accounts. Financial institutions and law enforcement agencies must be vigilant in detecting and preventing these types of attacks.
- Dark web: The dark web is a hidden portion of the internet that is not accessible through traditional search engines and is often used for illegal activities, including money laundering. Criminals may use the dark web to facilitate the transfer of funds or to buy and sell illicit goods and services.
- International aspects: Money laundering may have international aspects, as launderers may try to transfer funds or assets across borders to conceal their illicit origin. This can make it more challenging to detect and prevent money laundering and may require the cooperation of law enforcement agencies in multiple jurisdictions.
- Virtual currencies: Money launderers may use virtual currencies, such as Bitcoin, to transfer funds between accounts or to facilitate illegal transactions. These transactions can be difficult to trace and may not be subject to the same level of regulation as traditional financial instruments.
Read about other common AML schemes
- Account takeover
- Business email compromise
- Environmental, social, and governance (ESG)
- Investment Companies
- Real Estate
How we help
ACA’s AML and Financial Crimes practice offers advisory services and solutions to assist financial services firms in addressing threats and regulatory obligations associated with financial crime. We work with investment advisers and broker-dealers, among others, to assess risk, develop policies and procedures, and perform independent tests and gap analyses.
Our support can incorporate our ComplianceAlpha® regulatory technology and managed services to help your firm meet its data screening, ongoing monitoring, remediation and reporting needs.
ACA Aponix® can also help your firm strengthen your line of defense against cyberattacks. Our cyber experts can provide phishing testing and monitoring services to protect your business. We also offer Aponix ProtectTM, a cybersecurity and technology risk solution that helps you build a comprehensive risk management program tailored to your business needs.
Reach out to your ACA consultant, or contact us to find out how ACA can help you meet your AML requirements.