What Are the AML Implications of Identity Fraud?
September 12th, 2019
Unfortunately, identity fraud as a crime continues to grow rapidly and is gaining in popularity as a tactic of criminals, with both new and existing financial services accounts susceptible to identity-focused activities. Compromised accounts are used by criminals for both direct fraud, as well as part of more complicated, somewhat indirect schemes that circuitously move and pull money. Many of those more complicated scenarios clearly have money laundering implications. Here are some of the common patterns we’ve seen, and some of the ways that these types of fraudulent activities may be addressed.The Many Forms of Identity Fraud
Identity fraud starts when criminals secure partial or complete identifying information. Sometimes access to this data is physical – stolen or copied documents – but more often this digital data acquired through breaches, malware, social engineering and similar methods. In general, most types of identity fraud fall into three categories:
- Account Takeover (ATO): Schemes of this nature take advantage of an existing account. After gaining the credentials to the account, the fraudster can empty out all the funds in it and use them for their own purposes. After the initial takeover, the fraudster can maintain their access. This can continue until the fraudulent activity is caught by detection systems or by the account owner. In that case, they can also use the account as a “stepping stone” to funneling funds from other compromised accounts or schemes.
- Identity Theft: In this collection of schemes, the fraudsters are using only the identity of the victim and not their existing accounts. Impersonating a different person becomes easier with the more information the criminal has collected from stolen data, as well as public and social information. This information can be used to open new bank accounts, apply for credit cards and loans and even establish new corporations. This activity can continue until the victim is alerted by a credit monitoring notification or the fraudster gets caught.
- Synthetic Identity: The last variation sees the fraudsters combining details from multiple sources to generate a new fake identity. For example, they may combine the social security number of a child with a made-up name and the address of an abandoned warehouse. This identity is then used to open accounts and do financial activity. Because the identity details do not exactly match an existing person, if the accounts are not flagged by detection systems, the activity can continue for a while – years in some cases.
Beyond the direct fraud activity, all identity fraud schemes pose a significant risk of money-laundering. Accounts that are not tied to the real identity of the criminal are easily used for all three stages of money laundering:
- Placement: Any account under the control of a fraudster is likely to be used as a direct target to deposit illegally obtained funds. It might be money wired from other accounts that were taken over or it might be the returns of a tax fraud scheme. Hiding those funds in a variety of other activity makes it much harder to flag or stop.
- Layering: In a similar manner, fraudsters use those accounts to hide the source of money. Multiple controlled accounts become a “mule ring” to quickly shuttle around funds by a single person without the need for complicated communications. By combining the suspicious transactions with a flow of innocuous activity, hiding this money becomes even easier for fraudsters. With the ease of creating accounts through identity fraud, the number of controlled accounts can be very large. This makes splitting up large amounts into many small transfers even easier.
- Integration: All the usual schemes for leveraging illegal funds apply for identity theft accounts as well. Money can be wired off-shore, converted into portable financial instruments or even used to buy and ship merchandise. When breaking out the funds from a controlled account, the fraudsters will use the opportunity to max-out any available credit thereby increasing their total gains and the damage caused.
Identity fraud provides criminals with many ways to hide suspicious activity. The best way to identify and prevent those activities is by combining transaction monitoring with a powerful Customer Due Diligence (CDD) program.
When the account is taken over from a legitimate customer, or when it is filled with “innocent” activity before the money laundering activity, it becomes harder for traditional activity monitoring to identify. A better way to approach the problem is by putting a greater emphasis on the full behavior profile of the customer – does the activity match their behavior?
The key to that is the information collected and analyzed as part of the Know Your Customer (KYC) process. By properly segmenting customers and comparing their actual behavior to their peers, it’s possible to identify those that act “out of character.” The more consolidated and comprehensive the view of the customer, the easier it is to understand whether this activity was done by the real customer or by a fraudster using their identity or credentials. And by extending this data further, it’s finally possible to track if this identity matches a real person or a synthetic identity.Summary: Leverage Customers’ Risk Profiles
Identity fraud is used by criminals to create or take over accounts. Once the accounts are under criminal control, much of their use has money laundering implications. Fraud and money laundering are becoming more and more connected – whether it’s the need to launder the stolen funds or the usage of stolen accounts to launder money.
To prevent the risk of money laundering and terrorist financing, as well as better protect customers from fraud, financial institutions need to know their customers much better. We recommend going beyond just the basic review of documents to building a full risk profile of a customer’s ongoing activities to clearly understand who they are, so it’s easier to find the red flags and head off potential crimes.
Do you see additional money-laundering implications of identity fraud? Drop us a note at firstname.lastname@example.org to share your thoughts.