Have AML/CFT risks been impacted by COVID-19?
Apart from being a massive public health crisis, COVID-19 is also sounding the death knell for cash. During the peak of the pandemic in some countries such as China, the government ordered banks to literally launder their cash. Bills and coins were disinfected using ultraviolet light and high temperatures, then quarantined for a minimum of seven days before being released to the public.
While parts of Asia may have already relaxed quarantine orders, consumers are still turning away from notes and coins due to lingering concerns about health and hygiene, and are recognizing the convenience of digital payments.
In Singapore, DBS Bank reports that not only has the pandemic caused unprecedented growth in the number of e-payment transactions in the country, but it has also caused cash withdrawals and deposits to plummet by 11% between January to March 2020 compared to Q1 of 2019. The country’s migrant workers have also turned to digital banking; POSB Singapore opened 41,000 online bank accounts for foreign workers, allowing them to receive their salaries and remit money electronically.
Meanwhile, the State Bank of Vietnam (SBV) found that domestic payments via bank cards increased by 26.2% in volume and 15.7% in value during the first four months of 2020 over the same period last year.
Of course, cashless and contactless payment methods were already catching on before COVID-19. But the crisis has accelerated the shift to the “new normal” of payments. Along with it comes new anti-money laundering (AML) and countering the financing of terrorism (CFT) risks for e-payment providers.
Below are six AML/CFT risk areas to consider under this new environment.
Social distancing guidelines and stay-at-home orders have led to a surge in online spending and, as a result, cashless payment options. Almost a third (30%) of Southeast Asian consumers increased their online spending in the first six months of 2020, while 47% reduced their offline spending. Lazada reports that their online grocery sales in Singapore quadrupled since the start of the country’s lockdown measures in April 2020.
The accessibility of online marketplaces like Lazada, Shopee, Alibaba, and Tokopedia makes it easy to set up a fake online store as a front or pass-through company, which increases AML/CFT risk. In China, for instance, money launderers have been placing fake eCommerce purchases to move money to offshore gambling sites.
Aside from providing consumers with a safe and secure platform to pay for their online purchases, e-payment providers now find themselves in the position to be the first line of defence against money laundering and fraudulent transactions. For starters, this means doing customer due diligence (CDD) checks throughout the lifetime of each client and offering tokenization, among other measures.
The surge in e-commerce activity in Asia has also led to increased adoption of eWallets. In the Philippines, where consumers have historically paid for online purchases through cash on delivery (COD), COVID-19 has forced consumers to turn to virtual wallets. GCash, the country’s largest mobile payments platform, saw a 150% surge in registered users between March and June 2020.
However, AML compliance can vary widely from one eWallet platform to the other. Some eWallets may have inadequate customer identity verification measures. Others allow multiple users to access different eWallet accounts on one device. Either way, these exploits make eWallets susceptible to AML/CFT risks.
eWallet providers can protect their platform by implementing transaction monitoring for AML, identifying discrepancies in customer identity during registration, and flagging frequent and rapid cash withdrawals of funds moved between accounts.
Allied Market Research predicts that the global prepaid card market will reach $3.653 trillion in revenue by 2022. In recent years, prepaid cards have gone virtual, with platforms like GrabPay and PayMaya giving consumers in Southeast Asia the ability to load cash in their apps—much like an eWallet.
Unfortunately, the accessibility of prepaid cards and the relative anonymity they afford (i.e., no need to link to a bank account) makes them a prime target for all three money laundering stages: placement, layering, and integration. A common money laundering tactic with prepaid cards is ‘smurfing,’ where multiple cards are loaded with amounts below the KYC (know your customer) threshold.
Prepaid card providers can fix this problem simply by securing their virtual card management platforms and the cards themselves more effectively. Providers can also implement measures such as limits on funding, reloading, and spending, stricter cash access controls, and limiting access within specific geographic locations.
Despite the sharp decline in global remittances due to the economic slump induced by the coronavirus pandemic, the World Bank predicts that remittances to low and middle-income countries will rise by 5.6% to $470 billion in 2021.
The rise of money transfer apps like Remitly and TransferWise has made it even easier for money launders to move money across borders. Criminals can use ‘money mules’ to get other people to move money on their behalf or simply use fake identity documents to bypass CDD checks.
Remittance firms must employ systems that automatically detect typical AML remittance red flag behaviours, such as suspicious remittance patterns and transfers to high-risk countries and websites. In addition, AML compliance for online remittance services should meet FATF (Financial Action Task Force) guidelines.
Online games, particularly massive multiplayer online role-playing games, have long been suspected of being an under-reported avenue for money laundering due to their use of in-game credits—effectively a form of cryptocurrency. Criminals break down a large amount of money by purchasing in-game currency and selling these credits to gamers at a discount without triggering AML alerts. This scheme is known as micro laundering.
With the right transaction monitoring rules in place, game developers can implement systems to detect micro laundering. The key is to have the proper rules in the regulatory technology workflow to identify micro laundering risks. This allows the AML system to flag not just large, single transactions, but also less obvious tactics—for example, hundreds of smaller PayPal transactions of $100 each.
Escrow services are used by online gig marketplaces, buy-and-sell platforms, and various types of online financial transactions, from buying a domain name to purchasing a vehicle. These services can be exploited to launder dirty money through money mules.
For example, a user can post a freelancer “job” on a gig marketplace for the amount of money they need to launder. That same user can open another account with a different IP address or have a money mule apply for that fake job. The job is completed and the gig marketplace releases the now-laundered money.
The simplest solution against this problem is to implement KYC procedures to verify the identity of every user, seller, or buyer involved when money is held in escrow.
To provide effective AML/CFT risk compliance, e-payment providers should implement a suitable automated, intelligent transaction monitoring for AML systems to analyse customer and transaction data and identify red flag activities. Automated AML data solutions not only identify risks before they become threats, but they also reduce the risk of human error and deliver ongoing compliance by adapting to global watchlist databases and legislation.
On an administrative level, e-payment providers must be proactive in ensuring they meet all licensing and registration requirements that apply to them. By adapting to regulations and implementing policies to fit under the new normal of payments, e-payment platforms can reduce the threat and potential damage of digital money laundering.