computer money laundering

The Many Ways of Deception-Not Just through Banks

Anti-money laundering measures are heavily weighted toward the financial sector, but most criminals have figured this out, and are turning to alternative—and often highly creative—ways to “legitimize” funds.  How directly an organization is involved in such schemes depends on multiple factors—but there is a very real risk that most organizations are, in fact, involved. Fortunately, there are also some very important steps to take to mitigate that risk.

Organizations in the financial sector are aware of the regulatory requirements and risks around money laundering and terrorism financing. But, in light of recent headlines, it’s clear that risks of money laundering exist outside of financial services.

The Financial Action Task Force (FATF) produced a report on anti-money laundering and counter-terrorist financing measures in the U.S. earlier this year, with over 200 pages on the scope and scale of money laundering—estimated in the hundreds of billions of dollars globally—as well as its complexity.

Anti-money laundering (AML) measures are heavily weighted toward the financial sector, but most criminals know this now. In response, they are turning to alternative—and often highly creative—ways to “legitimize” funds.

Laundering techniques include everything from “smurfing” large funds into multiple small instruments like money orders, processing funds through heavily cash-based businesses such as parking lots, car washes and casinos and using large amounts of cash for casino gambling. Buying or selling real estate or luxury goods (e.g. yachts) offers another relatively easy way to turn bad money into what appears to be good.

Then there are the more complex schemes, with carefully structured shell companies and trusts—usually based offshore.

Trade-Based Money Laundering

Trade-based money laundering (TBML) includes a whole range of schemes in which the fraudulent funds can be disguised by artificially inflating, or deflating, the value of goods and services invoiced.

There are significant challenges in dealing with just some of these schemes, and there are major gaps in the regulatory framework for designated non-financial businesses and professions (DNFBPs).

For almost any organization involved in international trade, TBML needs to be seriously considered from a risk and compliance perspective. The Global Financial Integrity organization has reported research that shows that TBML is by far the most common method of laundering money internationally, particularly for drug cartels, and involves more than a trillion dollars globally. Much of this takes place through simple methods such as over- or under-invoicing for goods and services.

How directly an organization is involved in such schemes depends on multiple factors—but there is a very real risk that most organizations are in fact involved. Fortunately, there are also some very important steps to take to mitigate that risk.

Learn the Indicators

Study the FATF report and take advantage of the resources available online from organizations like the Institute of Internal Auditors (IIA) to learn about some of the more typical money laundering schemes, red flags to look for, and what sort of activities your organization should be reporting.

The biggest challenge is what comes next: discovering whether those indicators exist in the business activities flowing through your organization.

Use Your Data

In more highly regulated industries, organizations rely heavily on data analytics to find the easy indicators of money laundering – flagging suspicious patterns and automatically reporting on major activities.

Yet, much more could be done to better understand money laundering risks – and that potential grows significantly when you move to industries that are less obviously risky, or when looking at less frequent or more complex money laundering schemes.

There are some relatively basic – yet effective – techniques for detecting TBML schemes, such as analyzing quantity and unit price to identify outliers and anomalies. There are also methods for text and web analytics to match, for example, shipping or customs documentation with billing information and flag any suspicious matches or patterns.

Make it a Priority

How much effort should managers put into understanding and mitigating the risks of money laundering in their organizations?

The easy answer is none – simply ignore the risks and assume regulatory authorities are too busy to notice.

However, there is a big-picture issue to be considered here: Criminal activities and the various means of money laundering undermine the integrity of business, financial and social structures around the world – not to mention they come with serious financial and reputational risks.

Top-Down Approach

The opportunity for fraud is just one of the three sides of the Fraud Triangle (the other two being pressure and incentive), and it’s one of the most difficult to eliminate. However, as traditional as it may sound, building a corporate culture with a zero-tolerance policy for fraud will deter behavior and stop small-scale fraudsters from becoming major threats to your business – and it starts with management and boards.

Most business leaders would love a major news story – but if a headline accusing their organization of money laundering is not the story you have in mind, it’s probably time to start taking anti-money laundering seriously.

 


John Verver

image001John Verver, CPA CA, CMC, CISA

Advisor, ACL

John Verver is currently an advisor to ACL. Previously, John spent two decades as a vice president with ACL, with overall responsibility for product and services strategy, as well as leadership and growth of ACL’s professional services organization, including customer success services, training, and technical support.

John is acknowledged as an expert authority and domain thought leader on the use of enterprise governance technology, particularly data analytics and data automation for audit, risk management, and compliance. He speaks regularly at global conferences and is a frequent contributor of articles in professional and business publications.

John is a Chartered Professional Accountant, Certified Management Consultant, and Certified Information System Auditor.

Related Post

Got Compliance News?

We do!  Sign up for CCI’s free weekly eBlast to get GRC news, views, jobs & events delivered to your inbox once a week.  Cancel anytime.

Click to Subscribe.