Transaction Laundering May Cause Hundreds of Billions of Dollars in eCommerce Losses This Year
Transaction laundering is a massive problem for anyone operating in the payments space. While it primarily impacts financial institutions, there are consequences for merchants and other players as well.
What is transaction laundering, though? Who ultimately pays the price for this brand of criminal activity? In this post, we’ll delve into these questions, and examine what’s at stake specifically as it relates to eCommerce merchants.
- Transaction Laundering
Transaction laundering is a process by which fraudsters disguise themselves as legitimate merchants and begin working with an acquirer to process payments. Unbeknownst to the acquirer, the fraudster is actually using their account to launder revenue from criminal activity.
[noun]træn ● zæk ● ʃən ● lɔn ● dɚ ● rɪŋ
This is a serious matter; risk intelligence and transaction laundering detection firm EverCompliant estimates that criminals laundered $352 billion globally through eCommerce channels in 2016. That’s greater than the nominal GDP of the entire nation of Denmark!
All indicators suggest that the problem has only gotten worse in the years since. And, as alluded to above, such a massive liability is going to have far-reaching ramifications for the entire payments ecosystem.
Facing New Threats in the Payments Process?
Find out what Chargebacks911® can do to help eliminate your risk. Contact us today.
Why is Transaction Laundering so Hard to Detect?
Conventional fraud detection tactics have proven to be less than effective at stopping transaction laundering. This is the result of a few different issues:
Complexity of Payments
The payments process is much more complicated than it appears at first glance. A single transaction can pass through a cardholder, a merchant, issuers, acquirers, card networks, gateways, processors, and other third-party vendors. The process is very opaque, which can make it difficult for financial institutions to pinpoint fraudulent activity.
Multiple Web Portals
A criminal engaged in transaction laundering might accept transactions through hidden websites without the acquirer’s knowledge. Fraud detection tools available to banks are often unable to identify this activity.
A merchant’s site may be used for criminal activity and the merchant may not even be aware of it. The site could be leveraged as a shadow site, or through abuse of the merchant’s affiliate program.
Use of Anonymous Cards
Virtual card numbers, business cards, and prepaid cards are not tied to the user’s identity in the same way as a credit or debit card. A fraudster may run multiple fraudulent transactions using fake or stolen card information.
This is not an exhaustive list. There are other practices that might expose financial institutions to transaction laundering.
How Does Transaction Laundering Work?
There are multiple methods a fraudster can employ to engage in transaction laundering. The merchant may not know their site is being used, or they may be acting in coordination with the fraudster. In some cases, the fraudsters might impersonate a merchant to conduct the fraud themselves.
Fraudsters can also engage in “pass-through” attacks, in which they embed a payment link in an illegal site. Or, they might set up a complete fake eCommerce site that they can use as a “front” operation. For our purposes, we’re going to focus on the ways in which legitimate merchants can become victims of these schemes.
By gaining access to a merchant’s account information, criminals can leverage the data to take over the account and run bad transactions.
Fraudsters use a merchant’s account to deposit illegal funds, then withdraw the money immediately from a different geographic location.
The criminal runs transactions by using stolen cardholder information to profit off of unearned commissions.
How Transaction Laundering Hurts Merchants
It’s true that acquirers face the brunt of liability for transaction laundering. Acquirers are required to verify their merchants before they agree to take on their business. The theory is, if the bank allows fraud to slip through undetected, they face liability for that bad activity.
That’s not to say that transaction laundering doesn’t carry consequences for legitimate merchants, though. Merchants can face blowback from these schemes, depending on what tactic the fraudster decided to employ.
This is already a well-established merchant problem labeled “affiliate fraud.” It drives chargeback volume, more than doubling merchant revenue losses and causing long-term stress for businesses. In 2020 alone, the financial impact of affiliate fraud on merchants was estimated to be $6.8 billion.
The 2021 Chargeback Field Report
The 2021 Chargeback Field Report is now available. Based on a survey of over 400 US and UK merchants, the report presents a comprehensive, cross-vertical look at the current state of chargebacks and chargeback management.Free Download
There are indirect consequences to consider, too. Increased costs for banks can mean higher processing fees for merchants across the board. This will result in stricter standards for compliance, with less leeway for error.
There’s also the risk that a merchant will be implicated in criminal activity, despite being completely unaware that it happened. This could make other acquirers view the merchant as more inherently risky and refuse to do business with them. There could even be legal consequences, with costly legal fees required to disentangle oneself from liability.
Merchants should take steps to make sure they’re an unwitting accessory in this behavior. Preventing losses resulting from account compromise and funneling are both reliant on merchant cybersecurity protocols. Practices like standardization and encryption of all stored data are important, as is careful training of staff members who come into contact with merchant financial information.
What About Affiliate Fraud?
Affiliate fraud is the outlier here in terms of transaction laundering. In these cases, criminals are not trying to launder money by passing it through a merchant as an entity; therefore, cybersecurity standards would have no impact. Instead, fraudsters monetize stolen information by submitting fake transactions and claiming unearned commissions, then leaving the merchant to deal with the resulting chargebacks.
Maintaining an affiliate marketing campaign can be extremely lucrative for merchants. Fraudsters can employ numerous tactics to worm their way in, though, including adware, domain squatting, and more. Any one of these methods can cause an otherwise profitable campaign to collapse into a major source of revenue loss.
The best approaches to deal with this threat are:
Review Affiliate Program Terms and Conditions
Keeping terms and conditions up-to-date is one way to close loopholes and prevent affiliate fraud. A good attorney can catch exploitable factors that a merchant might miss. Of course, this also relies on the merchant upholding their terms and ensuring that affiliates are compliant.
Keep an Eye on KPIs
Managing an affiliate program can be difficult because of the opaqueness of the process. Raw data and relevant KPIs, including information from referring sites, sub-affiliate networks, IP addresses, and transaction trends, are all valuable sources of insight. Deviations—even seemingly good ones—can suggest that something is not right.
Merchants don’t have to face the threat posed by affiliate fraud alone. Chargebacks911 offers the industry’s only comprehensive solution for affiliate fraud management. With Affiliate Fraud Shield from Chargebacks911, merchants can eliminate criminal activity, stop bad traffic, and protect their revenue. Click here to learn more.
Transaction laundering is a serious matter for eCommerce. With the right strategies in place, though, merchants can protect their businesses, prevent loss, and preserve their relationships with financial institutions.
What is transaction laundering?
Transaction laundering is a process by which fraudsters disguise themselves as a legitimate business and begin working with an acquirer to process payments. Unbeknownst to the acquirer, the fraudster is actually using the account to launder revenue from criminal activity.
Is transaction laundering the same as money laundering?
Yes. Transaction laundering is a form of money laundering. The end goal of money laundering is to take funds acquired through illegal means, and make it so that they cannot be traced back to that illegal activity. eCommerce transactions are a means to carry this out.
Is transaction laundering illegal?
Yes. Like any form of money laundering, transaction laundering is a form of financial misrepresentation. It is punishable in the US with fines, civil suits, and possible jail time.
Are there multiple ways to commit transaction laundering?
Yes. Some transaction laundering tactics rely on the cooperation of a merchant, or for the fraudster to impersonate a legitimate merchant. However, there are tactics that can allow a criminal to conduct this activity without a merchant’s knowledge.
Is affiliate fraud related to transaction laundering?
Yes. Affiliate fraud can be a means to engage in transaction laundering. A fraudster who has access to stolen cardholder information can monetize that data and effectively launder their fraud by submitting transactions to claim unearned affiliate commissions.