Identity Fraud and how it affects Anti-Money Laundering

August 23, 2021
CrossFraud
It is a fact that both offline and online transactions have their share of breaches and trust issues. Crimes are not limited to physical structures as they are possible through the internet. However, in online transactions, identity violations, data breaches, theft, among other irregularities, are referred to as cybercrimes while the perpetrator is known as a cybercriminal. It is a statement of the fact that data breach is synonymous with identity theft and fraud. While identity theft is a compromise or unauthorized access to users’ identities, identity fraud uses the details obtained to perform unauthorized transactions. By implication, the perpetrators, hackers breach data to steal as much identity they want.
To protect online users, specific laws and regulations became necessary. These laws are referred to as anti-money laundering laws; in some jurisdictions like India, they are called the Prevention of Money-Laundering Act (PMLA). This article addresses how identity fraud affects money laundering.Identity Fraud and Anti-Money Laundering Act.
Let’s start by explaining identity fraud and AML through illustrations: a user, say a PayPal user who wants to receive or make payment somehow got some information licked. The hacker, who finds a way of compromising the account, starts to decrypt the account information. Upon having the required tools to gain access to the account, the hackers compromise the user’s identity. At this point, the hacker is committing identity theft.
- Synthetic Identities: when a hacker or a cybercriminal combines a real and fake identity to create a new account, it is called synthetic identities.
- Account Takeover (ATO): there are many fake accounts, rewritten by hackers to defraud people. Consequently, the hacker goes a long way to perform fraudulent transactions with the victim’s identity. Simply put, an account takeover happens when a cybercriminal steals and rewrites an account of their victim. For instance, in financial services, hackers can clone accounts to receive or solicit support on behalf of the victim.
Effects of Identity Fraud on AML Measures
In online research conducted by The Harris Poll on behalf of NortonLifeLock among 10,063 adults (aged 18+) in 10 countries, including India, 4 out of 10 respondents are identity theft victims. Identity fraud effect AML acts in several ways, as listed below:Difficulty in Onboarding Clients KYC
Know Your Customer, often called KYC is an AML compliant measure that helps compliant teams and regulators file and onboard users’ identities on their network. Because of the complexities of identity fraud, the process becomes slow and ambiguous. According to the Thomson Reuters survey in 2017, it takes financial institutions up to 2-4 weeks to onboard new customers. The delay is because the KYC team is taking due diligence to reduce identity fraud. For instance, many channels, including ransomware, and malware programs, make fake identities difficult to detect. The dark web comprises hackers and cybercriminals who falsify and sell identities. Consequently, dark webs and other ransomware and malware are frustrating KYC processing.The Increasing Cost of AML Acts
The time they say is money. If a simple KYC process that should take a few minutes takes weeks, the cost becomes high. In a commissioned Forrester report on the Total Economic Impact (TEI) of Regulatory Onboarding, it costs an average of $6,000 to onboard new customers, considering factors like risk rate, country regulations, etc.Possible Solutions
- Updating AML acts: New fintech solutions are evolving, for instance, Openfinance. Therefore, AML acts should include the emerging Fintech evolutions to enable an all-encompassing law that will include an Open finance network. That way, cybercriminals will not exploit the weak regulations to launder money.
- Technology: Using big data, blockchain, and other emerging technologies could further improve anti-money laundering acts. For instance, applying blockchain will secure identity in a timestamp and transparent manner. Hence, improving AML compliance.