AML Fraud Detection: How to Detect & Prevent It

Financial institutions and businesses must ensure they don’t accidentally help criminals, but what features are most important?

The year 2020 set a record for global anti-money laundering (AML) fines. Authorities handed out around $706m. Meanwhile, just 16 employees were fined a total of $16 million in 2021 for their role in money laundering breaches.

This points to the challenges faced by financial organizations. Despite increasing efforts and investment, large banks are still unwillingly helping financial crime, as shown in the largest money-laundering scandal of Danske Bank in 2018.

The last thing you want to do as a business is to accidentally support money laundering. Not only might the funds come from organized crime, prostitution rings, human trafficking, or terrorism but you could land your entire organization into hot waters due to crippling anti-money laundering fines.

What Is AML Fraud?

AML fraud happens when money is illegally laundered (layered) through your products or services. Regardless of whether you are in banking, real estate, or even ecommerce, criminals will use any opportunity to launder money illegally acquired.

While all money laundering is illegal, the fraud part happens if you have anti-money laundering controls in place, and criminals bypass them to reach their goals: layering the illegal funds, either themselves or using a money mule.

How Do Criminals Fool AML Identity Checks?

Whether you’re a traditional financial institution, neobank or crypto exchange, the onboarding process is where you’ll need to be smart about checking data. And it’s also your duty to go above and beyond the obligatory KYC regulations.

With Fake and Stolen IDs

Stolen IDs that come from data breaches are often bought in bulk on the darknet, as well as information to create fake IDs, sometimes candidly advertised as full packages designed to enable you to open online bank accounts. Fraudsters also go to great lengths to acquire personal data via phishing, fake job openings, or plain old hacking.

If you want a drop account, you also have the option to purchase pre-created neobank accounts for your fraudulent needs. Just find one on the darknet and buy the login details from a seller.

With Synthetic IDs

Synthetic IDs, meanwhile, combine real and fake personal data. For instance, fraudsters often use stolen ID details from children with clean credit records and use them for loan fraud.

With real credit information, it’s extremely easy to create fake IDs using templates designed to fool modern credit scoring. You can even find online services that specialize in Photoshop editing for ID fakes and 2FA verification.

Why Is AML Fraud Detection Important?

Of course, companies implement AML software & tools in order to fight AML fraud and improve AML detection, but a big plus is that it increases efficiency when handling a higher volume of transactions. With machine learning and velocity rules, a business can easily automate transactions with no human input by scanning multiple data sources to lower the need for manual reviews.

As society has only further headed towards the digital age, money laundering activities continue to increase and diversify – as does fraud – and staying on top of this is key.

Furthermore, AML software can remove compliance risks. Whether you are a crypto exchange, a neobank, or a traditional financial institution, it’s your duty to be aware of and follow AML regulations. While there are different levels depending on your vertical, the core rules to follow include:

• AML holding period: A recommendation that funds deposited in an account must be held for a minimum of five trading days.
• Reporting suspicious activity: Businesses must monitor customer deposits and transactions. Large sums, especially those exceeding $10,000, must be given extra attention by verifying their origin.
• AML education: The responsibility of letting customers know about AML laws falls on the shoulders of the business.
• Logging financial information: Businesses must keep extensive records that can be used to investigate suspicious financial transactions.
• Customer due diligence (CDD): Knowing who your customers are through extensive KYC verification checks is also the business’s responsibility.

The Basics of Money Laundering

Criminals who acquire money through illegal means want to ensure the funds cannot be traced back to them. The process, known as money laundering, usually involves running the money through a legitimate business. This can be a cash-based brick-and-mortar shop or an online operation. 

There are three steps involved in money laundering:

1. Placement: The dirty money is placed into the legitimate financial system.

2. Layering: The money is concealed through transactions and bookkeeping tricks.

3. Integration: The money is now laundered and withdrawn from a legitimate account by criminals.

The Challenges of AML Detection Solutions

The biggest controversy surrounding AML is whether it’s effective at all. While heavy fines are so large that they can destroy a business, there is little evidence that the current approach helps to catch terrorists, criminals or insiders who abuse the financial system. This has been highlighted in several reports as well as opinion pieces in recent years, including in The Economist and on Reuters.

And still, financial institutions must employ sizable teams of staff and consultants to help with transaction monitoring, even when it’s automated. 

This is in part because of the ever-growing complexity of payment streams (ecommerce, increase of online volume, virtual currencies, prepaid cards), which, coupled with an increase in more sophisticated attacks, is causing a real headache for larger businesses to stay ahead of fraudsters.

The main challenge, however, isn’t necessarily in deploying the right team of resources to prevent money laundering. It’s about the friction that these checks create for customers. 

This is particularly damaging for neobanks, whose entire business model relies on quick and painless onboarding via mobile or desktop. Throw in too many ID verifications and questions, and your potential customers might just turn elsewhere.

It doesn’t matter if you use in-house tools or third-party companies like Onfido (as does Revolut); the AML solution is stacked on top of already heavy regulations regarding customers’ identity in the form of KYC or PEP and Sanctions checks.

How Does AML Fraud Work?

Money laundering in its essence focuses on allowing a criminal to sign up for an account with a fake identity and laundering money through a business.

So, can you trust your AML solution for AML detection?

What if you are diligent in your AML checks but accidentally miss some falsified information? Many developing countries don’t have bureaus for ID information to reliably perform checks with.

Real criminals, moreover, have every incentive to hide their IDs from you. And there is no shortage of options for them to build fake profiles.

1. Criminals acquire stolen ID scans from the deep web.

2. They open bank or neobank accounts as “drops”.

3. They deposit money in these accounts and withdraw to P2P money transfer apps or crypto exchanges.

4. The funds are “tumbled”, i.e. moved across multiple accounts so they become untraceable.

Understanding these steps helps to highlight where the challenge lies for financial institutions. The onboarding stage, where you collect all your customer information, is the stage where money launderers will work the hardest to fool you. 

This brings us to the topic of tools you can put in place within your organization. 

What Connects AML and Fraud Detection?

Essentially, AML compliance and fraud detection efforts require similar checks. You must ensure you can confirm your user’s identity, and flag any suspicious activity, both at the onboarding and transaction stage (deposits and withdrawals). 

This is why a continuous detection solution like SEON’s can help simultaneously with anti fraud and anti money laundering. Not just an AML and fraud prevention provider, SEON also allows you to keep granular logs of your AML screening and perform it at regular intervals, helping you towards your AML programs.

What Features to Look for in AML Software

If you’re an organization operating online and offering some form of payout, it’s vital to utilize real-time fraud detection software. However, the importance of specific features will vary depending on the requirements of your business and industry.

On top of any compliance/regulatory demands, some specific features that you might want to look out for include:

• Data enrichment capabilities: Create a basic user profile that details information from external sources on a single data point – for example, checking an email address to see if it’s deliverable and what domain type can reveal a level of risk. 
• Customizable rules and risk scoring: To help businesses streamline processing times and boost accuracy, a customizable ruleset will approve or reject any given action in real-time without impacting the user’s journey. This is best calculated via an overall risk score.
• Social media lookup: Building on data enrichment, some software providers offer the availability of a social media tracking API that offers more insight on the user, essentially acting as an online passport. 
• PEP checks: Transactions involving a politically exposed person (PEP) or their family (RCA)– i.e. a president, politician, mayor, etc. – are considered high-risk due to the nature of the person’s position and authority. Applying enhanced customer due diligence with these individuals helps prevent potential money laundering.
• Sanctions lists checks: Sanctions lists that apply to your locale also need to be checked for any potential matches.
• Crime and fugitive watchlists and other blacklists: AML screening also involves ensuring that the customer’s name is not on any law enforcement lists.
• Pricing: For smaller businesses, paying per API call offers the most flexibility as your business grows. Businesses using the option of paying per individual check can complete operations in-house instead of outsourcing any transactions, which is often more costly.

How to Integrate AML Detection or Tools into Your Business

For ease, some businesses simply work with the AML software provided by their chosen payment gateway/processor. For example, Stripe has its own Radar tool, which uses historical payments and card data gathered through its platform to identify potential risks. SEON also provides a convenient AML screening tool.

Some companies choose to employ their own in-house fraud prevention teams, as this provides more flexibility and security when faced with specific fraud challenges. However, to be truly successful, you need champions who are highly knowledgeable in the space and make the right hires when scaling. Otherwise, this can become an expensive endeavor.

Alternatively, for most companies, we would recommend looking at cloud-based solutions from third-party providers that enable you to integrate APIs to create a multi-layered defense that is developed solely around the needs of your business.

Some might find a complete end-to-end solution easier. With an end-to-end solution, maintenance and upgrades happen when needed – but the multi-layered approach gives you complete control and flexibility over your prevention arsenal without any heavy fees or commitments.

How to Screen for Bad IDs

We’ve already extensively covered how SEON’s tools like digital footprint analysis, data enrichment, and dynamic friction can help, especially in the context of onboarding users with zero friction. 

But it’s worth noting here that a key element of improving your AML compliance checks is to look at user behavior.  And this is something an experienced risk team can do, but it’s also possible to automate the process with certain risk management rules.

Put simply, a fraud management engine will be monitoring and logging all user activity on your platform. And it’s up to you to feed that data through certain rules, to see if the activity looks suspicious or not.

This is what we call velocity rules or rules that look at a customer’s actions over time.

For instance, these are scenarios that could increase the risk factor, and alert you that AML tools should be deployed:

1. A user logs in from a different geolocation and device and starts withdrawing large sums of money.
2. A new user transfers hundreds of small sums to their account and withdraws them in bulk.
3. Money seems to be deposited and withdrawn too quickly. 
4. Someone is logging in multiple times from a risky IP geolocation pointing to the Cayman Islands.

How to Use SEON to Help Your AML Compliance

SEON provides several modular APIs that can be of great help towards your compliance.

• The AML API allows you to perform manual or automatic regular screening of persons against all the relevant watchlists, including sanctions lists, PEP and RCA lists, crime and fugitive watchlists, and so on. You can set these up to recur based on your compliance needs.
• You can conduct AML transaction monitoring by setting up relevant rules in SEON’s customizable platform. Because you control these rules, any future changes to the legislation can be dealt with easily and swiftly.
• The fraud prevention module by SEON will catch any attempts at multi-accounting, synthetic IDs, stolen identities, account takeovers and other types of attack that enable money laundering. Minimizing fraud will always minimize money laundering.
• SEON’s platform keeps granular records of your checks so you can more easily file any reports you require (e.g. SARs) as well as help prove your compliance if the need arises.
• When it comes to your KYC needs, SEON both provides alternative data for your manual reviews, and can constitute a pre-KYC step so you only run document verification on legitimate users – saving you money on these expensive checks.

The software we have designed is customizable and can work around your needs. For example, one of our clients, a leading crypto exchange, uses SEON via smart Slack integration.

SEON monitors every user’s action on their platform, and the crypto exchange has set up a custom rule in the Scoring Engine that is triggered whenever a customer deposits more than $300. The transaction is automatically paused, and the team receives a notification directly in Slack, so they can immediately act by asking further questions or performing a manual review.

SEON’s versatile platform can also help weed out fraudulent new customers before they reach KYC, as well as enable better AML for digital banks.

FAQ

Sources

• Finextra: Bank AML fine values in 2020 already outstripping 2019
• Guardian: Is money-laundering scandal at Danske Bank the largest in history?
• Reuters: Anti-money laundering controls failing to detect terrorists, cartels, and sanctioned states
• The Economist: The war against money-laundering is being lost
• Fenergo: Global Financial Institution Penalties on the Decline in 2021