This post has already been read 1742 times!
Preventing Money Laundering 101
Despite all the work globally the AML industry still only recovers an estimated 1% of laundered cash. Linking cash to crime as it cycles through the legitimate banking system is difficult, even if a bank suspects, having an element of proof to cause closure of accounts or reporting via SAR is a game of cat and mouse.
This is what makes preventing Money Laundering so difficult.
Now imagine being a Bank AML operative with only 10% of the picture. Because you can’t see beyond the transaction in and out, it’s like having an arm tied behind your back.
The current thinking is to build AML provision with a risk based approach but what if we expanded upon that? What if we developed a more advanced understanding of crime prevention?
In this article I’ll do a quick 101 on Preventing Money Laundering and how it can be applied to Financial Crime. I’m going to use a DMAIC model to process how a crime is committed, measure its impact, analysis the method, improve the response and then control the process with improved prevention methods.
Define Money Laundering to Prevent it.
It is widely recognised that the prevalence of economically motivated crime in many societies is a substantial threat to the development of economies and their stability.
It is possible to divide financial crime into two essentially different, although closely related, types of conduct.
First, there are activities that dishonestly generate wealth for criminals engaged in the conduct. For example, the exploitation of insider information or the acquisition of another person’s property by deceit will invariably be committed with the intention of securing a material benefit. Alternatively, a person may engage in deceit to secure material benefit for another.
Second, there are financial crimes that do not involve the dishonest taking of a benefit, but that protect a benefit that has already been obtained or to facilitate the taking of such benefit. An example of such conduct is where someone attempts to launder criminal proceeds of another offence in order to place the proceeds beyond the reach of the law. It is this area we will focus on.
Measure the Impact
This is a really easy bit.
- Estimated $2 trillion laundered per annum
- Estimated 1% recovered
- 30 million enslaved via Human Trafficking
- Global drug dealing is worth $500,000,000 per annum.
- Millions caught up in failed states, vulnerability and poverty.
Preventing Money Laundering by Analysis.
- Organised criminals, including terrorist groups, are increasingly perpetrating large-scale frauds to fund their operations.
- Corrupt heads of state may use their position and powers to steal.
- Business leaders or senior executives manipulate or misreport financial data in order to misrepresent a company’s true financial position.
- Employees from the most senior to the most junior steal company funds and other assets.
- From outside the company, fraud can be perpetrated by a customer, supplier, contractor or by a person with no connection to the organisation.
- Increasingly, the external fraudster is colluding with an employee to achieve bigger and better results more easily.
- Finally, the successful criminal enterprise, serial or opportunist fraudsters in possession of their proceeds are a further group who have committed financial crime.
There are essentially seven groups of people who commit the various types of financial crime:
What are the main types of Financial Crime ?
- electronic crime;
- money laundering;
- terrorist financing;
- bribery and corruption;
- market abuse and insider dealing; and
- information security breaches/hacking
Due to the often complex nature of financial services, detecting and preventing fraud within the financial sector poses an almost insurmountable challenge. The threats are both domestic and international. They may come from within the organisation or outside it. Increasingly, internal and external fraudsters combine to create global laundromats that are practically immune from prosecution due to their global/cross border nature.
The victims may be the financial sector firms themselves or the customers of those firms. The proceeds of fraud are rarely generated in cash. The funds that are the target of the fraud are generally already within the financial system but will undoubtedly need to be moved in order to confuse the audit trail.
What can the macro financial sector do about it?
- Enhance capacity for collecting data.
- Define priorities for, and support research on, the causes, consequences and costs in preventing money laundering.
- Promote primary prevention responses.
- Strengthen responses to suspected crimes in action.
- Integrate prevention into external political and social policy and internally into policies that reach corporate wide, and thereby promote awareness.
- Increase collaboration and exchange of information on financial crime prevention.
- Promote and monitor adherence to international treaties, laws and other mechanisms to protect the financial system.
- Seek practical, internationally agreed responses to global financial crime.
Several factors must come together for a crime to occur:
- an individual or group must have the desire or motivation to participate in a banned or prohibited behavior;
- at least some of the participants must have the skills and tools needed to commit the crime.
- Unregulated or weak regulation jurisdictions;
- Areas of high corruption or criminality and weak law enforcement;
- Insecure bank premises or IT.
- There must be an opportunity to exploit the weak;
- High chance of obfuscation through volume of legitimate activity;
- Speed of trade;
- Ease of access to victim (both human/institution and system)
The problem analysis triangle relates to more traditional crime but does have a place to cause AML professionals to think about the three concepts. Where is the crime likely to be taking place or originate from? Who are the likely offenders, what socio-economic group do they belong and how are they likely to exploit security weaknesses? Who or what is the victim (consider this a product/system/institute being abused to facilitate the crime through to the actual human victim at the end of the criminality). Let’s break these three areas down.
The key with offenders is to displace their activity. There are six ways to displace their crime.
- Temporal displacement, which involves criminal activity at different times of the day.
- An example of this is when a bank enforces CHAPS transfers to be made prior to 3pm. At 2.55pm an offender places a CHAPS transfer leaving the teller with no time to complete due diligence and the money is transferred and stolen.
- Tactical displacement forcing offenders to use different methods by closing opportunities.
- Target displacement, in which criminals select different types of targets because obstacles are devised.
- Type of crime displacement involves offenders choosing a new crime to commit.
- Spatial displacement is when offenders commit crimes in new locations.
- Perpetrator displacement is the replacement of apprehended criminals by new ones.
Creating difficult situations to help in preventing money laundering in the first place should be aligned to a mix of the six displacements. Thinking not only like a criminal but like a crime prevention strategist to identify prevention opportunities and possible loop holes in systems. Writing into policy actions and controls to prevent aligned to the six displacements. Considering ahead of time the business relationships that would cause an increase in ML risk. So you know it’s a risk geography, what do you do to lessen the likelihood of your bank becoming a target through that relationship?
Situational crime prevention may reduce opportunities for criminals to commit crime, making it more difficult (and riskier) to commit a criminal act and creating doubt in a criminal’s mind that they can get away with a crime. Consider the marketing approach to crime prevention. Getting messages out either overtly or through more subtle ways to deter criminals. Be those messages related to IT/Systems and processes or plain old environmental ques, it’s about influencing the criminals behavior.
Situational crime prevention uses the environment to create barriers to crime. For example, ‘target hardening’ bank premises (CCTV, Security guards, reinforced cash in transit vehicles). The basis of this theory is that crime can be prevented by altering situations, instead of changing a criminal’s disposition.
A factor that needs to be borne in mind however, is creating difficult environments may only displace not prevent crime. An organized criminal will surveil bank premises (physically or electronically/digitally) and find gaps in security provision to exploit. Nowadays this is frequently via IT security. So while the physical environment can be made difficult, AML professionals need to bring in IT security to make just as sure programming of solutions/products doesn’t just cater for fast business but secure business. Preventing loop-holes in provision.
The ideas behind Crime Prevention stem from causing criminals to act in certain ways. Making them fear detection, and the consequence to reward matrix being weighted in ensuring they do not perceive the value in committing the crime.
The logic behind this is based on the concept of rational choice – that every criminal will assess the situation of a potential crime, weigh up how much they may gain, balance it against how much they may lose and the probability of failing, and then act accordingly. This is particularly relevant in Preventing Money Laundering, why you might ask? Because ML isn’t an impulsive or emotive crime. It is planned and executed activity with sophisticated criminals planning every move. So rational choice theory is critical to grasp so you can make changes to policy that reflect attempts to ‘change the decision making process of the criminal. ‘ If they perceive weakness they will exploit it. The image above is an interesting one. I recently advised a Police Service not to post ‘Thieves operate in this area’ as a warning to potential victims but to post ‘Police Operate in this area’ as a way to warn criminals. Same message, just delivered to a different audience.
Situational crime prevention in general, attempts to move away from the “dispositional” theories of crime commission i.e. the influence of psychosocial factors or genetic makeup of the criminal, and to focus on those environmental and situational factors that can potentially influence criminal conduct. Hence rather than focus on the criminal, SCP focuses on the circumstances that lend themselves to crime commission. Understanding these circumstances leads to the introduction of measures that alter the environmental factors with the aim of reducing opportunities for criminal behavior. Other aspects of SCP include:
- targeting specific forms of crime e.g. cybercrime
- aiming to increase the effort and decrease potential rewards of crime
- reducing provocative phenomena
- Safeguarding assets
What can be taken from this is the private and reputational aspect of banking. No one wants to admit attempts on their systems, yet by proving how successful the bank is at defeating attempts to commit cyber crime, it alerts criminal factions your bank is harder to crack and may persuade them to take their activity elsewhere.
We can all think about obvious potential locations that ML originates from. The Russian Laundromats. The PEP’s from failed and dictatorship states. FATF risk regions or regions on a Sanction list. We could expand this to look at the Transparency International corruption lists and jurisdictions bordering risk geographies for example.
The key with location is to cause additional scrutiny on funds coming from or going to the risk areas. Having risk based policies, processes and controls for these types of geographical risks will help to identify transactions once flagged by the monitoring system but we need to go further. We need to ensure front and second line staff are aware to go beyond the transaction to search addresses of beneficial owners, links between accounts or individuals/companies and focus on correspondent banking facilities. Searching all relevant material and being hyper interested and digging when something is found. All crime is about links. Be it a DNA link to a murder weapon or a respectable media link between two individuals, it’s about understanding the weight of the link and judging it suspiciously. Open mind but also enquiring. Building an ‘investigative mindset.’
A policy decision on who can be facilitated with Correspondent banking, for how much in volume and value and at what risk level based on the other banks AML programme and reputation. Going further we could cause additional scrutiny on states adjacent to the risk jurisdiction. Grading risk helps staff understand the level of detail required to not just submit a SAR but inquire into it with a focus aligned to the grading.
Secondary prevention uses intervention techniques that are directed at Financial Institutes and especially focus on those with increased risk profiles. It targets programs where crime is highly probable and causes additional levels of scrutiny including on site visits and audits on transactions/Beneficial Owners and other risk processes.
Tertiary prevention is used after a crime has occurred in order to prevent successive incidents. Such measures can be seen in the implementation of new security policies following acts of terrorism such as the September 11, 2001 attacks. This is why it is absolutely fundamental Financial Institutes have external reviews of policies, processes and controls, including IT and training to uncover why it happened and plug the gaps.
Crime prevention should focus on using techniques focusing on reducing the opportunity to commit a crime. Some of the techniques include;
- Increasing the difficulty of crime;
- Increasing the risk of crime; and
- Reducing the rewards of crime.
These three factors should be emphasized in policies and controls to make the criminal’s life harder to achieve success. Subtle marketing to advertise how difficult it is to commit crime and get by an institution to raise the stakes for the criminal and cause a displacement of their activity; Simple messages around volumes of checks and staffing, areas of focus and stringent audit can be heard by professional organised groups and will cause them to consider their options.
Crime Prevention should focus on processes that are specifically aimed at identified forms of crime, include the management, creation or manipulation of the physical and cyber environment, in as organized and permanent manner as possible. The desired result is to make crime more difficult, more risky and less rewarding.
For this section I am focusing on the macro institutional concept of victim.
Another aspect of SCP that is more applicable to the cyber environment is the principle of safeguarding. The introduction of safeguards is designed to influence the potential offender’s view of the risks and benefits of committing the crime against the institutional victim.
A criminal act is usually performed if the offender decides that there is little or no risk attached to the act. One of the goals of crime prevention is to implement safeguards to the point where the potential offender views the act unfavourably.
Application to cybercrimes
Cybercriminals should be assessed in terms of their criminal skill, which include knowledge, resources, access and motives. Cybercriminals usually have a high degree of these attributes and this is why focus on this area is critical. Four areas to grasp are:
- Increasing the effort to commit the crime
- Reinforcing targets and restricting access- the use of firewalls, encryption, card/password access to ID databases and banning hacker websites and magazines.
- Increasing the Risk
- Coverage of penalties and examples of breaches of policy and the results from that.
- Reducing the rewards of committing the crime
- Removing targets and disrupting cyberplaces – monitoring Internet sites and incoming spam, harsh penalties for hacking, rapid notification of stolen or lost credit bankcards, avoiding ID numbers on all official documents.
- Reducing any provocation/excuses for committing the crime
- Avoiding disputes and temptations – maintaining positive employee-management relations and increasing awareness of responsible use policy.
Many of these techniques do not require a considerable investment in hi-tech IT skills and knowledge. Rather, it is the effective utilisation and training of existing personnel that is key.
The theory behind situational crime prevention may also be useful in improving information systems (IS) security by decreasing the rewards criminals may expect from a crime.
IS professionals and others could use the same techniques (five above) and consequently reduce the frequency of computer crime that targets the information assets of businesses and organisations.
Designing out crime from the environment is a crucial element and the most efficient way of using computers to fight crime is to predict criminal behaviour. Another advantage over other IS measures is not only focusing on the criminal’s viewpoint.
Many businesses/organisations are heavily dependent on information and communications technology (ICT) and information is a hugely valuable asset due to the accessible data that it provides, which means IS has become increasingly important.
While storing information in computers enables easy access and sharing by users, computer crime is a considerable threat to such information, whether committed by an external hacker or by an ‘insider’ (a trusted member of a business or organisation).
After viruses, illicit access to and theft of, information form the highest percentage of all financial losses associated with computer crime and security incidents. The fact 12% of crime on the Dark Web is financial indicates the levels. Businesses need to protect themselves against such illegal or unethical activities, which may be committed via electronic or other methods and IS security technologies are vital in order to protect against amendment, unauthorised disclosure and/or misuse of information.
Computer intrusion fraud is a huge business with hackers being able to find passwords, read and alter files and read email, but such crime could almost be eliminated if hackers could be prevented from accessing a computer system or identified quickly enough.
Criminal activities in cyberspace are increasing with computers being used for numerous illegal activities, including email surveillance, credit card fraud and software piracy. As the popularity and growth of the Internet continues to increase, many web applications and services are being set up, which are widely used by businesses for their business transactions.
In the case of computer crime, even cautious companies or businesses that aim to create effective and comprehensive security measures may unintentionally produce an environment, which helps provide opportunities because they are using inappropriate controls. Consequently, if the precautions are not providing an adequate level of security, the IS will be at risk.
Situational crime prevention and fraud
In computer systems that have been developed to design out crime from the environment, one of the tactics used is risk assessment, where business transactions, clients and situations are monitored for any features that indicate a risk of criminal activity.
Credit card fraud has been one of the most complex crimes worldwide in recent times and despite numerous prevention initiatives, it is clear that more needs to be done if the problem is to be solved. Fraud management comprises a whole range of activities, including early warning systems, signs and patterns of different types of fraud, profiles of users and their activities, security of computers and avoiding customer dissatisfaction.
There are a number of issues that make the development of fraud management systems an extremely difficult and challenging task, including the huge volume of data involved; the requirement for fast and accurate fraud detection without inconveniencing business operations; the ongoing development of new fraud to evade existing techniques; and the risk of false alarms.
Generally, fraud detection techniques fall into two categories: statistical techniques and artificial intelligence techniques.
Important statistical data analysis techniques to detect fraud include:
- Grouping and classification to determine patterns and associations among sets of data.
- Matching algorithms to identify irregularities in the transactions of users compared to previous proof
- Data pre-processing techniques for validation, correction of errors and estimating incorrect or missing data.
Important AI techniques for fraud management are:
- Data mining – to categorise and group data and automatically identify associations and rules that may be indicative of remarkable patterns, including those connected to fraud.
- Specialist systems to programme expertise for fraud detection in the shape of rules.
- Pattern recognition to identify groups or patterns of behaviour either automatically or to match certain inputs.
- Machine learning techniques to automatically detect the characteristics of fraud
- Neural networks that can learn suspicious patterns and later identify them.
In closing, Preventing money laundering;
I have reviewed financial crime with a focus on Preventing Money Laundering. The take-aways are;
- To consider Situational Crime Prevention
- To consider Criminal displacement.
- To market more effectively internally and externally to prevent money laundering
- To market the risks internally and externally.
- To ensure IS/IT are involved in broad crime prevention policies, processes and governance.
- To base risk not only on what can happen but who can make it happen and where they’re from (region, internal/external) and build policies, processes and controls to prevent.
- To be active in a Macro sense to influence policy makers and partners in the industry.