The Road Ahead for Mule Account Detection


Posted on

In my last blog, I discussed the factors that have contributed to a rise in mule activity. It is a complicated issue for which there is no easy answer.

Today, only 6% of financial institutions state they are actively investing in mule detection programs. However, it will become a priority. With all the fraud perpetrated from government stimulus programs, mule accounts are a huge regulatory risk for the financial services industry, suggesting they are not up to speed with KYC checks. Second, they create operational overhead once fraud is reported as resources need to be assigned to investigate reported cases. Last, there is the risk of reputation or brand damage, as no financial institution wants to see their name in a headline associated with money laundering.

While Anti-Money Laundering (AML) teams have typically borne the responsibility of detecting and investigating mule accounts, their approach has been reactive. In addition, AML teams often lag behind fraud and security teams in advanced technology adoption simply because their budgets have not allowed for the investment as their spend is most often focused on compliance.

With global regulators taking notice of the fraud from economic stimulus programs, AML practices pertaining to mule detection are likely in for some changes, including:

Legislation will spawn action. The Anti-Money Laundering Act of 2020 set forth that the US Department of Treasury must establish national AML priorities within six months and subsequently review whether and to what extent financial institutions have incorporated those into their risk-based programs to comply with the Bank Secrecy Act. To what extent guidelines for cyber scams will play in those priorities is to be determined, but it is likely greater attention will be paid to this subset of financial crimes following the wave of COVID fraud. In the UK, industry is calling on regulators to address fraud and economic crime in the Online Safety Bill, which would make online platforms responsible for taking down fraudulent content including job advertisements that attempt to recruit money mules. More nations will likely follow suit.
 
Development of industry best practices. Financial institutions will come together to develop best practices and standards for detecting mule accounts. Some major banks are already taking the lead to improve mule detection capabilities and develop information sharing programs which are pivotal in preventing cross-institution P2P payment fraud perpetrated across platforms such as Zelle, Venmo and Cash App.
 
Progressive technologies will be implemented. The financial industry is making full use of technologies such as device reputation, and more recently, behavioral biometrics, to stop mule accounts at the source in the account opening process. Behavioral biometrics is already deployed across many large institutions for a variety of fraud prevention use cases. However, it is poised to play a major role in building digital trust and safety where fraud teams are taking a more active leadership role.

 

Be sure to check out the RSA Conference session, Pinata Time: Why We Should All Start Bashing Mules!, on May 18, where BioCatch’s Chief Cyber Officer Uri Rivner will join experts from top US and Australian banks to discuss best practices for detecting mule accounts. 

Hackers & Threats Anti-Fraud

secure payments & cryptocurrencies biometrics

View More Blogs

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs