Guide to Travel Fraud: How to Detect & Prevent It

by Tamas Kadar
Financial institutions and businesses must ensure they don’t accidentally help criminals, but what features are most important?
The year 2020 set a record for global anti-money laundering (AML) fines. Authorities handed out around $706m. Meanwhile, just 16 employees were fined a total of $16 million in 2021 for their role in money laundering breaches.
This points to the challenges faced by financial organizations. Despite increasing efforts and investment, large banks are still unwillingly helping financial crime, as shown in the largest money-laundering scandal of Danske Bank in 2018.
The last thing you want to do as a business is to accidentally support money laundering. Not only might the funds come from organized crime, prostitution rings, human trafficking, or terrorism but you could land your entire organization into hot waters due to crippling anti-money laundering fines.
AML fraud happens when money is illegally laundered (layered) through your products or services. Regardless of whether you are in banking, real estate, or even ecommerce, criminals will use any opportunity to launder money illegally acquired.
While all money laundering is illegal, the fraud part happens if you have anti-money laundering controls in place, and criminals bypass them to reach their goals: layering the illegal funds, either themselves or using a money mule.
Are you in a sector mandated by law to be AML compliant? Discover our impartial reviews of efficient and useful software here.
Read more
Whether you’re a traditional financial institution, neobank or crypto exchange, the onboarding process is where you’ll need to be smart about checking data. And it’s also your duty to go above and beyond the obligatory KYC regulations.
Stolen IDs that come from data breaches are often bought in bulk on the darknet, as well as information to create fake IDs, sometimes candidly advertised as full packages designed to enable you to open online bank accounts. Fraudsters also go to great lengths to acquire personal data via phishing, fake job openings, or plain old hacking.
If you want a drop account, you also have the option to purchase pre-created neobank accounts for your fraudulent needs. Just find one on the darknet and buy the login details from a seller.
Synthetic IDs, meanwhile, combine real and fake personal data. For instance, fraudsters often use stolen ID details from children with clean credit records and use them for loan fraud.
With real credit information, it’s extremely easy to create fake IDs using templates designed to fool modern credit scoring. You can even find online services that specialize in Photoshop editing for ID fakes and 2FA verification.
Of course, companies implement AML software & tools in order to fight AML fraud and improve AML detection, but a big plus is that it increases efficiency when handling a higher volume of transactions. With machine learning and velocity rules, a business can easily automate transactions with no human input by scanning multiple data sources to lower the need for manual reviews.
As society has only further headed towards the digital age, money laundering activities continue to increase and diversify – as does fraud – and staying on top of this is key.
Furthermore, AML software can remove compliance risks. Whether you are a crypto exchange, a neobank, or a traditional financial institution, it’s your duty to be aware of and follow AML regulations. While there are different levels depending on your vertical, the core rules to follow include:
Criminals who acquire money through illegal means want to ensure the funds cannot be traced back to them. The process, known as money laundering, usually involves running the money through a legitimate business. This can be a cash-based brick-and-mortar shop or an online operation.
There are three steps involved in money laundering:
1. Placement: The dirty money is placed into the legitimate financial system.
2. Layering: The money is concealed through transactions and bookkeeping tricks.
3. Integration: The money is now laundered and withdrawn from a legitimate account by criminals.
The biggest controversy surrounding AML is whether it’s effective at all. While heavy fines are so large that they can destroy a business, there is little evidence that the current approach helps to catch terrorists, criminals or insiders who abuse the financial system. This has been highlighted in several reports as well as opinion pieces in recent years, including in The Economist and on Reuters.
And still, financial institutions must employ sizable teams of staff and consultants to help with transaction monitoring, even when it’s automated.
This is in part because of the ever-growing complexity of payment streams (ecommerce, increase of online volume, virtual currencies, prepaid cards), which, coupled with an increase in more sophisticated attacks, is causing a real headache for larger businesses to stay ahead of fraudsters.
The main challenge, however, isn’t necessarily in deploying the right team of resources to prevent money laundering. It’s about the friction that these checks create for customers.
This is particularly damaging for neobanks, whose entire business model relies on quick and painless onboarding via mobile or desktop. Throw in too many ID verifications and questions, and your potential customers might just turn elsewhere.
It doesn’t matter if you use in-house tools or third-party companies like Onfido (as does Revolut); the AML solution is stacked on top of already heavy regulations regarding customers’ identity in the form of KYC or PEP and Sanctions checks.
Money laundering in its essence focuses on allowing a criminal to sign up for an account with a fake identity and laundering money through a business.
So, can you trust your AML solution for AML detection?
What if you are diligent in your AML checks but accidentally miss some falsified information? Many developing countries don’t have bureaus for ID information to reliably perform checks with.
Real criminals, moreover, have every incentive to hide their IDs from you. And there is no shortage of options for them to build fake profiles.
1. Criminals acquire stolen ID scans from the deep web.
2. They open bank or neobank accounts as “drops”.
3. They deposit money in these accounts and withdraw to P2P money transfer apps or crypto exchanges.
4. The funds are “tumbled”, i.e. moved across multiple accounts so they become untraceable.
Understanding these steps helps to highlight where the challenge lies for financial institutions. The onboarding stage, where you collect all your customer information, is the stage where money launderers will work the hardest to fool you.
This brings us to the topic of tools you can put in place within your organization.
Essentially, AML compliance and fraud detection efforts require similar checks. You must ensure you can confirm your user’s identity, and flag any suspicious activity, both at the onboarding and transaction stage (deposits and withdrawals).
This is why a continuous detection solution like SEON’s can help simultaneously with anti fraud and anti money laundering. Not just an AML and fraud prevention provider, SEON also allows you to keep granular logs of your AML screening and perform it at regular intervals, helping you towards your AML programs.
If you’re an organization operating online and offering some form of payout, it’s vital to utilize real-time fraud detection software. However, the importance of specific features will vary depending on the requirements of your business and industry.
On top of any compliance/regulatory demands, some specific features that you might want to look out for include:
For ease, some businesses simply work with the AML software provided by their chosen payment gateway/processor. For example, Stripe has its own Radar tool, which uses historical payments and card data gathered through its platform to identify potential risks. SEON also provides a convenient AML screening tool.
Some companies choose to employ their own in-house fraud prevention teams, as this provides more flexibility and security when faced with specific fraud challenges. However, to be truly successful, you need champions who are highly knowledgeable in the space and make the right hires when scaling. Otherwise, this can become an expensive endeavor.
Alternatively, for most companies, we would recommend looking at cloud-based solutions from third-party providers that enable you to integrate APIs to create a multi-layered defense that is developed solely around the needs of your business.
Some might find a complete end-to-end solution easier. With an end-to-end solution, maintenance and upgrades happen when needed – but the multi-layered approach gives you complete control and flexibility over your prevention arsenal without any heavy fees or commitments.
Partner with SEON to reduce fraud rates in your business with real-time data enrichment, whitebox machine learning, and advanced APIs.
Ask an Expert
We’ve already extensively covered how SEON’s tools like digital footprint analysis, data enrichment, and dynamic friction can help, especially in the context of onboarding users with zero friction.
But it’s worth noting here that a key element of improving your AML compliance checks is to look at user behavior. And this is something an experienced risk team can do, but it’s also possible to automate the process with certain risk management rules.
Put simply, a fraud management engine will be monitoring and logging all user activity on your platform. And it’s up to you to feed that data through certain rules, to see if the activity looks suspicious or not.
This is what we call velocity rules or rules that look at a customer’s actions over time.
For instance, these are scenarios that could increase the risk factor, and alert you that AML tools should be deployed:
SEON provides several modular APIs that can be of great help towards your compliance.
The software we have designed is customizable and can work around your needs. For example, one of our clients, a leading crypto exchange, uses SEON via smart Slack integration.
SEON monitors every user’s action on their platform, and the crypto exchange has set up a custom rule in the Scoring Engine that is triggered whenever a customer deposits more than $300. The transaction is automatically paused, and the team receives a notification directly in Slack, so they can immediately act by asking further questions or performing a manual review.
SEON’s versatile platform can also help weed out fraudulent new customers before they reach KYC, as well as enable better AML for digital banks.
This depends entirely on your requirements. An all-in-one suite might cost more/involve a longer commitment but will quickly lift the majority of work from your business, whereas developing a multi-layered defense might mean taking time to identify the right tools but will be much more affordable in the long run.
Not at all! AML stands for anti-money laundering, which is legislation put in place to combat money laundering, which is a type of fraud. Certain organizations such as banks are mandated by law to follow AML risk assessment requirements, in almost every country.
A good fraud prevention tool will automate as much risk management as possible by calculating risk before declining, accepting, or sending for manual review accordingly. With key features such as machine learning, data enrichment, and device fingerprinting, you can create a clearer picture of the person trying to operate on your site.
Book a demo today and see how we can support your business and team!
Sources
Showing all with `` tag
Click here
Tamás Kádár is the Chief Executive Officer and co-founder of SEON. His mission to create a fraud-free world began after he founded the CEE’s first crypto exchange in 2017 and found it under constant attack. The solution he built now reduces fraud for 5,000+ companies worldwide, including global leaders such as KLM, Avis, and Patreon. In his spare time, he’s devouring data visualizations and injuring himself while doing basic DIY around his London pad.
The top stories of the month delivered straight to your inbox