Following the Fraud: The Role of Money Mules

Criminals are driven by profit, and in the past decade, fraud has proved to be one of the most profitable crimes. The high returns and low barriers to entry have opened up the market, allowing a range of actors to take advantage of the opportunities afforded to steal billions of pounds a year on a global basis. The UK has long been considered a ‘target destination for fraudsters’; fraud accounts for over 40% of all crime in the UK, and some estimates place the cost to the UK economy at more than £200 billion a year. Furthermore, fraud causes significant emotional harm and distress to its victims. The scale and extent of fraud in the UK is so vast that it may reasonably be seen as a national security threat, undermining the rule of law and threatening the UK’s financial sector.

In particular, the rise of authorised push payment (APP) fraud has attracted considerable attention over the past decade. An APP fraud occurs when an individual is tricked into making a payment to a fraudster who they think is a genuine payee. In many cases, they make a payment into an account operated by a so-called ‘money mule’ and controlled by the fraudster. This paper draws on transaction data, provided by Lloyds Bank, on the activity of known money mules, supplemented by a literature review and interviews with industry experts, to explore how funds are moved out of a money mule’s account.

The paper’s findings include:

• Newer entrants to the payments system, such as digital banks, payment firms and banking-as-a-service providers, receive a disproportionate share of transactions from known money mules compared with the overall share of the payments they receive. One single firm received 20%, by value, of all the onward transfers via Faster Payments in the dataset. The increased fragmentation of the payments system has made it harder to track the flow of funds, and criminals appear to be able to exploit the relative weaknesses in the financial crime controls of these newer firms. This calls for a robust regulatory response.
   
• While most (57%) onward transfers are made via Faster Payments, a sizeable proportion of onward transactions are made with debit cards or through the withdrawal of cash. As banks and payment firms place stricter controls on customer onboarding and inward transaction monitoring, criminals may increasingly turn to methods other than bank transfers via Faster Payments to move money through the financial system. More research is needed to understand how this activity is changing and to manage the displacement risk.
   
• The range of destinations and ways of moving money from a money mule’s account demonstrate the need to ensure that all parts of the payments ecosystem – including smaller payment firms and cryptocurrency services providers – are engaged in data-sharing initiatives to better prevent and detect fraud and the associated money laundering.
   
• Funds often only stay in a money mule’s account for a short period of time, sometimes no more than 15 minutes. Acting fast is imperative. Closer collaboration between law enforcement and the private sector is crucial to real-time identification of frauds – which can allow fraudulent proceeds to be swiftly recovered and criminals to be arrested.