This post draws on research completed as part of RUSI’s Financial Crime 2.0 research programme.
In early March 2019, the UK’s National Crime Agency (NCA) announced that it was seeking to freeze and potentially forfeit £3.6 million in 95 bank accounts, most of them held by overseas students studying in the UK. The reason for the crackdown was the NCA’s suspicion that the students had allowed organised crime groups to channel the proceeds of crime through their bank accounts.
The issue may seem trivial compared to mammoth ‘laundromats’ that capture headlines. Yet so-called ‘money mules’ – individuals who wittingly or unwittingly send money on behalf of criminals – are a significant part of the money laundering landscape. They enable criminals to swiftly move funds across a network of accounts. Often, a money mule will at some point withdraw cash to then remit the money overseas. The use of money mules is especially widespread in cybercrime, which frequently involves transferring the proceeds from the victim’s jurisdiction to the criminal’s home country.
So, does the NCA’s success herald a sea change in law enforcement’s capacity to tackle money mules? There are at least two sides to this question.
On the one hand, this development bodes well for the banks’ ability to identify customers who have gone rogue and started servicing organised crime groups. In some cases, such as a customer receiving a large transfer out of keeping with his or her financial profile, suspicious activity may be relatively easy to detect. But in other cases, spotting money mules can be exceedingly difficult.
Of the recent action, the NCA said, rather intriguingly, that ‘[o]ne bank took a ground-breaking stance to cooperate on a wholesale, evidential basis from the outset’. The million-dollar question is whether this approach can be scaled up and applied across banks. That the appetite is there is demonstrated by other ongoing efforts in this domain, such as the recent unveiling of the Mule Insights Tactical Solution, a system that traces the transfers of stolen funds across accounts in participating banks.
On the other hand, we have to ask ourselves what impact the dismantling of money mule networks has on organised crime groups. The old adage that ‘no one is irreplaceable’ is particularly salient in the context of money mules. One law enforcement officer interviewed for a piece of RUSI research described closing down money mule accounts as a game of ‘whack-a-mule’.
The million-dollar question is whether this approach can be scaled up and applied across banks
This is not to say that recruiting new money mules does not cause some disruption to criminal operations. It does. For instance, a recent study recounts how some cybercriminals lament the ‘incompetence and unreliability’ of their money mules as a hindrance to successful business. For law enforcement, the challenge lies in understanding how significant the disruption is. This should inform the allocation of policing efforts.
Inevitably, those higher up in the criminal food chain are a tempting target for law enforcement. For instance, individuals who recruit money mules – known, rather inelegantly, as ‘mule herders’ – play a key role in ensuring that criminal groups have the infrastructure they need to move funds. But going after these mid-level operators has traditionally been challenging. For instance, a press release announcing Europe-wide ‘Fourth European Money Mule Action’ in December 2018 speaks of arrests of 168 money mules, but only the ‘identification’ of a further 140 mule herders.
Similarly, the NCA does not disclose any contribution that its recent coup may have made towards identifying and apprehending mule herders or other organised criminals in the wider network. So, while the UK public and private organisations may be getting better in taking down money mules, for now the proverbial long arm of the law is struggling to reach those higher up in the criminal hierarchy.
To overcome that challenge, a good starting point is to develop an understanding of who co-opts money mules into criminal operations, and how they do that. Research to date suggests this predominantly, but not always, happens using existing social contacts, such as among people who grew up together or met in prison. This is in contrast to remote recruitment, such as advertising ostensibly legitimate jobs that involve transferring funds to a foreign employer. This also happens but appears less widespread.
Ethnic communities in particular are often seen as fertile ground for recruitment. The use of overseas students as money mules is suggestive of the involvement of criminal groups originating from the same countries but active in the UK. This points to a degree of proximity between money mules and their herders. Rather than shadowy puppet-masters – or, rather, mule-masters – sending orders from thousands of miles away, these people are more likely to be found on the UK streets.
A good starting point is to develop an understanding of who co-opts money mules into criminal operations and how they do that
No doubt, law enforcement agencies are already reflecting on how they can pursue the criminals behind money mules with greater vigour, and this thinking should continue. Yet, in all likelihood, there are several hurdles law enforcement will face in apprehending these criminals. These range from securing cooperation from arrested money mules, who may fear retribution from organised crime groups, through to ensuring that the evidence collected is sufficient for the criminal prosecution of a mule herder. (Remember that criminal charges must be proven beyond reasonable doubt, while funds in bank accounts can be forfeit if, on the balance of probabilities, they represent criminal property.)
In short, it is entirely possible that the NCA’s recent success foreshadows the expanded capacity of law enforcement to take down money mule networks. The next step is ensuring that this ability is used in a smart way to cause maximum disruption to organised crime groups, such as by going after the key nodes of the money-muling infrastructure.
Anton Moiseienko is a Research Analyst at RUSI’s Centre for Financial Crime and Security Studies.
The views expressed in this article are those of the author(s) and do not necessarily reflect the views of RUSI or any other institution.