Whilst technological advancements such as the internet and social media have enhanced our lives in many ways, they have also created an environment in which cybercriminals can thrive.
Not only does the internet allow these offenders to conduct cybercrimes such as financial fraud, but it also allows them to launder the proceeds of crime, continuing and expanding their operations.
The anonymity and convenience of the internet and other Information and communications technologies (ICT) allow cybercriminals to target victims globally, raising cross-jurisdictional considerations and complicating investigations.
In its 2018 Yearly Typologies Report, the Asia/Pacific Group on Money Laundering (APG) includes a focus on understanding emerging risks, trends and contextual issues associated with cybercrimes and laundering the illegal proceeds (cyber-laundering).
Which crimes are facilitated through the internet?
Some of the key crime types enabled through the internet and ICT include:
- Terrorism financing – may take place over the internet and social media as supporters seek to provide funds to terrorist organisations located overseas.
- Sexual exploitation – the production and distribution of child exploitation material online generates proceeds of crime, worth billions of dollars each year.
- Illicit trafficking – drugs, weapons and stolen goods might also be sold through online marketplaces on the World Wide Web, or more anonymously through the ‘dark web’.
- Fraud, identity theft and scams: present on the internet for quite some time.
- Robbery or theft – ICT have also facilitated new forms of robbery and theft.
- Extortion – ICT have also led to new methods of extortion, for example, ransomware.
Money laundering is commonly seen in combination with these crimes, in order to launder the illicit proceeds.
How does the FATF combat cybercrime and cyber-laundering?
The Financial Action Task Force (FATF) is an inter-governmental body which aims to set standards and promote effective implementation of legal, regulatory and operational measures for combating money laundering and terrorist financing.
The Financial Action Task Force (FATF) advocates for global implementation of the Budapest Convention – the first international treaty seeking to address internet and computer crime by harmonising national laws, improving investigative techniques, and increasing cooperation among nations to combat cybercrimes.
FATF also releases various reports highlighting key developments related to cybercrime, which assist jurisdictions in developing appropriate AML/CTF regulation.
The Money Laundering & Terrorist Financing Vulnerabilities of Commercial Websites and Internet Payment System (2008) report highlighted vulnerabilities of commercial websites and internet payment systems, and a number of money laundering and terrorism financing (ML/TF) risks associated with non-face-to-face business and financial transactions.
The FATF´s 2013 report Guidance for a Risk Based Approach: Prepaid Cards, Mobile Payments and Internet-Based Payment Services demonstrated that the growth of new payment products and services (NPPS) worldwide has created obstacles for jurisdictions and private sector institutions in ensuring that these products and services are not exploited for ML/TF purposes.
The 2014 report Virtual Currencies: Key Definitions and Potential AML/CFT Risks assesses the various types of virtual currency and associated risks, and the 2015 report Guidance for a Risk-Based Approach to Virtual Currencies outlines methods to protect the integrity of the global financial system from cybercrimes including cyber-laundering, and highlights the points of intersection that provide gateways to the regulated financial system, in particular convertible virtual currency exchangers.
Regulation of digital currencies
In addition to the Budapest Convention which aims to establish consistent legal frameworks and investigatory powers amongst its signatories, jurisdictions have also sought to address digital currencies by subjecting this sector to AML/CFT regulation and supervision.
Australia recently passed the Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill 2017, giving AUSTRAC the power to monitor all digital currency exchanges within Australia’s borders, with an aim to ensure that the transactions are not being used for money laundering or terrorism-related activities.
Digital currency exchanges are required to, among other things, register with AUSTRAC, have an AML/CFT program in place, report suspicious transactions and maintain sufficient records.
Challenges in combating cybercrime and cyber-laundering
The report highlights some challenges for jurisdictions including:
- Lack of law enforcement expertise in investigating these crimes, and poor coordination between agencies responsible for investigating cybercrime and ML/TF.
- Lack of legislation to combat cybercrime or elements of related technology changes.
- The transnational nature of many cybercrimes requires strong international law enforcement cooperation, as well as cooperation with the private sector (e.g. social media and telecommunications companies).
Case Study: Money Laundering through digital currencies
The APG provides various ML/TF case studies. The following case from Chinese Taipei highlights how money can be laundered through Bitcoin.
- Person ‘X’ – a scam syndicate member – extensively studied Bitcoins over the Internet. He converted fraud proceeds into Bitcoins and transferred them in and out of e-wallets repeatedly, creating five barriers that stopped the police from tracing the money.
- X first used forged identity documents to apply for a Bitcoin account, then converted fraud proceeds into Bitcoins and used cell phone apps to transfer Bitcoins to another account before directing them to the accounts of the scam syndicate.
- Due to the difficulties involved in tracing Bitcoins, X successfully laundered more than NT$50 million in one month. In a bust by the Criminal Investigation Bureau, X was charged with a criminal offence.
The transnational nature of these crimes, combined with the anonymity provided by the internet and virtual currencies, and the lack of appropriate legislation and law enforcement expertise, mean that cybercrime continues to be on the rise. Some progress is being made, such as the regulation of virtual currencies and increasing use of the Budapest Convention, however there is still much work to be done to effectively combat cybercrime and cyber-laundering.