• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Cybercrime   »   Risk and Reward of Alternative Payment Systems

Risk and Reward of Alternative Payment Systems

  • Posted on:October 26, 2016
  • Posted in:Cybercrime, Security, Underground Economy
  • Posted by:
    Ed Cabrera (Chief Cybersecurity Officer)
0

The explosive growth of alternative payment systems (APS) globally has posed great opportunities for businesses and consumers alike but equally has posed significant challenges for international law enforcement and regulators. Not only are we seeing innovation and disruptive technology from non-banking payment service providers growing out of Silicon Valley but we are also seeing traditional banking entities look to adopt some of the same advances to improve or create new service offerings. The amount of investment in financial technology (FinTech) has reached record highs. In 2015, the amount of venture capital investments in FinTech reached $22 billion, which was a 75% increase from the previous year.

As these new technologies in banking, retail and even gaming are being adopted for legitimate use, cybercriminals, drug cartels and terrorist groups are abusing digital currencies and other APS(s) to fuel underground criminal economies, finance terrorism but also to launder money across international borders. Transnational criminals as members of illicit websites and forums abuse APS(s) to buy / sell stolen data, contraband, and cybercriminal services and tools. According some reporting, global money laundering schemes are estimated at 2 to 5% of global GDP, or roughly $1-2 trillion annually and estimated in the United State at $300 billion in illicit proceeds.

According to U.S. Secret Service testimony on the risks of virtual currencies, cybercriminals are always looking for alternative payment systems that offer anonymity for both users and transactions; ability to move illicit proceeds quickly internationally; low volatility, which results in lower exchange risk; widespread adoption in the criminal undergrounds; and ultimately trustworthy and reliable systems.

Although enforcement has been challenging, U.S. and international law enforcement along with regulators have had some wins in recent years to combat money laundering evolving in alternative payment systems.

  • In 2008, in Washington, D.C., e-Gold Ltd., the administrator for the centralized virtual currency e-Gold, and its three principal directors and owners, pleaded guilty to criminal charges relating to money laundering and operating an illegal money transmitting business.
  • In 2013, in New York, Western Express International, Inc., a virtual currency exchanger for e- Gold and WebMoney, and its president pleaded guilty to money laundering and other charges brought by the Manhattan District Attorney.
  • In May 2015, the Financial Crimes Enforcement Network (FinCEN) assessed a $700,000 civil money penalty against Ripple Labs, a digital currency operator, for its failure to register as an MSB and its failure to implement and maintain an adequate AML program.
  • In January 2016, Liberty Reserve’s co-founder pleaded guilty to money laundering conspiracy and acknowledged that Liberty Reserve was being used for criminal activity. 

Challenges going forward with alternative payment systems are still many. As money service businesses (MSBs), they are subject to the Bank Secrecy Act’s (BSA) and are required to: register with the Treasury Department; develop an effective anti-money laundering (AML) program; file Currency Transaction Reports for transactions that exceed $10,000; and file Suspicious Activity Reports (“SARs”). Additionally, MSBs under the USA PATRIOT Act are required to have “know your customer” (KYC) programs in place.  Not complying with these requirements, MSBs run the risk of being abused and face steep civil and criminal consequences. However, the greatest risk is that they face is becoming unwitting participants in criminal underground economies which are behind and responsible for the daily data breaches occurring around the world.

Disrupting or degrading the financial infrastructure of transnational cybercriminals has been the strategic goal of federal and international law enforcement. However, in the future a more concerted effort is required to build stronger public-private partnerships between MSBs, security companies, and law enforcement to dry up these growing international money pipelines and bringing to justice those responsible.

Related posts:

  1. Beyond the bank: Payment systems under attack
  2. Target breach shows need to create more secure payment systems.
  3. How much of a skimming risk is the Coin smart payment card?
  4. What puts cloud systems at risk?

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.