Yesterday, the Financial Action Task Force (FATF) published a report on Virtual assets: red flag indicators of money laundering and terrorist financing.
Virtual assets are particularly attractive to those seeking to launder money or finance terrorism. As this report highlights in its introduction, the ability to “transact across borders rapidly not only allows criminals to acquire, move, and store assets digitally often outside the regulated financial system, but also to obfuscate the origin or destination of the funds and make it harder for reporting entities to identify suspicious activity in a timely manner. These factors add hurdles to the detection and investigation of criminal activity by national authorities”. The report draws on: “extensive input by FATF Members across the global network, and seeks to provide a practical tool for both the public and private sectors in identifying, detecting, and ultimately preventing criminal, [money laundering], and [terrorist financing] activities involving [virtual assets]”.
The report considers 13 illustrative case studies and highlights numerous examples of behaviour within the following fields of monitoring that should prompt further monitoring and investigation.
- Size and frequency of transactions: for example, multiple high-value transactions made in short succession during a 24-hour window; in a staggered and regular pattern, with no further transactions recorded thereafter.
- Transactions concerning new users: for example, large initial deposits made to open a new relationship with a virtual asset service provider, when the amount funded is inconsistent with the customer profile.
- Transactions concerning all users: for example, converting a large amount of fiat currency into virtual assets, or a large amount of one type of virtual asset into other types of virtual assets, with no logical business explanation.
- Transactions with an element of anonymity: for example, transactions involving more than one type of virtual asset, despite additional transaction fees (especially transactions involving virtual assets that provide higher anonymity, such as anonymity-enhanced cryptocurrency or privacy coins).
- Senders / recipients: for example, a customer who frequently changes his or her identification information, including email addresses, IP addresses, or financial information.
- Source of funds: for example, funds are sourced directly from third-party mixing services or wallet tumblers.
- Geographical risks: for example, funds originate from, or are sent to, an exchange that is not registered in the jurisdiction where either the customer or exchange is located.
The existence of a single indicator does not necessarily indicate criminal activity
More often, it is the presence of multiple indicators in a transaction with no logical business explanation that raises suspicion of potential criminal activity. In such circumstances, the behaviour and / or transactions in question should be investigated, escalated and (where appropriate) reported.