What is a Red Flag?
In Anti-Money Laundering (AML) compliance, a red flag describes a warning sign that indicates the possibility of money laundering or other criminal activity. Red flags can include transactions involving companies in sanctioned jurisdictions, large volumes, or funds being transmitted from unknown or opaque sources.
Identifying red flags is a key component of any AML strategy and regulated businesses need to have a clear process for doing so and then adequately investigating identified issues further. In some cases and jurisdictions, regulated businesses will also need to submit Suspicious Activity Reports (SARs) to relevant authorities following the identification of a red flag among their clients.
Red flag categories
Global regulatory watchdog the Financial Action Task Force (FATF) has compiled a list of numerous red flags related to the Virtual Asset industry, which it has separated into six broad categories:
Red flags related to transactions: for example, large transaction volumes or multiple transactions of small volumes
Red flags related to transaction patterns: irregular, unusual or uncommon transaction patterns
Red flags in the source of funds or wealth: when the source of funds is opaque or obscured by multiple ownership layers and the lack of a tax record — or associated with known criminal networks
Red flags related to anonymity: when transactions are originating or being sent to unknown or non-identifiable individuals or entities
Red flag indicators about senders or recipients: when there are irregularities detected in the Known Your Customer (KYC) process, such as multiple accounts being created for the same person
Red flag indicators related to geographical risks: if a transaction party is located in geographic areas that have a high rate of money laundering activity, or are in sanctioned countries.
Other FATF warnings
The FATF provides extensive insights into the methods used by criminals to launder illegally-obtained financial proceeds, both using VAs and VASPs as well as through the traditional financial industry (FI). The FATF warns that criminals can use one or a combination of the following methods in order to attempt to integrate their illegal proceeds into the legal financial system. These include:
Misusing or exploiting client accounts: using apparently legitimate business/corporate accounts to carry out personal financial functions
Property acquisitions: investing illegally-obtained funds in hard assets such as real estate
Shell company and trust creation: often used to obscure ownership of assets obtained illegally, or used to carry out transactions and/or moeny laundering with illegal funds.
Use of bogus representatives: creating false identities in order to manage funds and deflect attention away from true perpetrators of financial crime
Lending: companies can often be used to provide loans to other in return for real assets
Top 10 AML Red Flags
Red flag #1: Suspicious sources of funds
According to the FATF report, red flags related to sources of funds include:
- Lack of transparency or insufficient information on the origin and owners of the funds
- Deposits into accounts or online wallets that are “significantly higher than ordinary with an unknown source of funds, followed by conversion to fiat currency, which may indicate theft of funds.”
- When the majority of a client’s source of wealth is “derived from investments in VAs, ICOs, or fraudulent ICOs, etc”
- Transacting with VA addresses or fiat accounts that are associated with “known fraud, extortion, or ransomware schemes, sanctioned addresses, darknet marketplaces, or other illicit websites.”
- Interactions with accounts that are known to be associate with online gaming/gambling or other high-risk sectors
Red flag #2: Unusual transactions
A major AML red flag, suspicious, inconsistent or unusual transactions should inform regulated businesses of the need to investigate them further. Although the terms “unusual” or “suspicious” are undoubtedly vague, there are certain features and behaviors that can alert a compliance manager to the need to take a closer look at a transaction. This includes:
- Large cash deposits
- Receiving and/or withdrawing significant funds without having provided evidence of its legitimate economic purpose
- The use of multiple bank accounts or virtual wallets, particular if they are from diverse jurisdictions
By using automated tools such as KYC-Chain’s Ongoing Monitoring feature, regulated businesses can keep track of their clients’ transactional activity and be automatically alerted when transaction patterns diverge from their usual rhythm or scope.
Red flag #3: Secretive clients
If an existing or potential client is unwilling to provide their KYC information, that presents a red flag that can require further investigation. According to the FATF, the type of KYC information that that corporate or individual actors try to hide includes:
- Their true identity
- Their address
- Who their beneficial owner is (if they are a company)
- Their source of funds
- The reasons and rationale for a transaction
By carrying out effective KYC as part of an onboarding process, regulated businesses should be able to acquire and verify this information — if they cannot, then in many cases the provision of services to the customer should be blocked or withdrawn.
Red flag #4: Suspicious track records
If a new customer has been convicted or implicated in money laundering and other financial crime in the past, this is a clear red flag that will need to be looked into further. In addition, the relatives or close associates of known financial criminals should also be treated as potential red flags as they are often used as conduits for illegal activity by individuals who are aware that they themselves can raise suspicions in KYC checks and audits.
Red flag #5: Adverse media references
For regulated businesses dealing with clients from more sensitive industries, or who are involved in high net worth transactions, having a clear understanding of their clients’ adverse media footprint is essential. Adverse media includes many different kinds of commentary, from references to incidences of financial and/or organized crime to associations with political figures and other compromising information.
By using automated adverse media screening as part of an Enhanced Due Diligence process, businesses can ensure that they are aware of their clients’ media profile and adverse track record.
Red flag #6: Sanctions lists
An obvious major red flag is if a customer is included on a global or national sanctions or watch list, which governments and international agencies regularly update with the names of sanctioned individuals or entities. This may be because they have been convicted or suspected of engaging in financial or other crimes, or if they are located in or do business with sanctioned entities or jurisdictions.
Red flag #7: Politically Exposed Persons (PEPs)
PEPs are individuals who have held or hold a public or government position, and therefore present a higher risk of being engaged in money laundering and financial crime. For more high risk sectors, the close associates or family members of PEPs may also be classified as such, due to their proximity to an individual with access to government funds or powers. While being a PEP does not automatically indicate that an individual has engaged in any wrongdoing, it’s important to have a clear set of procedures and protocols for choosing to provide financial or other regulated services to them.
Red flag #8: Virtual Asset transactions
While the use of virtual assets such as cryptocurrencies is rising across the world and does not in itself equate to a red flag, there are certain types of virtual asset transactions that should be treated as such. For example, if a client is regularly exchanging fiat into crypto or vice versa, this should raise a red flag that warrants further investigation into the original source of their funds.
Red flag #9: High risk industry
Following the above red flag, clients from other high risk industries should also raise suspicions and initiate a more enhanced due diligence process. These include clients engaged in gaming/online gambling, adult entertainment, precious metals traders, the arms industry, and other sectors that involve opaque transactions and fund sources.
Red flag #10: Geographic risk and irregularities
Transfers of funds to or between unusual jurisdictions should raise a red flag to regulated businesses providing financial services. In parallel, transactions originating from countries with bad track records of money laundering and corruption should also be treated with suspicion.
Are you looking for a market-leading automated KYC solution to detect your clients’ red flags? KYC-Chain’s end-to-end onboarding solution provides automated red flag detection as part of our KYC/AML tech stack. Get in touch and we’ll be happy to arrange a demo.