Although considered a safe haven for cybercriminals, crypto-currencies play only a limited role in laundering funds from bank hackers. At least, that's what emerges from a study conducted by BAE Systems for Swift.
"Money Mule": money couriers recruited via social networks
In a report entitled "Follow The Money", BAE Systems and Swift examine the techniques used by cybercriminals to launder stolen money. The first modus operandi is based on a principle well known to traffickers. The "Money Mule" consists in recruiting, via social networks or seemingly real job offers, money couriers who will receive the funds in their bank accounts before sending them abroad, usually via a money transfer service.
The report recommends strengthening "Know your customer" so that controls ranging from simple screening to background checks are effective. It encourages " tougher due diligence " and " smarter investment in systems maintenance ".
Front companies at the heart of money-laundering schemes
Some gangs use shell companies established in foreign territories, the aim being to avoid international sanctions. Funds are generally concealed in companies active in the clothing, textile, fishing and seafood industries. Cybercriminals operate mainly in East Asia, where there are numerous regulatory loopholes. These clues should help institutions to better detect shell companies used for illicit purposes.
The use of cryptocurrencies remains marginal
Contrary to popular belief, identified cases of money laundering via cryptocurrencies remain small compared to the volume of cash laundered via traditional methods, the report states.
Digital transactions are attractive to criminals, as they are carried out in P2P (peer-to-peer) mode, enabling them to bypass the compliance and KYC checks carried out by financial institutions, which require only a simple e-mail address. Although cryptocurrency players are subject to anti-money laundering obligations, some countries are slow to implement regulations.
The need for cooperation between companies and the authorities
Financial organizations face an uphill battle against the professionalization of criminal groups. Companies and authorities need to keep a close eye on the evolution of money-laundering methods in order to " prevent criminal groups from benefiting as much as possible from the fruits of their large-scale cyber-bracketing ", says Simon Viney, Head of Cybersecurity in the Financial Services Sector at BAE Systems Applied Intelligence.