Money Mules - An Identity Crisis

Money mules are a hot topic in fraud prevention circles these days. But wait a minute, isn't that more of an AML issue? I mean the literal definition of money laundering is "concealing the origins of illegally obtained money". That's money muling to a T. However, when you look across the lifecycle of muling activity, it becomes more complex. And when it comes to categorizing money mules within a specific fraud/AML use case, mules indeed have an identity crisis.

Ideally, fraud teams are monitoring for money mules at the front door when folks apply for a DDA account. This is a great time to alert to suspicious activity that may indicate a potential mule and one of the best ways to do this is with application monitoring that looks at post-book transaction behavior. The applicant may pre-load multiple beneficiaries right after the application, but not make any payments. This is done to avoid detection at the time of payment, since adding the beneficiary and payment are done weeks or months apart. Sometimes fraudsters will pay money in and out of mule accounts just to see if it's active. Therefore, it's good to keep an eye out for small value, frequent test payments. In the context discussed here, money mules are part of the holistic application fraud journey.

If we pivot to payments fraud (non-plastics) use cases, money mules surface again. Clearly the previously discussed test payments would fall into this category, but there are plenty of other payments to consider. When criminals commit payment fraud (whether that's account takeover or authorized payment scams), they need to send the funds to an account they control and easily move the money. These accounts are often money mules who are then instructed to hop the funds around between a network of mules to make it virtually untraceable. In this context, money mules fall into the tail end of payments fraud.

Finally, we have their most obvious classification: money laundering. AML teams are aware of the risk money mules pose and the challenge in detecting these networks that launder funds. Unfortunately, many AML teams are split off from the fraud teams and isolated from the data that would help them understand the full lifecycle of the mule account. Also, AML's remit is different than that of fraud teams. AML operations are more reactive, and reporting focused as opposed to proactively shutting down these networks.

The identity crisis of mule classification, along with siloed fraud and AML teams, have led to challenges in money mule detection. Teams either don't know they play a role in stopping money mules or are unable to collaborate well with other teams to build a holistic profile. We have seen smaller, challenger banks be a bit more agile when it comes to building a FRAML department that does a better job of blending the data, processes and resources.

An added layer of confusion comes when exploring technology solutions to combat money mules. Often you come across disparate technology and approaches that are point solutions attacking the problem from a narrow focus. It's important to look at money mules as a holistic fraud and AML problem that is most effectively understood across application, payments and money laundering behavior. This doesn't mean you need to merge all data, technology and teams at once, but it does mean your technology should be flexible. It should be able to ingest a variety data sources and understand behavioral anomalies at any point in the money mule journey. This way, as your fraud strategy evolves and data and teams become more aligned, you have the right technology to tie it all together.