Speed, surprise and strategy

Money is transferable by one brief telephone call/e-mail or fax. It is therefore vital that not only is any investigation/analysis conducted in utmost secrecy but action is taken before the launderer has an inkling that he is being investigated.

Accordingly, at the very earliest opportunity, an analysis should be carried out to assess whether there has been any fraud and if so, the extent.

Once the problem has been assessed, decisions need to be taken as to whether it is commercially sensible to pursue the launderer and if so, to what extent. No victim, however large or small, should fail to assess the significance of publicity, given the fact that it has been the victim of fraud which is often caused by inadequate security measures or lack of judgment.

On the other hand, Directors are now facing increasing responsibilities to safeguard and preserve companies assets.

The Turnbull Report describes the ability of a company to respond appropriately to significant business risks to ensure its effective and efficient operation as an element of a sound internal control system. This includes safeguarding assets from inappropriate use or from loss and fraud and ensuring that liabilities are identified and managed.

The internal control system should be capable of responding quickly to evolving risks to the business arising from factors within the company and should include procedures for reporting immediately to appropriate levels of management any significant control failings or weaknesses.

The recommendations of the Turnbull Report do not have the force of statute. A company that does not implement those recommendations will not necessarily be liable to its shareholders for losses that may result from a failure to deal with risks. The Turnbull Report states that responsibility for implementing the guidelines lies with the board of directors and although they can delegate the task, they can’t delegate the responsibility.

However, the directors of the company owe it duties of trust and to act in its best interests. If a director fails to take reasonable steps to fulfil those duties, then he may be liable to the company for any resulting losses. The director of a company may also assume this kind of liability by virtue of his service contract with the company.

The Turnbull guidelines may therefore in the future provide guidelines for what constitute reasonable steps for a director of a company to take. If the board fails to follow the guidelines, it may be said that the directors have acted negligently. They may therefore be personally liable to reimburse the company for any resulting loss.

Under current law, if a director fails to prevent or report a fraud he has breached his duty to exercise care and skill. This duty is owed to the company. The director owes the company the same standard of care which a reasonable person would exercise on his own behalf. The test is objective.

The standard of skill required from a director is that which could be reasonably expected from a director with his degree of knowledge and experience. This is a subjective test. In this sense the director may well be negligent in failing to take steps to prevent fraudulent activities.

This is a clear example of how a director may be held liable to the company for failure to take reasonable steps to prevent loss to the company. There is no reason why the same argument could not be applied to the director who fails to implement internal control procedures to prevent misappropriation of company proprietary information by a computer hacker through failure to implement security measures.


Reference:
http://www.antimoneylaundering.ukf.net/papers/solicitor.htm

In a tactic as old as banking itself, criminals have always used banks as a sure-fire way to launder money gained through illegal means. But with the advent of internet banking, "following the money" to locate and prosecute money launderers and criminals has become more difficult than ever.
 
Money laundering, which involves disguising the origins of illegally obtained cash and then transforming it into apparently legitimate investments, is bolstered by the near anonymity that can sometimes be achieved through internet communication.



"A potential risk exists at any stage of the contact between a new customer and financial institution," says a report issued Thursday by the Financial Action Task Force (FATF).  But, the group says, in the case of internet banking, the difficulties "are increased if the procedures for opening [accounts] are permitted to take place without face-to-face contact..."


International access
 
FATF, set up by the G7 group of major industrialised nations, also noted that worldwide access further complicates detection of fraud.
It is not always clear whether an account is accessed from a country other to where the money is held, and account managers may simple be too busy to monitor all the activity of individual account holders.
 
Gambling with illegal cash
 
It isn't just online banks that are vulnerable. Internet-based gambling operations can also act as a haven for illegal cash-washing operations.
The FATF said there is evidence that criminals are using online casinos to commit crimes and launder the proceeds.
Aside from the problems inherent in internet banking, online casinos further complicate tracking of questionable transactions because gambling records are software based and at the gambling site - often located offshore.
That makes evidence gathering more difficult because the records are harder to find and may not exist at all.
 
Combatting cyber crime
 
In issuing its report, the FATF said countries could take several measures to counter money laundering. They include:

• Requiring internet service providers to maintain accurate and thorough subscriber information
• Require the establishment of log files, showing access and telephone number identity
• Ensure that information is made available internationally

The report on the potential of internet fraud coincided with one on the progress that the G7 has made to counter countries harbouring money-laundering schemes, among them Israel, Panama and the Bahamas.
In June, members of the G7 group of industrialised nations published a list of countries that made money laundering easy, and threatened tough action and sanctions if their governments failed to join international efforts to crack down on the criminals.






Source:
http://news.bbc.co.uk/2/hi/business/1149984.stm

Money launderers can now move illicit cash through the growing number of virtual reality role-playing games, and convert that cash into real currency before withdrawing it from ATMs worldwide. One wonders just how many laundrymen have tumbled to this cyberlaundering opportunity. Compliance officers at financial institutions please note that their banks may be guilty of money laundering if it facilitates deposits or payments in these virtual worlds, for there is no functional due diligence on players or recipients.

• Require ISPs to maintain reliable subscriber registers with appropriate identification information.
• Require ISPs to establish log files with traffic data relating Internet-protocol (IP) number to subscriber and to telephone number used in the connection.
• Require that this information be maintained for a reasonable period (possibly 6 to 12 months)
• Ensure that this information may be made available internationally in a timely manner when conducting criminal investigations.

• Unusual requests, timing of transactions or e-mail formats.
• Anomalies in the types, volumes or values of transactions.
• A customer who submits an incomplete on-line account application and then refuses to respond to a request for more information.
• An on-line account application with conflicting information such as a physical address that does not match the location of the given e-mail address.
• On-line applications for multiple accounts with no apparent reason to do so.
• A customer who uses the bank’s on-line transaction services to send repeated inter-bank wire transfers between several accounts with no apparent reason to do so.

Here we are going to discuss about how the Amendments to the Bank Secrecy Act of 1970, commonly referred to as the Money Laundering Control Act of 1986, apply to cyberspace and cyberlaundering. Without delving into the actual techniques involved in using public keys, blind signatures or any other encryption or decryption device, the best way to explain how anonymous digital cash could benefit money launderers' is by example. The following example will be used to demonstrate the law's application.
Doug Drug Dealer is the CEO of an ongoing narcotics corporation. Doug has rooms filled with hard currency which is the profits from his illegal enterprise. This currency needs to enter into the legitimate, mainstream economy so that Doug can either purchase needed supplies and employees, purchase real or personal property or even draw interest on these ill-gotten gains. Of course, this could be accomplished without a bank account, but efficiency demands legality. Anyhow, Doug employs Linda Launderer to wash this dirty money. Linda hires couriers ("smurfs") to deposit funds under different names in amounts between $7500 and $8500 at branches of every bank in certain cities. This operation is repeated twice a week for as long as is required. In the meantime, Linda Launderer has been transferring these same funds from each branch, making withdrawals only once a week, and depositing the money with Internet banks that accept ecash. To be safe, Linda has these transfers limited to a maximum of $8200 each. Once the hard currency has been converted into digital ecash, the illegally earned money has become virtually untraceable; anonymous. Doug Drug Dealer now has access to legitimate electronic cash.
Doug Drug Dealer is, of course, likely to be found guilty of more than just participating in a money laundering scheme. However, how the law applies to Linda Launderer and the Internet banks is more confusing. The purpose of the 1986 Act was to specifically criminalize the structuring of transactions so as to avoid the reporting requirements. Linda and her army of couriers are almost certainly violating structuring regulations by depositing small amounts in regular bank accounts. The problem is how to apply current money laundering law to cyberlaundering.
In the scenario above, Linda Launderer transfers sums of money less than $10,000 from non-Internet bank accounts to Internet-based ecash accounts. If the Internet bank is FDIC insured, as Mark Twain Bank then federal depository regulations may apply. However, the cyberbank will not automatically be required to file a CTR regarding these transactions as all are under the $10,000 filing requirement. Nevertheless, if any employee of the Internet bank has even a suspicion of structuring, a CTR may be filed. As in the tangible banking world, the information contained on a CTR is only as insightful as the information presented by the bank conducting the prior transaction.In essence, each record in the chain of transfers is only as strong as the previous recordation.
The catch is that Linda Launderer's transfer was deposited into an ecash account. According to one cyberbank which currently accepts ecash, ecash accounts are not FDIC insured. A lack of federal insurance protection is understandable for the reason that digital money is currently created by private vendors, rather than the Federal Reserve. Thus, digital cash does not enter into the marketplace of hard currency thereby affecting monetary supply or policy, yet.
Since Linda Launderer's transfer was deposited into a non-FDIC insured, and thus, presumably non-federally regulated account, then there should be no mandatory compliance with the filing regulations contained within the Money Laundering Control Act of 1986. If these assumptions prove correct, whether digital money is anonymous or not will be of less relevance to money launderers and law enforcement. If certain cyberbanks, or even specific non-FDIC currency accounts within a cyberbank are able to operate outside the reach of current federal regulations, laundering on the Web may become one of the most rapidly expanding growth industries. It should be remembered that a criminal organization desires to clean its dirty money, not necessarily protect their deposits from institutional banking failures.
Once the ecash account has been established, digital funds can be accessed from any computer that is properly connected to the Intenet. A truly creative, if not paranoid, launderer could access funds via telnet. Telnet is a basic command that involves the protocol for connecting to another computer on the Internet.Thus, Linda Launderer could transfer illegally earned funds from her laptop on the Pacific Island of Vanuatu, telneting to her account leased from any unknowing Internet Service Provider in the United States and have her leased Internet account actually call the bank to transfer the funds, thus concealing her true identity. This would, of course, leave an even longer trail for law enforcement to follow. Anyhow, ecash, being completely anonymous, allows the account holder total privacy to make Internet transactions. Thus, the bank holding the digital cash, as well as any seller which accepts ecash, has virtually no means of identifying the purchaser. Therefore, the combination of anonymous ecash and the availability of telnet may give a launderer enough of a head start to evade law enforcement, for the moment.
In the world of earth and soil, money can be laundered by the purchase of real and personal property. However, any cash transaction over $10,000 is subject to a transaction filing requirement. Real estate agents and automobile dealers, to name a few, are prime targets for the deposit of large sums of cash. In fact, such agents and dealers have been indicted for allowing drug money to be used to purchase expensive property.51
On the Internet, anonymous ecash would allow for anonymous purchases of real and personal property. This fact yields at least two separate, but interrelated problems. First, the launderer or drug dealer will be able to discretely use illegally obtained profits to legitimately purchase property. However, currently, the opportunity to spend thousands of dollars of digital money, or ecash for that matter, on the Internet is virtually nonexistent. Second, the temptation for automobile and real property dealers to become players in the game for anonymous ecash seems overwhelming. If a seller or dealer understands that it can not possibly trace who spent ecash at its establishment, the fear of becoming involved with dirty money is drastically reduced.Under current law, a seller of property must file a CTR for any cash transaction over $10,000. If the purchaser's identity is anonymous, and even the bank can not trace the spent ecash, the force of the Money Laundering Control Act of 1986 is withered into mere words on a page. Of course, Congress could attempt to legislate in this new area of commerce.
Obviously, transferring hard currency to ecash and then spending the ecash is an appealing opportunity to potential launderers'. What if the ecash is then transferred back to a regular hard currency account? This may seem a foolish act as the entire purpose is to reap the benefits of anonymous ecash. However, presently, there are no opportunities to purchase automobiles or real property by the exclusive use of anonymous ecash. Thus, the desire to convert private and untraceable ecash into a more functional means of purchasing is understandable.
Whether a regular, non-Internet currency account already exists or must be created to deposit the transferred ecash into may be irrelevant. Filing a CTR would be a legal necessity if the transfer amount is over the $10,000 reporting limit, as the transfer will deposit hard currency in a tangible, institutionalized, and regulated bank account. A transfer from completely anonymous ecash to hard currency might alert law enforcement as to the existence of the ecash account. While this alone would not track down laundered money, it might put a suspicious agent on notice.
In summary, Linda Launderer has knowingly structured financial transactions so as to avoid reporting requirements. Under current law she is in violation of The Money Laundering Control Act of 1986. However, if the cyberbanks in which she has ecash deposits are outside the reach of current banking regulations, these banks have no duty to file any currency transaction reports. Nevertheless, assuming that cyberbanks which accept anonymous ecash are somehow subject to the same laws and regulations which financial institutions in the tangible world are, Linda must first be caught before she can be found guilty. This is where anonymous ecash may save Linda from fines and jail time. Even if cyberbanks are required to file transactional reports pertaining to ecash, the reports will be virtually useless, as the banks have no knowledge as to which funds are Linda's. Thus, Linda, our overly creative launderer, and Doug, our devious drug dealer, may enjoy the benefits of completely anonymous money laundering. That is, unless Congress decides to attempt legislation in the area of digital money and virtual banking, or FinCen is somehow granted the constitutional authority to secretly monitor all cyberbanking transactions, despite its lack of accountability to the general population.



Reference:
http://osaka.law.miami.edu/~froomkin/seminar/papers/bortner.htm

Money laundering involves three stages to turn dirty money into clean money:
1. Electronic money
Electronic money (or e-money) is money that is represented digitally and can be exchanged by means of smart card from one party to another without the need for an intermediary. It is anticipated that e-money will work just like paper money. One of its potential key features is anonymity.

The proceeds of crime that are in the form of e-money could therefore be used, for example, to buy foreign currency and high value goods to be resold. E-money may therefore be used to place dirty money without having to smuggle cash or conduct face to face transactions.
2. Layering
Once the dirty money has been placed, the money launderer works it through a complex series of transactions to separate it from its illegal origins. This process is known as layering. It may involve the transfer of money through a series of offshore companies or the purchase of goods for re-sale. The launderer may try to legitimise the money by laundering it through a solicitor’s client account or by paying tax on it as purported income from a business!

It is the layering stage where the use of the Internet is most likely to facilitate money laundering. If the procedures for opening an Internet bank account are permitted to take place without face to face contact or without a link to a pre-existing traditional bank account, where the customer has to produce documentary evidence of identity, a money launderer may find it easier to set up accounts in false names that cannot be traced back to him.

The money launderer can control transactions from his PC. He can transfer money virtually instantaneously and thereby build up an extensive audit trail in a short space of time. The transfers can be made through many jurisdictions making it harder for prosecutors from one jurisdiction to follow the audit trail.

With the Internet there is the added jurisdictional issue of where the transaction takes place. Does it take place where the launderer is located, where the server is located or where the accounts are held? A joint report last year by the Bank of France and the French Banking Commission suggested that the last of these three locations is where the transaction takes place.

Layering may also become easier if the money can be transferred between banks that deal with e-money. Then the anonymity features of some types of e-money may make the source virtually untraceable.
3. Integration
Finally the money needs to be used by the owner, ensuring that the owner’s consequent wealth appears legitimate. This process is known as integration. A common traditional technique is to raise false invoices for goods and services.

The owner could use a company that provides Internet services to make it appear that services are being provided in return for the payment of monies that have passed through the layering process. For example, the laundered money may be in a bank account held in the name of a fictitious person or shell company. Payment would be made from that account to the Internet service company, as purported payment for a service. The service may be an Internet casino or betting facility. However the service would never be delivered – there would be no (net) winnings paid back to the account. The payment would appear as profit in the books of the Internet service company. Thus the wealth of the owner would appear to be legitimate – the profit of his Internet company.

This has greater scope than the traditional provision of goods and services where to legitimise the false invoicing may involve extensive paperwork such as documents evidencing delivery of goods and purchase of raw materials. Services may also be restricted to a particular geographical area. It may therefore be harder to justify a substantial turnover. It may also raise suspicions if money is being transferred from overseas banks or substantial amounts are being transferred through a few banks in the vicinity of the company’s operation.

On the other hand, Internet services tend to have lower overheads that needed to be accounted for and need not be limited geographically.


Reference:
http://www.antimoneylaundering.ukf.net/papers/solicitor.htm