Verification knowledge hub
Everything you need to know about crypto fraud and money laundering and how to prevent them.
Due to their decentralized and anonymous nature, virtual currencies are particularly vulnerable to fraud. For crypto businesses, fraud attacks entail not only financial but also reputational costs.
So what can you do to protect your business and your users from crypto scammers? And what are the red flags? Let’s dive into the finer details.
Fraud and money laundering are interrelated. Fraud can either be an isolated type of crime—say, stealing funds from a crypto wallet—or an integral part of an elaborate scheme aimed at concealing the origins of ill-gotten proceeds (money-laundering).
Crypto fraud and money laundering can include identity theft, gaining access to user’s accounts/funds, chargebacks, money muling, etc. Let’s dive deeper into these schemes, and the KYC tools that can stop them.
To open an account for illegal activity, scammers can use fabricated photos, deep fakes, pre-recorded videos, and masks to spoof the identity verification system. In some cases, fraudsters mix true and false information, such as fake photos submitted alongside legit credentials.
This type of fraud relies on psychological manipulation and typically occurs on social platforms. Scammers trick users into giving away their credentials using social engineering techniques. This includes phishing, pretexting, falsified human interaction, and other methods.
Chargeback fraud in crypto operates the same way as in traditional finance. It occurs when scammers attempt to claim a refund by using:
As crypto-to-crypto transactions can’t be refunded, chargeback fraud can only happen when fiat is exchanged for crypto via debit/credit card.
Money laundering in crypto is the same as with fiat, but with a significant layer of anonymity. Criminals exploit the anonymity of blockchain to clean their ill-gotten gains and convert them into seemingly legit cash. For this, criminals can use a number of instruments:
To prevent fraud based on fake, stolen, and synthetic IDs, chargebacks, and money laundering schemes, crypto businesses should build effective KYC processes.
Crypto platforms must conduct Customer Due Diligence (CDD), including identification and verification of customers and transactions, as well as continuous monitoring of customer activity.
Know Your Customer (KYC) is mandatory for all regulated businesses, in most cases including Virtual Assets Service Providers (VASPs). This involves identifying and verifying users to prevent account takeovers, identity theft, and other illicit activity. The verification process includes the following checks:
Payment verification occurs when businesses need to ensure that debit/credit cards truly belong to the user.
Сrypto businesses must introduce a system for transaction monitoring that detects specific indicators of suspicious transactions. This means examining the parties the user is transacting with, as well as wallet addresses, risks related to wallets, and transaction hashes to estimate the associated risks.
Also, businesses should check that the user’s age group, location, income, and other personal information are consistent with their crypto transfers.
Check Sumsub’s global guide on KYC crypto regulations here:
The presence of suspicious activity and transactions should encourage further investigation and reporting where appropriate. The full list of red flags indicators is provided in the FATF Report on VA Red Flags indicators, which includes:
Irregular, unusual, or uncommon patterns of transactions. This can be when a new user trades or withdraws all their assets at once or makes several small transactions from separate wallets which are then wholly exchanged for fiat.
Use of mixing services and fraudulent exchanges. For example, when customers receive cryptocurrency from—or send cryptocurrency to—darknet marketplaces, mixing services, questionable gambling sites, fraudulent exchanges, and platforms with lax AML standards.
Suspicious user behavior. This could be when a user constantly changes their personal information, such as their email, IP address, or financial data. It can also be when IP addresses are concealed using VPNs or when a user’s location doesn’t match their IP address, phone number, or bank card.
Use of suspicious exchanges. When funds come from an exchange that is not registered in the jurisdiction where either the customer or the exchange itself is located.
Transactions from high-risk jurisdictions. When a user transfers funds to/from high-risk jurisdictions known to have inadequate AML/CFT regulations for crypto businesses or no crypto regulations at all.