The Green Sheet Online Edition
July 27, 2015 • Issue 15:07:02
Digging deeper into KYC
KYC is more than just an acronym for "know your customer"; it has become a guiding principle of financial services. And with the proliferation of e-commerce, it has become increasingly important to get a handle on who your customers' customers are. Not doing so could land an ISO or acquirer in hot water. That's because the Internet has become a haven for money launderers, according to a new report from ControlScan Inc.
Online money laundering, also known as undisclosed transaction aggregation, refers to payment activity that emanates from unknown websites and gets processed through known clients. The existence of these unknown websites – engaged in illegal activities, such as online drug sales, gambling and pornography – renders ineffective traditional methods of validating merchants for boarding.
The implications for merchant service providers (MSPs) that get caught up in these schemes can be catastrophic, with regulators holding MSPs accountable for their clients' misdeeds and imposing huge fines when they don't.
"Online transaction laundering is a big problem because it requires an all-new approach to merchant risk monitoring," said Joan Herbig, Chief Executive Officer at ControlScan, a compliance and risk management firm headquartered in Alpharetta, Ga. That's because the fraudsters are innovating constantly and searching out weaknesses they can exploit to remain under industry radar. "Knowledge sharing is critical to mitigating the problem, as is technology innovation," Herbig added.
ControlScan released a white paper on the topic titled Online Transaction Laundering and the Evolving Landscape of E-Commerce Merchant Fraud. It explains how transaction laundering occurs and how ISOs and their partners in the acquiring stream can identify and stay clear of these fraudsters.
A huge, costly problem
So just how prevalent is transaction laundering? A single known website can be connected to hundreds of unreported sites, many of which are engaged in laundering. For example, while running a fraud detection screening for two international acquiring banks over a six-month period the Israeli firm EverCompliant discovered that an average of five unknown websites existed for every known website the firm examined.
What's more, on average, 3 percent of those unknown sites contained high-risk content that indicated likely transaction laundering. "In an e-commerce portfolio of 10,000 merchants, this equates to 300 potential incidents of financial damage to the MSP organization," the ControlScan white paper noted.
Another example cited in the white paper is that of a payment facilitator fined by a card brand for content violations attributed to a seemingly legitimate fundraising website. When the company investigated, it discovered that one of its merchant's known sites had an extensive hidden ecosystem of 70 unreported websites, 20 of which were engaged in illicit pornography.
"Transaction laundering activity is a significant and growing problem within the online space, further intensifying the urgency for MSPs and other payments industry stakeholders to become as agile and efficient as the fraudsters themselves," the white paper stated. "Yet in the evolution of online merchant fraud, the old tactics never completely disappear; the evolution is cumulative, with new types of fraud layering onto the old. The resulting challenge is complex and therefore requires a multifaceted solution."
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.