Deep in the Bitcoin Soap Suds

Washing-MachinesChatting with Laura Marshall, the money laundering expert from Hunton & Williams who spoke at our Fraud & Technology Seminar last week (Bitcoin: The Liberty Reserve Indictment), brought home to me, once again, the fact that money launders are among the most innovative and resourceful of fraudsters, ceaselessly searching for novel ways (like employing the laundering potential of new on-line currencies like Bitcoin) to practice their trade.  Compounding the problem of the technological creativity of this category of fraudster is the remote likelihood of indicia of money laundering even showing up in the course of a routine financial statement audit.  I thought it might be helpful to our Chapter members and to readers of this blog to indicate some of the unique skills and perspectives necessary to successfully investigate money laundering and identify some of the potential red flags a financial or other auditor may encounter if money laundering transactions are taking place.

As Laura emphasized in her excellent presentation, money laundering is the crime or activity of moving funds of illicit origin; anti-money laundering (AMI) refers to formal  and informal systems and controls designed to  prevent or frustrate attempts to launder money and to report incidents of money laundering when they are suspected or detected; it follows from this that for institutions like banks, which are in the business of holding and facilitating the flow of funds, AMI constitutes a primary  focus of attention.  Even though fraud and money laundering are both crimes based on deception, they shouldn’t be confused; money laundering is a process undertaken by or on behalf of criminals with the object of hiding or disguising their criminal activities and the origin of their illicit proceeds.  The goals of the money launderer are achieved through a series of financial transactions, sometimes involving a number of countries and institutions and typically through a variety of financial products; it’s historically so hard to detect because so many auditors (financial and otherwise) know so little about its actual mechanics and, therefore, don’t really know what to look for when they suspect its presence.

The typical scheme unfolds in three distinct stages; placement, layering and integration.  Of these three, the first is the riskiest for the fraudster as she tries to introduce the proceeds of crime into the wider financial system;  banks have been the traditional vehicles for this introduction but in recent years, under the impact of intense governmental regulation,  banks have hardened their controls to the point where fraudsters now concentrate their efforts on the infiltration of cash-intensive businesses  like restaurants or sports clubs which provide plausible cover for the constant movement of large amounts of cash. The contrast with financial fraud is clear in that a financial fraud may not have a placement stage since the funds targeted by the financial fraudster may already be on deposit somewhere in the financial system, for example, in the case of an embezzlement scheme perpetrated by a corporate financial executive.

Assuming that the cash is successfully introduced into the financial system, the second step,  layering, can take place which is a series of related transactions undertaken for the purpose of obscuring the origin of the funds by obliterating any audit trail; the way to accomplish this (and something a fraud examiner or financial auditor can readily test for) is to move the funds between financial products, between institutions and even jurisdictions.  Account and fluctuation analysis can be used by the auditor to identify the type of continuous account churning associated with a suspected money laundering scenario.   Once the layering process is completed, integration begins; the funds now have a veneer or respectability and can be integrated back into the economy by being invested, loaned or spent.   In a typical fraud, the scenario applied by the fraudster usually results in the loss or disappearance of assets or revenue; as a result of layering activity, however, significant revenue may be generated for the business because the company can charge fees for the transactions that permit the illicit proceeds to be distanced from their sources.

So, if you suspect money laundering may be occurring, as an auditor or fraud examiner, what do you look for?  Certainly, such red flags as, unusual cash transactions, excessive cash transfers into and out of bank accounts, and frequent deposits or withdrawals just below bank reporting thresholds.

More specifically, regarding tone-at-the-top, does the operation generally lack a strong control environment; generally this is frequently coupled with a lack of a compliance function of any kind (there is no one the management answers to).  Also, if there’s no evidence of a formal, enterprise-wide ethical charter or employee  standard of conduct accompanied by staff training and, if there’s no internal audit compliance program, you could have an environment ripe for this type of abuse.

Take a look at previous examiner’s or auditor’s reports citing compliance problems, control deficiencies, or concerns over management’s competence or integrity.  Very telling for this type of review is significant revenue stemming from or assets and liabilities associated with high risk jurisdictions like the Cayman Islands and other venues associated by the public  with the concealment of assets.  Also look for abnormally high electronic funds transfer activity from and to these types of venues.  I’ve personally found that a lack of background checks on new employees is a telling measure coupled with infrequent or non-existent reviews of security software and related systems.

The mechanics of conducting a money laundering investigation are beyond the scope of this post, but data-mining software is often used in fraud investigations generally to identify relationships or anomalous transactions within any data under review.  Data mining can be used in money laundering investigations as well to uncover suspicious transactions, suspicious relationships between accounts and questionable entities.

Comments are closed.