Money Laundering

Money laundering is the process of concealing the illicit origin of funds by moving them through legitimate financial systems to make them appear lawful. For payment service providers (PSPs), acquirers, and PayFacs, this represents a compliance, operational, and reputational risk, as payment infrastructure can be exploited to facilitate criminal financial flows.

‍

The Challenge: Why Money Laundering Matters to Payment Providers

‍

Money laundering schemes exploit the velocity, volume, and complexity of modern payment systems.

‍

We see this manifest in several ways:

‍

Hidden in transaction volume: Criminal actors embed illicit flows within high-volume merchant accounts, using legitimate-looking activity to obscure illegal funds.
Layered complexity: Schemes often involve multiple jurisdictions, nested merchant relationships, or cryptocurrency off-ramps that make tracing difficult.
Regulatory exposure: Failure to detect and report laundering activity results in enforcement actions, fines, and termination of banking partnerships.
Downstream liability: PSPs may face scrutiny not only for direct merchant activity but also for sub-merchants or reseller networks they facilitate.

‍

Payment providers are obligated under Anti-Money Laundering (AML) regulations to implement controls that detect and prevent the use of their systems for laundering. This includes both onboarding diligence and ongoing transaction monitoring.

‍

How Money Laundering Works: The Three-Stage Process

‍

Money laundering typically follows a three-stage structure:

‍

1. Placement

‍

Illegally obtained funds are introduced into the financial system. In the payments context, this might occur through:

‍

Small, structured deposits designed to avoid reporting thresholds
High-volume cash businesses (e.g., restaurants, retail stores) where revenue can be inflated
Prepaid cards or gift card purchases that convert cash into digital value
Cryptocurrency exchanges that accept anonymous funding sources

‍

2. Layering

‍

Funds are moved through multiple transactions to obscure their origin. Common techniques include:

‍

Cross-border transfers through jurisdictions with weak AML enforcement
Rapid movement between wallets, accounts, or payment processors
Use of shell companies or nominee accounts to separate beneficial ownership from transaction records
Transaction laundering, where one merchant processes payments on behalf of another undisclosed entity

‍

3. Integration

‍

Laundered funds re-enter the legitimate economy, often appearing as lawful business income. Examples include:

‍

Merchants reporting inflated sales that include laundered funds
Purchase of assets (real estate, luxury goods) that are resold for "clean" proceeds
Reinvestment in ostensibly legitimate business operations

‍

In the merchant acquiring space, we most commonly see layering and integration schemes, where a compliant-looking merchant account is used to funnel illicit funds disguised as legitimate transaction volume.

‍

How to Detect and Prevent Money Laundering: Best Practices

‍

Payment providers can reduce their exposure by implementing structured AML controls across the merchant lifecycle:

‍

1. Enhanced Due Diligence at Onboarding

‍

Conduct Know Your Business (KYB) and Know Your Customer (KYC) checks that go beyond basic identity verification:

‍

Verify Ultimate Beneficial Owner (UBO) information and screen against sanctions lists, Politically Exposed Persons (PEPs), and adverse media
Assess the business model for consistency with the stated merchant category code (MCC) and expected transaction patterns
Evaluate jurisdictional risk, including the merchant's operating locations, customer base, and payment settlement destinations
For marketplaces or platforms with sub-merchants, implement nested due diligence to understand downstream risk

‍

2. Real-Time Transaction Monitoring

‍

Deploy monitoring systems that flag anomalies indicative of laundering:

‍

Unusual transaction velocity (e.g., sudden spikes inconsistent with business history)
High-frequency microtransactions or round-dollar amounts that suggest structuring
Geographically inconsistent activity (e.g., a local business processing international transactions)
Excessive refunds, chargebacks, or voids that may indicate testing or obfuscation
Transactions involving high-risk jurisdictions or sanctioned entities

‍

Thresholds should be calibrated based on the merchant's risk profile and historical behavior, not static rules.

‍

3. Behavioral and Contextual Analysis

‍

Look for patterns that suggest layering or integration:

‍

Rapid account turnover (merchants that close and reopen under new identities)
Merchant accounts with no logical connection processing payments for unrelated goods or services
Discrepancies between reported inventory, web presence, and transaction volume
Use of multiple payment methods or processors simultaneously without clear business rationale

‍

4. Periodic Re-Evaluation and Portfolio Monitoring

‍

AML risk is not static. Conduct ongoing reviews of existing merchants:

‍

Reassess UBO information and business structure annually or when ownership changes
Monitor for changes in transaction behavior that deviate from established baselines
Screen against updated sanctions lists and watchlists on a continuous basis
Escalate merchants with sustained anomalies for manual investigation

‍

5. Suspicious Activity Reporting and Escalation

‍

Establish clear protocols for filing Suspicious Activity Reports (SARs) when warranted:

‍

Define internal thresholds and triggers that mandate escalation to compliance
Ensure timely reporting to Financial Crimes Enforcement Network (FinCEN) or the relevant regulator
Document investigation steps and rationale for all SAR decisions to demonstrate compliance during audits

‍

Real-World Example: Transaction Laundering Through a Merchant Account

‍

A registered e-commerce merchant selling consumer electronics processes approximately $200,000 in monthly transaction volume with a typical average transaction value (ATV) of $150. Over a two-week period, the account begins processing an unusually high volume of transactions with an ATV under $10, totaling $1.2 million.

‍

Further investigation reveals that the merchant is processing payments on behalf of undisclosed third parties operating unlicensed gambling websites. These transactions appear on cardholder statements as legitimate electronics purchases, obscuring the true nature of the payment. The scheme involves layering (moving funds through a compliant merchant account) and integration (the gambling operators withdraw the proceeds as business revenue).

‍

This is a form of transaction laundering, where one merchant processes payments for another entity without the acquirer's knowledge. Detection relies on monitoring for deviations in transaction patterns, inconsistencies between the merchant's stated business model and actual activity, and investigation of refund or chargeback trends.

‍

Strategic Context: Why AML Compliance Is Critical to Payment Operations

‍

Money laundering risk extends beyond regulatory compliance. We see three primary areas of strategic impact:

‍

Regulatory and Financial Risk

‍

AML violations result in material penalties. In recent enforcement actions, payment processors have faced fines exceeding tens of millions of dollars for insufficient controls. Beyond fines, regulators may impose consent orders that mandate costly remediation programs or restrict business activities.

‍

Banking and Network Relationships

‍

Banks and card networks evaluate PSPs and acquirers based on their AML posture. A pattern of laundering incidents can result in termination of sponsorship, loss of access to card networks, or increased collateral requirements. This directly impacts the ability to operate and scale.

‍

Reputation and Market Position

‍

Association with money laundering damages trust with downstream partners, merchants, and end users. For platforms and marketplaces, this can result in merchant attrition and competitive disadvantage. Institutional investors and acquirers conducting due diligence also assess AML program maturity as part of valuation and transaction risk.

‍

Effective AML programs are not purely defensive. They enable faster, more confident merchant onboarding by distinguishing between legitimate high-risk businesses and criminal actors. Risk-based controls allow for proportional scrutiny, where low-risk merchants experience streamlined processes while high-risk profiles receive enhanced review.

‍

How Ballerine Supports AML Compliance in Payment Operations

‍

Ballerine provides a risk decisioning and case management platform designed for payment providers managing complex merchant portfolios. The platform integrates data from multiple sources (identity verification, business registries, transaction logs, adverse media) to support both onboarding and ongoing merchant monitoring.

‍

For AML workflows, Ballerine enables:

‍

Automated screening of UBOs and associated entities against sanctions lists, PEPs, and watchlists
Configurable risk scoring that incorporates merchant category, jurisdiction, transaction behavior, and external signals
Real-time alerts for anomalies flagged by transaction monitoring systems, with contextual case data to support investigation
Audit trails and documentation that demonstrate compliance with AML obligations during regulatory examinations

‍

By embedding AML checks into merchant underwriting and portfolio monitoring, risk teams can reduce manual review workload while maintaining consistent, defensible decision-making.

‍