Transaction laundering could be the money laundering and fraud issue of 2019 and beyond. The Financial Timessays transaction laundering is a $200 billion per year scheme in the United States alone and that number is expected to increase (perhaps exponentially) over the next few years.
So, what is transaction laundering (a/k/a “credit card laundering,” “undisclosed aggregation,” or “factoring”)?
Transaction Laundering is the criminal/money launderer’s use of the legitimate merchant payment infrastructure to process illicit transactions.
Transaction laundering falls into three general categories: (1) front companies, (2) pass through companies, and (3) funnel accounts.
- Front Companies: These are seemingly legitimate Internet-based merchants who sell (or purport to sell) real goods and services but inflate receipts, process non-existent transactions, and/or miscode illegal transactions for credit card processing.
- Pass Through Companies: Pass through companies have legitimate payment infrastructure but allow (knowingly or unknowingly) criminals to send illicit transactions through their payment accounts.
- Funnel Accounts: Funnel accounts are payment accounts of otherwise legitimate companies who process payment transactions for multiple merchants and (knowingly or unknowingly) process illicit transactions with legal ones.
Are you a criminal with the will and the ability to set up a website with a merchant account? Then, unfortunately, you can establish a front company and start transaction laundering this week.
Transaction laundering is not unknown or unaddressed in the payments and banking systems. MasterCard instituted a program to incent credit card processors to ferret out transaction laundering in 2015. But, for some obvious reasons, transaction laundering is extremely hard to detect.
- In a front company scheme, it is very difficult for a card processor to divine whether goods or services have changed hands and/or the legitimate value of those purported transactions.
- In pass through and funnel account schemes, some (or in some cases, most) of the transactions the card company sees are perfectly legitimate. Picking out the bad ones can be extraordinarily challenging. These methodologies can separate the criminals from the fraud detection systems by two degrees at least.
- Unlike traditional money laundering, transaction laundering schemes do not rely on large transactions. They “fly under the radar” with numerous smaller transactions that fit the profile of the purported merchant.
- All three methodologies often include a legitimate, bankable business that can pass a KYC screen. A smart criminal might purchase a legitimate company with an established track record of transactions to start his or her transaction laundering scheme.
So, is all lost? Well, no, but it’s far from found. Credit card and big data companies are attacking the problem with math. The effectiveness of these methods remains to be seen. KYC systems are, we believe, behind the power curve, but as the problem gets more press, they will (we hope) catch up. The challenges of verifying the legitimacy of the potentially illicit business (remember that the effective transaction laundering methodology processes good transactions with bad ones) is substantial. The first step in this process is to recognize and publicize these problems so the smart, diligent, creative professionals in the financial services and RegTech industries (that’s you) continue to create solutions. The criminals and money launderers are smart, creative, and diligent, but so are we.
About the Author
Mark Stetler is CEO of RegSmart. He has a BBA in Finance from Baylor University (cum laude, 1985) and a law degree from the University of Texas (with honors, 1988). Mark has worked in the financial services industry for 30 years as an attorney and entrepreneur. Mark previously co-owned one of the nation’s largest firms specializing in forensic financial audits. He is a Certified Anti-Money Laundering Specialist and a chief architect of RegSmart’s anti-money laundering risk assessment and audit SaaS.
About RegSmart
RegSmart offers the best-in-class automated BSA/AML risk assessment. Supported by subject matter experts, RegSmart collects data with intuitive wizards and stores that data for regulatory compliance and change management. RegSmart delivers complete, plain language reports with actionable intelligence. Please visit us at www.beregsmart.com.
If you would like to see a demonstration of our best-in-class automated BSA/AML risk assessment and audit applications, please contact us at 214.919.4670, or email John Ravita at jrravita@beregsmart.com or Mark Stetler at mstetler@beregsmart.com. We look forward to visiting with you.