Some hypothetical cases of credit cards abused for money laundering


There was a discussion on one of the LinkedIn groups regarding the misuse of credit card for money laundering purposes.  Some experts shared very interesting examples which I thought might be useful for a wider audience.

(Please note, I am just using their views to share it and not claiming they are mine!)

Hows this for a real life example: Acct holder “A” is receiving donations (supposedly from friends & family for her ‘missionary’ work) but has a significant balance (mostly from credit cards). Acct holder “A” is reportedly located in Canada but is accessing her acct from Nigeria. She is transferring funds to Acct holder “B”, which were donated to Acct holder “A” for a specific charity (not her ‘missionary’ work), but clearly states that she does not work for the charity or is in any way affiliated with the charity she’s received funds for.

Acct holder “B” is also reportedly located in Canada – but has accessed her account from Nigeria as well, but mostly from Canada. Acct holder “B” is not only receiving funds from Acct holder “A” but from Acct holder “C” as well. I should also mention that Acct holder “B” is listed on a charitable website as being reponsible for collecting funds the for the organization in Canada. But Acct holder “B” has no mention within their acct that they work for or that the account is in anyway affiliated with said charity.

Acct holder “C” is located in Europe. Acct holder “C” is primarily accessing their account from Nigeria as well. The funds Acct holder “C” receives is for the sale of a book. The author of the book is affilated with the same charity all three acct holders have received funds for. Account holder “C” is not mentioned on the charities website, but all funds from the sale of the book get transferred back to Acct holder “B”.

The charity is an international charity – registered as a charity in three different jurisdictions. While I have changed the locations mentioned above from the actual locations they are in, it should be noted that the organisations registrations & where these account holders are, also do not match up.

Charity fraud can be hard to find. The above example was originally identified by reviewing irregularities with Acct holder “A’s” transaction history. I followed the money. This is a prime example of how money laundering with CC’s can be done with purchases, transfering funds & a little bit of layering thrown in for good measure.

Transactions do not have to be large to be ‘out of the ordinary’. It could be the number of transactions, repeat customers (or in this case donors) with no discernable pattern, and/or receiving international donations which do not match with information provided by the customer in regards to how they are operating.

Knowing your customer & their business is one of the best ways to identify and stop money laundering from happening.

-by Deborah Porton

We faced with the following scheme of ML using credit cards: For example, money were stolen from banks’ accounts in US, Canada. Then transferred to Europe, Russia, Ukraine, Moldova from multiple senders to multiple receivers (financial mules). For example in Russia, Ukraine third party asking financial mules (students, migrants etc.) to open account and get credit cards. 100 Financial mules open accounts, get credit cards and then just forward cards to the third party. Third party sitting at home (internet cafe) and using internet banking starts to collect hundreds of money transfers from US, Canada, Europe and them withdraw or transfer to different accounts. But there is multiple senders, multiple receivers and lots of transactions and there is no real beneficiary name appears in the system. So it’s hard to detect and stop. In that case proper monitoring system, limits and interdiction could help.

-by Elizaveta Oralova 

In the context of credit cards, however, (and apologies if I am being too simplistic) there are two fundamental principles when considering ML potential. Firstly the available credit limit on a credit card is ‘supplied’ as clean funds by the financial institution and secondly those funds can only be spent/used at selected outlets – or withdrawn in cash, of course.

The real ML risk, I believe, comes into play at the repayment stage and in my time with law enforcement I did witness occasions where monthly repayments were repeatedly made both early and way in excess of the O/S balance, this in itself giving rise to suspicious behaviour. At the time there was very little way of knowing the payer or funds source.

Managing this risk always comes back to regular, realistic and sustainable transaction monitoring controls e.g. electronic scenario/peer group based, to detect potential fraudulent card usage or for AML purposes, unusual/suspicious repayment patterns.

We all have to step back and think what is going through the criminal’s mind in these scenarios. He/she will want to deflect any point-of-sale suspicion on the grounds that it is a lesser risk to repay – or over pay – with relative anonymity, a debt early than hand over cash up front. If this is the case, let the bad guys dream on………….

-by David Thomas 

Credit card fraud has always been a major issue for all of the issuing banks I have worked for. The millions and millions you talk about are not from one card but from the volume of credit cards that are used to launder money/ commit fraud.

I have experienced the following types of money laundering with credit cards. If you multiply this fraud ( say one credit card balance of 3k) by thousands upon thousands of cards and then again by the number of banks issuing cards, you can begin to understand the scale of the problem.

  1. Credit cards are applied for fraudulently using impersonation fraud and then the credit balance is spent and never paid back. This happens in a number of ways – either on high value products, which are then sold for cash; the cards are sold on for cash; or the credit balance is moved to another account – either a bank account or a prepaid card and then withdrawn as cash via an alternative route making it harder to trace.
  2. Credit cards are cloned at ATM machines, or sometimes even the doorways of banks where you swipe your card to access the building.Then, these card details are very often sold online or are used to duplicate existing cards and then spend the balance as explained in point one.
  3. The most intelligent criminals out there operating in this space will also attack credit card issuers – the banks themselves. They will either hack into banking systems, or more often the service providers who store credit card details, steal the data and then mirror the process in one or two. This method has a far higher return with less risk. You get access to millions and millions of cards without having to stick cloning devices on lots of doorways/ ATMs and have minions to go and collect the devices and data for you.

There are other ways that credit card fraud happens but these have been the most typical examples I have come across over the years. One of the most interesting discussions this often leads to is how accurately fraud is actually reported.

Internal politics and perceptions within the eyes of regulators and shareholders can often lead to fraud/ money laundering losses being reported as bad debt (ie consumer was legit but couldn’t afford to pay debt back) which I would argue masks a huge chunk of financial crime from the public.

Some of the billions of bad debt paid back by the UK people to help save banks would, I would certainly argue, have be used to pay off ‘bad debt’ on credit card balance sheets that were the result of money laundering.

The other point to make on this subject is that since the introduction of 3D secure and Verify, the actual annual losses to fraud on credit cards has been reduced significantly.

-by Michael Lucas

Credit cards can be used to launder in the following ways:

  1. Making large payments in excess of the amount due which creates a large credit balance. For example, the credit card monthly payment is $0 and the client makes an overpayment of $10,000. This is unusual for a credit card as most clients owe money to the bank, not the other way around. A bank’s monitoring systems should pick this up but I have seen cases where no monitoring rules were in place to detect this type of activity. In most cases, the bank is most concerned about the credit/fraud risk ie is the payment legitimate rather than the source of the funds as an indicator of ML. The bank should look at the transactions on the card closely to see if there are any unusual spending patterns on the card.
  2. Further to scenario #1 above, a client could make an overpayment and then ask for a refund via a cheque. This would be a great way to layer.
  3. I have seen examples where credit cards are used to buy luxury items monthly and the client makes large pre-payments so that there is always sufficient room on the card to continue making purchases. In my opinion, one should look at the source of funds/wealth for these type of clients to assess reasonability. These type of scenarios are perfect way to launder money in the layering stage.
  4. Using cash to pay off the credit card bill monthly. I have seen examples where this type of activity did not trigger large cash transaction reporting. For example, the client makes a payment greater than $10,000 towards a credit card bill but this does not result in a CTR being filed. So this could be an example of ML at the placement stage. However, a more common scenario (which has been noted by others in this discussion) is the on-going spend on the credit cards, along with the payments could be from the proceeds of crime. This would be indicative of the layering stage of ML.
  5. Credit cards could also be an excellent method to sustain a terrorist organization or fund their events. For example, you could have several supplementary or additional cards issued to members within the terrorist group that they could use to sustain their operations.
    In my opinion, credit cards can be used to launder significant sums of money if they are used by a criminal organization broadly ie by many of its members having cards, and over several years.

Once the criminals have placed their money in the system, credit cards could be an excellent vehicle for layering.

-by Sal Jadavji

Detailed conversation on linkedIn group can be found here