Here is how a talented merchant distributing illegal goods can slip through and bypass detection from banks. The first steps are the same; this merchant would apply for a legitimate merchant account using an authentic registered website, but establish another website to distribute the illegal goods. The difference is, this merchant would implement a method to redirect or aggregate the payment process from the website distributing illegal goods to the authentic website payment system, such that the illegal website can share the payment account of the legitimate website, which the bank does not know about. This practice is called Transaction Laundering or Payment Aggregation.
Identified above is just the simplest form of Transaction Laundering with a bank. In more complex situations, these processes could involve several parties. The most common practice is when dishonest merchants aggregate credit card payments through one or more payment service providers’ (PSP) facilities to make it harder to uncover.
Mastercard defines Transaction Laundering as “the action whereby a merchant processes payment card transactions on behalf of another merchant”. Very often there are multiple unregistered websites behind the registered merchant site. Regardless of the legitimacy of goods being sold in the unregistered websites, Transaction Laundering itself violates rules and regulations.
There are two main reasons why over 90% of illegal transactions are done by Transaction Laundering. Firstly, it is difficult to be detected by banks and other regulators no matter by web crawling or manual checking. Secondly, the descriptor of the illegal transaction will be indicated as the authentic website rather than the illegal website on the customer’s credit card statement. Thus, these illegal activities are well disguised and as an outcome, both sellers and buyers can hide their illegal activities. However, banks and PSPs are penalised and incur a financial loss for these illegal transactions.
Risks to Banks and PSPs
Transaction Laundering can produce various risks that detriment banks’ and payment service providers’ company image as well as result in financial losses. Here are some examples:
- Violating the Visa GBPP, Mastercard BRAM and UnionPay’s regulations
- Disobeying the Anti-Money Laundering and Sanction law
- Letting those high-risk transactions enter the payment system
While technologies make online payment faster, cheaper and anonymous, Transaction Laundering becomes an increasingly popular tool for money laundering and illicit transactions.
Austreme has the world leading Transaction Laundering Detection technology to help acquirers, banks and PSPs to detect hidden websites that use their facilities. Moreover, its system helps clients detect any high-risk content or goods (e.g. pornography, gambling, drugs, IP infringement) in these hidden websites.
Austreme was the first in the world to invent TLD solution in 2010. Austreme is also the only TLD service provider which complies with PCI-DSS audited by Qualified Security Assessor (QSA), which is a widely accepted common security standard by the top 5 card brands (Visa, Mastercard, American Express, JCB and Discover). With one of the most reliable and advanced technologies in the industry, Austreme has been a registered Mastercard Merchant Monitoring Service Provider (MMSP) since 2015, and their clients will receive a penalty waiver in case of rule violations. In its growing big data, there are over 30 million websites being monitored and analyzed daily, so that its system can continuously grow and remain updated.