There are many ways in which a criminal can illegally acquire money electronically. Whether it’s through malicious malware, phishing, vishing and smishing scams, account takeovers or other vectors, a commonality across all these attack methods is that fraudsters will need to move the illicit funds fast to avoid being caught and have the sum confiscated.

This is where the three stages of money laundering come into play, according to the United Nations Office on Drugs and Crime (UNODC): placement, layering and integration. In traditional money laundering schemes, the placement of funds begins when dirty money is put into a financial institution. When funds are stolen online through digital transactions at financial institutions, the process immediately jumps to layering.

This is done in three main ways:

  1. Moving funds within the financial system;
  2. Moving funds into unregulated financial e-cash systems; and
  3. Removing funds from the financial system altogether.

Moving Funds Within the Financial System

Moving funds within the financial system generally only occurs with very large sums of money. Some of the most common methods for this include the use of:

  • Offshore accounts;
  • Anonymous shell accounts;
  • Money mules; and
  • Unregulated financial services.

Offshore Accounts

Individuals can transfer stolen funds into an offshore account in a locale where bank secrecy laws are very strict. These countries and territories are often referred to as tax havens.

Financial institutions, trusts, shell corporations and other financial groups in these regions may welcome money from almost anywhere and often do not require disclosure of information regarding where the money originated from. In turn, these institutions do not file any reporting back to the country in which the funds were generated.

Anonymous Shell Accounts

A shell company, bank, account or corporation is an entity that conducts no real business. It is essentially a cover used to hide and move funds. The purpose of these accounts is to deceive others into thinking the business is legitimate while laundering money and evading taxes.

According to the Federation of Tax Advisers, shell accounts “conceal the identity of the beneficial owner of the funds, and the company records are often more difficult for law enforcement to access because they are offshore, held by professionals who claim secrecy, or the professionals who run the company may act on remote and anonymous instructions.”

Money Mules

A money mule is a person who receives and transfers funds acquired illegally for others. Most mules receive a commission for their efforts.

When bank accounts are compromised by cybercriminals and international organized crime groups (OCGs), money mules are an essential part of moving victims’ money through the financial system and assisting criminals in cashing out the compromised accounts.

Unregulated Financial Services

Unregulated entities may offer a variety of services that can be applied for criminal purposes. Many things fit into this category, such as:

  • Electronic Money: Stored-value cards allow electronic money to be put onto the card directly and then used to purchase goods and services.
  • Casinos: In recent years, the Financial Crimes Enforcement Network (FinCEN) placed regulatory requirements on casinos due to the large sums of money and high frequency of transactions at these establishments. Not every country and territory follows these guidelines, however, allowing savvy criminals another pathway to move their illicit funds. A recent example of this is a Bangladesh bank heist where cybercriminals targeted the SWIFT system to move money before extracting it through a casino in the Philippines.
  • Underground Networks of Money Dealers: This refers to conduits through which money is transferred via informal methods. These underground systems can be used for legitimate remittances but are also used for money laundering, criminal activity and terrorist financing.

Preventing Money Laundering

Financial institutions have attempted to stop this type of criminal behavior through Customer Due Diligence (CDD) and Beneficial Ownership regulatory requirements. These requirements call for the identification of the true owner of an account to stop the abuse of anonymous shell corporations.

Mary Beth Goodman, a former member of the National Security and International Policy team at the Center for American Progress, wrote in American Banker that “beneficial ownership rules are actually good for business because they would lead to reduced corruption and increased competitiveness. Beneficial ownership rules reduce risk by allowing banks and other companies to know who they are doing business with and minimize their financial exposure to others’ misdeeds.”

These rules may be difficult to enact and follow; it can be a herculean effort to identify the true owner of a shell corporation or trust. Criminals know this and will purposely shuffle money from one anonymous offshore account to another, moving money through the financial system before it ends up in an account from which it can be withdrawn.

Financial institutions are continuously monitoring their security systems and watching account activity. Through the use of device identification, biometrics, transaction velocity monitors, geographical dispersion and customer behaviors, they are able to flag more attempted fraudulent activity than ever before. Having a systematic approach to financial security and financial crime prevention is essential to address vulnerabilities that fraudsters are eager to exploit.

More from Banking & Finance

2022 Industry Threat Recap: Finance and Insurance

The finance and insurance sector proved a top target for cybersecurity threats in 2022. The IBM Security X-Force Threat Intelligence Index 2023 found this sector ranked as the second most attacked, with 18.9% of X-Force incident response cases. If, as Shakespeare tells us, past is prologue, this sector will likely remain a target in 2023. Finance and insurance ranked as the most attacked sector from 2016 to 2020, with the manufacturing sector the most attacked in 2021 and 2022. What…

How to Spot a Nefarious Cryptocurrency Platform

Do you ever wonder if your cryptocurrency platform cashes in ransomware payments? Maybe not, but it might be worth investigating. Bitcoin-associated ransomware continues to plague companies, government agencies and individuals with no signs of letting up. And if your platform gets sanctioned, you may instantly lose access to all your funds. What exchanges or platforms do criminals use to cash out or launder ransomware payments? And what implications does this have for people who use exchanges legitimately? Blacklisted Exchanges and Mixers…

Kronos Malware Reemerges with Increased Functionality

The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos is typically used to download other malware and has historically been used by threat actors to deliver different types of malware to victims. After remaining…

Why Cybersecurity Risk Assessment Matters in the Banking Industry

When customers put money in a bank, they need to trust it will stay there. Because of the high stakes involved for the customer, such as financial loss, and how long it takes to resolve fraud and potential identity theft, customers are sensitive to the security of the bank as well as fraud prevention measures. Banks that experience high volumes of fraud are likely to lose customers and revenue. The key is to protect customers and their accounts before problems…