On the 9th of February, Sentinels' Head of FC/AML Faisal Islam presented at the ACAMS Cyprus Virtual AFC Forum Seminar. This seminar focused on the risk assessment regarding counter-terrorism financing strategies and money laundering typologies.
For 20 years, ACAMS has held a place of prestige in the fierce battle against financial crime. ACAMS is the largest international membership community and AML certification provider for risk and compliance professionals. ACAMS promotes international standards for preventing money laundering and terrorist financing, and they also provide opportunities for both private and government organisation professionals to collaborate and exchange knowledge and best practices.
At the event on February 9th, one of the founding members and Vice-chairman of the ACAMS Cyprus Chapter, Nassos Paltayian, kicked off the New Money, New Crime, New Risks session by introducing the two speakers: Faisal Islam of Sentinels and his co-presenter, Amber D. Scott, Founder, CEO and Chief AML Ninja of Outlier Solutions, Inc.
"IMF estimates range from 2-5% of GDP globally is related to money laundering, however, estimates for cryptocurrency are lower."
Amber began the presentation with statistics from the recent "Crypto Crime Report 2021", showing that although there is less reported cryptocurrency illicit activities as a percentage of total cryptocurrency activity (between 2%-3%), both the transactions and business are often high risk.
Following this introduction, Faisal walked the event participants through the concept of "new money and old crimes". In a few examples, he showed that although we are dealing with new technologies, some of the crimes have existed for more than a decade. From ransomware to pump-and-dump penny stocks and terrorism financing, cryptocurrency has found a use in hacks and frauds, but the crimes themselves are anything but new.
Another discussed example was Ponzi (investing) schemes which still show higher amounts of money laundered than other hacks and thefts. Although cryptocurrencies have quite innovative AML controls in place, it is still the same financial crime that the traditional institutions deal with regularly.
Financial crime detection and risk mitigation can be especially challenging for VASPs (Virtual Asset Service Providers). One of the reasons is a binary set of information from regulators limiting VASP providers.
The other important challenge for a VASP is the nature of the cryptocurrency. The purpose of privacy-preserving or anonymous coins is to ensure that the sender and receiver are both unknown. Adding a different layer of anonymity, like a hidden transaction amount, makes it even more difficult to track. For example, if the coin is mined and stored inside secure hardware, the coin would be simply untraceable. Bitcoin transactions, on the other hand, are public and easier to track. Therefore, AML attention should switch to new cryptocurrency alternatives.
The number of VASP transactions flowing into the traditional exchange is decreasing. The industry still sees cryptocurrencies as decentralized. But considering how fast the AML law is evolving, expectations are rising and new regulations are being imposed.
An increase in DeFi (decentralized finance) solutions, which are recreating traditional instruments around decentralized architecture, has expectedly resulted in increased DeFi thefts. Although we see more financial crimes in that sphere, the impact on the mainstream users is not as large as with the traditional institutions.
“The early-adopters of the VASP are highly tech-skilled individuals, and the systems are not mainstream. This saves the majority of everyday users from being affected.” - Faisal Islam
To put cryptocurrency threats in contrast with payments and challenger banks, Faisal distinguished two main scenarios:
Hackers are advanced in their methods, creating infrastructures that have all the data they need to connect the dots. Because of the amount of processed data, they check fintechs' weaknesses at scale using sophisticated technologies such as ML (machine learning). What's more, the complexity of data and data sources make it even more difficult for financial institutions to protect their clients from illicit activities. Although the new regulations like PSD2 (Open Banking) encourage data sharing, the industry is struggling with practical implementations. That's why more and more regulatory bodies, as well as the industry itself, need to invest in proper data management and equally, if not more so, sophisticated technology.
As an example of an efficient "dots-connecting" data management, Faisal presented the Sentinels Network Analysis feature. It shows how machine learning can be used to detect suspicious behaviour. Collected and integrated from outside sources, transactional and customer data visualise in groups of clusters bringing to light anomalies. Clusters that appear unconventional may be shaped in an atypical way. Network Analysis often shows suspicious behaviour that could have been missed with traditional transaction monitoring practices. This gives compliance officers the ability to focus their limited attention on specific and high-value cases.
Faisal and Amber presented a compelling case for risk and compliance experts to better battle financial crime with more advanced technologies. Only through an advanced approach will financial institutions be able to compete against increasingly tech-savvy criminals.
To learn more about Sentinels and our approach to AML, please go to
To support your use of the website of Sentinels, we, Sentinels traded by Slimmer AI Sentinels B.V., need to register some of your information. We consider taking proper care of your data of utmost importance. We treat all information you provide as confidential.
In this privacy statement, we explain how we process your data. If you have any questions, remarks or complaints please contact us at firstname.lastname@example.org.
Your data is used for the following purposes:
Based on your data, the website of Sentinels does not make autonomous decisions that affect you or other people.
The website of Sentinels only stores your data as long as your account exists. You may delete your account at any time. If you use the website of Sentinels without a personal account, we only store the data you provide for as long as needed to be of service to you.
For security reasons, we store your IP address up to a maximum duration of 1 month. However, when a user attempts to access the website of Sentinels in a way that clearly differs from its intended use, this can be considered suspicious activity. As a result, the IP address may be stored for a maximum of 2 years for security purposes, and the IP address may be reported to organizations involved in internet security.
Any statistics based partly on your data will be stored, but cannot be used to identify you.
The website of Sentinels has no intention to process information of users younger than 16 years of age, unless they are permitted to use the website of Sentinels by their legal guardians. However, we have no reliable way to determine the actual age of users. We, therefore, advise parents to be involved in their children’s online internet activities to prevent any data from being gathered without their permission.
If you feel that we gathered personal data from minors without proper permission, please contact us at email@example.com. We will remove the data upon your request.
All your data is protected by state of the art technology. This ensures that your data cannot be accessed by parties who have no business doing so. If you feel that this is not happening in an appropriate way, please contact us at firstname.lastname@example.org.
Sentinels traded by Target Holding B.V. does not sell your data to third parties. Your data is only shared when this is needed for proper operation of the website of Sentinels, or to fulfil lawful obligations.
Any data we share with third parties is based on a data processing agreement with these parties. This agreement ensures that the parties process your data under the same terms that we do. Any shared data will be as restricted in scope and size as possible, given the purpose for which it is shared.
The website of Sentinels may also make use of third-party cookies like Google Analytics. These cookies allow us to analyze the operation and usage of the website of Sentinels.
You are entitled to view your data stored by the website of Sentinels, and you are entitled to have your data corrected or removed. You can send a request to do so to email@example.com.