.svg)
European criminals are increasingly using buy now, payer later (BNPL), artificial intelligence (AI) and virtual IBANS (vIBANS) to steal and launder funds, a new report has claimed.
In a new threat assessment report published by Europol, European criminals are said to be exploiting weaknesses in the BNPL application process to use these services for fraud theft.
The report, which is Europol’s first ever European Financial and Economic Crime Threat Assessment, seeks to provide an in-depth assessment of emerging technologies and their use in financial crime.
"Since BNPL services do not conduct formal credit checks, offenders can often pass the algorithmic checks and use legitimate users’ accounts to illicitly order items," the report warns.
BNPL services have grown significantly in Europe in recents years, with Klarna announcing last month that more than 100m people on the continent have used its services.
This is not the first time that issues with BNPL and its vulnerability to fraud have been highlighted.
In 2021, for example, Reuters reported that identity theft complaints involving BNPL services in Australia doubled compared with the previous year.
IDCare, an Australian and New Zealand consumer group, provided data to Reuters showing that incident reports involving BNPL had risen to more than 1,600 in Australia in 2021.
Artificially intelligent crime
Europol’s threat assessment report also identifies AI, machine learning and deepfake technology as growing sources of financial crime.
Chat-bots based on AI, such as ChatGPT, could be easily used in online fraud schemes, Europol warns.
"Deepfake technology can help circumvent remote on-boarding measures," the report says. "CEO fraud is a particular risk, as information on high-profile figures at financial institutions is publicly available."
Last year, for example, Binance reported that scammers had built a deepfake representation of Patrick Hillman, its chief communications officer, in an attempt to defraud crypto teams that wanted to see their tokens listed on the exchange.
The scammers had been using an “impersonated hologram” of Hillman during video calls on Zoom to trick the victims into handing over their tokens for nothing.
Europol’s inaugural threat assessment on financial and economic crimes leverages operational insights and strategic intelligence provided by EU member states and Europol’s partners, such as the UK, Albania and Switzerland.
The report found that almost 70 percent of criminal networks operating in the EU make use of one form of money laundering or another to fund their activities and conceal their assets.
Europol has also uncovered that many key players in financial crime in the EU are based outside the EU.
The digital acceleration
Europol concludes that online services have resulted in a “significant increase” in “cyber-enabled financial and economic crime”.
Financial crime performed through the use of computer technology is "particularly attractive” to criminals, says Europol, as it helps to “obscure money flows and allows faster and greater profits”.
In particular, the cyber component offers serious and organised crime a greater pool of targets to victimise multiple times.
At the same time, Europol argues that these opportunities have led criminals to develop new technologies that allow them to remain anonymous and to collaborate more easily with other criminals.
"Encrypted messaging apps, dark web marketplaces, cryptocurrencies and other privacy-enhancing technologies protect their identity, making law enforcement detection increasingly challenging," says Europol.
Rapid technological advances in the financial sector have also been taken on by criminals as opportunities, Europol adds.
For example, the report warns that fintech provides “many opportunities for criminal abuse".
In July, a survey published by software firm SmartSearch found that almost half (47 percent) of fintechs have filed an increased number of suspicious activity reports (SARs) over the previous six months.
In addition, Europol warns that other developments in finance have led to the arrival of digital banking and/or neobanks.
Although Europol acknowledges that these are increasingly popular, the regulator warns that they are often "growing quickly” and at the “expense of proper compliance processes".
This risks are disproportionate to rates of financial fraud and money laundering offences, Europol warns.
vIBANS a gift for financial crime
Virtual IBANs (vIBANs) are another issue raised by Europol's assessment.
Although they can enable fast international payments that mask the identity of the master account, the issuer, and country of origin, this makes it harder to detect suspicious transactions, adding an extra step to investigations.
"The misuse of vIBANs has been observed in recent criminal investigations into various fraud types," Europol says.
The risks regarding vIBANs have also been raised recently by the European Banking Authority (EBA).
Risks surrounding their use have prompted the regulator to recommend that the European Commission clarify supervisory rules for vIBANS.
