Cyber Crime: Real Crime in Virtual WOrlds Some content based on A Feasibility Study of Money...

Cyber Crime:Real Crime in Virtual

WOrldsSome content based on A Feasibility Study of Money Laundering and Terrorism Financing in

Virtual Environments by Dr Angela S M Irwin

Typical categories of electronic crime

Paedophilia and sex crimes; Fraud and phishing; Identity theft; Viruses,worms,Trojans and other malicious

code; Denial of service.

Categories of electronic crime

Paedophilia and sex crimes The use of the internet to display and

exchange child pornography (different in other countries);

Companies need to deter employees using company resources for such crimes;

This can be done by limiting internet access and auditing web logs.


Fraud and phishing Fraud involves tricking users into parting

with money in fake online transactions; Phishing occurs when criminals get personal

information through social engineering or technical means;

Criminals create websites that imitate other websites;

Users get emails directing them to these websites.


Identity theft Offences using a false identity Offences using a real identity but different

from the perpetrator Includes credit card thefts Business need to secure storage and transfer

of data. Biometrics offer protection against identity

theft


Viruses, worms, Trojans and other malicious code

A virus is a program that attaches a copy of it’s self to other programs it finds

Worms are similar but multiply without attaching to a another program

Trojans are programs that offer false services and disguising hidden malware

Risks from such attacks can be mitigated using antivirus software

What about financial crime? What about real large scale financial crime in

virtual worlds?

But wait…

“Online communities face money laundering” and “Second Life world may be haven for terrorists” (The Telegraph, 2007)

“Virtual money laundering and fraud: Second Life and other online sites targeted by criminals” (Bank Information Security, 2008)

“Online games are new choice for money laundering: massively multiplayer online role-playing games like 'Second Life' offer a nearly fool-proof way to mask and move money” (Police One, 2010)

“Cash in the millions circulating via games – virtual world provides a more open environment for laundering of money” (Investor's Business Daily, 2011)

“Money laundering using virtual worlds, Bitcoin on watchdog's radar” (Computer World, 2012)

Virtual ML/TF in the news

South Korea established the Korean Cyber Crime Investigation Team to investigate in-game crimes. In 2003, the team fielded over 40,000 complaints—22,000 of which involved activity that occurred in virtual worlds (2003)

U.S. Department of Justice identified how virtual worlds were being used by Mexican drug cartels to launder narcotics funds (2007)

FATF identified virtual currencies and new payment methods as being a money laundering/terrorism financing risk in 2005, 2008, 2010 and 2012

Australian Transaction Reports and Analysis Centre (AUSTRAC) identified virtual-worlds and digital currencies such as Bitcoin© as potential ML/TF threats (2012)

Money laundering/terrorism financing risk?

Determine through in-world experimentation, the likelihood and feasibility of money laundering and/or terrorism financing being carried out in and through virtual environments

Feasibility of using virtual money laundering over, or in addition to, traditional ML & TF methods

Factors examined are:o Ease of useo Time takeno Amount laundered/raisedo Cost to launder/raise fundso Risks mitigatedo Chances of detection

Focus of our research 2009 - 2013

1. What constitutes suspicious behaviour inside a virtual environment and how can illegal and non-illegal transactions be differentiated?

2. How can money laundering or terrorist financing activity be detected in virtual environments when there are potentially millions of transactions per day, millions of individual account holders and no clear signature or pattern associated with money laundering and terrorism financing activity? Can suspicious transactions be detected when activities range from a single transaction to a culmination of months of complex transactional activity?

3. What personal information is collected from an account holder when creating an account with a MMOG or online financial service provider (OFSP)? Can the information collected be associated with an individual in a real-world context?

Research sub-questions

4. Is it practical to use virtual environments such as Second Life to carry out money laundering or terrorism financing activity? How much can be achieved over different timeframes? How does money laundering or terrorism financing in virtual environments compare to traditional methods for the same result?

5. What is the risk of being defrauded in virtual environments? What is the likelihood of stolen financial details being used in these environments?

6. Does cultural background have any impact on the use of virtual environments for money laundering and terrorism financing activity?

Research sub-questions

Research phases

Analysis of real-world ML & TF typologies

Creation of entity relationship models

Review of models to determine which ones might be suitable for in-world replication

In-world observation and evaluation to discover weaknesses which may allow ML & TF to take place

Assessment of OFSPs, payment methods and financial instruments

In-world experiments

Allocation of a feasibility score to each of the virtual scenarios

A review of typology and annual reports from various AML/CTF agencies and regulatory bodies to discover the methods, techniques and behaviours involved in money laundering and terrorism financing activity

A total of 300 typologies collected from:o AUSTRACo Egmont Groupo Financial Action Task Force (FATF),o The Belgian Financial Intelligence Unit (CTIF CFI)

Dates ranged from 1996 to 2009 146 ML and 38 TF cases found to be suitable for analysis and modelling 116 typologies excluded due to incomplete or ambiguous information or not

enough information on financial flows

Analysis of real-world ML/TF Typologies

Analysis of real-world ML/TF Typologies

Individuals/ entities

Transactions

Interactions

Suspicious behaviours

Red flag indicators

Massively multiplayer online games (MMOGs) are computer games in which a large number of players can simultaneously interact in a persistent world – hundreds of thousands of players supported at one time.

Each player controls one or more Avatars Growing in popularity - in 2011, there was estimated to be over 1.7 billion

registered virtual-world account holders. From the third quarter to the fourth quarter of 2011, the total cumulative registered accounts grew by 282 million (+18.9% increase)

Only MMOGs that possessed their own internal economy and in-world currency, which could be purchased and sold inside the virtual environment itself or traded using a number of OFSPs, were selected for review and experimentation in this research - Second Life, Avination and IMVU

In-world observation and evaluation

Online Financial Service Provider (OFSP) is defined as an organisation that can be used to deposit either real-world, digital or virtual funds into a virtual environment

OFSPs were selected based on the following criteria:o They can be used to deposit funds into at least one of the MMOGs under

investigation either directly or indirectlyo They provide a variety of payment methods for uploading fundso There are no (or few) restrictions to the jurisdictions where accounts can be

opened

OFSPs used during the experimentation phase of research:o PayPalo VirWoXo AnsheXo IMVU Credit Express (IMVUCE)

Assessment of OFSPs, payment methods & financial instruments

The information collected from each of the MMOGs and OFSPs: How they work Personal information required to open an account and perform financial

transactions Payment methods accepted for uploading funds Currencies accepted for purchase/exchange of virtual/digital currency Identity and payment method verification procedures in place Know Your Customer/Customer Due Diligence, Anti Money Laundering

/Counter Terrorism Financing and anti-fraud measures in place Terms of service General fees for using the service Fees for sending, receiving uploading and withdrawing funds Daily/weekly/monthly transactions limits Identification of any loopholes or system design flaws that may make the

system vulnerable to attack or exploitation Determination of how the MMOG/OFSP might be used to launder money

or raise funds for terrorism financing

In-world observation and evaluation

12 payment instruments reviewed to determine level of anonymity they afford to users

4 payment methods used in research:

o Pay terminal inside MMOGo PayPalo Prepaid Visa/MasterCard gift cardo Australia Post Load&Go card

These payment methods were used due to:o Difficulty in determining who is opening/operating an accounto No personal details required to open an account/purchase financial

instrumento If personal details are required, no or insufficient account holder

verification procedures carried outo No face-to-face contact

Assessment of payment methods and financial

instruments


Fictitious personas and accounts they successfully opened

Incomplete information in the typologies examined – amount of funds laundered/raised was not disclosed in a large number of caseso Figures used in experiments may not be representative of ML/TF Type/ML/TF

population Lack of funds available to conduct in-world experiments

o Small amount of funds used to test whether a behaviour, transaction or scenario possible

o Knowledge gained during review, analysis and experiments were applied to determine whether a specific scenario might be successful using larger amounts

o Can not say with any degree of certainty whether ADS would have been triggered had larger sums been used

Lack of tools normally available to ML/TF such as stolen credit cards, stolen identity details and unregistered mobiles not available to this researcho Experiments conducted using real, legal financial details and financial

instrumentso Every attempt was used to preserve anonymity - used financial instruments that

have high levels of anonymity such as prepaid gift cards/Load&Go cardso Experiment stopped if ID documents requested

Inability to make a direct (and accurate) comparison between costs involved in real-world ML/TF and virtual-world ML/TF (i.e. commission paid to middlemen, cost of couriers etc)


Limitations of research

The experimentation phase of research was split into two stages:

Stage 1 – determine the identity and payment method verification procedures implemented by MMOGs and OFSPs - are the systems currently in place by the MMOGs and OFSPs under investigation sufficient to uncover the identity of those who may wish to use them to conduct money laundering or terrorism financing activity?

Stage 2 – determine whether the money laundering and terrorism financing behaviours discovered during the real-world typological analysis and in-world observation phases of research can be replicated inside virtual environments


The systems currently in place by all of the MMOGs and OFSPs investigated are wholly inadequate to successfully establish the real-world identities of account holders

None of the information required at the account setup stage is verified and, therefore, cannot be reliably associated with an account holder in a real-world context

All MMOGs leave identity and payment method verification to OFSPs. However, most of these do not have adequate systems in place to successfully verify the identities of their account holders or users either

On the surface, all of the MMOGs an OFSPs collect information on account holders in an attempt to avoid fraud. They each gather an electronic footprint and information about transactions, activity oThe electronic footprint can be circumvented using IP cloaking software and disabling cookieso Information about transactions and activity is useless if the individual cannot be accurately

identified All MMOGs and all but 1 of the OFSPs (Pecunix – does not sell virtual currency directly to the a/h)

accepted unverified payment methods (prepaid gift card and/or Load&Go card) either directly or indirectly

All MMOGs and all but 1 of the OFSPs (eForexGold) allowed us to create accounts using fictitious identity details

All MMOGs and all but 1 of the OFSPs (Pecunix - does not sell virtual currency directly to the a/h) allowed us to transfer virtual funds into and out of the virtual environment using anonymous payment methods directly or using a PayPal account set up using fictitious identity details and anonymous payment method


Results for Stage 1 experiments MMOGs and OFSPs

Stage 2 – Determine whether the money laundering and terrorism financing behaviours discovered during the real-world typological analysis and in-world observation phases of research can be replicated inside virtual environments and assign a feasibility score to each scenario



Stage 2 – Feasibility rating scales

Ease of use:

Time taken to launder/raise funds*:

Amount of funds laundered/raised compared to traditional

methods (overall):



Cost to launder funds/raise funds:

Risks mitigated/addressed:

Chances of detection:



Typical rating scale multiplies the score for each element to produce an overall rating - unsuitable for this research as it would skew the overall resultso A score of .6 or greater for each element may be considered acceptable (resulting

in an overall score of .04 or above as feasible)o Not realistic when some scores are above .6 and some are below .6

o Example 2, would in fact be unfeasible as many of the risks associated with ML/TF still present and chances of detection still being high – not worth the effort – continue to use traditional methods

o Example 1 shows the same score but would be feasible due to most risks mitigated and chances of detection being low

More weighting given to ‘risks mitigated’ and ‘chances of detection’. If these score above .6, a score of .4 is acceptable in one of the other elements

Scenarios where risks mitigated and chances of detection are below .6, even if the other elements receive high scores, the scenario is unfeasible

One caveat to this rule is when the effort and initial cost of setting up and maintaining a scenario far exceed the amount to be laundered/raised

The virtual-world scenarios have varying degrees of complexity - VS1 and VS4 are the easiest to conduct due to limited interaction with the VE. No prior knowledge required of VEs and a basic knowledge of IT and Internet technologies

VS2 and VS3 require some complex steps - Suspect(s) must have at least a basic knowledge (VS2) and good knowledge (VS3) of VEs, IT and Internet technologies

VS5 is the most complicated of the virtual scenarios examined due to the need for very good IT/programming skills

VS6 requires no special skills to carry out the scenario but must have at least a basic knowledge of IT and Internet technologies

All virtual money laundering scenarios require a large number of accounts to be created with many service providers and have a complex system in place for opening, funding and moving funds between accounts to avoid account linking

Large number of stolen or fake identities required to open accounts The level of difficulty increases exponentially as the amount of funds to be laundered

increases The skill levels possessed by many ML and TF exceed the IT an Internet technology skills

required for VSs 1 to 4 and 6 It is unlikely that the typical TF will have the skills necessary to successfully carry out VS5 –

it is likely that these skills will need to be specifically recruited for


Ease of use of virtual scenarios

All virtual scenarios take longer to conduct compared to their real-world counterpart due to increased number of steps and many time consuming processes involved:

o Obtaining financial instrumentso Setting up accountso Transferring funds between accounts (both internally, to obfuscate the money trail, and

externally, to get the digital/virtual funds back into a currency that can be used in the real-world)

Transactions limits are imposed by all of MMOGs and most of OFSPs, therefore, it takes much longer to launder/raise the same amount of funds (e.g. Second Life has a transaction limit of AUD 83.00 per day for accounts that have been financially active for over 1 month)

o The more funds you want to launder, the more accounts you need to createo The more accounts you need to create, the more labour-intensive the scenario becomes

With VS5, if suitable victims can be found the funds could be attained very quickly. However, as details of the social engineering attack become more well-known, it will become increasingly difficult to find victims

With VS6, there is a two-week lead time for obtaining land inside SL but once the event is set up (could take as little as a few hours to set this up) the funds could start arriving straight away - especially if the donors are known to the event holder(s)


Time taken to launder/raise funds using virtual scenarios

The amount of funds that can be laundered is significantly less than the real-world scenarios examined

VS1 and VS4 are unsuitable and impractical for laundering sums larger than AUD 300,000 – due to unwieldy increase in time, effort and complexity involved in laundering larger amounts

VS2 and VS3 are suitable for laundering larger amounts (up to 2.8M and between AUD 1.6M and AUD 10M respectively)

o This is due to the wider network of individuals that are involved in both of these scenarios:o workload is spread across the individuals involved, more people

can buy more financial instruments, more accounts can be opened and therefore, more funds can be laundered

With VS5 and VS6 the amount of funds likely to stolen/raised are likely to be low (in the hundreds and thousands rather than hundreds of thousands) – this may be sufficient for TF purposes


Amount that can be laundered/raised using VSs

Costs relating to VS1 is significant (21.30%) The costs relating to VS4 are also significant (22.4%) – however we were unable to

accurately calculate the true cost to the RW launderer as we cannot accurately cost how much commission might be paid to middlemen, couriers or other hidden costso Most of the costs in VS1 and VS4 relate to unfavourable rates when exchanging real-world

currency to virtual currency and back again The costs relating to VS2 and VS3 are significantly less, 10.59% and 9.01% respectively

o Most of the costs relate to fees incurred by the Second Life businesses for selling virtual products on the SL Marketplace and the fees incurred by the SL fictitious personas for buying the virtual products (buyers and sellers in this scenario are the same)

o Use of SL business accounts means that funds can be drawn in larger amounts as legitimate business income at a lower cost

o Rather than making multiple exchanges as in VS1 and VS4, virtual/digital funds can be converted back into real-world funds inside LindeX exchange and transferred to a PayPal account(s). Therefore, less funds are lost in the exchange


Cost to launder/raise funds using virtual scenarios

Costs relating to VS5 are significantly less than would be experienced in the real-world scenarioo No travel costs, no skimming hardware, no need to create fake credit/debit cards on

which to withdraw funds Attacks can be carried out from the Suspect’s computer, anywhere in the world The only hardware or equipment required to carry out the attack is a computer and a

prepaid Visa®/MasterCard® gift card or a stolen credit/debit card (to verify the account at setup)

The main costs associated with VS5 are the ones for creating the initial attack script. These costs are significantly reduced if the terrorist organisation has expertise within the organisation or within terror cells. If these skills do not exist the costs are likely to be prohibitive (one attack script may be used only a few times before it comes useless)

Costs relating to VS6 are very small (AUD 100.00 for setting up and advertising a fundraising event) – this is likely to be small compared to the amount of funds that can be raisedo Most of the costs involved in this scenario relate to transferring the funds out of the

virtual environment to a PayPal account (likely to be between 2.9% and 3.4% of the amount collected). These can be subtracted from the amount raised, rather than out-of-pocket expenses


Cost to launder/raise funds using virtual scenarios

Many of the risks associated with ML and TF are removed:o It is very difficult for MMOG, OFSP (and law enforcement) to discover the real-world

identity of the account holder(s)o Only a small amount of funds are lost if activity is discoveredo It would be extremely difficult to detect whether an individual has created multiple

accountso No need to carry large amount of cash over national borders

Benefits include:o Lack of face-to-face contact when setting up accounts, using financial

instruments/placing funds into VEs (removes an important element of suspicious activity detection)


Risk mitigated using virtual scenarios

The chances of detection are significantly less than the real-world scenarios due to the high levels of anonymity provided by MMOGs and OFSPs

Electronic footprint can be removed using freely available tools Difficult to connect accounts, activity and transactions if some basic precautions are

taken:o accounts are set up using fictitious or stolen identity details o privacy enhancing software is used that conceals the IP address o the amounts sent between accounts are variableo the transfer values are kept relatively smallo the day and times that transactions take place are varied

These precautions aim to avoid identification of the individual’s real-world identity and activity that shows repetitive patterns

Chances of detection are significantly increased if:o The Suspect(s) does not remove his/her electronic footprint every time he/she enters the

MMOG or users the OFSP – this is difficult to doo The Suspect(s) does not carefully plan his/her activity to ensure accounts cannot be linkedo The MMOG becomes aware that there is a lack of legitimate gaming activity in although

large amounts of funds are being transferred through account(s) on a regular basis


Chances of detection using virtual scenarios

All but one of the virtual money laundering scenarios would be suitable as a fundraising tool for terrorism financing. Virtual scenarios 1, 2 and 3 are better suited to terrorism financing than money laundering as many of the drawbacks associated with the money laundering scenarios are removed or decreased: o VS1 experienced difficulty in obtaining sufficient prepaid gift cards to

launder large amounts of funds - this issue is significantly reduced in terrorism financing due to terrorists already favouring the use of smurfing techniques to obtain financial instruments or place funds into financial systems

o Human resources are more likely to be in placeo Smaller sums are involved in terrorism financing, therefore, the level of

effort to set up and administer the virtual scenario is reducedo As the amount of funds are less, they can be moved though the financial

system/virtual environment more quicklyo As sums involved are significantly less, the likelihood of suspicions being

raised are likely to be significantly reduced


Application of virtual money laundering scenarios to terrorism financing

What constitutes suspicious behaviour inside a virtual environment and how can illegal and non-illegal transactions be differentiated?

This research shows that, like real-world environments, there are a number of red flag indicators and suspicious behaviours that may be exhibited by ML/TF when carrying out illicit transactions. RFI may indicate that the account holder may not be a legitimate user

Findings to research sub-question 1

Problem: No procedures or practices in place for identifying, sharing or reporting virtual ML/TF:Potential solution:Establishment of a collaborative information sharing and knowledge management initiative

allowing flow of information between MMOGs, OFSPs, law enforcement agencies, AML/CTF regulators and financial intelligence units

Initiative should include the introduction of a central repository which holds a set of real-world and virtual-world ML/TF behaviour models and red flag indicators for detecting ML/TF activities in real-world and virtual-world environments

MMOGs can report any suspicious behaviours or activities that they see inside their environment by submitting an incident report or creating and submitting a model of the suspicious activity to the information sharing system

AML/CTF agency(ies) can then decide whether they wish to investigate the incident further or determine whether the activity has any relevance/connection to existing investigations or suspicious activity reported by other reporting entities

This system provides stakeholders with an up-to-date picture of the threat landscape, allowing MMOGs and OFSPs to act more rapidly to freeze offending accounts and report illicit or illegal activity to the necessary AML/CTF agencies. It would only be truly effective if the MMOGs and OFSPs were active partners and freely participated in the initiative

More research is required to determine the feasibility of such a system and iron-out jurisdictional issues

Recommendations sub-question 1

How can money laundering or terrorism financing activity be detected in virtual environments when there are potentially millions of transactions per day, millions of individual account holders and no clear signature or pattern associated with money laundering and terrorism financing activity? Can suspicious transactions be detected when activities range from a single transaction to a culmination of months of complex transactional activity?

This research shows that it is extremely difficult to isolate illegal from non-illegal transactions inside virtual environments. This is because transactions can be structured to look exactly like one of the millions of transactions that take place in virtual environments every day

Only possible way to detect illegal transactions is to be able to accurately attribute a transaction or series of transactions to an individual/group

A true picture of the activity carried out by these individuals can be constructed:o Frequency, value and movement of funds may throw some light on the legality

of the activity


Potential solution(s):MMOGs and OFSPs should be required to save the IP address of the connection every

time an account holder logs into his or her account or performs a transaction, rather than at the point of account creation only

Periodic analysis should be performed on the connection data and anomalies recorded – it should raise suspicion if an IP address from a different continent or country is recorded every time an account holder logs into his/her account

If anomalies are found and it is believed that an account holder is attempting to conceal their identity, the account should be put under surveillance/investigation and the funds contained in those accounts frozen until the individual can sufficiently identify him or herself

Although these actions may not identify who is operating an account, it will relieve a potential ML/TF of their funds if they are unable to successfully identify, verify and authenticate their identity. For those legitimate users whose accounts have been frozen, they should have no issues verifying themselves to have their accounts unfrozen

Each individual would need to go through verification similar to that in place by the gambling industry


What personal information is collected from an account holder when creating an account with a MMOG or online financial service provider (OFSP)? Can the information collected be associated with an individual in a real-world context?

The systems currently in place by all of the MMOGs investigated are wholly inadequate to successfully establish the real-world identity of account holders

None of the information required at the account setup stage is verified and, therefore, cannot be reliably associated with an account holder in a real-world context

Identity and payment method verification is left to third party organisations. However, many of these organisations do not have adequate systems in place to successfully verify the identities of their account holders or users either


Potential solution(s): Introduction of KYC and CDD regulations:

o Any regulations imposed on virtual environments should resemble those imposed on the online gambling industry as operators’ face the same challenges as online gambling firms when identifying, verifying and authenticating gamers/gamblers

o Gambling operators are obliged to reasonably identify the location and identity of account holders before allowing financial transactions to take place but KYC and CDD regulations do not mandate that every potential customer be required to produce irrefutable evidence of their identity before being allowed onto a gambling website. Identity verification must be carried out before any payments are made to the registered player

o Many VE account holders deposit funds into virtual environment to pay for membership and purchase virtual goods, they never require the funds to be moved out of the VE again – under these circumstances account holder would not need to be verifiedo Introducing KYC and CDD may force many smaller MMOG and OFSP operators

out of business or force them to charge/charge more for their service

Introduction of electronic KYC/CDD approach



Example of electronic KYC/CDD approach

Benefits of electronic KYC and CDD approach: o Deals effectively with the challenges of anonymity and non-face-to-face

business relationshipso Information supplied by account holder is verified by a reliable and independent

source, thereby ensuring that effective CDD activities can be carried outo Since checking is done by a third party organisation, there is no need for the

MMOG/OFSP to know how to identify false or counterfeit documents or obtain specialist equipment such as ultraviolet lamps

More research required to determine how an electronic approach could be used to effectively identify individuals from different jurisdictions as MMOGs and OFSPs deal with customers from all over the world

MMOGs should become responsible for identifying, verifying and authenticating their own account holders, even when financial transactions are performed via a third party – this allows cross-checking of details provided and makes it easier to identify whether an account holder is attempting to structure transactions


Is it practical to use virtual environments such as Second Life to carry out money laundering or terrorism financing activity? How much can be achieved over different timeframes? How does money laundering or terrorism financing in virtual environments compare to traditional methods for the same result?

More complex Takes longer to transfer funds Costs more Significantly less funds can be laundered High levels of anonymity Reduced risks Decreased chances of detection The maximum amount of funds that can comfortably be laundered through

virtual environments is likely to be in the region of AUD 10M. To launder sums larger than this would involve an exponential and unwieldy increase in time, effort and complexity


What is the risk of being defrauded in virtual environments? What is the likelihood of stolen financial details being used in these environments?

Virtual environments make ideal targets for credit card fraud Virtual environment users are at as much, if not more, risk of being defrauded as they are in the

real world Credit cards can be used in two ways in VEs:

o verify an account holder’s identity – does not affect the financial status of the card owner and it’s unlikely the service provider or card owner would discover that identity fraud has taken place

o Remove funds from an account holder’s credit card Card-not-present fraud lends itself well to VEs and the anonymity they provide Attackers will often have more detailed knowledge of new media and technology than their

victims Scams are becoming more sophisticated and more personalised VEs provide fraudsters with access to a large number of potential victims The community nature of VEs may result in victims having their guard down and more likely to

be duped in a social engineering attack Knowledge of in-world attacks not “common knowledge” yet



Virtual environments do not take into account the personal or cultural values of its users. However, research shows that participants purposefully modify their behaviour in interactions in different setting in order to accommodate different cultural norms of appropriate behaviour

VEs are western-centric – does not appear to act as a barrier to widespread use by a variety of cultures and religions – many culture and religion-specific areas in SL

No cultural of religious obstacle to performing financial transactions inside VEs 44.5% invested funds in SL64.5% have earned Linden Dollars in SL25.3% have sold virtual items in SL84.9% have shopped in SL

No specification of demographic profile, cultural or religious beliefs of users, however, there is a number of Islamic, Christian and Jewish malls and in-world shops selling male and female religious clothing and artefacts – this leads us to believe that users from these cultures are comfortable performing financial transactions in VEs - We can deduce from this research that there are no cultural barriers to using VEs for ML/TF

Does cultural background have an impact on the use of virtual environments for money laundering and terrorism financing activity?

Thank you for your time...

Any questions?

Cyber Crime: Real Crime in Virtual WOrlds Some content based on A Feasibility Study of Money...

Documents

Transcript of Cyber Crime: Real Crime in Virtual WOrlds Some content based on A Feasibility Study of Money...