Transaction Laundering

Transaction Laundering May Cause Hundreds of Billions of Dollars in eCommerce Losses This Year

Transaction laundering is a massive problem for anyone operating in the payments space. While it primarily impacts financial institutions, there are consequences for merchants and other players as well.

What is transaction laundering, though? Who ultimately pays the price for this brand of criminal activity? In this post, we’ll delve into these questions, and examine what’s at stake specifically as it relates to eCommerce merchants.

What is Transaction Laundering?

Transaction Laundering

[noun]træn ● zæk ● ʃən ● lɔn ● dɚ ● rɪŋ

Transaction laundering is a process by which fraudsters disguise themselves as legitimate merchants and begin working with an acquirer to process payments. Unbeknownst to the acquirer, the fraudster is actually using their account to launder revenue from criminal activity.

Transaction laundering is a form of money laundering. The end goal of money laundering is to take funds acquired through illegal means and make it so that they cannot be traced back to that illegal activity. eCommerce transactions can be a means to carry this out.

This is a serious matter. Risk intelligence and transaction laundering detection firm EverCompliant estimates that criminals laundered $352 billion globally through eCommerce channels in 2016. That’s greater than the nominal GDP of the entire nation of Denmark!

All indicators suggest that the problem has only gotten worse in the years since. And, as alluded to above, such a massive liability is going to have far-reaching ramifications for the entire payments ecosystem.

Facing New Threats in the Payments Process?

Find out what Chargebacks911® can do to help eliminate your risk. Contact us today.

Why is Transaction Laundering so Hard to Detect?

Conventional fraud detection tactics have proven to be less than effective at stopping transaction laundering. This is the result of a few different issues:

Complexity of Payments

The payments process is much more complicated than it appears at first glance. A single transaction can pass through a cardholder, a merchant, issuers, acquirers, card networks, gateways, processors, and other third-party vendors. The process is very opaque, which can make it difficult for financial institutions to pinpoint fraudulent activity.

Multiple Web Portals

A criminal engaged in transaction laundering might accept transactions through hidden websites without the acquirer’s knowledge. Fraud detection tools available to banks are often unable to identify this activity.

Website Hijacking

A merchant’s site may be used for criminal activity and the merchant may not even be aware of it. The site could be leveraged as a shadow site, or through abuse of the merchant’s affiliate program.

Use of Anonymous Cards

Virtual card numbers, business cards, and prepaid cards are not tied to the user’s identity in the same way as a credit or debit card. A fraudster may run multiple fraudulent transactions using fake or stolen card information.

This is not an exhaustive list. There are other practices that might expose financial institutions to transaction laundering.

How Does Transaction Laundering Work?

There are multiple methods a fraudster can employ to engage in transaction laundering. The merchant may not know their site is being used, or they may be acting in coordination with the fraudster. In some cases, the fraudsters might impersonate a merchant to conduct the fraud themselves.

Fraudsters can also engage in “pass-through” attacks, in which they embed a payment link in an illegal site. Or, they might set up a complete fake eCommerce site that they can use as a “front” operation. For our purposes, we’re going to focus on the ways in which legitimate merchants can become victims of these schemes.

How Transaction Laundering Hurts Merchants

It’s true that acquirers face the brunt of liability for transaction laundering. Acquirers are required to verify their merchants before they agree to take on their business. The theory is,  if the bank allows fraud to slip through undetected, they face liability for that bad activity.

That’s not to say that transaction laundering doesn’t carry consequences for legitimate merchants, though. Merchants can face blowback from these schemes, depending on what tactic the fraudster decided to employ.

This is already a well-established merchant problem labeled “affiliate fraud.” It drives chargeback volume, more than doubling merchant revenue losses and causing long-term stress for businesses. In 2020 alone, the financial impact of affiliate fraud on merchants was estimated to be $6.8 billion.

Become a Full-Fledged Chargeback Genius

The only resource you need to become an expert on chargebacks, customer disputes, and friendly fraud.

Download the Guide

There are indirect consequences to consider, too. Increased costs for banks can mean higher processing fees for merchants across the board. This will result in stricter standards for compliance, with less leeway for error.

There’s also the risk that a merchant will be implicated in criminal activity, despite being completely unaware that it happened. This could make other acquirers view the merchant as more inherently risky and refuse to do business with them. There could even be legal consequences, with costly legal fees required to disentangle oneself from liability.

Merchants should take steps to make sure they’re an unwitting accessory in this behavior. Preventing losses resulting from account compromise and funneling are both reliant on merchant cybersecurity protocols. Practices like standardization and encryption of all stored data are important, as is careful training of staff members who come into contact with merchant financial information.

What About Affiliate Fraud?

Affiliate fraud is the outlier here in terms of transaction laundering. In these cases, criminals are not trying to launder money by passing it through a merchant as an entity; therefore, cybersecurity standards would have no impact. Instead, fraudsters monetize stolen information by submitting fake transactions and claiming unearned commissions, then leaving the merchant to deal with the resulting chargebacks.

Maintaining an affiliate marketing campaign can be extremely lucrative for merchants. Fraudsters can employ numerous tactics to worm their way in, though, including adware, domain squatting, and more. Any one of these methods can cause an otherwise profitable campaign to collapse into a major source of revenue loss.

The best approaches to deal with this threat are:

Review Affiliate Program Terms and Conditions

Keeping terms and conditions up-to-date is one way to close loopholes and prevent affiliate fraud. A good attorney can catch exploitable factors that a merchant might miss. Of course, this also relies on the merchant upholding their terms and ensuring that affiliates are compliant.

Keep an Eye on KPIs

Managing an affiliate program can be difficult because of the opaqueness of the process. Raw data and relevant KPIs, including information from referring sites, sub-affiliate networks, IP addresses, and transaction trends, are all valuable sources of insight. Deviations—even seemingly good ones—can suggest that something is not right.

Seek Help

Merchants don’t have to face the threat posed by affiliate fraud alone. Chargebacks911 offers the industry’s only comprehensive solution for affiliate fraud management. With Affiliate Fraud Shield from Chargebacks911, merchants can eliminate criminal activity, stop bad traffic, and protect their revenue. Click here to learn more.

Transaction laundering is a serious matter for eCommerce. With the right strategies in place, though, merchants can protect their businesses, prevent loss, and preserve their relationships with financial institutions.