On September 2, 2020, SWIFT, together with BAE Systems, publishes “Follow the Money” report detailing the types of cyber-heist financial institutions are exposed to and providing best practices to mitigate the latter.
The report outlines the different methods (supported by concrete examples) used by criminals to launder money during the three stages of money laundering (i.e. placement, layering and integration).
To mitigate these risks the report provides various strategies that includes:
Information sharing technologies, to enhance the exchange of information between financial institutions and law enforcement agencies, but also between financial institutions (including through machine learning).
Augmented sharing of risk factors pertaining to FATF high risk jurisdiction by, among others, disseminating key findings from investigations related to nefarious activities across the international financial system.
Money-Mule initiatives such as the UK Don’t Be Fooled campaign that aims to deter young people from becoming money-mules.
Compliance and reporting enhancements, including stronger customer due diligence measures across financial institutions, to include the identification and verification of customers and the beneficial owner, as well as clarifying the purpose and intended nature of the business relationship.
Investing in data centric security and providing regular training to staff.
This report is timely and of critical importance, and although not binding, interested entities should carefully look into the latter and assess and update, where applicable, their current processes or risk mitigations techniques accordingly.
Indeed, and as outlined in the report, these cyber-attacks will evolve overtime (extending in scope to include attacks relating to cryptocurrencies), have greater impact on firms’ operations but could also significantly and negatively impacted customers and their financial institution’s reputation.
The report can be found here: