How AML/KYC Tools Can Prevent Crypto Fraud and Money Laundering

Due to their decentralized and anonymous nature, virtual currencies are particularly vulnerable to fraud. For crypto businesses, fraud attacks entail not only financial but also reputational costs.

So what can you do to protect your business and your users from crypto scammers? And what are the red flags? Let’s dive into the finer details.

What is cryptocurrency fraud and money laundering?

Fraud and money laundering are interrelated. Fraud can either be an isolated type of crime—say, stealing funds from a crypto wallet—or an integral part of an elaborate scheme aimed at concealing the origins of ill-gotten proceeds (money-laundering).  

Crypto fraud and money laundering can include identity theft, gaining access to user’s accounts/funds, chargebacks, money muling, etc. Let’s dive deeper into these schemes, and the KYC tools that can stop them.

1. Identity theft

To open an account for illegal activity, scammers can use fabricated photos, deep fakes, pre-recorded videos, and masks to spoof the identity verification system. In some cases, fraudsters mix true and false information, such as fake photos submitted alongside legit credentials.

2. Gaining access to a user’s accounts/funds

This type of fraud relies on psychological manipulation and typically occurs on social platforms. Scammers trick users into giving away their credentials using social engineering techniques. This includes phishing, pretexting, falsified human interaction, and other methods. 

3. Chargeback/payment fraud

Chargeback fraud in crypto operates the same way as in traditional finance. It occurs when scammers attempt to claim a refund by using: 

• fake or stolen documents;
• compromised accounts; 
• fake identity. 

As crypto-to-crypto transactions can’t be refunded, chargeback fraud can only happen when fiat is exchanged for crypto via debit/credit card.

4. Money laundering schemes

Money laundering in crypto is the same as with fiat, but with a significant layer of anonymity. Criminals exploit the anonymity of blockchain to clean their ill-gotten gains and convert them into seemingly legit cash. For this, criminals can use a number of instruments:

• Crypto mixers/tumblers let users mix their crypto assets together in order to obscure the ties between crypto addresses and real-world identities. 
• Privacy wallets are designed to keep crypto transactions hidden from the blockchain network. These wallets come with a feature that changes the bitcoin address each time the user sends funds. 
• Money muling occurs when criminals use other people to transfer illicit funds. Money mules are typically users with a clean banking history and no criminal record. This allows them to move criminal money without getting noticed. Money mules are recruited through online job offers, dating sites, or darknet forums. Recruiters can lure individuals by promising easy money or by deceiving elderly people—the demographic most vulnerable to this crime.

To prevent fraud based on fake, stolen, and synthetic IDs, chargebacks, and money laundering schemes, crypto businesses should build effective KYC processes.

KYC/AML tools to prevent crypto fraud and money laundering

Crypto platforms must conduct Customer Due Diligence (CDD), including identification and verification of customers and transactions, as well as continuous monitoring of customer activity. 

1. Identity verification

Know Your Customer (KYC) is mandatory for all regulated businesses, in most cases including Virtual Assets Service Providers (VASPs). This involves identifying and verifying users to prevent account takeovers, identity theft, and other illicit activity. The verification process includes the following checks:

• Proof of identity. Businesses must verify a user’s ID documents to ensure that they aren’t fake. This can be done in three general steps: 1) checking the ID for authenticity, 2) checking the integrity of the images and 3) data validation. 
• Liveness+Face Match.  Liveness technology ensures that users are real people rather than a paper mask, photo, doll, etc. Afterwards,  Face Match ensures they’re the true document holders by matching their faces with the photo on the submitted document. This process can also ensure that applicants aren’t making duplicate accounts. 

2. Payment verification 

Payment verification occurs when businesses need to ensure that debit/credit cards truly belong to the user.

• Payment method/bank card verification. This can be a part of the onboarding procedure or set up as a separate check triggered by a chargeback fraud risk indicator. It involves checking if the bank card is real and belonging to the declared holder by comparing card data with identity information received during KYC checks.
• Face authentication. When a user adds bank cards or requests for money withdrawals, they’re asked to upload a selfie with their card or pass a face authentication (liveness) check. This helps ensure the true account holder performs a transaction. 

3. Transaction monitoring for crypto businesses

Сrypto businesses must introduce a system for transaction monitoring that detects specific indicators of suspicious transactions. This means examining the parties the user is transacting with, as well as wallet addresses, risks related to wallets, and transaction hashes to estimate the associated risks.

Also, businesses should check that the user’s age group, location, income, and other personal information are consistent with their crypto transfers.

Red flags for detecting crypto fraud and money laundering

The presence of suspicious activity and transactions should encourage further investigation and reporting where appropriate. The full list of red flags indicators is provided in the FATF Report on VA Red Flags indicators, which includes:

Irregular, unusual, or uncommon patterns of transactions. This can be when a new user trades or withdraws all their assets at once or makes several small transactions from separate wallets which are then wholly exchanged for fiat. 

Use of mixing services and fraudulent exchanges. For example, when customers receive cryptocurrency from—or send cryptocurrency to—darknet marketplaces, mixing services, questionable gambling sites, fraudulent exchanges, and platforms with lax AML standards.

Suspicious user behavior. This could be when a user constantly changes their personal information, such as their email, IP address, or financial data. It can also be when IP addresses are concealed using VPNs or when a user’s location doesn’t match their IP address, phone number, or bank card.

Use of suspicious exchanges. When funds come from an exchange that is not registered in the jurisdiction where either the customer or the exchange itself is located.

Transactions from high-risk jurisdictions. When a user transfers funds to/from high-risk jurisdictions known to have inadequate AML/CFT regulations for crypto businesses or no crypto regulations at all.