September 15, 2020

FATF issues report on virtual assets red flag indicators

In mid-September 2020, the Financial Action Task Force, an independent inter-governmental body that issues policy recommendations aimed at protecting the global financial system against money laundering and terrorist financing, issued a new report entitled “Virtual Assets Red Flag Indicators of Money Laundering and Terrorist Financing.”  The report is designed to help reporting entities identify and report potential money laundering and terrorist financing activity involving virtual assets, to help regulators monitor entities’ compliance with AML and CFT controls, and to serve as a reference to law enforcement authorities and prosecutors as they analyze suspicious transaction reports, and seek to improve detection, investigation and confiscation of virtual assets involved in misuse.

The report lists red flag indicators of suspicious virtual asset transactions, explaining that while the presence of indicators should encourage more in-depth examination, monitoring and reporting, the existence of a single indicator does not necessarily indicate criminal activity.

The enumerated indicators connected with virtual assets focus on:
• The size and frequency of transactions, for example, frequent transactions involving amounts just below record-keeping or reporting thresholds;
• Transactions involving new users — for example, large initial deposits;
• Transactions that spread virtual assets over multiple accounts without an apparent business explanation, or that involve use of the same IP address by several users, or frequent transfers to the same virtual assets account within a short period of time;
• The use of technological features that increase the anonymity of users — for example, abnormal volume and level of activity involving virtual assets cashed out at exchanges from P2P platform-associated wallets, transactions that use mixing and tumbling services that may obscure the flow of illicit funds between identified addresses and the dark net, or transactions by one customer using more than one type of virtual asset, despite increased transaction fees;
• Irregularities in the creation of accounts, involving suspicious addresses or IP addresses in sanctioned jurisdictions, or separate accounts under different names in order to circumvent trading restrictions;
• Know-your-customer deficiencies, including forged or edited documents, inaccurate information; or refusal to provide information;
• Suspicious sources or destinations of funds, such as online gambling services, multiple credit or debit cards that enable the virtual currency holder to access large amounts of fiat currency, and;
• Evidence that customers are attempting to exploit spotty implementation of FATF standards in relatively high-risk jurisdictions.

The red flag indicators are drawn from more than one hundred case studies, public source data, and earlier FATF reports. The anonymized case studies are summarized in the report.

FATF report