Business Risk Profile: Anti-Money Laundering & Fraud Prevention
Anti-money laundering (AML) and fraud-prevention teams are often referred to as two sides of the same coin. AML teams trace the origin of funds passed through a business to ensure it is not unknowingly complicit in masking illegally earned money as legitimate. Fraud-prevention teams aim to prevent or reduce monetary losses caused by criminal acts of deception, such as identity theft and forgery. But despite the evident overlap and complementary nature of their roles, these two teams have traditionally operated separately and independently from one another.
Given the abundance of intelligence available to companies, however, it can be highly beneficial for AML and fraud-prevention teams to work together. A 2016 FinCen advisory affirms that collaboration and intelligence sharing can help these teams “conduct a more comprehensive threat assessment and develop appropriate risk management strategies to identify, report, and mitigate cyber-events and cyber-enabled crime.”
The following examples explain several key areas where collaboration and intelligence sharing can bolster AML and fraud prevention efforts:
The Abuse of Personally Identifiable Information (PII)
In many cases where fraud is committed, money laundering is not far behind. Some criminals use stolen PII bought on the Deep & Dark Web (DDW) to create falsified financial accounts through which they can launder money without revealing their identities. AML and fraud-prevention teams that communicate and share information regarding these schemes not only keep stronger tabs on suspicious individuals and behaviors, they do so more efficiently.
For example, if a fraud-prevention team identifies a case of identity theft and suspects the adversary might also be involved in money laundering, they can quickly pass this intelligence to the AML team to evaluate suspicions, verify any red flags, and quickly apply mitigations. Considering that fraud and money laundering can lead to substantial consequences for any business, detecting and addressing these crimes in a timely manner is crucial. This is why ongoing communication and intelligence sharing can better equip AML and fraud-prevention teams to safeguard business interests and assets more effectively.
Few crimes can lead to harsher consequences for a company than being linked to terrorist financing. Even if a company is inadvertently tied to a terrorist financing scheme, these situations can tarnish its public reputation, erode customer trust, and result in serious legal and regulatory repercussions.
Unfortunately, the ways in which terrorist organizations receive funding vary and are often difficult to detect proactively. In many cases, money-laundering tactics can enable these groups to finance their illicit activities without raising suspicion from law enforcement. Because individuals and organizations that knowingly engage in terrorist financing have been known to use stolen identities and fraudulently acquired funds to support terrorist groups, these crimes can fall within the jurisdictions of both AML and fraud prevention teams.
This is why, for example, the same intelligence that helps a fraud prevention team uncover a case of identity theft might also enable an AML team to identify an adversary involved in terrorist financing, and vice versa. One such example comes from an FBI report that details a case in which an Al-Qaida terrorist cell in Spain leveraged stolen identities to open fraudulent bank accounts that were then used to transfer funds in and out of the country.
Indeed, ongoing collaboration and intelligence sharing between AML and fraud-prevention teams can enhance their abilities to combat fraud and money laundering, all the while upholding the integrity and safety of the business and its stakeholders.
A significant barrier to combating fraud and money laundering stems from criminals’ tendencies to quickly adapt their tactics to new countermeasures. Often, once criminals receive information about the latest AML and anti-fraud controls, they congregate and strategize to develop alternative ways of circumventing these controls.
This behavior doesn’t extend solely to fraudsters and money launderers; it persists throughout the criminal ecosystem. For example, following the sweeping implementation of robust security controls across the financial industry in recent years, some adversaries recognized they could more easily penetrate these institutions by soliciting the assistance of a rogue insider. So while the frequency of certain types of financial crimes may have dropped, insider threats have grown more prominent.
Since new countermeasures can impact the ways in which criminals commit crimes, it can be beneficial for AML and fraud-prevention teams to be aware of any security or policy changes that occur under one another’s jurisdiction. For instance, when more than 20 financial institutions reported suspicious behavior from “an internet-based company, its co-founders, and other collaborators,” it was discovered that they had conducted billions of dollars worth of “unregistered money-transmitting” via a number of different crimes including identity theft, narcotics trafficking, cyber-attacks and more. Teams stand a better chance of protecting themselves from these types of threats by collaborating and sharing intelligence.
Fraud and money laundering tend to be closely related and even concurrent in many cases, so any shift that occurs in the landscape of one threat has the potential to affect the other. This is why it’s so crucial for AML and fraud-prevention teams to collaborate on the threats and criminal tactics each team observes. By providing insight into emerging schemes and new tactics, sharing intelligence can prepare these two teams to better anticipate and mitigate impending threats.
To learn how Business Risk Intelligence helps companies combat money laundering and fraud, download our use cases:
Chief Strategy Officer
Chris Camacho partners with Flashpoint’s executive team to develop, communicate, and execute strategic initiatives. With over 15 years of cybersecurity leadership experience, he has led initiatives across Operational Strategy, Incident Response, Threat Management, and Security Operations to ensure cyber risk postures align with business goals. An entrepreneur, Mr. Camacho also serves as CEO for NinjaJobs, a career-matching community for elite cybersecurity talent. He has a BS in Decision Sciences & Management of Information Systems from George Mason University.