We’ve written about red flags businesses should add to their transaction monitoring before. Now, we’re offering 5 more based on recent trends.
Transaction monitoring is a front-line compliance responsibility that is mission-critical to financial institutions.
We’ve written at length about the importance of robust surveillance and monitoring at the blog before. If you haven’t read that linked blog post, and we recommend that you do, the gist of surveillance and monitoring is that it refers to the policies and procedures cryptocurrency money transmitters put in place to observe transactions for potentially suspicious activity.
Identifying potentially suspicious activity and filing the appropriate reports with regulators (most commonly, Suspicious Activity Reports and Currency Transaction Reports) is crucial to the ability of law enforcement to investigate financial crime and protect the integrity of the financial ecosystem.
Businesses accomplish this by maintaining and constantly updating a series of “red flags” that they check transactions against.
These red flags identify specific transactional behaviors that may indicate suspicious activity, like when a customer initiates a large number of transactions in a short time frame or initiates a transaction the dollar amount of which falls just under a particular reporting threshold (i.e, a transaction of $9,999 to avoid the anything over $10,000 CTR filing threshold).
We published a blog post last summer to help businesses understand red flags and what kinds of behaviors they should be on the lookout for.
But because financial criminals become more sophisticated by the day and look for new ways to exploit financial markets, including cryptocurrency, businesses must be constantly vigilant for new signs of suspicious behavior and update their red flags accordingly.
That’s why we wrote today’s blog post. We wanted to give businesses a heads up on some potentially suspicious typologies that have emerged in prominence over the past year.
This post should help businesses tune and update their red flags accordingly, and ensure that they are catching and reporting enough potentially suspicious activity.
However, if you’re worried about capturing the right kind of suspicious activity, want someone to double-check your work, or advise on specific surveillance and monitoring policies and procedures, you can always reach out to BitAML with questions.
Otherwise, let’s dive in.
New red flags for crypto businesses
1. Elder financial abuse
We have written extensively about the phenomenon of elder financial abuse (EFE), which has emerged in recent years as one of the most significant forms of fraud perpetrated against Americans each year.
EFE is a growing issue in the cryptocurrency space, such that we often advise clients to add a specific policy for addressing EFE to their AML compliance regime.
Additionally, businesses should monitor for signs of EFE in day-to-day transactions.
Users age 60 or greater initiating unusually large transactions or a series of smaller transactions in a short window of time could be targets of EFE. Ascertaining their reasons for the transaction and verifying that they are in control of their account are proactive steps that can be taken.
2. Ransomware scams
We dedicated an entire blog series this year to crypto scams, but the ransomware scam has become one of the most pernicious in the crypto space. So much so, in fact, that FinCEN and OFAC recently released joint advisories warning financial institutions about ransomware scams earlier with specific instructions for SAR filing when ransomware scam activity is detected.
As such, crypto businesses need to be on their guard and responsive to potential ransomware activity.
There are a lot of newcomers to cryptocurrency, which is exciting for growing businesses. But make sure your first-time customers are there for the right reasons. Do some old-fashioned customer service, like a phone interview or email survey, to figure out who your customers are.
If your customers are enthusiastic about crypto, that’s great! But if you detect they are disgruntled, and “only bought some crypto to solve a problem” or something suspicious, they could have been victims of a scam.
Such a discovery would mean a SAR filing at minimum, and most likely the banning of the customer account.
There are some proactive measures you can take as well. Keep an eye out for first-time transactions between $1,000 and $3,000, and other warning signs (like an overlap with EFE) to prevent potential criminal activity from occurring in the first place.
3. Romance scams
One of the highest-traffic posts we’ve ever published is this article on romance scams. Our blog pulls in tons of traffic, but this post is always in our top 5 each month.
That’s because romance scams are a particular concern in cryptocurrency. This scam typology is difficult to detect, since this form of financial abuse is often long-term, with the scammer successfully swindling thousands of dollars out of a victim over a long period of time.
As such, transactions here and there for a few hundred dollars each week will largely go undetected.
This is a case where some customer service follow-up can be extremely helpful. We’ve talked to BSA Compliance Officers that have said over the course of a simple phone interview, within two questions, they can tell whether a customer is a victim of a romance scam.
4. Shared wallets
Multiple customers sharing the same wallet has been a particular point of focus in examinations this year.
We’ve heard anecdotally that examiners have been asking a lot of questions about this type of transaction activity, and are concerned about the ability of businesses to recognize it.
For example, we’ve learned from law enforcement that a single wallet address shared among multiple persons may be one possible indication of organized criminals working in concert. This is a critical red flag and one that warrants immediate review and investigation within your institution.
In any case, regulators are asking about it, it does indicate potentially suspicious behavior, and it should be reflected in your red flags.
5. Volume and velocity
A large share of potentially suspicious transactions fall into two broad camps: volume and velocity.
We talked about these two typologies in our last blog post on the topic, but it bears repeating here, just in case your red flags are missing this key detail:
- Volume: Multiple, large transactions spread out over a period of time
- Velocity: Fast transactions occurring over a very short period of time.
What kinds of red flags you should develop around these concepts depends largely on your individual institution, and you may develop them over time as you begin to notice odd behaviors in your own transactions.
The key takeaway here is to revisit your red flags for these typologies and tune accordingly.
It’s nearing the end of the year, which means it’s a good time to revisit your AML compliance program and kick some tires. Red flag tuning and optimization is a great place to start.
If you need help with your surveillance and monitoring protocols, would like to schedule your annual independent review, or you just have compliance questions, you can reach out to BitAML at any time.