Beating money laundering requires layers of cyber defence
Author: James Richardson, Head of Market Development – Risk & Fraud at Bottomline Technologies
In recent months, the news cycle has been littered with stories of banks receiving heavy fines and bad publicity. The increasing commonality of this type of press demonstrates in technicolour the range of business and reputational risks from inadequate controls and compliance failings. In a complex and globalised digital age, there are more requirements on banks and corporations to Know Your Customer (KYC) and impose effective Anti-Money Laundering (AML) controls.
While corporations might hope to sit back and expect banks to take control, they also need to adopt robust systems for prevention, monitoring and control of anti-money laundering activity – and find new ways to fight cyber-crime.
Money laundering and cyber security
With crimes like money laundering on the rise, there’s no question that criminals are getting smarter and more targeted, inventing new ways to “clean” stolen money and fraudulently wire funds. Money laundering goes hand in hand with other fraudulent behaviours such as phishing, malware attacks, credit card fraud and business e-mail compromise.
Take the example of money mule schemes. These involve hiring, often unsuspecting, individuals to act as money carriers to process and wire stolen funds. For networks like this to operate effectively, these criminals need to facilitate the opening of numerous individual bank accounts to move the illicit funds.
Criminals will also seek to recruit insiders within businesses to help initiate transactions or falsify records. Their goal is to bypass AML regulations or an institution’s compliance procedures.
Old-fashioned response to real-time problems
While criminal gangs have become shrewd technologists looking to expose and take advantage of weaknesses in digital networks, the response from many institutions and banks has been slow and old-fashioned. Yet the days are gone when companies can rely on firewalls to protect them. In today’s environment, hackers or malicious employees can compromise many different and multiple layers or areas of a network. The key for businesses and financial institutions is to adopt a layered defence against financial crime. Embracing new tools such as machine learning and artificial intelligence, will aid data analysis and behavioural profiling to help reduce the risk of fraud.
Institutions must keep up-to-date black lists and white lists of approved payees. Suspicious activity can be stopped in its tracks through real-time monitoring of employee behaviour and anomalous transactions across accounts and customers.
Understanding behaviour to catch criminals
Monitoring all areas of the network enables institutions to understand user behaviour by knowing what is normal and what is not. By using cross channel behaviour tracking and analytics, corporations can create detailed logs for integrated case management and reporting and gain a full picture of the relationships between individuals and groups to allow for quicker detection. Risk profiles can also be established to monitor high risk customers or transactions.
In today’s complex and high-volume global payments environment, it is more challenging than ever to ensure compliance with sanctions and AML requirements. Industry can talk the good talk but now is the time to act. In the future, business-critical situations caused by financial crime will only become more difficult to contain and manage. There is a greater expectation by customers that businesses will secure all of their defences robustly and completely. It is no longer a case of pulling up the drawbridge once the enemy is in plain sight, but about employing multiple lines of smart and evolving protection up front to head off these growing and unprecedented corporate threats before any damage is done.