Just a few years ago, aggressively pursuing mule accounts (those solely used for illicit money movement) was the exclusive domain of anti-money laundering teams, which waited to identify the individual accounts that made up these laundering networks until after bad actors had completed the circulation of their illegal earnings.
But now fraud and AML leaders have begun to question the effectiveness of waiting to identify and apprehend these criminals until after they’ve withdrawn their money.
We can credit this to a few different market forces:
1. The rise of digital-first, remote banking, and online account opening (which is heavily focused on portfolio growth) has led to an increase in accounts opened for the sole purpose of laundering money.
2. The rise in scams used to execute account takeover has left those behind these attacks in need of places through which they can launder their stolen funds, making a network of mule accounts critical to realizing the economic gains of fraud.
3. Regulators continue to identify shortcomings in Bank Secrecy Act (BSA) controls, such as the risk that accounts are opened or specifically made available for illicit money movement.
The net result is significant servicing overhead for fraud and AML teams already swamped with elevated caseloads, making it vital for financial crime teams to identify mule accounts sooner in the money laundering process. It appears many institutions have had to publicly acknowledge they’ve acquired a lot of bad accounts on their books.
Now, what’s particularly interesting about this new reality is that it’s not something that’s limited to just Wall Street or even regional banks (and that doesn’t take into consideration any of the FinTechs). To get more perspective and a deeper understanding of what’s behind this increased mule activity (and mule awareness), I turned again to Justin Hochmuth, the threat analyst for BioCatch’s partner portfolio, to learn more about what he’s seeing and how he’s addressing mules in this space today.
---
Seth: Justin, money mule detection is sort of the state-of-the-art science right now in financial crimes. What are the specific drivers bringing new customers to the table?
Justin: There are a variety of drivers bringing new customers to the table. If there’s anything we’ve learned through working with Main Street financial institutions, it is that the overall mule problem is shared, but the details and the mule personas can vary. For instance, while one institution might be plagued by out-of-state mules, opening accounts for the sole purpose of moving illicit funds, another institution just down the road can have members victimized or tricked into allowing access to their accounts to move money. In both cases, we see younger individuals routinely targeted and selected for this type of activity and contacted through the most popular social media platforms.
These types of mule schemes were once thought to be problems for only the “big guys,” but as we see, time and time again, fraudsters move their efforts to the places with gaps and the least controls. Financial institutions are in the difficult position of wanting to grow both their members and deposits but have a really hard time identifying what is legitimate behavior and what is exposing them and their good members to risk. This is where BioCatch’s mule models step in. It helps take the guesswork out of identifying these mule accounts, so organizations can spend less time and manual labor on investigating all accounts and instead focus on the riskiest among them.
Seth: So, after you performed the analytics and trained the model, what were some interesting findings you were able to report to the client?
Justin: There are a few large takeaways after reviewing the data and model outputs. For one, mules, account takeover, new account fraud, and other schemes are not happening in isolation. When the first model outputs are received and reviewed, it identifies extensive mule networks and discreet relationships between bad actors that have been operating for a long period of time. These are destination accounts for card cracking, member-to-member account takeover, romance scams, and other criminal rings with nefarious origins.
The AI/ML models are complex, with thousands of features working simultaneously to evaluate and alert to these networks. We have been able to pinpoint strange payment patterns, non-monetary account behavior, specific device input and output behavior, or similar network connections to show the anomalous activity associated with these accounts. However, my favorite part of this process is not so much the initial findings as it is when those findings get leveraged directly by the financial institution, and its people become the experts, utilizing their knowledge and combining it with the model’s insights.
Seth: What do the clients do when they have a suspected mule identified on their books?
Justin: The ways these situations are handled are as varied as the mule personas themselves. There is a distinct difference in the way an out-of-state mule connected to multiple devices and multiple new accounts and the generally “good” account holder who fell for a scam is handled. The former is typically shut down and has its activities blocked due to the decisive data and evidence provided by model insights and account behavior. The second situation outcome is not so clearly defined. Financial insecurity leads individuals to make choices they otherwise would not make. In these situations, we find financial institutions use this as an opportunity to educate the member and add consultative, relationship value.
There is also an ability to add users to an internal watchlist if more evidence is needed to take action. For this, financial institutions typically use a mix of BioCatch rule and alert monitoring and their own internal mechanism to monitor behavior.
Seth: How has the solution created fundamental changes and outcomes for users? Are there any interesting findings that have challenged your preconceived notions on this approach?
Justin: Prior to our behavior-based solution, financial institutions had a hard time grappling with how to solve this issue. Historically, money mule detection has been difficult, and responsibility has lived somewhere between fraud and AML teams. The BioCatch solution is two parts:
1.) A complex and predictive AI/ML model that can detect the most subtle anomalies that correlate to these risky accounts/users.
2.) A BioCatch Scout UI, which provides visualization to uncover these complex networks.
Initially, I wasn’t sure how this would translate to smaller, more regional financial institutions because even the largest of organizations have difficulty handling these threats, with seemingly limitless manpower.
However, we’ve seen these two pieces work together to give organizations the tools to identify mules without lengthy investigations and manual labor. Once you know where to focus your energy, it becomes much easier to assign responsibility and create internal processes to adjudicate.
Seth: What is the residual of this threat among smaller financial institutions? Is there a takeaway that should be mentioned or any lessons that fit the challenge of this moment?
Justin: Money mules present a growing threat for Main Street banks in the United States. Regulatory pressure is rising across the United States, whether it be for scams, account takeover, AML, or money mules. It makes sense for Main Street banks to carefully consider where gaps may live in their overall fraud strategy and deploy predictive capabilities that can mitigate this variety of threats without driving large increases in headcount/cost. Tools like the BioCatch Mules solution put the necessary intelligence data in the hands of all financial institutions, so front-line employees can make rapid, informed decisions without extensive labor. These are the types of solutions that will be important as we move forward in an ever-changing fraud landscape.
---
The time is now for mule defense
Ultimately, one of our core notions here is that mules exist in every financial institution, and we must root out the problem to further reduce the potential of their impact on the industry.
As Justin and I covered in our last chat, bringing Wall Street solutions to Main Street and democratizing what we’ve learned along the way is our mission. No matter the size of the financial institution, mules won’t go away without action. There is a tipping point when an institution gets too far behind, so – as in all strategic anti-fraud efforts – it’s critical to engage the enemy where he lives, before the moment when we realize the call is coming from inside the house.