Why transaction laundering is turning into a huge financial blindspot

[Note: This item comes from friend David Rosenthal. DLH]

Why transaction laundering is turning into a huge financial blindspot
By Izabella Kaminska
Mar 17 2017

“What we have discovered is that there are an additional 6,000-10,000 merchants that are out there online accepting cards and sending transaction data through one or more of the acquirer’s portfolios. The acquirer is processing 10,000 more merchants and they don’t know who they are. They can be anyone. The acquirer is completely unaware of the significance of these transactions.”

That’s from Ron Teicher, CEO of Evercompliant, an Israeli company that focused on transaction laundering detection and prevention.

It is a startling statistic. Notably it suggests anti-money laundering (AML) and know-your-customer (KYC) regulations brought in post-crisis may have been entirely ineffective. And, of course, that criminals have an endless capacity to adapt.

The scam is simple. Rather than setting up bricks and mortar front businesses to launder profits from illicit activities, those who peddle illegal goods — from drugs to weapons and gambling services — set up fake web stores that appear to sell legitimate goods instead. (The more virtual those fake goods are, the better and easier for them.) These fake stores are then onboarded onto merchant processor systems and used as fronts to process entirely illegal transactions through. Technically, customers provide credit card authorisation details to the illegal stores, but these are transferred over to the fake sites for processing.

Worryingly, Teicher says regulators are entirely behind the curve on this. Most don’t even know about it. Even worse, banks and processors don’t seem to care about the problem either.

To the contrary, most banks are so busy spending $ applying AML and KYC procedures to conventional client accounts — and areas they know regulators will be watching — they’re entirely unmotivated to do the same on the merchant side. Until threatened with penalties of course.

The vulnerabilities, as ever, relate to complexity and scale, as well as pressure to open up banking to new entrants.

In their desperation to onboard as many new customers as possible, as well as to outsource as much of the high-cost retail customer acquisition work to fintechs as possible, banks have inadvertently created a blindspot in their own networks.

Teicher told us:

In the last few years we have had a new layer added to the payment chain. We are talking about payment service providers and facilitators, the [xxxxx] and [xxxxx] of the world, who all talk about frictionless onboarding. It’s very quick and they take everybody. And we’ve created very good access facilities to payments for free lancers, taxi drivers, small entrepreneurs… all these people have access. The banks would not have gone through the hassle of onboarding all of them. But while this is really great for them, what is missing is that the risk management level is not the same as you would have in a bank. Meanwhile the lack of visibility of the end merchant to the bank, means the bank does not see who is underneath, and so it becomes more complex to understand where the transaction really stars and end.

This is a glaring admission.