Terrorist Financing

Common Indicators & Best Practices for CTF

Subscribe to our newsletter!

Please fill out the form below:

Click on the bookmark to view chapters of this webpage
Click on the bookmark to view chapters of this webpage

Terrorism financing is actually extremely hard to detect—criminals go a long way in disguising where the money is coming from to avoid tipping off authorities and to cover their trail. Sure, it’s a financial crime in and of itself, but the greater problem is what’s being funded—by stopping the source of funds, FIs can do their part to stave off terrorism.

In many ways, terrorist groups function like criminal organizations (as we’ll discuss later on), marshaling, distributing, and managing funds to commit acts of terror. Read on to learn what terrorist financing is, the main indicators to look for, and best practices for Counter-Terrorist Financing (CTF).

New call-to-action

What is Terrorist Financing?

Terrorist financing refers to the process of providing funds or financial support to individual terrorists or terrorist organizations. Both legally obtained and illicitly obtained funds can be used for terrorism financing.

It can be very tricky for organizations to prevent terrorism financing, as there is no universal list of terrorist individuals or organizations. Each country maintains their own lists—in the United States, this list is managed by the Office of Foreign Assets Control (OFAC). Despite the original source of funds often being illicit, terrorists often attempt to use ‘clean’ money to fund their efforts to remain undetected and hide their tracks.

Modern terrorist groups use new technologies with low regulations, such as crypto—but they also target traditional banks to facilitate the money laundering that enables them to spend illicit funds freely.

Despite there being no direct connection between the two, money laundering and terrorist financing are often related in practice. Let’s define this relationship before diving into the best practices for preventing terrorism financing.

Money Laundering and Terrorist Financing

Money laundering and terrorist financing are two very different acts in and of themselves—the former involves separating illicitly gained funds from the criminal acts used to obtain them; the latter involves marshaling funds for criminal activity. Both activities abuse the financial industry and the financial system for criminal purposes.

However, most criminal activity is funded through proceeds of crime, intertwining the concepts of money laundering and terrorist financing. Funds are often gained through narcotics distribution, black market goods (notably oil), and other criminal enterprises; some fraudsters even leverage cash businesses like car dealerships, taxi companies, and laundromats to hide the proceeds of their crime.

While the activities are very different, the concepts of money laundering and terrorist financing are intrinsically linked, making Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) core components of most risk and compliance teams’ programs.

Terrorist Financing Red Flags to Watch For

At first glance, it’s often challenging to tell the difference between terrorist financing and the funding of organized crime. The fact is, terrorist groups are themselves organized crime groups.

For each case, organizations will need to investigate the suspicious activity and the context surrounding it, reviewing any related information they have access to. With deeper analysis, teams can determine whether they’re dealing with suspicious activity that could amount to terrorism financing.

While organized crime and terrorism funding are difficult to differentiate, that’s not of concern to the FIs looking to protect their platform—and users—from financial crime. They’ll still want to identify both activities, and report them to the proper authorities for further investigation.

Below, we explore some red flags to look for to uncover terrorism financings (and organized crime):

  • Account transactions that use an irregular method of deposit or withdrawal (cash, cheques, wire transfers, etc.)
  • Transactions values that are inconsistent with previous account behavior or transaction patterns
  • Transactions that amount to ‘structuring’ at a single branch or multiple branches
  • Transactions between bank accounts of related entities or charities, with no legitimate reason for the activity
  • Transactions that are in some way tied to countries on the FATF blacklist or OFAC sanctions list
  • Transactions with no clear purpose that come from, go to, or pass through locations of concern, such as sanctioned countries (especially high-volume transactions)
  • Transactions—even charitable donations—to nations that are known banking and tax havens or jurisdictions with weak AML regulations
  • Transactions that seemingly have no legitimate economic purpose for the parties involved
  • Charitable organizations that have a lack fundraising activity, but a large volume of charitable transactions in or out
  • Transactions in some way linked to Politically Exposed Persons (PEPs), especially if those individuals are tied to countries that have been sanctioned, blacklisted, or greylisted
  • Organizations that have overlapping corporate officers, bank signatories, beneficial owners, addresses, or other similarly identifiable information
  • Customers that submit incomplete or suspicious proof of identity that is difficult to authenticate during KYC procedures

Again, the above traits could also be synonymous with organized crime, so it will be difficult to immediately tell if activity is related to terrorist financing. By escalating cases that show any of the indicators above, organizations can determine if activity amounts to terrorism financing or organized crime. Either way, they’ll want to report the activity to the authorities via SAR filing so it can be investigated by law enforcement.

Best Practices for Counter-Terrorist Financing

To truly root out terrorism financing, teams are going to need to implement an effective AML/CTF program—one that leverages solutions that accurately identify and prevent terrorism financing. Below, we cover some of the best methods for stopping the funding of terrorism:

Verify Customer Identities

A core component of CTF is ensuring you’re doing business with customers that aren’t threatening your—or national—security. Knowing your customer is the first step in preventing—and deterring—terrorism financing. With proper onboarding orchestration in place, organizations can perform KYC procedures that validate documentation and customer details that stop terrorist groups from accessing their platform in the first place.

Teams need to perform Customer Due Diligence (CDD) checks and—when necessary Enhanced Due Diligence (EDD)—to verify a user.  New customers need to be screened against sanction lists to make sure organizations avoid dealing with sanctioned individuals and entities. Politically Exposed Persons (PEPs) screening will be more important than ever, as corrupt officials are often complicit—if not directly involved in—terrorism financing.

Although not a government regulatory agency, the FATF also provides a blacklist and greylist that list jurisdictions that are struggling to meet minimum financial compliance standards, suggesting they may have inadequate AML/CTF controls in place. Another non-traditional method of ID verification involves using social media screening. In the modern age, a lot of information can be gleaned from online profiles and public messages (or the lack thereof). Performing social media screening can uncover adverse news stories that may suggest criminal activity—despite sanctions and KYC screenings not having anything updated yet.

Customers’ identities should also be checked periodically throughout their lifetime as a customer as well. Not only can their behavior change over time, but this also protects against Account Takeover (ATO) fraud.

Monitor Transactions and Activity

It’s crucial to monitor transactions themselves for high values, high volumes, and generally abnormal transaction patterns. But organizations should go beyond this to monitor customer activity as well—much can be gleaned from analyzing user logins, account changes, and more. By understanding user behavior, it’s much easier to identify anomalies and root out suspicious activity.

Once you understand how fraudulent users behave, you can develop rules around customer behavior that will automatically generate alerts that flag suspicious activity for further investigation. Teams can then build rules around the indicators you are seeing related to terrorism financing so your alert system can more accurately score—and prioritize—cases.

Efficiently Manage Cases & Investigations

It’s often hard to definitively know if suspicious activity actually amounts to terrorism financing. Organizations are only responsible for reporting suspicious activity that could amount to terrorism financing—they don’t actually investigate whether a case is confirmed to be terrorism financing. An organization won’t know if they have a legitimate case of terrorism financing until it’s investigated by authorities, and even then they may never know for sure for every single case.

For the most part, it’s FI's job to identify and report suspicious behavior that could amount to terrorism financing. To do this well, organizations need to be able to identify suspicious activity that could amount to terrorism financing, record all the relevant information, and file that to the authorities (in the form of a report).

Case management solutions streamline and simplify the filing process, ensuring reports are submitted on time and in good order. With data ingested into one system, risk professionals can create dashboards that leverage high-quality data visualizations that empower teams to make faster, more informed, and overall better decisions. When used right, teams can speed up—and improve the quality of—investigations.

Download Operating System Product Guide

Perfect Counter-Terrorism Financing Efforts with Unit21

Anti-Money Laundering and Counter-Terrorism Financing rules and regulations are designed to hold everyone accountable—not just criminals, but also the organizations that are facilitating transactions. Regulators hold these organizations to a certain standard and expect that AML/CTF compliance standards are met.

To do their part, organizations need to optimize AML/CTF compliance and anti-fraud processes to mitigate the impact of fraudsters and criminals—protecting their company (and the economy). With the right solutions in place, teams will not only prevent terrorist financing from occurring, they’ll actively discourage and deter criminals from attempting to use them for their criminal activity.

Schedule a demo today to learn how Unit21 can support all your AML/CTF compliance needs—mitigating fraud losses and reducing false positives rates in the process.