Money mules – a trending threat to financial services

Posted: 11th October 2017

While new technology has improved the speed and convenience of making electronic payments, organised crime groups have also been attracted to these innovations.

Crime typologies are shifting; where vast funds can be stolen in an instant and criminals have a global reach. The financial services industry protects against fraud and money laundering using regulation, which encourages firms to develop robust prevention controls. However, the overwhelming flood of data collected as a result creates many challenges, especially when it comes to regulatory screening, data management and security.  

A benefit of electronic payments is that digital recordings make detection easier for firms and  authorities. The ‘digital trace’ is a problematic obstacle for many criminals. However, a common and increasing trend used to circumvent this risk is the recruitment of money mules.

A money mule allows the proceeds of crime to flow into and out of their bank account, enabling money laundering. They can either be knowingly or unknowingly complicit in the criminal activity. A network of criminals and money mules can cover multiple jurisdictions, with funds being laundered through multiple account transfers. Ultimately, a likely objective is to withdraw the illicit funds into cash.

Why do criminals want cash? Europol released a report in 2015 - ‘Why cash is still king’ - which explained that cash offers control, anonymity and can break the link to the original crime (known as the ‘predicate crime’). A Europol report 2017 stated that “38% of FIUs (Financial Intelligence Units) reported that the use of cash is the primary reason triggering suspicious transaction reports.”

The source of funds

It may be well known that cash-intensive businesses are frequently used to launder the proceeds of crime that generate cash, such as the drug trade. However, what happens when the predicate crime is sourced from crimes such as cyber-crime, fraud and corruption that generate electronic payments? Fraud and cyber crime will often use electronic payments through bank accounts to transform the illicit digital funds into physical cash.

The UK’s National Money Laundering Risk Assessment 2015 (soon to be superseded by the new assessment) highlighted the issue of money mules in retail banking that makes banks vulnerable to being used as the conduit for the proceeds of crime, or as a conduit for terrorist financing. The nature of mule activity means that, cumulatively and often via small transactions, significant sums can be laundered across a network.

In May 2017, CIFAS reported the highest identity fraud figures ever recorded, and recent media news articles described the trend at ‘epidemic levels’. The knock-on effect of the rising fraud and cyber-crime trend has a direct correlation with money mule activity, with the acceleration and growth running almost parallel. Europol reports that “More than 90% of the reported money mule transactions were linked to cybercrime”.

The risks to firms

The CIFAS Fraudscape report 2017 underlined that money mule activity increased by 9% on the previous year, with young adults being targeted. Bank accounts impacted by the misuse of facility fraud rose by 7%.

In August 2017, the media highlighted that young adults are increasingly a target for money mule scams, but any vulnerable customer is open to exploitation. Customers who are unable to detect unusual activity or comprehend the gravity of their actions are open to being used to launder money.

The definition of a vulnerable customer may be wide, but early intervention with those who could fall into the situation of being ‘recruited’ by an organised criminal group could help mitigate the risk of firms being used as vehicles for money laundering.

Identifying money mules is a challenge, and handling suspected money mules even more so. On the one hand, they may be knowingly involved and suspected of money laundering, which legally obligates the firm to submit a Suspicious Activity Report (SAR) to the National Crime Agency (NCA). On the other hand, the customer could be an unknowing victim of a money mule scam and require intervention by the bank to prevent further misuse of their account. A delicate balance between stringency over financial crime compliance and consideration for the treatment of the customer is vital in these fragile situations. Avoiding ‘tipping off’ and prejudicing an investigation under the Proceeds of Crime Act 2002 is critical to compliance staff and the firm.

With all this in mind, how does your firm identify and handle money mule activity?

Mitigating the risk of money mules 

A robust and effective risk assessment is a powerful mitigation tool to prevent money laundering. The Money Laundering Regulations 2017 require firms, under regulation 18, to carry out written risk assessments to assess the risk of money laundering and terrorist financing that it may face. 

The assessment must take into account:

a) Customers
b) The countries or geographic area the firm operates in
c) Products and services
d) Transactions
e) Delivery channels

How can organised crime groups with money mule networks manipulate and exploit these risk areas in your business, and does the firm see instances of this in practice? Understanding these areas in terms of anti-money laundering (AML) and fraud can allow for more pointed solutions to be implemented.

Firms that understand how to interpret the data and management information being produced by their ongoing assessment of each area will be able to react more effectively.

Risk assessment must be combined with transaction monitoring that goes beyond alert monitoring. Compliance staff need to understand how to interpret the alerts and the potential risks at an early stage. AML regulatory risk can be mitigated by reporting suspicious activity to the NCA and ending customer relationships to prevent further activity.

CONCLUSION

The money mule dilemma is becoming a prevailing issue for many firms. The National Strategic Assessment 2017 predicts an increase of money mules as a result of the EU Payments Account Directive that arrived in the UK in September 2016. The Directive will allow bank accounts to be opened without UK residency and the NCA believes there is a “realistic possibility” that increased mule accounts will be opened as a result.

The Payments Strategy Forum is also addressing the money mule dilemma by proposing a Payments Transaction Data Sharing and Data Analytics solution. The solution will be aimed at tactical and strategic areas to fight money laundering through the misuse of payments with clear implications for payment providers.

With the increase in money mule activity and cyber crime firms need to harmonise their data to truly understand their customers and level of exposure, something that can be achieved with a single customer view across an organisation, particularly where there are multiple channels, service lines and products. Firms with disparate customer data and inefficient transaction monitoring are unable to effectively close loopholes and decrease opportunities for criminals and may not spot vital red flags at an early stage, if at all.

An approach to close down money mule accounts that blends technology, regulatory expertise and an understanding of criminal trends will keep your firm protected from financial crime and the associated regulatory risks, whilst disrupting organised crime as these networks evolve and further threaten you firm.