Skip to content

Updated Trade-Based Money Laundering Guidelines

The fraudsters behind trade-based money laundering (TBML) are no fools. They use the complex webs of modern trade business, moving across geographies, and hiding behind trading systems to illegally transfer vast sums of money.  A new report from Egmont Group and the FATF, published in December 2020, reiterates the risk indicators in trade-based money laundering (TBML), offering some stark warnings around certain key aspects of this increasingly prevalent crime. Red flag indicators include:


  • Unnecessarily complicated and complex supply chains. 
  • The rapid growth of newly formed companies into existing markets.
  • Established companies unexpectedly changing to an entirely unrelated sector.
  • Consistent and significant cash payments and unexplained third-party payments.


Keeping TBML under control is part regulation, part international cooperation, part smart technological solutions. Financial crime authorities must walk a fine line between keeping up with the TBML threat, ensuring that companies can ensure safe transactions, and meeting AML requirements. In this latest report, FATF and Egmont Group set out guidelines to help companies battle the scourge of TBML. As the president of FATF, Dr. Marcus Player puts it, “the overarching theme of this report is vigilance”.


The red flags of TBML

The FATF-Egmont research outlines a list of key red flags that can be used to identify trade-based money laundering operations. One of the problems with this is that there are a lot of these red flags. Much of the success of fraudsters is down to the use of complex trade routes to launder money and the use of this compacity to hide fraudulent events: money laundering fraud essentially hides in the plain sight of these complex trading ecosystems. This situation is compounded by the large amounts of documentation needed to trade; this then being exacerbated by trading processes that are cross-jurisdiction and that can hide activities behind shell companies. 

A sample of the signals from the report used to indicate potential fraudulent or suspicious activity offer a glimpse of just how adaptive TBML activity is, and the lengths that fraudsters go to conceal fraud:

Red Flags: Structure

  • Messy structure: Does the trading entity use numerous shell companies, perhaps set up in high-risk jurisdictions?
  • Poor AML: Is the trading entity based out of a jurisdiction with poor AML regulation?
  • Suspicious address: Is the entity registered to a mass-mailing address or something similar? Does the type of trade the entity is registered to perform fit with the address, e.g., the address is residential but the trade type is industrial.
  • Suspicious web presence: The trading entity has a boilerplate and under-represented website or a website that does to reflect its trade.

Red Flags: Activity

  • Out of sync business activity: Does the entity activity seem out of sync? For example, the tax or payroll seems to be at odds with the company’s representation of its trading position? 
  • Management fit and beneficial owners: Do the managers of the company seem to be a wrong fit? For example, inexperienced in that sector? Do they hold multiple company positions? If so, could they be hiding the real beneficial owners?
  • Negative news: Can you locate any negative news items on the managers of the company?
  • Volume-staff ratio: Is there a mismatch between the number of staff and the volumes of traded goods?
  • Mismatch in goods traded: Does the company trade goods that are at odds with its advertised business?
  • Low profit margins: Suspicious transactions involving wholesale commodities sold at or above retail value can be an indicator of a fraudulent event.
  • Asleep on the job: Has the company had unusual periods of dormancy? 


Red Flags: Trading and relationships

  • Web of intermediaries: Does the company trade using multiple third parties that seem unrelated to the business?
  • Strange routes: Have unusual shipping routes and patterns of trade been noticed?
  • Complex finance: Complexity can be a signal that fraud is already, or could, take place. For example, the overuse of complex financial products.
  • New company, strange activity: If the company is new but is suddenly trading high volumes of high value, this could be an indicator of fraud.


Red Flags: Documentation

  • Document red flags: Missing or vaguely written documents such as contracts and invoices.
  • Inconsistent amounts: Documents display fees or amounts that seem incongruous with the expected amounts.

Red Flags: Transactions

  • Pay-through: Unusual payment activity points to “pay-through” or “transit” accounts.
  • Threshold limits: Cash deposits are always just below the reporting thresholds.
  • Round-robin routing: Payments are sent from one country, received back in the same country, but routed through several other countries.


There are several other concerns and signals of fraud listed in the FATF report. The above red flags, as individual signals, may not, in many cases be a sign of fraud; however, they do ring warning bells. Importantly, this is the second time in recent months that the authorities have referred to the use of documentary financial instruments in TBML fraud. One of the issues previously highlighted was the use of ‘open account transactions’. Open account transactions are currently used in around 80% of international trade and are ideal for TBML fraud because of a lack of visibility. The FATF highlights in this latest set of guidelines the use of complex documentation processes, such as “pay-through” accounts, or “circular routed documents”. Obfuscation using complex accounting mechanisms is like the sleight of hand used by the con artists of old. Being able to effectively monitor trade activity is an essential part of fraud detection. But where there is a lack of transparency that is compounded by complex ecosystems of transactions and movement of goods, monitoring and detection require a more specialized approach.


Recommendations in managing the threat of TBML

The guidelines issued by the FATF and Egmont Group demonstrate that TBML fraudsters use complexity as a mechanism to propagate money laundering. The resultant mixed red flag signals make the detection of TBML fraud difficult. The report recommends that banks involved in international trade checks use robust methods to identify potential red flags. The FATF report stresses that the ways to tackle TBML fraud are three-fold: 


“(Detection of TBML)...includes the use of better and closer public-private sector partnerships; detailed money laundering risk assessments; and the use of advanced IT systems to detect suspicious activity.”


The use of complexity to hide activity is not a new tactic by cybercriminals or other fraudsters. Evading detection is a common technique used across cybercrime and is prevalent in areas such as Advanced Persistent Threats (APTs) and synthetic identity creation. The ability to decipher the complex nature of fraud that uses trade processes and routes makes TBML the APT equivalent of financial fraud. The tripartite approach to TBML, as recommended by the FATF-Egmont report, should be an approach embraced by FIs and banks, to disrupt the business models used by fraudsters. 


Disruption of TBML using AI

Disrupting those fraudulent business models requires effective detection of TBML events. Red flag indicators are no longer a simple matter of a human operator deciding which event or action is suspicious. The complex interwoven nature of modern TBML requires a method that can tease out a needle from a haystack. Complex patterns of behavior, opaque documentation, and suspicious transactions underlie trade-based money laundering. Human operators need to work alongside artificial intelligence (AI) enabled technologies to extract these hidden patterns in the web of TBML. As traditional trade-based models of business continue to evolve and become more automated, the financial sector must fight back with equivalent technology. The automation implicit in AI-enabled technologies can be used to help detect TBML that goes under the radar, breaking down the very tactics used by fraudsters to hide their money laundering activities.

Eastnets SafeTrade is a trade-based screening and money laundering monitoring solution built for the future Learn more.

Subscribe to our newsletter

Get all of our latest news and developments to your inbox