A wide range of customer behaviors could read suspiciously. How do you know for sure? Though this is not a complete list, we explain 5 common typologies.
Watching for suspicious activity is a key part of keeping your cryptocurrency business in compliance. Of course, your primary business is to facilitate cryptocurrency transactions, but it has to be done carefully, with proper Know Your Customer (KYC) processes in place.
When customers try to subvert these processes, it can be difficult to know when to file reports for suspicious activity.
After all, not everyone who tries to skirt the rules is a criminal. Still, your BSA Compliance Officer should err on the side of caution in these instances; anytime you see red flags, it’s important to take action. As part of your crypto AML process, you are responsible for reporting suspicious activity. From there, other authorities can decide if they want to take further action.
So what are the signs that someone is trying to subvert your Know Your Customer (KYC) protocols? Here’s what to watch for and what to do if you see this activity.
Working around identification requirements
Privacy is a big deal to a lot of people. Your users might be nervous about how you store information, or they may just not want to let you know who they truly are. Of course, on the other end there are criminals that have much more nefarious reasons to hide their identity.
Part of your Customer Due Diligence (CDD) process is making sure you get specific identifying information about your users. You need to know who they are, of course, but you also need to know who gets financial benefits from the account.
[bctt tweet=”Not everyone who tries to skirt KYC rules is a criminal. Still, you should err on the side of caution.” username=”@AML_Report @BitAML”]
A user that is trying to avoid KYC/CDD can do a number of things. They might give an invalid name or address. The identification they send you for verification might be expired, or you might find that the identification is unusual or cannot easily be verified.
These red flags do need to be reported. You don’t know exactly why they don’t want to be identified, but it’s important that employees alert your BSA Compliance Officer, who will determine whether a SAR or other report is warranted.
Transacting just below reporting thresholds
Some reports are triggered by specific transaction sizes. If someone is trying to avoid having their financial activity noticed, they may attempt transactions that fall just below that threshold. For instance, because a Currency Transaction Report (CTR) has to be filed if a transaction amount is above $10,000, a client may attempt to move only $9,800.
Of course, moving a specific amount of money isn’t a criminal act on its own. However, avoiding reports is a suspicious activity. As a money services business, if you notice a user who regularly stays just below thresholds, there may be a problem.
Like any financial institution, you need to report any concerns to the BSA Compliance Officer. They can investigate further and see if a SAR or other report needs to be filed, or if the customer is on the up-and-up.
Breaking up transactions for no reason
The crypto industry is still a bit of a wild west, so sometimes a user will send one tiny transaction through to test your money transmitter business. Once they actually get their cryptocurrency, they will then make a larger transaction to reach the balance they desire.
That’s a normal and innocent example of customers breaking up transactions. They need to build trust in your business.
However, most of the time it makes more sense for a customer to initiate one transaction rather than multiple smaller ones.
[bctt tweet=”Watching for suspicious activity is a key part of keeping your #cryptocurrency business in #compliance.” username=”@AML_Report @BitAML”]
If you notice a user who breaks up transactions, they may be trying to disguise their activities. You might need to do additional KYC and get more information about what they are doing and why. You don’t want to panic and assume someone is a criminal, but it does warrant some more digging.
Crypto AML procedures should have a process for handling users who make unusual transactions so you can avoid bitcoin compliance mistakes.
Using multiple ATMs
Under normal circumstances, a potential customer can go to a single ATM and get out what money they need. If a user is going to multiple ATMs and withdrawing money within a fairly short time period, something could be amiss.
They may be trying to subvert your crypto AML processes for KYC, they could be under duress from someone else, or it may be completely innocent.
Regardless, you want to flag the account and keep a closer eye on it. The BSA Compliance Officer can decide if any of the account activity rises to a level that requires additional information or action.
Be aware of activity that might indicate fraud, like two transactions that are at ATMs far enough apart that the timestamps don’t make sense (i.e. the same customer couldn’t possibly travel from one to the other in that amount of time).
Key takeaways for crypto businesses
As a money services business, you want to provide high-quality service for your customers. At the same time, you have AML compliance obligations. Not only do regulators require them, but it’s a key part of making sure your business operates cleanly and isn’t taken advantage of by criminals.
Not everyone who tries to subvert KYC/CDD protocols is a criminal, of course. They may just want to protect their privacy or have concerns about revealing their identity to your company. A user who may be trying to avoid your AML compliance processes should be reported to the BSA Compliance Officer no matter what.
The BSA Compliance Officer may investigate further, or request additional information. It’s possible that ultimately a SAR needs to be filed. Once that’s done, other authorities can decide if additional action should be taken.
If your investigation uncovers information that seems like it may be criminal, you’ll need to take additional steps. You might need to alert law enforcement and cancel the account.