Has the GRU “hacked” money laundering?

July 17, 2018 3 minute read

Has the GRU “hacked” money laundering?

On Friday, the Mueller investigation indicted 12 members of the GRU, the intelligence branch of the Russian Military, for their role in hacking the DNC in the run up to the 2016 US Presidential election. The indictment lists 11 counts, including: conspiracy to interfere with elections, aggravated identity theft, conspiracy to interfere with the companies that administer elections and interestingly, one count of money laundering. The money laundering count refers to the intentional conspiracy to transport, transmit, and transfer monetary instruments and funds into the US with the intent to carry out specified unlawful activity.

This last count is interesting because the nature of “money laundering” is not what we normally encounter. The indictment states that the GRU used Bitcoin, some purchased, some self-mined to buy the infrastructure (domain names and servers) for their attacks. It is inferred that it was the movement of digital currencies into the US, through means which enable obfuscation and anonymity, that constituted as money laundering. For those who expect to see a predicate offence followed by three stages of money laundering: placement, layering and integration, this may cause problems. This interpretation of  “money laundering” whereby the perpetrator mints their own coins, moves them without banks, buys things online and influences elections might just have set an important legal precedent.

Available services: printing, software and terrorist financing  

On Monday, the BBC concluded and released its investigation into iBACs Technology, a small printing and software company that funded IS and sent military-grade communications equipment to Syria. News first broke about the company in  August 2017 when an FBI investigator tipped off UK law enforcement that suspicious transactions were being sent from the company to an individual under surveillance in the US. The subsequent investigation revealed a highly sophisticated, cross-continent terrorist financing network, commanded from Pontypridd in the South of Wales, UK.

The company, run by two brothers Saiful Haque Sujan and Ataul Haque Shobuj, not only sent money to the US but also to Spain and Bangladesh. In Spain, funds and communications equipment purchased by the company appear to have been sent to IS in Syria. In Bangladesh money went to the designated group Jama’atul Mujahideen, known for a string of deadly attacks in 2005 and 2016. Of note in this case, is the use of shell companies (Isynctel in Spain, WAHMI in Bangladesh and Etakeout in Wales) and to a lesser extent remittance companies, to move the money. The case shows that terrorist financing can happen anywhere and that continued efforts to prohibit the establishment of shell companies have impacts not only for money laundering and tax evasion but also for terrorist financing, something that is often overlooked.

Insuring the future – the insurance sector & financial crime prevention  

When it comes to preventing financial crime, and in particular money laundering, much of the onus falls on the banking sector. The spotlight seems to be moving a little however, with a number of pieces recently published looking at what role the insurance sector should play in financial crime prevention. The Financial Action Task Force (FATF) for example, published a public consultation for the life insurance sector, which aims to inform new guidance on applying the risk-based approach to AML/CFT compliance. This was closely followed by a detailed paper by the UK think tank, RUSI on sanctions evasion and proliferation finance in the insurance sector.

Sanctions evasion and proliferation finance have a considerable impact on national security but are often misunderstood across different sectors. As the RUSI paper states, regulations for both are often created for the finance and material goods sector but are rarely tailored to the insurance sector, which can result in confusing guidance. The sector has gained more attention because of the current threat landscape. North Korea continues to use sanctioned vessels, which must be insured to dock, to evade international sanctions and maintain its weapons program. As threats continue to evolve it is essential that all sectors have the guidance they need to fully meet regulations.