Elevate your Compliance with Intelect Group, our monthly round up of news items relevant to AML regulated businesses will help keep you safe, secure and on the right side of the law.
Cyber Security
Malicious web traffic
A report by Arkose Labs, a bot management and account security platform, has revealed that over 70% of all web and app traffic was malicious in the third quarter of 2023.
Automation and human fraud farms have launched attacks such as SMS fraud, web scraping, card testing, credential stuffing, and more.
The report helpfully provides explanations about what are known as ‘bots’, in other words ‘robots’ or automation.
- Basic bots are simple scripts that perform repetitive tasks like filling out forms or clicking links.
- Intelligent bots are more advanced and can mimic human behaviour, such as scrolling, typing, or moving the mouse.
- Human fraud farms are groups of people hired to manually carry out fraudulent activities, such as creating fake accounts or verifying codes.
What was also interesting from the document was information about the industries under attack. For example, in the travel and hospitality sector, 76 % of bots target websites and apps to scrape prices, availability, and reviews. The bots may also, try to book rooms, or flights, using stolen credit cards or loyalty points.
In the tech industry, 71% of bots target websites and apps to scrape product information, reviews, and prices. They will attempt to create fake accounts, post spam, or steal intellectual property.
The message here is, monitor your website for unusual behaviour. We have just had to block several IP addresses on the IRIS platform which were clearly creating fake accounts.
Due Diligence
Digital currencies and money laundering
Digital currencies are in the news again after money laundering charges were brought against the crypto exchange, Binance and its CEO, Changpeng Zhao, often referred to as ‘The King of Crypto’.
U.S authorities are alleging that Binance allowed terrorist financing for Hamas’s Al-Qassam Brigades, Al-Qaeda and ISIS, along with child sex abuse, drugs transactions, connections to Russian illicit finance, and sanctioned Iranian entities.
This once again underscores the need to be ultra cautious if you are dealing with clients and businesses that are engaged with crypto currencies. Ensure your risk assessments are thorough and recorded properly. IRIS can help you here.
Regulatory
UK Economic Crime and Corporate Transparency Act 2023
The UK’s Economic Crime and Corporate Transparency Act (ECCTA) is set to create significant regulatory obligations for businesses in 2024.
This will include that,
New and existing company directors, as well as Persons with Significant Control (PSCs), will have to verify their identity with Companies House.
Companies will no longer need to maintain their own register of directors, register of directors’ residential addresses, register of secretaries, and register of persons with significant control. This data will be held centrally by Companies House.
A large organisation will incur criminal liability where a person associated with it (e.g. an employee, agent, subsidiary, or other person that performs services on its behalf) commits a fraud offence intending to benefit the organisation and the organisation does not have reasonable fraud prevention procedures in place.
A large organisation is defined as fulfilling at least two of the following categories,
Turnover – more than £36 million.
Balance sheet total – more than £18 million.
Number of employees – more than 250.
Need help with verifying identity? IRIS has the ability to check passports, conduct risk assessments and a range of online searches.
