A Guide to Anti-Money Laundering for Crypto Firms

AML Red Flags – What are the Top 10 Indicators?

AML Compliance Knowledge & Training

The growing complexity, diversity and interconnectedness of the financial system is creating new opportunities for criminals. As a result, the anti-money laundering (AML) red flags firms are monitoring will change. So what should compliance teams be looking for, and how do these risks vary by industry? 

What are Red Flags in AML?

AML red flags are common warning signs alerting firms and law enforcement to a suspicious transaction that may involve money laundering.

The Financial Action Task Force’s (FATF) international standards to fight money laundering and the financing of terrorism and proliferation provides a comprehensive and consistent framework of measures for firms to follow.

Here are our top 10 AML red flag indicators:

1. Secretive new clients who avoid personal contact

Firms should have Know Your Customer (KYC) and customer due diligence (CDD) procedures in place when onboarding new clients. If a customer refuses to answer questions about themselves, firms should consider whether this is suspicious, especially if they have criminal associations, or know an unusual amount about the money laundering process. 

2. Unusual transactions

Customers trying to launder funds may carry out unusual transactions. Firms should look out for activity that is inconsistent with their expected behavior, such as large cash payments, unexplained payments from a third party, or use of multiple or foreign accounts. These are all AML red flags.

3. Unusual source of funds

Transactions involving large amounts of cash or private funding could indicate money laundering, and if cash deposits or complex crypto assets are involved, identifying the source can be difficult.

4. Transaction has unusual features

The size, nature or frequency of transactions, or repetitive instructions involving common features, are all AML red flags. Firms should be particularly alert if a transaction appears unusual for the customer’s profile, or if there is unexplained urgency.

5. Geographic concerns

If a firm is not local to the customer, why are they using it? Unexplained connections with – and movement of money between – jurisdictions should also raise suspicions.

6. Politically exposed persons

Individuals – and their family and associates – in high positions are more vulnerable to corruption and could pose a higher risk of money laundering for quid-pro-quo favors or kickbacks. While no standardized global definition exists, PEPs typically include heads of state, senior politicians or government officials, judicial or military officials, senior executives of state-owned corporations, or important political party officials. 

7. Ultimate beneficial ownership is unclear

Ultimate beneficial owners are the people who ultimately own or manage a company. Complex ownership structures, or the use of shell companies, could be an attempt to disguise criminal activities and carry out financial crime. 

8. Jurisdiction risk

Some countries or jurisdictions have high levels of corruption, unstable governments, or are known as money laundering havens. They could also have inadequate AML/CFT regulatory and judicial frameworks, or be subject to economic sanctions. Transactions that involve these countries should be carefully monitored as AML red flags.

9. Sanctions exposure

It is important that firms review relevant international sanctions lists to ensure that customers are not sanctioned themselves, or involved, or transacting with, a sanctioned entity. As Russia’s invasion of Ukraine has demonstrated, sanctions lists are subject to change at short notice. This means firms need to ensure they have a real-time plan for managing rapid changes. 

10. Adverse media

Additional checks may also be needed if the customer is a subject of negative news media in any part of the world, as this could increase AML risk. Firms should ensure their adverse media screening is appropriately aligned with common predicate offenses. 

How do AML red flags vary by industry?

While the above tips provide general guidance regarding customers and transactions to be wary of, the nature of red flags will vary by customer and industry.

For example, the virtual asset industry faces specific risks that firms should be aware of. The FATF recently issued guidance on virtual asset (VA) red flags, highlighting six key areas of focus:  

  • Transactions: Firms should look out for the structuring of VA transactions (e.g. transfer or exchange) in amounts under record-keeping or reporting thresholds 
  • Transaction patterns: A new user may attempt to trade the entire balance of VAs, or withdraw the VAs and attempt to send the entire balance off the platform
  • Anonymity: Firms should look out for customer transactions involving more than one type of VA and especially VAs that provide higher anonymity, such as anonymity-enhanced cryptocurrency (AEC) or privacy coins
  • Senders or recipients: Customers may create separate accounts under different names to circumvent restrictions on trading or withdrawal limits imposed by VASPs
  • Source of funds or wealth: The use of one or multiple debit and/or credit cards that are connected to a VA wallet to withdraw significant amounts of fiat currency (crypto-to-plastic), or funds for purchasing VAs are sourced from cash deposits into credit cards
  • Geographical risks: Customer uses a VA exchange or foreign-located money or value transfer service (MVTS) in a high-risk jurisdiction with inadequate AML/CFT regulations for VA entities, including inadequate CDD or KYC measures

Next steps

Following FATF guidance and local legislation, AML programs should ensure a risk-based model that reflects their threat landscape and regulatory environment, effectively highlighting any AML red flags. This should include suitable CDD processes, identifying customers for enhanced due diligence (EDD), transaction monitoring measures, and sanctionsPEPs and  adverse media screening.

FinTech Regulation: What You Need to Know

Find out more about crypto AML red flags and what firms need to know about FinTech regulations.

Learn more
The growing complexity, diversity and interconnectedness of the financial system is creating new opportunities for criminals. As a result, the anti-money laundering (AML) red flags firms are monitoring will change. So what should compliance teams be looking for, and how do these risks vary by industry? 

What are Red Flags in AML?

AML red flags are common warning signs alerting firms and law enforcement to a suspicious transaction that may involve money laundering. The Financial Action Task Force’s (FATF) international standards to fight money laundering and the financing of terrorism and proliferation provides a comprehensive and consistent framework of measures for firms to follow. Here are our top 10 AML red flag indicators: 1. Secretive new clients who avoid personal contact Firms should have Know Your Customer (KYC) and customer due diligence (CDD) procedures in place when onboarding new clients. If a customer refuses to answer questions about themselves, firms should consider whether this is suspicious, especially if they have criminal associations, or know an unusual amount about the money laundering process.  2. Unusual transactions Customers trying to launder funds may carry out unusual transactions. Firms should look out for activity that is inconsistent with their expected behavior, such as large cash payments, unexplained payments from a third party, or use of multiple or foreign accounts. These are all AML red flags. 3. Unusual source of funds Transactions involving large amounts of cash or private funding could indicate money laundering, and if cash deposits or complex crypto assets are involved, identifying the source can be difficult. 4. Transaction has unusual features The size, nature or frequency of transactions, or repetitive instructions involving common features, are all AML red flags. Firms should be particularly alert if a transaction appears unusual for the customer’s profile, or if there is unexplained urgency. 5. Geographic concerns If a firm is not local to the customer, why are they using it? Unexplained connections with - and movement of money between - jurisdictions should also raise suspicions. 6. Politically exposed persons Individuals – and their family and associates - in high positions are more vulnerable to corruption and could pose a higher risk of money laundering for quid-pro-quo favors or kickbacks. While no standardized global definition exists, PEPs typically include heads of state, senior politicians or government officials, judicial or military officials, senior executives of state-owned corporations, or important political party officials.  7. Ultimate beneficial ownership is unclear Ultimate beneficial owners are the people who ultimately own or manage a company. Complex ownership structures, or the use of shell companies, could be an attempt to disguise criminal activities and carry out financial crime.  8. Jurisdiction risk Some countries or jurisdictions have high levels of corruption, unstable governments, or are known as money laundering havens. They could also have inadequate AML/CFT regulatory and judicial frameworks, or be subject to economic sanctions. Transactions that involve these countries should be carefully monitored as AML red flags. 9. Sanctions exposure It is important that firms review relevant international sanctions lists to ensure that customers are not sanctioned themselves, or involved, or transacting with, a sanctioned entity. As Russia’s invasion of Ukraine has demonstrated, sanctions lists are subject to change at short notice. This means firms need to ensure they have a real-time plan for managing rapid changes.  10. Adverse media Additional checks may also be needed if the customer is a subject of negative news media in any part of the world, as this could increase AML risk. Firms should ensure their adverse media screening is appropriately aligned with common predicate offenses. 

How do AML red flags vary by industry?

While the above tips provide general guidance regarding customers and transactions to be wary of, the nature of red flags will vary by customer and industry. For example, the virtual asset industry faces specific risks that firms should be aware of. The FATF recently issued guidance on virtual asset (VA) red flags, highlighting six key areas of focus:  
  • Transactions: Firms should look out for the structuring of VA transactions (e.g. transfer or exchange) in amounts under record-keeping or reporting thresholds 
  • Transaction patterns: A new user may attempt to trade the entire balance of VAs, or withdraw the VAs and attempt to send the entire balance off the platform
  • Anonymity: Firms should look out for customer transactions involving more than one type of VA and especially VAs that provide higher anonymity, such as anonymity-enhanced cryptocurrency (AEC) or privacy coins
  • Senders or recipients: Customers may create separate accounts under different names to circumvent restrictions on trading or withdrawal limits imposed by VASPs
  • Source of funds or wealth: The use of one or multiple debit and/or credit cards that are connected to a VA wallet to withdraw significant amounts of fiat currency (crypto-to-plastic), or funds for purchasing VAs are sourced from cash deposits into credit cards
  • Geographical risks: Customer uses a VA exchange or foreign-located money or value transfer service (MVTS) in a high-risk jurisdiction with inadequate AML/CFT regulations for VA entities, including inadequate CDD or KYC measures

Next steps

Following FATF guidance and local legislation, AML programs should ensure a risk-based model that reflects their threat landscape and regulatory environment, effectively highlighting any AML red flags. This should include suitable CDD processes, identifying customers for enhanced due diligence (EDD), transaction monitoring measures, and sanctions, PEPs and  adverse media screening. [cta_card title="FinTech Regulation: What You Need to Know" cta_img="" category="" bodytext="Find out more about crypto AML red flags and what firms need to know about FinTech regulations." cta_text="Learn more" cta_url="https://complyadvantage.com/insights/fintech-regulation-what-you-need-to-know/"]

Originally published September 23, 2022, updated September 23, 2022

Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.

Copyright © 2022 IVXS UK Limited (trading as ComplyAdvantage).