Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .


When does cyber crime become fincrime? And what are the consequences?

iStock 11569556401 - Global Banking | Finance

61 - Global Banking | FinanceBy Taylor Humphreys, FinCrime Threat Intelligence Analyst at BAE Systems

Cyber crime as a mechanism to commit financial crime (fincrime) has escalated in the last decade as the digital age has grasped our lives. The complex interplay between cyber crime and fincrime is becoming more visible, with countries such as the UK raising cyber crime’s profile in the Economic Crime Plan, and with European anti-money laundering (AML) regulations articulating cyber crime as a predicate offence.

As digitisation efforts continue (indeed the Covid-19 pandemic accelerated many of these), and as threat actors become more sophisticated and specialised in their crime craft and/or money laundering capabilities, the overlap between cyber crime and fincrime is one that cannot be ignored and must remain a priority among financial institutions.

The cyber crime/ fincrime overlap

Traditional distinctions between cyber crime and fincrime are blurring. If a cybercriminal has a financial motivation, there will be an overlap between cyber crime and fincrime, because the illicit proceeds will need to enter and move through the financial system for criminals to benefit monetarily from the cyber intrusion element of the crime.

This interplay is far more complex in reality. Agile threat actors are constantly adapting, resulting in a race between threat actors, regulators, law enforcement and financial institutions. As cyber criminals develop more lucrative attacks, the opposing side must, in response, race to increase protection, detection and disruption efforts. An issue which has only been exacerbated by the Covid-19 pandemic, as we have seen a sudden switch to remote working and socialising, with cyber hygiene following slowly behind. This has afforded cybercriminals a greater pool of potential targets and opportunities for compromise.[1]

62 - Global Banking | Finance

Financial institutions face increased responsibility

Financial institutions are at risk of being directly targeted by cyber criminals, with ‘cyber heists’ or Business Email Compromise (BEC) attacks being examples of known and recent methods. For example, North Korean state-sponsored threat actors stole $81 million from the Bank of Bangladesh in a cyber-heist in 2016, and a more recent case in 2019 saw the attempted theft of approximately €13 million from the Bank of Valletta. [2] [3]

However, financial institutions also risk facilitating the monetisation of cyber crime in relation to AML failures because they are directly exposed to the process.

In working to better understand cyber crime as a predicate offence to money laundering, financial institutions will be in a better position to detect and report suspicious activity perceived to be in relation to cyber crime. This will help to enhance the quality and accuracy of suspicious activity reporting, better equip law enforcement to investigate cyber crime, help protect financial institutions from the potential repercussions of inadequate AML efforts, and help in the whole-of-society approach to tackle cyber crime.

Significantly, cyber crime was explicitly recognised as a predicate offence to money laundering for the first time in the European Union’s 6th AML Directive, published July 2021. The Directive defined 22 predicate money laundering offences to harmonise the understanding of money laundering across the EU. For banks to comply with the new Directive, they must be aware of the predicate offences, know how to identify them, and act upon suspected suspicious activity.

The EU Directive is for EU Member States and those that choose to follow their rules. Yet, cyber crime has been on the EU regulator’s agenda for several years and it can reasonably suggest that in the future other regulators may also recognise cyber crime as predicate offence to money laundering and alter regulations accordingly.

Key insight

BAE Systems Digital Intelligence investigates the money flow of different types of cyber crime and simulates the associated behaviours. We have defined and outlined different types of cyber crime in terms of their cyber intrusion element, detailing typical techniques, tactics, and procedures.

  • Illicit funds move from the victim’s bank account to cryptocurrency
  • Illicit funds move from the victim’s bank account to the perpetrator’s bank account (knowingly)
  • Illicit funds move from the victim’s bank account to a money mule’s bank account (unknowingly)
  • Illicit funds are withdrawn from the victim’s bank account via cash or cheque
  • Follow on fraud; directly buying goods or services

It is important to note that one type of cyber crime may fit into multiple categories. Crime is not a linear concept, and not all criminals will think and behave alike, criminals can adopt many different methodologies but still arrive at the same end result.

Final thoughts

Ultimately, in categorising different types of cyber crime, mapping their associated money flows, and understanding the typical ways in which threat actors launder cyber crime proceeds, it becomes possible for financial institutions to identify potential indicators of suspicious activity.

Through such efforts of developing a comprehensive library of criminal behvaiours and outlining the different types of cyber crime in greater detail, we can apply the relative categorisations to generate an even greater understanding of criminality.

Research like this is of vital importance if the industry is to understand the criminal typologies we face and stay ahead of emerging money laundering trends

About Author:

Taylor is a Security Consultant at BAE Systems Digital Intelligence, working across the Cyber Threat Intelligence team and the FTS team with four years of academic study dedicated directly to the fields of crime, security, and intelligence.

Motivated to assist the financial sector in using data to better detect criminality, Taylor researches and articulates different types of cyber criminal behaviours to be used to test the effectiveness of financial institution’s AML solutions. To do this, Taylor triages intelligence from law enforcement, subject matter experts, financial institutions, open-sources and regulators, to provide an articulation of cyber criminality that most closely resembles real-world criminal behaviours.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post