Exploring how Cyber security and Anti Money Laundering go hand-in-hand

Anti Money laundering and cyber security cybergate your cyber security partner

Exploring how Cyber security and Anti Money Laundering go hand-in-hand


Anti Money laundering and cyber security

One might ask how cyber security is related to anti money laundering. Regulated businesses collect sensitive information about their customers and their dealings and store such data in information-rich AML systems. These systems include data pertaining to identity verification, source of wealth, source of funds for specific transactions, adverse media reports, sanction list checks and in some instances PEP checks as well.

This data is a key component to pursue business goals and grow operations. A vulnerability in such systems and applications, can lead to data breaches that paralyse regulated business because of fines, lawsuits and licence revocation.

After that around six years ago the Financial Crime Enforcement Network, known as FinCEN, released the cyber security guide, financial services institutions and regulated entities worked (and are still working) to incorporate compliance departments into information management and security departments.

Key personnel such as MLROs and top management in banks, credit institutions and other financial services firms understand the onerous responsibility of both worlds and merged the two worlds together. When deploying efforts of anti-fraud and anti-money laundering technical specialists including cyber security specialists are more often than not involved to analyse elements such as IP addresses and identity theft that in turn will aid in the drafting of a suspicious activity report (SAR) – which is key to the cyber integration program. Such events need to be reported to the relevant authorities, as they pose a significant threat to consumers and the country’s financial system.

The suspicious activity report is a mechanism that tracks suspicious activities that are unusual. It is an integral part of AML laws and regulations and its primary purpose is to identify customers involved in economic crime, money laundering, fraud and terrorist funding. Through source of funds checks, funds coming from social engineering hacking activities should be flagged. In related fashion, funds generated through scammy business activities online are also marked as suspicious, the day when funds end up in a regulated financial system in a reputable jurisdiction (not a tax haven).

Information and cyber security is also closely connected with SAR information as any cyber incident is to be considered as a suspicious transaction. Information related to elements such as IP addresses, virtual wallet information and cyber incident details should all be captured for each incident and filed with the relevant authorities. From the perspective of an AML and KYC check provider, these need to put in all the efforts to ensure that all the captured data through onboarding or ongoing transactioning are protected and datasets such as black-listed directors or sanction/s lists are defended against unauthorised access.

Given the closeness of AML to cyber and information security, information sharing is crucial. The FinCEN guidance, of 2016, makes specific reference to three definitions related to cyber security, namely: cyber-event, cyber-enabled crime and cyber-related information. ‘Cyber-event’ refers to an attempt to compromise or even gain unauthorised-access to digital systems, services or resources (including data). ‘Cyber-enabled Crime’ refers to illicit activities like fraud, money laundering and identity theft, that are carried out by scripts and electronic systems.

And thirdly ‘Cyber-related information’ refers to electronic behaviour mostly regarding persons’ digital footprints and actions.
A CISO is of utmost importance in regulated business, as it is the professional who sets the security strategy and oversees the daily threat and cyber risks management and mitigation.

A practical example of a high-profile attack that saw a hacker group steal $81bn from Bangladesh’s central bank and move the funds around the world swiftly – shows that cyber security and money laundering, financial crime, terrorist funding and fraud are nowadays closely coupled. An organisation’s strategy needs to have anti-fraud, anti-money laundering and cyber security tightly tied inside the top priority tier, with adequate budgets to implement employee training, implement the right tools and constantly monitor and assess for vulnerabilities (not only when external auditors are visiting!).

Present a united front against cyber crime. Discover more. Get in touch.

    We are here to help




    francesco mifsud cybergate your cyber security partner
    Francesco Mifsud
    [email protected]

    I live and breathe cyber security and everything else in the discipline. With around a decade of experience in the industry I have had the opportunity to develop skills in penetration testing, cloud security, reverse engineering & exploit development, application security engineering, management and organisation-wide cyber security strategy. I hold a well-rounded set of security certifications such as OSCP, eWPTX and CISSP and have delivered training & workshops at some of the most prestigious hacking conferences such as DEF CON, BRU CON, BSides London and BSides Manchester.