Skip to content
November 4, 2021

Are You Protecting Your Payment System from Money Laundering and Terror Funding?

By , , , ,

The enactment of the Anti-Money Laundering Act 2020 (AMLA 2020) is the most significant addition to U.S. financial crime regulation since the Patriot Act became law after 9/11. AMLA 2020, which went into effect in January 2021, brings heightened regulatory and enforcement scrutiny to financial services institutions. Financial institutions had until July 1, 2021 to align their AML/CFT policies with the new regulation. Banks now face penalties for failure to advance their digital monitoring and detection capabilities.

As noted by Manish Chopra in American Banker, “AMLA 2020 is aimed at thwarting criminals such as drug traffickers, terrorists, and others who use the banking system to launder dirty money.” The law requires the U.S. government to set national anti-money laundering and counter-terror financing (CFT) priorities. It expands the power of the Financial Crimes Enforcement Network and grants regulators and law enforcement agencies more authority to fight financial crime. It also increases congressional oversight of the Department of Justice and Treasury, including FinCEN. In the process, AMLA 2020 creates hundreds of new requirements.

These regulations are meaningful and significant steps in the right direction: namely, to eliminate criminals’ ability to make large amounts of money obtained from crimes, such as drug trafficking, appear to have come from legitimate sources. Unfortunately, they only explicitly apply to the issuing side of the financial system, where major commercial banks or financial institutions offer payment cards to consumers on behalf of card networks such as Visa, Mastercard or American Express. The regulations do not explicitly apply to the acquiring side, where merchant banks receive the funds from transactions for merchants.

Ecommerce Opens the Floodgates to Online Money Laundering

The oversight dates to when the first round of anti-money laundering regulations was enacted two decades ago. At that time, ecommerce had not emerged as a dominant force. Today, however, money laundering has rapidly transferred from the offline world to ecommerce. Illicit online merchants can pose as legitimate businesses to be approved for merchant accounts, then conduct risky activities such as online gambling or illegally selling pharmaceuticals or counterfeit goods.

Transactional laundering is when criminals such as drug traffickers and terrorists exploit the vast ecosystem of marketplaces and payment systems by hiding behind legitimate businesses to launder dirty money. Approximately $800 billion - $2 trillion is moved through laundered transactions per year, potentially financing terrorism and criminal enterprises engaging in human trafficking, sex trafficking and drug trafficking. Introducing illegally obtained funds into the stream of legitimate commerce via merchants with approved merchant accounts allows these criminals to profit from their illicit activity.

The payment providers authorizing these transactions are usually unaware of the illegal business being conducted but can nonetheless be held accountable for facilitating it. These risks have grown exponentially during COVID. There are also greatly increased risks associated with digital transactions that are intangible (i.e., cryptocurrency vs. dollar bills), where the transfer and delivery of funds can be even harder to detect.


The New Risks for Payment Organizations

Payment organizations that unintentionally allow illegal activity to occur can be hit with steep fines from Visa and Mastercard. We also expect that the same anti-money laundering regulations currently being imposed on issuing institutions will eventually be explicitly imposed on the acquiring side of financial transactions. That makes it crucial for payment organizations to begin identifying transaction laundering before they approve merchant accounts.

We applaud AMLA 2020’s regulatory efforts. We also support extending the global fight against financial crime to merchant banks and acquiring institutions. Until those regulatory initiatives are in place, payment organizations must act to protect themselves and their customers. This should include evaluating the risks connected to the customers they serve, the products and services they offer, and the geographies where they operate.

FIs and Payment Organizations Need To:

  • Re-evaluate the way they rate customer risk and conduct due diligence.
  • Constantly update their transaction monitoring detection systems based on FinCEN’s biannual Sharing of Threat Pattern and Trend Information
  • Incorporate advanced digital technologies and modernize their operations.

EverC’s MerchantView analyzes the digital fingerprint of millions of top-level domains and billions of digital entities to reveal risk patterns and behaviors. Our advanced cyber intelligence technology, based on machine learning and artificial intelligence, enables FIs and payment organizations to make informed decisions and identify financial crime more accurately and efficiently, while improving customer experience and reducing reputational risk.

To learn more about how to protect your organization from money laundering and terrorism funding activities, contact us at