FIC report on how accountable institutions can identify money mule activity

Posted on

A report by the Financial Intelligence Centre (FIC) has flagged the use of shell companies and crypto assets to facilitate money mule activity.

The report, published this month, contains indicators that accountable institutions can use to identify money mule activity.

“The indicators will assist business in adopting preventive measures, including implementing a risk-based approach, and stimulate the submission of detailed suspicious and unusual transaction and other regulatory reports to the FIC,” the Centre said.

A money mule is a person who transfers or moves illegally acquired money on behalf of others, often as part of a money laundering scheme. Money mules might be witting participants in criminal activities or unwittingly recruited by criminals who use various tactics to persuade or deceive them into participating. Criminals use money mules to conceal the origin of their illicit funds.

The FIC reviewed suspicious and unusual transaction reports and suspicious activity reports submitted by accountable institutions between August 2016 and July 2023. The Centre mined the data to identify the characteristics of money mule actors and the source of their funds, financial flows, and payment methods.

The FIC said accountable institutions did not provide sufficient information on suspected money mule activity in the regulatory reports they submitted.

As a result of this report, the FIC has embarked on expanding the list of indicators relating to money mules on its registration and reporting system, goAML, to enhance the categorisation of money muling and related financial crimes.

The FIC’s analysis found the extensive use of shell companies to host and conceal fraudulent funds. Most of these companies did not have any banking records. Large amounts of funds entered their business accounts and were swiftly disposed of through various ways, such as electronic fund transfers and cash withdrawals.

There was also pervasive use of shell companies to receive fraudulent South African Revenue Service (SARS) refunds in high-value amounts. Most of the companies involved in money mule activity linked to fraudulent refund tax scams were based in Gauteng and had similar or shared directorships and signatories.

The FIC also found that some of these companies were undergoing liquidation or final deregistration because of the non-submission of annual returns to SARS.

The reported noted that the lack of business activity on these companies’ accounts, apart from receiving funds from SARS. Where their accounts did receive other income, the incoming payments usually emanated from other companies connected to the scheme.

“The payments received have no business purpose other than to increase turnover to create the impression that the companies are trading and generating income and are spending to sustain business operations,” the report said.

 

The top five banks in South Africa submitted the highest number and associated rand value of regulatory reports linked to money muling.

Foreign exchange agents or companies, crypto asset service providers (CASPs), cross-border money or value transfer services, high-value goods dealers (motor vehicle dealers), and investment advisers and intermediaries were also identified in the regulatory reports. Most funds were moved electronically within South Africa, with local electronic fund transfers making up the highest number of transaction modes as recorded in the reports.

Foreign exchange dealers or companies had a significant number of regulatory reports linked to money muling.

There was a prevalence of crypto assets being used in money mule activity, with suspected accounts reflecting high-value daily cash deposits in the banks, followed by rapid transfers to CASPs.