Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Comments are moderated and will not appear until the moderator has approved them.
Please submit appropriate comments. Inappropriate comments include content that is abusive, harassing, or threatening; obscene, vulgar, or profane; an attack of a personal nature; or overtly political.
In addition, no off-topic remarks or spam is permitted.
April 12, 2021
NFTs Raise Questions about Money Laundering
I must admit—my head is spinning a bit trying to grasp the valuation of nonfungible tokens, which are commonly referred to as NFTs. In March, an NFT by the artist Beeple sold for almost $70 million. An NFT is a unique digital asset that is authenticated using a blockchain. Digital assets can be artwork, music, sports cards or videos, or even tweets. There are multiple marketplaces for purchasing NFTs, oftentimes with cryptocurrencies or stablecoins, and many of these platforms are focused on a specific segment of the NFT market such as this one dedicated to players and highlights from the National Basketball Association. (The concept seems so far-fetched that Saturday Night Live based a skit on NFTs.)
Once my head stops spinning due to the astronomical valuations of some NFTs, it immediately focuses on the money-laundering risks. For years, the art world has been used to launder funds. Reasons for this include the anonymity often sought by buyers and sellers, the use of shell companies to hide owners, the use of cash for high-value purchases, and the challenges of determining a fair market value for a singular piece of art that might be purchased for well above market value, which is a red flag for money laundering. Are these reasons for using art in the physical world to launder funds alleviated or exacerbated in the digital world? I don't have the answer for this question because I admittedly haven't spent the time to fully understand the measures the NFT industry has taken to mitigate money laundering risks. I do know that transactions on a public blockchain are transparent, but that doesn't necessarily mean that the individuals engaged in the transaction can be identified. And as I mentioned earlier, determining a fair value for NFTs presents quite the challenge.
Whether or not NFTs are being used for money laundering, I am not alone in asking the question. In March, the Financial Action Task Force, seeking input from the public by April 20, 2021, released a public consultation paper on draft guidance on a risk-based approach to virtual assets and virtual asset providers. This guidance has the potential to affect NFT marketplaces and providers by encouraging regulatory agencies across the globe to require them to perform some levels of Bank Secrecy Act/Anti-Money Laundering monitoring and reporting. The task force is looking to implement changes to the draft and approve this updated guidance at its June 2021 meeting.
Are you interested in learning more about NFTs and the potential risks they may pose? While we will continue to monitor developments and provide pertinent updates, let us know if you have questions or concerns that you think we should address given the increased media exposure and transaction volumes of NFTs.
December 14, 2020
Fighting Financial Crimes outside Financial Institutions
You don't have to know anything about money laundering to know that it doesn't involve someone running a bundle of dirty cash through the washing machine, or even laundromats more generally. Well, it does, but only in the metaphorical sense. Money laundering refers to the act of legitimizing ill-gotten gains—that is, "cleaning" it to hide illegal activity. Anyway, we've touched on the topic of money laundering a few times in this blog, mainly focusing on how financial institutions might identify and report individuals acting as money mules. Today, I'm going to look at the types of businesses that are at risk of being used by money launderers.
Desmond Alston, my colleague in the Risk and Compliance Division at the Federal Reserve Bank of Atlanta and a Certified Anti-Money-Laundering Specialist, or CAMS, shares his expertise. Desmond explains that money laundering is a three- step process:
- Placement: Dirty money is placed into a legitimate financial system.
- Layering: The source of the money is concealed through a series of transactions, or layers of movement.
- Integration: Money is returned to the criminal from what appears to be a reputable source.
Any business that provides the capacity for this sort of manipulation—not just depository financial institutions—can be a conduit for money laundering. Desmond points out:
- "Insurance companies can be conduits. A launderer can purchase a life insurance policy with a payment of criminally derived funds and then cancel the policy before a penalty would be applied or absorb a small penalty as a cost of the money laundering scheme. The resulting refund would be from a reputable source.
- "At a casino, a launderer could use criminal proceeds to buy chips, hang around for a while, eat a hamburger, gamble a bit—or not at all—and then cash out."
That's why it makes sense for organizations in many industries—art and antiquities dealers, auto dealerships, travel agencies, and charitable organizations as well as financial businesses like foreign exchange, mortgage lenders, and money service businesses—to make sure staff members are knowledgeable about money laundering. If these sorts of entities fail to file suspicious activity reports, or SARs, for cash transactions that exceed reporting minimums, they are complicit in the crime of money laundering.
Nonfinancial businesses can protect themselves by employing the five components of a solid anti-money-laundering (AML) and compliance program: (1) written policies, procedures, and internal controls; (2) supervision by a designated compliance officer; (3) training and development for staff at all levels; (4) customer due diligence; and (5) independent audit of the AML program.
It's probable, however, that laundromats have no worries—they just don't have the cash flow. While early 20th-century mobsters did indeed intermingle cash from legitimate businesses like laundromats with cash from bootlegging and other crimes, they rapidly moved on to international accounts. The term "money laundering" was first widely used by journalists in connection with the financing of the Watergate burglaries in the early 1970s, when laundromats were not part of the picture.
Thanks, Desmond, for this helpful information.
February 24, 2020
Mules May Pack More Than Money
My colleague Dave Lott recently blogged on global law enforcement efforts to crack down on money mules. In his post, he categorized the two main groups of money mules: the innocents and the criminals. It just so happened that last November, I received an email trying to recruit me to be a mule (see the image).
I recently watched a fascinating video describing another type of unwitting mule. The nearly 20-minute video from the DEF CON 27 Hacking Conference is well worth your time. Nina Kollars offers a highly entertaining glimpse into an interesting mule scheme known as triangulation fraud. (You can see the diagram she uses in KrebsOnSecurity.) Rather than helping criminals launder money by moving ill-gotten funds, the mules in triangulation fraud help launder money by unwittingly purchasing legitimate, usually discounted, ill-gotten products from the criminals on a third-party marketplace. These criminals use data from stolen credit cards or synthetically created identities to purchase the products and then "cash out," or launder the funds by reselling them. Criminals will obviously use the data to purchase high-end products for their own use, but the adage that "cash is king" is true for criminals as well and they often look to turn their ill-gotten goods into cash.
The triangulation fraud scheme places the mule in an interesting position, as Kollars highlights in her video. While some people may not suspect they've been caught up in a fraudulent scheme, she was astute enough to know something fishy was going on and that she was, in fact, receiving illegally purchased goods—or, in essence, stolen goods. Ultimately, she reached out to the manufacturer of the products she received in an effort to return them. She also contacted law enforcement. Kollars acknowledged that even though she knew she was dealing with criminals, the deals were so good it was tempting to continue transacting with them.
We often write in this blog about the financial losses due to fraud of the various affected parties, including consumers, financial institutions, and businesses. But there is another important negative consequence I want to highlight now: mules help criminal and terrorist organizations fund illicit activities such as drug trafficking and terrorist activities by participating in moving money around the globe or by purchasing products, as Kollars describes in the video. It is imperative that people who suspect they are looking at a triangulation scheme or otherwise being recruited as mules immediately reach out to law enforcement. These schemes may seem small and harmless, but they are a form of money laundering. Let's all do our part to educate potential mule recruits about these schemes to stop them from being lured in and, if someone tries to recruit them, about the importance of notifying law enforcement immediately. We can all work together to put an end to the recruitment of unsuspecting citizens by global criminal and terrorist organizations.
February 10, 2020
Slowing Down the Mule Train
Slowing down the money mule train, that is. Money mules are those individuals who transfer money or goods received through fraudulent schemes on behalf of or at the direction of a criminal enterprise, often based outside the United States. It's a form of money laundering.
In December 2019, the FBI announced it was collaborating with other domestic and international law enforcement agencies to identify, stop, and prosecute major money mule networks. Two months later, it claimed that the operation had stopped the illegal actions of more than 600 domestic money mules—a 50 percent increase in their success rate over the entire previous year. (The U.S. efforts coincided with the European Money Mule Action, led by Europol, the European Union's agency that combats crime and terrorism.)
So who are these money mules and how are they recruited? The money mules fall into two main groups: innocent participants and those people who are as criminal as the leaders of the fraud schemes. It's the money mules who take the greatest risk; the leaders of the schemes use them to insulate themselves from arrest and prosecution.
The first group, the naïve participants, are generally recruited through online ads, résumés submitted to mainstream job search sites, or emails promising work-from-home employment as a "payment processing" or "money transfer" agent. Upon being "hired," these people must provide their bank account information so that deposits can be made to their accounts. If the victims say they want to open a new account to process these transactions, the contact dissuades them from doing so because new accounts face additional scrutiny and restrictions. When a deposit is made, a mule has to transfer those funds, minus the "commission," to another bank account. That account is usually outside the United States so the transfer occurs through an international money transfer service. The mule might also be asked to purchase gift cards, load funds onto them, and then provide the card numbers and PINs to the contact. Individual transactions are generally under $10,000 to avoid the filing of currency transaction reports or suspicious activity reports.
Sometimes truly innocent participants are caught in a "cuckoo smurfing" scheme. In this scenario, someone's bank account credentials are compromised without that person's knowledge. The criminal deposits or transfers money into the account and quickly moves it over to another account. The innocent participant isn't aware of this transaction until he or she checks the account.
However, the vast majority of money mules are people who clearly know they are acting illegally. They are often part of local, national, or international gangs, and use the proceeds of money mule activities to fund other criminal activities.
While there have been a number of enforcement successes, including the effort announced by the FBI, the constant attention being given to this problem indicates it persists. Hats off to all the various law enforcement agencies involved in this money mule crackdown. Hopefully, the increased publicity will prevent individuals from unknowingly becoming part of these networks as well as highlight the scams used to victimize others. What other actions do you think will help curb this type of crime?