FATF identifies red flag indicators to detect misuse of virtual assets

Report will help financial institutions, investigating agencies and regulators

September 15, 2020 11:55 am | Updated 11:55 am IST - NEW DELHI

A view of the Financial Action Task Force (FATF) logo in Paris. File

A view of the Financial Action Task Force (FATF) logo in Paris. File

The Financial Action Task Force (FATF) has prepared a report on red flag indicators to assist financial institutions, investigating agencies and regulators in detecting misuse of virtual assets for money laundering, terrorist financing and other crimes.

Virtual assets, which also include cryptocurrencies, are defined as a digital representation of value that can be digitally traded or transferred and can be used for payment or investment purposes. While they are not widely used by the public, the report says their use has caught on among criminals.

Also read: Coronavirus | Pandemic pushes anti-terror financing body’s review of India’s measures to 2021

The red flag indicators included in the report are based on more than 100 case studies contributed by various jurisdictions from 2017-2020, a confidential FATF report on financial investigations involving virtual assets (June 2019) and another report published in June 2014, apart from the information available in the public domain.

The majority of virtual asset-related crimes involve predicate or money laundering offences. However, criminals also use them to evade financial sanctions, raise funds for terror activities, sell controlled substances and other illegal items, commit fraud, tax evasion, cybercrimes, child exploitation and human trafficking, says the report.

Also read: Illegal wildlife trade a global threat: FATF report

The red flags include structuring of virtual asset transactions in small amounts or in amounts under the reporting thresholds, making multiple high-value transactions in short succession or in a staggered and regular pattern, with no further transactions recorded during a long period afterwards, which is common in ransomware-related cases or to newly created or previously inactive accounts.

Transferring virtual assets immediately to multiple service providers, particularly those registered in another jurisdiction with weak anti-money laundering regulations, quick deposits and withdrawal without additional exchange activity, conversion to multiple types of virtual assets without any logical explanation and withdrawal for transfer to a private wallet are possible indicators.

Also read: FATF: Indian officials attend virtual EAG plenary meet

Activities like making a large initial deposit to open a new account, inconsistent with the customer profile, starting to quickly trade the total amount or a large portion, and an immediate withdrawal or transfer of the whole amount also raise suspicion.

Incoming transactions from many unrelated wallets in relatively small amounts with subsequent transfer to another wallet or full exchange for fiat currency; conducting virtual asset-fiat currency exchange at a potential loss; and converting a large amount of fiat currency into virtual assets, or a large amount of one type of virtual asset into other types, with no logical explanation, are also included in the list of red flags.

Funds deposited or withdrawn from a virtual asset address or wallet with direct/indirect links to known suspicious sources like darknet marketplaces, mixing/tumbling services, questionable gambling sites and illegal activities like ransomware come under the scanner, and so does any unusual activity related to use of multiple IP addresses, frequent change in identification details or insufficient KYC information.

The profile of potential money mule or scam victims include those who do not appear to be familiar with the virtual asset technology or online custodial wallet solutions. “Such persons could be money mules recruited by professional money launderers, or scam victims turned mules who are deceived into transferring illicit proceeds without knowledge of their origins,” says the report.

If the users are significantly older than the average age of platform users and are engaging in large numbers of transactions, it may also suggest that they are potential mules or scam victims.

Top News Today

Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in


Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.