Cyber Laundering Final

<Cyber Laundering>

By

<Mohammad Salman Jamali><0747469>

A dissertation submitted in partial fulfillment of the requirements for the degree of:

Master of Sciencein

<Information Security and Computer Forensic>

Submitted to theSchool of Computing Information Technology and Engineering

University of East LondonOn

<26.05.2009>

Supervisor: <Dr David Seth Preston>

Cyberlaundering

Table of Content

Proposal for Dissertation Module (CNM015).....................................................................4Acknowledgement...............................................................................................................6Abstract................................................................................................................................7Chapter One: Introduction...................................................................................................9

1.1 Money laundering in the Past, Present and Future....................................................91.2 The Preventive Implementation by the Governments.............................................101.3 The Preventive Implementation by the Financial Institutions.................................101.4 The Preventive Implementation by the Department of Justice................................10

Chapter Two: Different ways to achieve Cyberlaundering...............................................112.1 Stages of the Process of Cyberlaundering...............................................................122.2 Models of Payment Systems in Cyberspace............................................................14

2.2.1 Positive factors for using cyber-based payments..............................................152.2.2 Negative factor for using cyber-based payments..............................................15

2.3 Techniques used in Cyberlaundering.......................................................................152.3.1 Online Banking.................................................................................................162.3.2 Internet Gambling.............................................................................................19

Chapter Three: What’s being done to prevent Cyberlaundering?.....................................223.1 Preventive Measures for Cyberlaundering by the Government..............................23

3.1.1 Federal Bureau of Investigation........................................................................233.1.2 National Accountability Bureau.......................................................................243.1.3 Drug Enforcement Administration...................................................................253.1.4 Serious Organised Crime Agency....................................................................25

3.2 Financial Institution Preventive Measures for Cyberlaundering.............................263.2.1 Financial Crimes Enforcement Network..........................................................263.2.2 Financial Action Task Force.............................................................................26

3.3 Preventive Measures for Cyberlaundering by the Department of Justice...............273.3.1 Legislation........................................................................................................273.3.2 The Laws that are related to Cyberlaundering..................................................283.3.3 The Money Laundering Offences.....................................................................28

3.4 How Can We Prevent It?.........................................................................................30Chapter Four: The Strength and Weakness of Different Strategies..................................32

4.1 Strength of Strategies...............................................................................................324.1.1 Financial Reports..............................................................................................324.1.2 Follow the Money.............................................................................................32

4.2 Weakness of Strategies............................................................................................324.2.1 Millions of Transactions in a Day....................................................................324.2.2 It is hard to identify an Army of Smurf............................................................334.2.3 Slow processing due to Jurisdictional Differences...........................................334.2.4 There are many ways of Exploiting Internet....................................................334.2.5 Cash Based Business and Services...................................................................334.2.6 Problem of Time and Space..............................................................................33

Chapter Five: Case Study of Virtual World Second Life..................................................34

University of East London 2

Cyberlaundering

5.1 Business in Second Life...........................................................................................345.2 Problem and Limitation...........................................................................................36

5.2.1 An Army of Smurf............................................................................................365.2.2 Anonymity........................................................................................................365.2.3 Open Source......................................................................................................375.2.4 Tax Evasion......................................................................................................385.2.5 Fast-growing economy is lightly controlled.....................................................395.2.6 Linden Exchange lacks even basic Regulations...............................................39

5.3 Solution and Analysis..............................................................................................405.3.1 An army of smurf..............................................................................................405.3.2 Anonymity........................................................................................................415.3.3 Open Source......................................................................................................425.3.4 Tax Evasion......................................................................................................435.3.5 Fast-growing economy is lightly controlled.....................................................445.3.6 Linden Exchange lacks even basic Regulations...............................................44

Chapter Six: Evaluation....................................................................................................466.1 The Future................................................................................................................46

6.1.1 Electronic Payments.........................................................................................466.1.2 E-Cash...............................................................................................................47

6.2 Conclusion...............................................................................................................476.3 Recommendations....................................................................................................50

Appendix A (Definition of concern Laws)........................................................................53Reference and Bibliography..............................................................................................59


Cyberlaundering

Proposal for Dissertation Module (CNM015)

Topic of Interest: Cyber laundering.

Introduction:

Cyber laundering causes a severe damage to the economy of the society that has a

calculated inward and outward remittance to manage the economy. The financial

products are always there to provide any need to transfer goods and services from one

society to another. Any means other then the provided ways to transfer goods and

services using cyber space technologies and information systems for personal benefits

using deception is considered as cyber laundering.

Aims:

Why there is a need to control this issue (cyber laundering damages) or the impact

of Cyberlaundering.

Existing laws related to cyber laundering. (legal issues)

Comparison of the Strengths and Weakness of different Strategies to prevent

Cyberlaundering.

Review of Systems and Technologies used for accomplishing the task of cyber

laundering.

Review of National and International controls to prevent cyber laundering.

To discuss a practical application of Cyberlaundering in Virtual World.


Cyberlaundering

Objectives:

On completion of the dissertation I will be able to:

Demonstrate a critical understanding of the concept of Cyberlaundering

Demonstrate a critical understanding of the procedures and techniques to employ

when investigating Cyberlaundering.

Demonstrate a critical understanding of laws related to Cyberlaundering and able

to compare strength and weakness of the existing legal process.

Demonstrate an understanding of systems and technologies to prevent

Cyberlaundering.

To investigate the effectiveness of the current legislation with regards to the

Cyberlaundering.

Methodology:

My approach to complete this dissertation paper is to use Spiral Methodology. I will

research about Cyberlaundering using the library books, articles and internet. First the

definition of the topic will be explained briefly. The affecter’s will be elaborated to

emphasis on the need to have a control over the issue of Cyberlaundering. Then we will

look at the laws related to the Cyberlaundering. Then the systems and technologies that

assist Cyberlaundering will be covered. Once ample knowledge of the topic is at hand a

Case Study will be discussed to examine the practical application providing fertile ground

to support launders. Based on the findings of research and case study any possible

improvements to prevent Cyberlaundering will be highlighted.

Rationales:

Although much have been done in the past to prevent money laundering but still the bad

guys find a convenient way to transfer huge amount of money from one place to another

electronically. In this dissertation paper I will try to present both strengths and weakness

to prevent electronic money laundering or Cyberlaundering from governmental, judiciary

and technological point of views.


Cyberlaundering

Acknowledgement

Acknowledgement is due to University of East London for the Support of this project.

I wish to express my appreciation to Mr. David Seth Preston and Ms. Tricia Webb who

served as my major advisor. I also wish to thank the dissertation coordinator Dr. Hossein

JahanKhani and the other members of my evaluation committee.


Cyberlaundering

Abstract

Cyberlaundering is a new way to hide the proceeds of crime and the advance

technological solutions of electronic payments and online gambling has eliminated the

need for time and space as compared to the traditional way of money laundering to

achieve Cyberlaundering.

Governments of the world are working together to prevent Cyberlaundering. They have

developed a standard (Forty Recommendation) by which all the governments of the

world need to provide some form of control to prevent money laundering both

traditionally and electronically.

Financial Institutions are required to provide suspicious activity report and any

transaction above the value of 10,000. An advance reporting software is used for this

purpose that eliminates the need to prepare the SAR’s without human intervention by

sixty percent.

Department of Justice has provided legislation to enable the law enforcement agencies to

monitor and keep record of internet activity for at least twelve months. This legislation

will enable the law enforcement agencies to investigate any such cases of

Cyberlaundering. While the penalties of the Cyberlaundering offence are more or less

parallel to the money laundering and can be imposed by the general principle of justice.

Cyberlaundering can be achieve in three stages and FATF has identifies certain choke

points unavoidable by the launders which is the key to prevent and control

Cyberlaundering. Although the cyber-payments seem to be the fastest and easiest way to

move the funds but there are certain disadvantages as well. There are four models of

cyber-payments and the non bank payment model is of more concern to our interest then

the other three models.


Cyberlaundering

The two techniques that I have highlighted in this dissertation are Online Banking (not

same as internet banking) and Online Casinos. Both of the techniques are widely used

and are still unregulated.

Preventive Measures by the Government Institutions such as FBI (US), NAB (Pakistan),

DEA (US) and SOCA (UK) has provided the necessary controls using the present

technology to combat this global phenomenon. The preventive measures by financial

institution such as FinCEN (US) and FATF has established a global reporting system to

report Suspicious Activity, foreign transactions and they have set standards to control and

investigate any such case of money laundering and also to provide relevant information

to the law enforcement agencies. Department of Justice has provided the legislation such

as EC Directives and USA Patriot Act to monitor the internet activity and keep the record

for twelve month of all the users in US and its Allies. At the same time penalties have

been introduced for offences related to Cyber Crime.

I have highlighted some of the strengths and weakness of different strategies

implemented to control Cyberlaundering in the present era. There are certain gaps that

have been highlight in this dissertation report.

A case studies of Second Life virtual world is presented to shed light on the possibilities

and prospects available for the cyber launders to exploit using this advance technological

solution to give a practical example of the existence of Cyberlaundering

Finally the future of online banking, electronic payments and online casino is given and

in the last the evaluation and recommendation is given in the conclusion part of this

dissertation report.


Introduction Cyberlaundering

Chapter One: Introduction

There are different ways to transfer money from one place to another such as wire

transfer, postal orders, traveler’s cheque, bank draft, electronic transfer and also

traditional way and that is the physical carrying of money to other places. Off course this

is the normal ways but there are other ways that are used to hide the money exposure and

that is what we are interest to explore and not just explore but find ways to prevent them

as well. For example on online auction site there are items that are worth only one dollar

but the bid on that item goes to 1000 dollars and this way a lot of black money is put back

in to the financial system converting it into white money.

The reason to prevent Cyberlaundering is numerous for example over throwing

governments, turning black money into white money, financial frauds, hiding the source

of income, drug dealing and black market of weapons of mass destruction and last but not

the least it is because of the gains involved in this business.

First we will review of the existing government strategies to prevent Cyberlaundering in

some detail. Then review of financial sector strategies to prevent these phenomena will

be examined. Finally the legal process, legislation, case studies and judicial counter

measures will be covered.

1.1 Money laundering in the Past, Present and Future.

Cyberlaundering is a subset of money laundering and money laundering is a process of

concealing crime and converting the proceeds of crime in to legitimate wealth. The bad

guys are adopting this technique due to the reason that the modern technology is

facilitating the financial institution in a very fast pace then the traditional way of money

laundering.



The processing speed of the technology is upgrading every six months while it take years

to investigate and prosecute any case of money laundering. The legislation are their in

every country except a few but the phenomena of investigation from jurisdiction to

jurisdiction takes a lot of time and manpower. The online currency is still an open door

for the criminals to take advantage of the fact that they can avoid human interaction and

do their business online with out declaring the source of the money.

1.2 The Preventive Implementation by the Governments

Governments all around the globe is required to monitor and report any suspicious

activity with regards to money laundering both inside the government institutions and

also in the public limited companies. Due to the fact that this phenomenon is of global

scale, a well coordinated and combine effort is required to deal with this issue to control

and prevent it. Seriously organized crime agency a UK based agency is also in the

process of joining hands with all the other countries to cooperate and help to control this

crime of money laundering.

1.3 The Preventive Implementation by the Financial Institutions

The technological products such as prepaid cards, e-cash, swipe cards, e-gold and online

banking has introduced a number of opportunities for the criminals to hide their identity

or use some one else’s identity to do a transaction and get away with it before being

catch. Financial institution are required to submit suspicious activity report to the

financial monitoring agencies and also required to know their customer through customer

due diligence also called know your customer (KYC). Suspicious transaction means that

a customer transaction that does not fit into his profile or a foreign transaction that is

relatively unusual.

1.4 The Preventive Implementation by the Department of Justice.



Finally the department of justice is trying to encircle the issue of money laundering /

Cyberlaundering through introducing several laws to deal with this issue and also

imposing penalties and imprisonment over different offences related to money laundering

/ Cyberlaundering. The introduction of internet policing and e-crime unit is a good start

to control the issue of Cyberlaundering along with other e-crime to bringing the criminals

to justice.


Different ways to achieve Cyberlaundering Cyberlaundering

Chapter Two: Different ways to achieve Cyberlaundering

Cyberlaundering can be achieved through directly interacting with the financial

institution by presenting the identity in a way to hide the real intent (i.e. Cyberlaundering)

through that financial institution. There are five classes of such dealings that are

classified in relation to the issue of Cyberlaundering and are given as follows [6].

“Concealment within Business Structures; Misuse of Legitimate Businesses; Use of False

Identities, Documents, or Straw Men; Exploiting International Jurisdictional Issues; Use

of Anonymous Asset Types;”

However there is another way of achieving Cyberlaundering and is termed as indirect

way or a way to avoid direct dealing with the financial institution to protect the

transaction from being reported to financial agencies and that is the hawala system or

alternate banking remittance. In addition to this system of remittance there are other

products that can be used to achieve Cyberlaundering and they are listed as follows.

“E-Cash, Online Auctions, Bankruptcy frauds, Telemarketing fraud, Operation Cyber

Sweep, Cyber terrorism, Online Banking, Iraqi internet scam, E-gold and Online

Casinos” [4]

Cyberlaundering is mostly all about the indirect way of dealing with the financial

institution. Doing the job fast without drawing any unnecessary attention to the fact that

the money is not linked to an authentic or legitimate source. In the words of Nick Kochan

“He describes about Cyberlaundering as the potential for easy and convenient laundering through e-auctions, online casinos, and telemarketing is all too real to ignore. The lack of a paper trail and government control makes this channel a tempting one for the goons to abuse, as they do” [4].



A number of countries like USA, UK and Canada have advance level of check and

balance but the majority of the countries still lack in infrastructure to monitor and control

the Cyberlaundering and also the laws are not yet implemented to bring the criminals to

justice.

2.1 Stages of the Process of Cyberlaundering

The process of Cyberlaundering can be achieved by the three stages which is in contrast

to its super set that is money laundering and the three stages such as placement, layering

and integrity are explained below.

Placement

In the stage of placement electronic cash is used to buy goods to be resold which can be

achieved by means of smart cards. Thus removing the need to involve any intermediary

between the two parties require exchanging the money with the facility of anonymity.

“Electronic money (or e-money) is money that is represented digitally and can be exchanged by means of smart card from one party to another without the need for an intermediary. It is anticipated that e-money will work just like paper money. One of its potential key features is anonymity. The proceeds of crime that are in the form of e-money could be used, to buy foreign currency and high value goods to be resold. E-money may therefore be used to place dirty money without having to smuggle cash or conduct face to face transactions” [9]

The illegal money in the form of smart cards can be used in online casinos or to buy e-

gold without even proving that the identity is authentic, this can be a source to convert

dirty money in to legitimate in the form of refund from a casino in the same area or in a

different area where the jurisdiction is less tolerant or have no check on the gambling

activities.



Layering

In the stage of layering the criminal tries to separate the money from its origin by

transferring the money through a number of accounts in different banks in the disguise of

purchase of goods for re-sale or through off shore companies located in different

jurisdictions.

In this stage the criminals are more likely to be facilitated by the use of internet which if

permits to open an account without linking to any authentic proof of identity and any

traditional bank account. With this features the criminals can hide there identity or they

can use a fake identity to open a bank account.

The transfer of funds from one jurisdiction to another leaves extensive audit trails. But

the investigation in to a transaction to be legitimate requires a lot of man power and time

compared to the instantaneous nature of the electronic transfer of money.

Layering could be achieved much easier if the bank supports transfer of funds that deal

with e-money. Then the source of income is virtually untraceable for some types of e-

money transaction using the anonymity features that available with most of the plastic

cards available in the market.

Integration

In the stage of integration the owner need to make sure that the accumulation of illegal

wealth should not appear to be so; rather it should appear legitimate. There are a number

of ways to achieve that, the traditional way involves false invoices of goods while the

other way is to open a shell company that render a service such as internet service

provider.



Open a bank account for this shell company and you don’t even need to render service

but rather use this shell company to make it appear that the services are being provided in

return of payment of funds that have passed through layering process. This way the

wealth of the owner looks legitimate which can be said as the profit of the service

provider.

The later technique to provide a legitimate appearance to the funds has a greater scope

then the traditional technique. As the traditional technique would require to be of limited

use as the services can only be rendered in a limited geographical location while the

internet service provider can be bared from this limitation and hence the profits can be far

more then the traditional technique. One more benefit to opt for the later technique is the

reduced suspicions if the funds are transferred from foreign banks.

2.2 Models of Payment Systems in Cyberspace

While searching materials for the dissertation report I found this article on the website of

World Bank [10] it seem an important topic to add in this dissertation. Internet facilitates

cyber-based payments and because of the anonymity feature it facilitates laundering of

funds. Other features to attract money laundering are the lack of regulation and

movement of funds across jurisdiction to jurisdiction without interception. It is not

difficult to rack the suspicious transaction but the fact that the investigation lags behind

the trace of a transaction while the perpetuator is long gone or has hidden there identities

or moved from one jurisdiction to another. This World Bank article described four

models of cyber based payment systems the system that is growing exponentially and that

facilitates the money laundering capabilities is the non-bank and peer-to-peer model. The

four models are as follow:

The Merchant Issuer Model: This model deals with the case of same entity that is both

the issuer and the seller. E.g. Oyster card used by the Transport of London.



The Bank Issuer Model: This model deals with the case that the issuers are separate

entities from the merchant. This model is connected with the traditional financial system.

E.g. Debit card used by account holders of any bank.

Non-Bank Issuer Model: This model deals with issuer giving e-cash in exchange of

traditional funds and spending this e-cash at participating merchants. E.g. Virgin pre-paid

card and Freedom Eagle Cash Card.

Peer-to-Peer Model: This model deals with e-cash that is transferable between users.

Point of contact with the transitional financial system is when the e-cash is issued and

when it is redeemed. E.g. PayPal funds transfer services.

2.2.1 Positive factors for using cyber-based payments

The benefits of using cyber based payments system is the increase of confidentiality

between the parties of an agreed transaction while at the same time chances of identity

theft also decreases. As we have analyzed that there are multiple methods of payments

this gives the option of user friendliness and more control. The presence of a central

server ensures the smooth running of the transaction.

2.2.2 Negative factor for using cyber-based payments

The drawback of this system is the infrastructure required with a constant need to be

updated. This is the main reason of the high cost for the users in order to maintain the

effectiveness of the cyber based payment system. Another factor that is important to bear

in mind is that the company maintaining the cyber based payment system gathers too

many records about the users due to the architecture of the system.

2.3 Techniques used in Cyberlaundering.



Business Areas that are affected by Cyberlaundering or under the threat of

Cyberlaundering are [7] Commercial banks, Credit unions, Post office, International

business, Stock brokers / mutual fund practitioners, Insurance companies and the

industries that are vulnerable to Cyberlaundering are [8] Online Banks and Internet

Gambling. Let’s review the techniques used in Cyberlaundering.

2.3.1 Online Banking

Online banks are under the threat of Cyberlaundering due to the introduction of internet

banking. Cyberlaundering threats the online banks in two ways. One way is that the

account holder can be assisting the process of Cyberlaundering in the phenomena called

“smurfing” (explained below). Secondly internet as a means of opening an account

without verifying the identities of their customer imposes a greater threat which criminals

exploits to hide their identity. A recent report [37] about the rise in the online banking

fraud illustrated the vulnerability of on-line banking. The fraudster uses key logging

viruses to record passwords and credit card numbers. This virus finds it way to users of

online banking generally by clicking a link in junk mails. This way criminal took over

other peoples account which is termed as card ID theft. This is precisely how online

banking will be used by cyber launderers.

Online banking is regulated by the policies of the banking regulations that require

knowing your customer and their business. Banks are required to report any suspicious

transaction to the law enforcement agencies. The criminals can easily avoid such

restrictions by opening online accounts with so many unregulated electronic banking

companies that use electronic payment systems to provide online banking like

functionalities with the added layer of hidden transaction. With the introduction of

prepaid cards the criminals can be utilizing the anonymity feature of the card to help the

layering and integrity stage of Cyberlaundering. The peer to peer model of the payment

system enables the criminal to move the electronic cash from one card to another card

without even getting any attention from the law enforcement agencies and without the

need to report such transaction by the unregulated online banks.



The problem with the regulation of the online banks accounts is that the jurisdiction of

the website where it is registered does not require following any international standard of

regulation to run an online bank. A lot of the countries are still not cooperating with the

international treaty to share intelligence and suspicious transaction records with the

member countries to monitor and control Cyberlaundering.

The technological advancement in the encryption of programs that are used to

communicate and transfer electronic funds providing the confidentiality, integrity and

accessibility to hide the information from law enforcement agencies and are immune to

current Anti –Money laundering efforts made by the federal government of U.S. the

result is that the transaction is both unlinkable and untraceable.

The electronic banking over the borderless environment of the World Wide Web provides

the internet breath of reach and with the cost effectiveness of the medium it is the number

one choice for the criminals to manipulate the technology to further their aims.

Due to the wide difference in the regulation, policies, standards and opinion about the

Cyberlaundering it is still an undecided issue that under which jurisdiction a criminal will

be prosecuted if the online banking account is based in China and you live in Pakistan

and your main banking relationships are in the India, Iran and Malaysia.

Criminals buy cheaply available fake identities from hackers to use these identities to

open accounts with electronic banking websites to accomplish the placement and layers

stages of Cyberlaundering. Criminals can host scam website to spoof the users of this

website and use the details of the users to hide their identities while requesting a prepaid

card or a smart card and deposit the criminal gains to these cards to accomplish the

layering and integrating stages of cyber laundering.

One important aspect of the electronic banking is that they are not the regulated banks

like the once we have in the corner of the street. They only provide flowing of funds from

one user to another regardless of the geographic location of the other user.

Hypothetical case example of the Army of Smurf (Smurfing).



The question of how, who, where and what requires that the criminal stay ahead of

policies in place by the authorities to prevent Cyberlaundering the criminal proceeds. For

hiring the services of legitimate people for Cyberlaundering task online job posting sites

such as gumtree dot com and many other job sites can be used to attract the attention of

people generally willing to earn extra cash. These people are called army of smurf.

There are two categories of smurf first category is people with criminal intent and second

category is people with criminal background.

Criminal background

These people can be hired from pubs, betting venues, through illegitimate access to

public record of fraudulent personalities, people from foreign background, people with

little or no moral standards for others, people seeking luxuries life style without much

effort, dodge professionals such as solicitor/ex-bankers that knows the system well and

can advise an alternative to avoid attention from the authorities, people with creative

mindset but destructive intent such as the criminals on the street corners and many of

them can be found in online chat room.

Criminal intent

These people are basically needy people who are not satisfied with whatever they have

for example students that have no access to public fund but require to do retail jobs

overtime any time all the time to make extra cash. Another type of people is those who

are lazy workers that want to earn more with less effort. For example people living on

benefit system they do not want to work hard jobs like night shifts or weekend shift.

Others that come in this category are young people on low income scale; women with an

appetite of shopping unnecessarily are always in need of extra cash and anti government

party workers with an aim to destabilize the political government.



How: Both categories can be hired by cash-in-hand arrangement or registered charity

organization with hidden agendas for example “common purpose” which is famous

charity organization for its hidden agenda.

Who: The details of each person can be managed by managers willing to assist the

business transaction of small amounts through online banks (electronic payment service)

on account of cyber-launderer these managers will maintains the details of people willing

to participate in return of some extra cash.

Where: The manager will meet these individuals personally to evaluate the risk

associated with trust and after achieving a certain level of trust they will give them the

instruction about the plan of task. These instructions will be given by anonymous emails

with a preplanned code that is known to the individual beforehand

What: As it is mentioned in section 2.3 [11] the individuals will be provided with details

of charged cards that are preloaded with electronic cash through an encrypted software

file and that will be used to deposit the instructed amount in an apparently unconnected

transaction of paying monthly fee of an internet service provider

2.3.2 Internet Gambling

While researching for the online casinos or gambling sites the Google search engine

returned almost 18 million links which show the growing popularity of online betting

sites. Internet Gambling or online casino helps the layering and placement of illegal funds

and is therefore ideal technique for Cyberlaundering. The traditional casino accepts cash

and issues chips for the user to play games. There is a loss of funds while playing the

games in the casino but the gain is the fact that the refund will be accepted as legitimate

instrument to be deposited in any bank and the source is known to be the casino.



The affect of Cyberlaundering on the depository service providers are in a legal sense

because of the need for putting up a system to deter the transfer of illegal funds and

reporting suspicious transaction in compliance of The Money Laundering Regulations

1993 (Appendix A).

In conjunction to traditional casinos, online casino sites are also regulated within U.S

since the introduction of Internet Gambling Prohibition Act (Appendix A). But the

phenomena of borderless environment of the internet impose a hurdle to such regulations

and the growing popularity of online casinos proves the fact that this channel of

electronic movement of fund from one location to another is still a ripe to be abused by

the goons. In addition it is hard to obtain the records that may be needed as evidence for

any prosecution due to the reason that the online casino website is based offshore.

Having a physical address over the internet does not really mean that some thing exist

their. Due to huge financial support from the criminals these online casinos some times

operates anonymously with out the need to have a physical address (IP-address) and to

register this anonymity on the internet the owners of the online casino pays huge monthly

and annual fees to the government of that country. Due to the non-existent background

checks by the jurisdiction of these online casinos website it is difficult to regulate this

market to restrict Cyberlaundering.

Another fact is the use of corruption to further the cause of Cyberlaundering by the

owners of the online casinos by hiring agents that help assist to achieve Cyberlaundering

by the process called smurfing. In this process the owner can give the agents some cash

to credit to his account with the online casino to play a few games and then cash out the

total money minus commission money from the casino as agreed while the owner can

have the rest of the money declared as business profit.



One important fact associate with these phenomena is that there is no need to provide

information regarding the relevant technologies only a hand full of experts can

accomplish the task of Cyberlaundering on behalf of criminals. One such example is the

drumming up business scenario [11] in the scenario the criminal is the owner of an online

casino and hires an army of fifty smurf that can create fifty or more email addresses each.

The criminal has e-cash which he has aggregated through the process of placement using

smartcards and sends this e-cash to the server maintaining the list of each email created

by his army of smurf’s. Without coincidence the army receives this e-cash and uses it to

play games on the online casino. With this activity the owner gathers all the money back

to his account in the form of winnings revenue from unrelated several different parties.

Hypothetical case example (How Does It Works)

In section 2.3 (internet gambling) it is shown that how drumming up business scenario

can be used to achieve Cyberlaundering. Let us further examine how the funds are

actually transferred from a country which has strict laws in place to prevent money

laundering to a country that has no laws to prevent money laundering.

The products like PayPal prepay cards does not require to have a bank account and thus

can be acquired on false identities. These prepay cards can then be loaded with unlimited

cash. The technological solutions are already there for the criminals to further their aims.

Who: Sam is living in UK and he is a drug dealer. The proceeds of crime are required to

be converted into legitimate wealth. So Sam hires an agent Jameel in Pakistan who runs

an online casino website that has a merchant account in a local bank called bank alfalah.

Sam asks Jameel to arrange 50 fake account using forged or fake identities which can be

acquired from a hacker on the internet through anonymous email. Jameel hires an army

of smurf to perform this business transaction. The hiring of the interested candidate can

be achieved as previously shown in the army of smurf section.



Where: Sam arranges 500 charged cards from different shops loads these charged cards

with 100 pounds each using ATM machines, post offices and paypoint facilities. He then

securely sends the detail of all the cards to Jameel through encrypted software Jameel

decrypt the details and distributed the card details to each one of the smurf with a ratio of

10:1.

What: The smurf’s then creates false accounts in Jameel’s online casino and play games

there losing all the funds minus commission to Jameel casino which is then deemed as

winnings of the online casino for Jameel. Jameel sends this money in monthly

installments thought bank transfer to Sam for rendering services of promoting the online

casino Website in UK. In the same way Sam can have more then one agents working for

him in different countries to further his drug business and networking with other

criminals.


What’s being done to prevent Cyberlaundering Cyberlaundering

Chapter Three: What’s being done to prevent Cyberlaundering?

What are the government, financial institution and department of justice doing to prevent

Cyberlaundering? And how to combat the techniques used to electronically launder funds

is the main theme of this chapter.

Electronic banking that provide ripe to abuse by the launders can be confronted by

developing an encryption key recovery program [38]. In this program all the public keys

that are used by the electronic banks will be shared as per the regulation that will be set

by the federal government and the private key required to view the transaction will be

decrypted by the program that will be developed in collaboration of information security

equipment vendors and professional of encryption science.

Each transaction should be required to have a digital signature that should hold the

identification of the user, location of the teller machine where it was used with the

amount of transaction it holds and the date/time stamp. This will be the minimum

requirement to be embedded in the smart cards and the teller machine daily reporting

system to counter the fraudulent use of the technology and the possibility of

Cyberlaundering attempts.

The Neural Computing and Artificial Intelligence such as PRISM® Money Laundering

Detection (MLD) [22] can be used to form a pattern of similar transactions to one

account or many accounts to form a universal group number (UGN) of that smart card

which is used on one of the teller machine or a group of teller machine to transfer funds.

When doing the same transaction over the internet the IP-Address should be used to

locate the place where the electronic banking account creation is taking place. This will

be helpful when law enforcement agencies are investigating any case of Cyberlaundering.


To implement any such solution to try to combat Cyberlaundering one of the problems

that arises is the regulation of Domain Naming System. It is a known fact the service

providers provide hidden address websites facilities to users in return of a very high value

packages. An audit must be required to highlight any such discrepancies from the ISP’s.

3.1 Preventive Measures for Cyberlaundering by the Government.

Let us review the improvements in the government agencies by comparing the yearly

advancement to address the issue of Cyberlaundering. Although there are many

organizations working in partnership with the government I have just mentions few of

them here.

3.1.1 Federal Bureau of Investigation

According to the National Money Laundering Strategy 2007 FBI has set nine goals to

control the issue of money laundering these goals are as follow.

Safeguard the Banking System, Enhance Financial Transparency in Money Services

Businesses, Stem the flow of illicit bulk cash out of the United States, Attack Trade-

based Money Laundering at home and abroad, Promote Transparency in the ownership of

Legal Entities, Examine Anti-Money Laundering Regulatory oversight and enforcement

at Casinos, Implement and Enforce Anti-Money Laundering Regulations for the

Insurance Industry, Support Global Anti-Money Laundering Capacity Building and

Enforcement Efforts and Improve how we measure our Progress. [12]

In relation to Cyberlaundering the FBI is determent to cater the issue by supporting

cooperation with other countries to achieve a global solution to cybercrimes. At the same

time it is enforcing federal laws to control and prevent this issue inside U.S. They have

identified banks, depository institution and traditional casino to be actively assisting

money laundering. Gaming industry is on an increase in U.S driven by native Indian

tribes. FBI Cybercrime investigation department is active against the national and

transnational organized criminal enterprises involved in cybercrime.


3.1.2 National Accountability Bureau

National Accountability Bureau of Pakistan launched a project in February 2002 to fight

against corruption which is the biggest problem of Pakistan. They have also highlighted

the problems that are in the way to achieve a corruption less society [13]. Criminals

exploit this weakness of corruption and bribe the officials to avoid or to keep a close eye

to act and report on any such information regarding money laundering. Due to the

complex stages of the process of money laundering and lack of control over financial

institution and government officials it is easy to export and hide the fruits of criminal

proceeds. The advance technological infrastructure used by the criminals to further their

cause and the lack of such advancement in the law enforcement agencies infrastructure

and non availability of any private sector industry to address this phenomena show a huge

lack of concern to monitor and control Cyberlaundering.

According to Financial action task force on money laundering it is expected that a sum of

$70 to 100 billion may be stashed away in foreign banks by Pakistanis in 1996. Money-

changers are unregulated as they are using the alternate banking remittance. The need to

achieve the foreign exchange requirements government is dealing with these money-

changers and has turned a blind eye towards them in relation to money laundering.

The government has facilitated money laundering and made inward foreign remittances,

tax free through financial institutions and without any kind of scrutiny by the auditors.

The government is in the process of tightening regulation of money changers and

formulating an Anti Money laundering law in collaboration with the FATF, World Bank,

State Bank Federal investigation Agency and Asia Pacific Group.


In recent Past it is observed that cyber crime has increased dramatically and to counter

their activities it was essential that there must be an organization to monitor, track and

apprehend all such criminals. National response centre for cyber crime (NR3C) [14] a

Department of Federal Investigation Agency is dealing with all matters related to cyber

crimes under the law of Pakistan electronic crime ordinance 2007-2008 [39]. It also

provides training to different organization regarding cyber threat that can affect their

information resources.

3.1.3 Drug Enforcement Administration

Money laundering is based on criminal proceeds mostly from trafficking of drugs. The

mission of the Drug Enforcement Administration (DEA) is to control and prevent the

trade of illegal drugs in U.S. and to assist the department of justice to enforce the

controlled substances laws. The DEA's primary responsibility is to investigate and

prepare a case for prosecution of major violators and drug gangs.

DEA helps in the management the national drug intelligence program by cooperation

with government and law enforcement officials to collect, analyze, and disseminate

strategic and operational drug intelligence information [15].

The traditional way of transporting the money from the buyer to the seller is changing

dramatically due to availability of advance technological solution such as e-payment

system. But the fact that drugs can only be transported using the same transportation

channels and hence therefore DEA’s role is important to control the drug trafficking.

3.1.4 Serious Organised Crime Agency

SOCA deals with suspicious activity reports (SARs) under the money laundering

legislation POCA 2002 (Appendix A) that are provided by the financial institutions

operating in UK. Its active life was widely critical of the banking and financial services

sector and the financial institution for not reporting the suspicious activity reports [16].


SOCA is based in United Kingdom and operates in cooperation of law enforcement and

department of justice to prevent money laundering through the banking channel and also

coordination with FBI to detect and prosecute cyber criminals to prevent frauds and

scams.


3.2 Financial Institution Preventive Measures for Cyberlaundering.

Let us review the improvements in the financial sector and the agencies deal with them to

prevent crime.

3.2.1 Financial Crimes Enforcement Network

The U.S. Department of the Treasury established the Financial Crimes Enforcement

Network FinCEN in 1990. In 1994 FinCEN operation was broadened to include

regulatory responsibilities for administering the Bank Secrecy Act (Appendix A). The

mission of FinCEN is to enhance and safeguard financial systems from criminals.

The Strategic Plan of FinCEN for Fiscal Years 2008 -2012 outlines three outcomes that

financial systems must be resistant to abuse by money launderers, Detection and

deterrence of money laundering and efficient management of BSA information.

3.2.2 Financial Action Task Force

Financial Action Task force was established by G-7 summit in 1989 held at Paris and the

main reason for its formation was the increasing concern about the money laundering

issue. It has provided a standard policy that constitute forty recommendations to combat

money laundering in 2005 the FATF comprises of 31 members and by 2007 this number

increased to 170. The main task of FATF is to set standards for anti money laundering,

monitor compliance of these standards and studying methods of money laundering. It was

detected in 2007 that the new payments system is a growing method to accomplish

money laundering. The use of prepaid cards, Internet payment systems, mobile payments,

and digital precious metal currency show that the vulnerability of Cyberlaundering exists.


After reviewing the forty recommendations developed by FATF the central idea can be

described as that the countries should criminalize money laundering and apply serious

penalty to the criminals, that if the crime is intended by the criminal then the charges

should be severe (criminal court equivalent) and if the intend is not there then the charges

should be less sever (civil court equivalent), countries should adopt procedures to

confiscate the criminal proceeds or property, the financial institution should not maintain

anonymous account and know their customers by requiring KYC (know your customer)

forms as mandatory, to be cautious about the politically exposed persons, to develop

policy and procedure to address risk in non face to face business, and monitor transaction

that have no apparent lawful and economic purpose.

3.3 Preventive Measures for Cyberlaundering by the Department of Justice.

Let us review the improvements that have taken place to address the Cyberlaundering

issue by the Department of justice.

3.3.1 Legislation

The laws that can be used to prevent Cyberlaundering are Computer Misuse Act of 1990

(Appendix A) and EC Directives (Appendix A). As it is a known fact that for Online

Banking or to play a game in online casino user is required to have a computer or an

electronic device (3G Mobile) to make a transaction to assist the movement of funds (in

this case illegal proceeds of crime) from one location to an other. This type of transaction

in general goes through a server that is in between the sender and receiver of electronic

cash. By using location of the server and the EC Directives that enable the government

authorities to monitor sensitive information required to monitor suspicious activities can

assist law enforcement authorities in investigation of a Cyberlaundering case.


Although the EC Directives excludes the information society services of gaming, betting

and lotteries. The law that can be used to prevent Cyberlaundering through traditional

Casinos and financial institutions is Bank Secrecy Act of 1970. This requires the financial

institution to keep a record for five years of all the transaction and report any suspicious

activity.

The UK Payments Association has reported that internet card payments reached £34

billion in 2007. While the spending on charge cards was £133.2 billion [18].The

electronic payment system operates with few restrictions and their value is limitless.

Online casino lends itself to Cyberlaundering because these is no requirement to provide

identity and authenticate parties; there is little or no record keeping or audit trailing;

encryption services mean criminals can lock out law enforcement agencies and

transactions can be conducted globally, therefore falling outside existing regulatory

control [17].

According to KPMG's Fraud Barometer over £1.1 billion of fraud came to UK courts in

2008. This was the second highest level in 21 years. (KPMG, February 2009). The

Chairman of the Cybercrime Working Party of the Fraud Advisory Panel

Cyberlaundering is currently (2006) estimated to be running at $50 billion each year [17].

3.3.2 The Laws that are related to Cyberlaundering.

After searching articles, books and internet sites the following list of laws that are related

to Cyberlaundering in different ways is given these laws are defined in a concise way in

the appendix A. [Appendix A]


Federal Reserve Act of 1913, Bank Secrecy Act of 1970, The Solicitors Act 1974, The

Privacy Act of 1974, Foreign Corrupt Practices Act 1977, The Right to Financial Privacy

Act of 1982, Money Laundering Control Act of 1986, The Electronic Communications

Privacy Act of 1986, Anti-Drug Abuse Act of 1988, The Crime Control Act of 1990,

The FDIC Improvement Act of 1991, Criminal Justice Act of 1993, The Drug Trafficking

Act of 1994, Human rights act 1998, Data protection act 1998, Proceeds of Crime Money

Laundering Act of 2000, U.S.A. PATRIOT Act 2001, Sarbanes-Oxley Act 2002, Crime

Act 2002, Serious Organised crime and Police Act 2005 etc.

3.3.3 The Money Laundering Offences

There are now five basic money laundering offences that in my view can be used in

parallel to Cyberlaundering offenses as well.

Assisting another to retain the benefit of crime;

The offender can only be charged if it is proved that the intent to assist the criminal was

there and the knowledge that the proceeds are directly or indirectly gains of an illegal act

is there. The penalty for commission of an offence can range from six months to 14 years

and a fine that is not exceeding the statutory maximum or both. This can also be used for

Cyberlaundering offences.

Acquiring, possession and use of criminal proceeds;

The offender can be charged only if reasonable grounds are established that acquisition or

possession of criminal proceeds has been acquired at less than full value. The penalty is

same as assisting in retaining the benefit of criminal proceeds. With regards to

Cyberlaundering technique that I have presented in second chapter the criminal can be

using a charged card or making an internet payment system using funds that are criminal

proceeds.


Concealing or transferring proceeds to avoid prosecution or a confiscation order

(also called Own Funds money laundering).

Disguising or transferring proceeds of crime for the purpose of avoiding prosecution.

Disguising includes removing its nature, source, location, disposition, movement or

ownership or any rights with respect to it. The use of encryption to hide the transaction of

criminal proceeds can be an offence and the penalty is same as other offence mentioned

above.

Failure to disclose knowledge or suspicion of money laundering;

The professional such as solicitors and banking experts that come to know any such

suspicious transaction and do not report it then this will not get them any waiver of

professional privilege. The penalty for this offence ranges from six month to five year

and fine not exceeding the statutory maximum or both.


Tipping off.

If a criminal is tipped off that he is being investigated then the procedure of reporting a

suspicious transaction is of no use. The penalty for this offence is the same as failure to

disclose offence.

3.4 How Can We Prevent It?

In general all the crime are gain motivated and to have a luxuries life with less efforts.

The problem associated with the gain is the identification of the source and to avoid any

such problem criminals have to figure out a way to distance them from the crime scene.

Hence there is a need to launder the criminal proceeds to reappear in their accounts as

legitimate wealth earned from the revenue of there shell company.

The most popular source of illicit gains comes from the drugs trafficking and it was the

initial catalyst for coordinated international efforts to prevent money laundering. This

industry is a highly cash based and to avoid the burden of handling cash it is required to

use the financial institutions and in particular online payment systems.

There are certain Choke points that (FATF) has identified in the money laundering

process that is unavoidable by the criminals and is vulnerable to detection. The choke

points identified are entry of cash into the financial institution (placement), transfers to

and from the financial institution (layering) and cross-border flows of cash (integration).

The UK’s system of reporting suspicious transactions through Suspicious Activity Report

is an effective policy to deter Money laundering in the traditional financial institution

However, cross-border flows of cash is one of the areas mentioned above where the

launderer is vulnerable to detection. The police and customs service in UK are

empowered by the legislation to seize cash they believe could be the proceeds of drug

trafficking.


The record keeping of transaction by financial organizations provides a useful audit trail

and gives useful information on people and organizations involved in laundering of

funds.

Cyberlaundering is still an evolving issue and transfer of electronic cash is an unsolved

mystery therefore government of Australia, Canada, UK, EU and U.S have implemented

a likewise policy to log and monitor activity of internet users for five years before an

internet service provider can use a clearing utility to clear the servers and loss the

information that can assist to find the source of an electronic payment sender.

The Strength and Weakness of Different Strategies Cyberlaundering

Chapter Four: The Strength and Weakness of Different Strategies.

The issue of cyber laundering is there since the technology enabled the movement of

funds from one location to another without being intercept or intervened. The strength

and weakness of different strategies to prevent cyber laundering is discussed as follow.

4.1 Strength of Strategies

The government, financial institution and department of justice have implemented a

number of strategies to monitor and control Cyberlaundering.

4.1.1 Financial Reports

There is a possibility to report transaction of amount that is above the value of 10,000.

This reporting was required by the financial institution in compliance of Bank Secrecy

Act. The software solution is also provided by the government to report any suspicious

transaction through different channel of communication.

4.1.2 Follow the Money

As per EC Directives and Bank Secrecy Act financial institution are required to keep a

record of transaction for a period of five years. The Telecommunication and Internet

service providers are also required to monitor and record the user data for one year to

assist the government authorities and law enforcement agencies in investigation

pertaining to cyber crime.

4.2 Weakness of Strategies

The limitations that is present while implementing different strategies is discussed below.

4.2.1 Millions of Transactions in a Day.


The first and the foremost issue that is residing between a successful combat against

Cyberlaundering is the fact that the number of transactions including both financial

institutions and electronic payment systems are in millions and processing of each

transaction and building up a possible architecture of structured transaction to achieve

Cyberlaundering is a very challenging task.

4.2.2 It is hard to identify an Army of Smurf.

The army of unrelated circumstances and identities trying to present a justified

transaction when in reality they are assisting some one to hide the source of funds and

present their wealth as legitimate

4.2.3 Slow processing due to Jurisdictional Differences

Jurisdiction to jurisdiction information access can be difficult and very time consuming.

and a lot of manpower is required to process only a single case.

4.2.4 There are many ways of Exploiting Internet

At present there are many ways of exploiting internet for Cyberlaundering and that is

Electronic Cash, Online Casino, Online Auction, Online donation to save tax, Electronic

gold, Unregulated electronic payment systems and Online Banking.

4.2.5 Cash Based Business and Services.

Cash based business also accepted prepaid cards and do not require identity as proof for

doing business with them. Car dealers, precious stone dealers, professional bankers,

accountants and solicitors can provide services and advise to develop a safe strategy to do

Cyberlaundering.

4.2.6 Problem of Time and Space.


New tool of technology has eliminated the need to have the problem of time and space.

The internet time and cyber space when compared to traditional time and space requires

reconsiderations of practical implications.

Case Study of Virtual World Second Life Cyberlaundering

Chapter Five: Case Study of Virtual World Second Life.

Second life (SL) is an online virtual world that is developed in 2003 by Linden Labs

founded by Mr. Philip Rosedale in San Francisco. The online virtual world has its own

currency called linden Dollars that can be used in the SL virtual world to do business.

The founder of linden labs in an interview with the guardian [21] news paper has

admitted the fact that money laundering involves real paper bills and that is a problem

related to real currencies this statement is contrary to the understanding of intelligence

agencies in US [28]. I will be presenting a research that would identify the potential of

Cyberlaundering related to the new virtual world and the existing steps that have been

taken to control and monitor the money movement.

5.1 Business in Second Life

The SL is using the Network effect business which is an organic and exponential business

effect. As on Ninth April 2009 the total number of users logged in last 7 days on SL main

website were almost six million [20] and this shows the real popularity of the SL. The

total numbers of registered users are 16 million [29].

They use micro-payment system to sell virtual objects like furniture’s, cloth and land in

linden dollars from linden exchange (also known as xstreet in SL) or form other residents

through charged cards, credit cards, online bank account linked with resident account via

lindex exchange to convert real money in to linden dollars. In 2008 it is reported that the

inworld economy of SL had virtual goods entrepreneurs, landowners, inworld builders

and service providers that achieved a mutual transaction of US $350m.


The terms of service of SL provides protection against the intolerance, harassment,

assault, disclosure, indecency and disturbing the peace. The laws that the SL follows are

the Global Standards with Local Ratings, in case of violation of term of service first a

Warning is given then the account is Suspension and finally Banishment, user will be

hold responsible of causing Global Attacks and the activity through alternate resident

account will bear responsibility by the principle resident account.

Another fact that is holding SL more vulnerable to cyberlaunding is the option that

Residents have Intellectual property rights to what they create. As we know that mafia

and gangs are always looking for ways to carry out their illegal activity without being

noticed or drawing unnecessary attention from the authorities. The server client

architecture of SL provided the much needed isolation from the authorities to further the

aims of organized crime by gathering in secure location of self owned land to plan,

discuss and train an army to commit Cyberlaundering through moving cyber crime

proceeds.

Hypothetical case example (How Does It Works and Tax Evasion in SL)

Cyberlaunding is all about transferring large sum of money from one location to another

without drawing unnecessary attention from the authorities. The reason for this activity

can be tax evasion and therefore criminal’s look for a place with minimal risk of being

taxed

How: Tax evasion is possible as there is no or very less amount of tax applicable in

virtual world for example VAT for selling in UK is 15 % in contrast to the 40% higher

rate of income tax in the real wealth. In section 5.2.4 (given below) it is shown how

Cyberlaundering is achieved by buying land in Russia thus transferring huge amount of

cash in linden dollars to Russia and then selling the land to an unconnected party

Who: Land mafia can use this channel to buy land in Moscow without paying tax as

transaction between residents in linden dollars is not taxable the tax is only deductable

when the linden dollars are converted to real currency.


Where: Due to the borderless nature of internet and no legislation in place for the virtual

world the tax evasion is possible for the criminals and corporations to hide there gain

from the tax man by using this channel of virtual commerce and buying properties in tax

free zones such as Dubai and other tax havens.

What: The unconnected party described above can be a local Russian thus achieving

Cyberlaundering or it can be the same Londoner who buy that land from his Russian

counterpart and is finally been gifted the real land back to him and who only needs to pay

the gift tax avoiding the stamp duty/land tax, local property taxes and Capital gain tax.

5.2 Problem and Limitation

Financial transaction in Second Life is unregulated as the SL is not a registered financial

institution though they are following Federal Reserve Bank like monitory policies. There

is no law to monitor and control Cyberlaundering and no need to establish the source of

income of any resident. Lets present few problems that are favorable for the launderers.

5.2.1 An Army of Smurf.

The complex stages of Cyberlaundering can be achieved by buying linden dollars by an

army of smurf’s (explained in section 2.3.1) and use this currency L$ to buy land and

other property from the residents who is using this mode of business to convert illegal

wealth into legitimate wealth and transfer of cash from one location to another without

interception and reporting.

The other party resident can withdraw this L$ by converting it in to their own local

currency and charging it to their bank account, credit card, PayPal account and charge

card in return of offering a service that need not be their in the virtual world.

5.2.2 Anonymity


There is no need to know your resident and their source of funds. Criminals will exploit

this facility of anonymity by selling objects, contents and scripts at any value they like

and where access will be given to their army of smurf’s while restricting it for any other

resident to avoid the business being reported to the authority.

Having intellectual property rights to your created objects, content and scripts will ensure

that no one can copy or use your creativity without the consent of the owner and that is a

starting point of suspicion for a criminal to know that he is being investigated, reported or

observed for suspicion of involvement in Cyberlaundering.

Criminals can use the identity of some one else to protect his own identity and there is no

need to even prove that you are what you say you are. This facility can be further exploit

by opening a bank account in the virtual world as a Singapore bank is operating in second

life [30] and providing this fake identity to apply for credit and then silently leave the

virtual world with all the real cash transferred in your own charge card.

5.2.3 Open Source

Linden labs will have no way to find out the actual functionality of an application that is

created and integrated with the second life viewer application. There is no version control

to maintain as the residents can use there developed application with the Second life

viewer and can distribute the same to there friends and member of organization to use it

for a customized set of operations such as marketing, business meeting, presentations,

education and automated electronic payment value transfer in encrypted data format.

An online casino application can be developed for securely accepting payment that are

encrypted and at the end of the game the remaining cash can be transferred to a charged

card of a person to whom this fund was required to be laundered. The details of the users

can be used to make such payments even without the consent of the user of such

mushroomed online casinos.


An exception that SL holds is that the owner ship of the virtual object such as a castle is

not with the company but with the resident and therefore the taxation on the asset which

is a bunch of ones and zeros is only theoretically viable and practically the virtual

transaction of objects will cripple the virtual world with an unmanageable increase of

paperwork and record maintenance.

5.2.4 Tax Evasion

European Union sales tax regulation requires that value added tax must be charged from

the resident of EU that uses second life for land purchase and maintenance, for premium

memberships and for linden exchange currency buying, selling and processing of credits

using PayPal, domestic and international check.

Lets assume that you live in London and you require to buy a piece of land in Russia then

using the currency of SL that is linden dollars you can easily buy the piece of land at the

cost of the land without paying any tax or exchange rate charges using another resident

that is a real estate agent offering this service as a personal business. However if you buy

the land in traditional way that would require you to first travel to that country then

convert your currency to the local currency of that country where the land is located and

then a huge sum of taxation would be required to pay before the purchase of the land and

finally the cost of the land. So using SL channel of business you can easily avoid the

heavy taxation related to the purchase and maintenance of land in Russia.

Not to forget the business of real estate in 3D virtual world give a lot more better

representation of real property then the news paper clipping or a photograph of a piece of

land without any further information relating to buying a piece of land. This business of

real estate is a great way to present the land property to the interested inworld residents.


Exchange of linden dollars from one resident to another is not taxable so a resident living

in London can hire the services of a professional estate agent living in Russia to buy the

land for him using his credentials and then transferring/gifting the ownership of the land

to the resident living in London this will help to evade the tax amount that was required

to be paid to the government by a foreigner. And the same trend can be followed by the

corporation to hide there annual profits to safe the taxation and use it for the new venture

of the organization working abroad.

Corporation will be choosing this channel of business to buy huge land property from the

annual profits of the company and avoid reporting huge annual profits and paying huge

amount of tax to the government.

5.2.5 Fast-growing economy is lightly controlled

It is a fact that at present there are more then fifteen million users in second life virtual

world. This virtual land has no police and no courts meaning that the users are free to do

what ever they like with the slightest fear of being caught. As long as they don’t violate

the term of service of SL or encountering any one that would observes there suspicious

activity and report it to the authorities.

SL has based its policy on creativity and giving residents the freedom to create what they

imagine and at the same time make some cash by given services that they can offer like

music bands, instrument players and tourism guide for other residents. Controlling the

way resident generate money is not a priority but a necessity to provide security to every

other resident in SL.

5.2.6 Linden Exchange lacks even basic Regulations


The linden exchange is the only way to convert real currency to buy and sell linden

dollars and it even lacks the basic regulation observed by the regular money exchange in

the real world. Britain fraud advisory panel recommended to the UK government to

extend the traditional financial regulation to the SL virtual world payment solution and

online game [40].

The virtual world is a new idea that is being implemented in reality therefore at present

there is no legislation to govern the virtual world. The reason that it does not require to be

regulated is that there is no legal frame work to regulate the virtual world.

5.3 Solution and Analysis

The SL virtual world used its own currency for the micro payments to buy and sell both

real and virtual cloths, jewelry, and furniture’s. The same payment mode is used to rent

an Auditorium or to arrange educational classes, group meetings and presentation. The

newly immerged so to say future of internet and the limitation to protect the net

generation from any possible cyber crime requires that government and intelligence

agency extend there counter measure efforts to resolve the problems associated with

virtual world. The chairman of the Serious Organised Crime Agency Sir Stephen Lander

has said that

"Any significant reduction in the capability of law enforcement agencies to acquire and exploit intercept intelligence and evidential communications data would lead to more unsolved cyber crime." [23]

Let us analyze the problem and its solution to the issues stated in section 5.2 above.

5.3.1 An army of smurf

The complex stages of Cyberlaundering can be achieved by buying linden dollars by the

army of smurf’s and then using it to buy real land and other luxury items from the

residents who is using this mode of business to convert illegal wealth into legitimate

wealth and transfer of cash from one location to another without interception and

reporting.


Initially the law enforcement agencies used artificial intelligence to form any possible

pattern of Cyberlaundering by observing the movement of the linden dollars. Due to the

dynamic nature of the virtual world it is not possible to keep a record of every action an

avatar performs so there is no reconstruction of pattern and hence artificial intelligence

was ban in April 2009 due to the reason that it is a source to drain server resources and a

way to boost traffic stats [27]. The difference in virtual world and in real world is that

there is possibility that authorities can re-construct an event of Cyberlaundering by

joining the dot of evidences that are present in servers of ATM, POS and Electronic

Payment Solution systems while in virtual world using client to client architecture there

is no way to reconstruct the transaction if it is encrypted. The decryption of this

transaction required lengthy process and the number of transaction in any given time is in

hundreds if not in thousands. Encrypted transaction is generally treated as suspicious

transaction Due to the complexity of controlling the cyber crime the national security

agency of America announced that they don’t want to control the cyber security of

America [24] alone but with the help of other cyber security agencies.

5.3.2 Anonymity

The feature of anonymity in it self is not a threat but the use of it to do the dirty dealings

is a concern to all. For example people would feel more comfortable to get sensitive

medical advice in SL [31] to protect their identity for avoiding undesirable attention in

their privacy from the social circle. But if same anonymity is used to commit a financial

fraud or high yield investment program to deprive other resident from what they own is

worse situation then in real world where you can verify the reality of an investment

program through numerous sources.


SL keeps a record of information regarding the contents that you have accessed. They do

disclose this information to law enforcement agencies if it deems suspicious otherwise

this information is kept in a database in an unreadable form to protect the privacy of

residents and each access to this database is logged and authorized as per condition or

reason to do so [32]. The land in any region is actually located in the servers of SL and if

the activity in that region is restricted, recursive, huge virtual traffic and the content is

using encrypted functionality or coded messaging or any other suspicious way of dealing

is observed through the aggregated information or reported to the SL authorities to look

into the matter and demand the clarification from the resident for such an activity by first

giving warning then suspension and finally banning them from SL. This region can be

filmed to record digital evidence and the objects, contents and scripts can be copied to be

analyzed by the digital forensic experts.

The intellectual property rights is provided to the residents to protect their legitimate

unique business from being copied by other residents but this right is not there for the

criminals to ensure that no one can copy or use their creativity without their consent. SL

reserves the right to provide the information of the resident to the law enforcement

agency if suspicion of criminal activity is established such as Cyberlaundering.

The intelligence agencies have drawn much needed attention of US government to the

fact of untraceable financial transaction [33] and alternate channel with expanded ability

to make a financial transaction.

SL establishes the identity of the resident in two parts, the first part is the information

provided by the resident and the second part is the activity, accessed content, login IP

address, general and specific computer details. If there is a suspicion that the resident is

not what they say they are then a proof of identity will be asked to confirm their identity.

Hence the anonymity feature is there to have a better experience then what is in the real

world and not the visa versa.

5.3.3 Open Source


Linden labs has taken a monitory role in the second life virtual world to control the L$

movement and linden exchange to convert L$ in to real currency. They have several

thousand servers at present to support the simulation of avatars using thousands of scripts

that are accessed by the residents to create and modify their avatars. The open source

functionality has reduced the UDP data traffic load to the SL servers by giving away the

independence to the residents to create objects, contents and adding new functionalities to

their content/object/script such as translator’s service to give live translation while talking

to people of different languages or holding a banner to advertize a product and earn L$

from the company almost same as Google advertisement works.

In the summer of 2007, Linden Lab banned online gambling in Second Life virtual world

by saying that there are too many issues with online gambling [25]. Although officially it

is banned but the potential of using it is still there due to SL client server technology. One

can only find the actual functionality of an object and its content by either observing or

by using it themselves. To control and monitor this issue FBI and other intelligence

agencies have already established their virtual presence in the SL [26]. The laws that are

used to criminalize online casino in Second Life was the 1970 Illegal Gambling Business

Act (Appendix A) or the Unlawful Internet Gambling Enforcement Act of 2006

(Appendix A).

Residents can create an object that can be used to securely transfer charged cards value

details and any other form of financial information that are encrypted and this cash value

can be transferred to a charged card of a person to whom this fund was required to be

laundered. This client to client (hybrid of peer to peer) information transfer can not be

monitored and controlled by intelligence agencies or SL servers.


The linden exchange scrutinizes the transaction above 10 USD dollars same as any

financial institution but there is no regulatory compulsion to report it to the authorities

rather a need to avoid being a party to the crime by helping the crooks. This channel of

money movement is still too young to be considered as prone to organized criminal

activity and the responsibility of controlling and monitoring illegal and suspicious

activity must be shared with the residents to report it if it is observed in there particular

region.

5.3.4 Tax Evasion

As discussed in section 5.2.4 the SL uses two ways to establish the identity of a resident

if you have mentioned that you live outside of European Union to save the sales tax

regulation that requires you to pay VAT for land purchase and maintenance, for premium

memberships and also for linden exchange currency buying, selling and processing of

credits using PayPal, domestic and international check. SL can establish your location by

recording the information of the computer system that you are using to login to second

life. The IP address will be use to locate your country and if this information is different

from what you have provided then you will receive a warning to change the details of

your profile following by suspension and finally banned from SL.

Real Estate is a legitimate business and it has an online presence since internet was

introduced commercially. The resident that provides the service of real estate agency will

bear the responsibility of the contents that they have offered and if an illegal or

suspicious activity is observed by the local community in that region or by SL authorities

due to the suspicious aggregated information regarding the business and the fortune

earned appears to be unrealistic then the information of the resident will be passed to the

law enforcement agencies.


The transferring and gifting the ownership of the land to another resident living any

where in the world requires that the authority need to make sure the reason of this

transaction has some form of sense to it otherwise an investigation need to be performed

to establish any tax evasion involved. This is a real phenomenon and needs not be an

issue in the virtual world.

5.3.5 Fast-growing economy is lightly controlled

The government of US believes that the future economic growth in virtual world and

especially in the SL virtual world is providing a haven in cyber crime activity [34]. With

the increasing number of residents the agencies all around the world is also building

network in virtual world to effectively communicate, train and manage the cyber crime

monitoring and control by using the reporting mechanism of violation of term of contract

in SL the criminals are kept away from the SL virtual world.

SL virtual world saves the cost of communication in the real world and is an effective

way to solve the real world hurdles such as jurisdictional issues and man power to solve a

case of Cyberlaundering.

5.3.6 Linden Exchange lacks even basic Regulations

According to currency exchange act [35] a financial institution is required to file an

annual financial progress report but SL since 2003 has not produced any annual financial

progress report due to the reason that it is not a sole financial institution but an online

virtual world simulation host.

Similarly due to no monitory policies [36] governing lindenX the revenue in real USD

earned by the linden lab from the resident can be used by few higher level individual in

the company providing a fertile ground for the criminals to hire the services of the SL

company which is already exempted from any liability to damages caused by any reason

to avoid reporting the illegal activities of criminal. My recommendation to solve this

issue is to extend the financial regulation on to the SL virtual world.

Evaluation Cyberlaundering

Chapter Six: Evaluation

In this chapter we will discuss about the future of Cyberlaundering and the conclusion of

this research and after that the recommendation.

6.1 The Future

The future of Cyberlaundering can be defined in relation to banking, cyber payments and

e-cash. Let’s take them one by one.

6.1.1 Electronic Payments

The term electronic payment is a common term that is used to represent digital funds

transfer of financial value from one user to another. At present the electronic payment

system is in use in almost all types of financial transactions that are conducted and

operated. The electronic payments systems can be used via the Internet, smart cards and

prepaid cards which unlike traditional cards actually contain a microchip, which has

record of its value on the card. Some Electronic payments systems use both charged cards

and electronic cash.


The designed of the system provides some common elements to the transacting users

with immediate, convenient, secure and to some extent anonymous means by which

electronic value can be transferred between users. Due to the borderless nature of this

system there is a potential for criminals to exploit and facilitate the international

movement of illegal funds. The time and space concept in the internet, which makes the

electronic payment systems efficient and anonymous, are positive characteristics from the

launderer's perspective and with added feature of security by using encrypted peer to peer

model that makes it attractive to them. And the fact the traditional concept of time and

space characteristics may actually impede law enforcement from leading in the online

world and to detect suspicious activity. A specific concern is a natural response to be the

impact of Electronic payments on the efficient current regulatory/policy initiatives

against financial crime and the consecutive impact on traditional investigative techniques

and analysis. Another issue that needs to be considered is the differences in international

jurisdictions and the political will to criminalize Cyberlaundering. According to FATF

addressing the potential of money laundering threats is one of the challenges for the

future that is posed by the electronic payment systems.

6.1.2 E-Cash

There are a number of systems of Electronic Cash such as Freedom Eagle Cash Card

which is a rechargeable card and has a self contained store of value and can be used on

the electronic payment systems.

Further to this are online banks that use the Internet’s telecommunications capability to

transfer electronic funds between users. The personal computer can be terms as self

contained store of value and an access device as it serves as the user’s interface with the

Internet payment system.


Peter Lilly [3] describes the Internet as being one of the greatest opportunities for

Cyberlaundering because of the anonymity features and a convenient medium to aid there

aims and the use of encryption software to securely make transactions over World Wide

Web. With the very nature of Internet, being border less and networked the movement of

capital to from highly monitored system to relatively unregulated jurisdiction will take

place. It remains to be seen whether launder take advantage of electronic payment system

to avoid any regulations/policy on other traditional laundering techniques. It is however,

a challenge to the authorities.

With Freedom Eagle Cash Card, the way it works is that the card does not require any ID.

The limit on the cards is unimaginable as it can be recharged again and again. This value

will be set by issuing banks with unlimited spending power. This system is already in

operation in London, UK. This Prepaid card is tailor made for Cyberlaundering unless

some safeguards are put in place.

6.2 Conclusion

Cyberlaundering is a sub branch of Money Laundering which is as old as the creation of

money.

Money laundering is an integral part of every crime and the lifeblood of almost all the

criminal activity such as drug dealings, scams, smuggling, arms trade, terror activity,

extortion and tax saving. It is also the world’s largest business with huge gains. Criminals

throughout history need to find a way to hide the source of newly acquired wealth to

protect them from prosecution for their crime. The scale of the problem of

Cyberlaundering has escalated out of all proportion and this is due to the advance

technological solution that helps the cause of the criminal by providing safe havens and

channels to further their aims.


It is an ongoing problem faced by the international economy, and while researching this

work, it is evident that the fundamentals of Money laundering remains largely the same,

technology has offered means to convert illegitimate wealth into legal assets. The largely

unregulated growth of the Internet payment system presents that the criminals could have

money transfer without any audit trail. Authorities need to make sure that laws are made

before the technology is introduced to prevent abuse of any new techniques that

professional money launderers can use to transfer ill-gotten proceeds.

A growing realization of the fact is that the cyber crime is increasing to an extent that

Cyberlaundering and its relationship with organized crime are interlinked. The huge

profits that are sum up to these criminals from cyber crime will be used not only to

facilitate but to consolidate the assets of those in control of this business.

The organized crime can be characterized as follows that are evident in Cyberlaundering:

group activity that is carried out by more than one person;

long term criminal activity which is continuing;

criminal activity which is border less;

generally on a large scale; and

The gains are use in dirty businesses.

These characteristics dictate how serious kind of criminal activity is developed, and that

how sophisticated and complex they are. The way of organizational working of money

laundering in its nature, its scale and capacity to exploit the legitimate business world

both locally and internationally. These characteristics have led to combine international

action for a solution to combat Money Laundering. The result was the formation of the

FATF and international agreements and legislation. In fact, the publication of the FATF

forty recommendations in 1996 - recently updated in 2003 was a watershed in the fight

against money laundering.


A general observation, given the borderless nature of Cyberlaundering, is that geographic

borders have become increasingly irrelevant. Launderers generally move their proceeds

to jurisdictions where anti-money laundering countermeasures are very weak or non-

existent. Electronic movement of money to these locations is particular concern for the

authorities due to their un-intercepted and instantaneous nature. The number of electronic

payment instructions that does not include the relevant details of both senders and

beneficiaries due to the fact that they are not primarily financial institutions.

Reasons to fight Cyberlaundering are increasing, as this activity poses a significant threat.

The four major objectives identified by FATF to combat money laundering activity are

firstly, that the standard needs to be revised, clarify to have effective measures to prevent

easy laundering. Secondly, the implementation of these standards needs to be on a global

level to prevent criminal organizations to finance further illicit activities. Thirdly, the

ready use of the financial system by launderers risks the entire economical system

therefore it needs to be identified and responded accordingly. Finally, FATF needs to

engage with stakeholders and partners all over the world as the accumulation of wealth

can pose a serious threat to national and democratic system.

Cyberlaundering represents a potential threat to economic and financial development and

consecutively to the political integrity and stability of a nation. Developing nations crave

investment in their nations and therefore a particular area of concern as they are more

willing to accept suspicious transactions. As a result, the guidelines, standards and

legislation for preventing the laundering process is more then needed now then ever.


Accumulation of money is the motivating factor in cases of almost all crime. For

enforcement of legislation to be effective, we must address the multibillion-dollar

criminal enterprises. Financial institutions are the primary grounds use for money

laundering and therefore they can be defined as the forefront of the battle against

launderers. (As illustrated by FATF 40 Recommendations (points 5-16)). However, an

emerging criminal class has been uncovered as members of - professional launderers after

investigations. They are expert in accountancy, soliciting, money broker and members of

other professions. For them Cyberlaundering is an easy route to fulfill there greed to have

maximum wealth. This has attracted attention from the concern authorities and therefore

legislation such as The Solicitors Act 1974 (Appendix A) has been put in place to ensure

there is no immunity for the financial institution or professional advisor for providing any

help or ease to counter Cyberlaunding.

Laws related to Cyberlaundering are concerned primarily to prevent the criminal access

to the existing financial system. Enforcement is concerned with distancing the criminal

from the proceeds of crime. To effectively achieve the both: increased emphasis is

required to identifying the proceeds of crime and keeping the criminals away from using

the financial system as there primary ground to further there cause. If this is achieved

successfully then the business of Cyberlaunding will become a risky activity and

ultimately projects as a risk not worth it.

6.3 Recommendations

Based on the research work that I have conducted I now wish to make the following

recommendations;


A combined action to enforce a preventive measure is required in partnership with

financial centre, law enforcement agencies and government of the nations. A real solution

available at present is that all countries should approve the U. N. Convention against

Corruption in 2003 [41] and to implement effective anti-money laundering laws in their

country. Above all, we must develop awareness and training programmers for employees

of the forefront institutions and general public to identify the points where this crime is

most vulnerable and identify what can be done to separate criminals from their criminal

proceeds.

In different jurisdictions launderers maintains a list generally termed as "shopping list"

which is used to size up available area wise opportunities to further their aims. If the list

of weakness in the system in any specific area can be develop will help implement

specific measures for countries to adopt to fight laundering. The political will is required

to combat Cyberlaundering and the measures are a natural progression for countries

against this insidious crime. We need to have a secure and permanent channel for global

information exchange and mechanisms for reporting suspicious transactions

The Holy Quran refers to the disharmony of the people of the world in chapter eleven

verse hundred nineteen that if they create factions and divisions amongst themselves they

would lead a life of chaos and gives the solution to achieve peaceful life is to develop

universal brotherhood by following the divine revelation. From this reference we know

that we have to build a compliance culture among local and global financial institutions;

and to make sure that a proper systems and procedures is put in place to achieve universal

effectiveness.

The leaders in financial institution must encourage applying bank licensing procedures

strictly, the channel of information exchange must be secure and permanent, and training

practitioners must be an integral part of employment. The general public must be given

awareness regarding the dire consequences of Cyberlaundering;


Non-financial institution, law enforcement agencies and government of all the nations

should coordinate locally and globally to increase and improve the limited intelligence

sharing. Another factor that needs to increase is the limited human resources which are

involved in the labor intensive work that required substantial amount of time to

investigating suspected violations. FATF’s forty recommendation should be implemented

as a consistent set of policies on a global level.

The new and advance technologies such as electronic payment systems and online casino

require global attention in terms of monitoring and legislation. An increase

countermeasure is the need of the present time to combat the use for Cyberlaundering.

The internet policing is required both locally and globally to prevent Cyberlaundering

and to share information of suspicious activity with relevant law enforcement agencies.

The choke point to prevent Cyberlaundering is that the authorities can monitor the

movement of funds and hence measures should be introduced to address this issue.

It is presumed that after successful implementation of the recommendations above, the

authorities can build a net to trap the launderers and distance them from the ill gotten

electronic cash that will cause wreckage to further their aims and reducing their channel

of illegal business.

However, the developed countries are required to influence the under developed countries

to have a political will to combat against Cyberlaundering by providing training and

awareness to stakeholders and professionals to achieve strong coordinated overall

international action.

Appendix Cyberlaundering

Appendix A (Definition of concern Laws)

Federal Reserve Act of 1913,

The act of Congress that created the Federal Reserve System, the central banking system

of the United States of America, which was signed into law by President Woodrow

Wilson.

Bank Secrecy Act of 1970,

Requires U.S.A. financial institutions to assist U.S. government agencies to detect and

prevent money laundering. Specifically, the act requires financial institutions to keep

records of cash purchases of negotiable instruments, and file reports of cash purchases of

these negotiable instruments of $3,000 or more (daily aggregate amount), and to report

suspicious activity that might signify money laundering, tax evasion, or other criminal

activities

The Solicitors Act 1974,

Section 34 of the Solicitors Act 1974 requires solicitors to provide an annual report

signed by an accountant, one of the main purposes of which is to alert the Law Society to

the possibility of improprieties in the conduct of a solicitor’s practice. If the report fails to

detect the possibility of fraud, the Law Society may seek to recover damages from the

reporting accountants for compensation paid to the victims of the fraud.

The Privacy Act of 1974,

No agency shall disclose any record which is contained in a system of records by any

means of communication to any person, or to another agency, except pursuant to a

written request by, or with the prior written consent of, the individual to whom the record

pertains

Foreign Corrupt Practices Act 1977,


It is a United States federal law known primarily for two of its main provisions, one that

addresses accounting transparency requirements under the Securities Exchange Act of

1934 and another concerning bribery of foreign officials.

The Right to Financial Privacy Act of 1982,

The RFPA is a United States Act that gives the customers of financial institutions the

right to some level of privacy from government searches. Before the Act was passed, the

United States government did not have to tell customers that they were accessing their

records, and customers did not have the right to prevent such actions. It came about after

the United States Supreme Court, in United States v. Miller, 425 U.S. 435(1976), held

that financial records are the property of the financial institution with which they are

held, rather than the property of the customer.

Money Laundering Control Act of 1986,

It is a United States Act of Congress that made money laundering a Federal crime. It was

passed in 1984. It consists of two sections, 18 U.S.C. § 1956 and 18 U.S.C. § 1957. It

enhanced the Bank Secrecy Act by making it a crime to structure transactions in such a

way as to avoid the reporting requirements of that Act.

The Electronic Communications Privacy Act of 1986,

It was enacted by the United States Congress to extend government restrictions on wire

taps from telephone calls to include transmissions of electronic data by computer

Anti-Drug Abuse Act of 1988,

The Act requires employers who contract with or receive grants from federal agencies to

certify that they will meet certain requirements for providing a "drug-free workplace."

Illegal Gambling Business Act of 1970


The Illegal Gambling Business Act of 1970 was enacted as part of the Organized Crime

Control Act. The statute (18 U.S.C. §1955) was aimed at syndicated gambling, that is,

large-scale, illegal gambling operations that were thought to be financing organized

crime.

Computer Misuse Act of 1990.

An Act of the UK Parliament, introduced partly in response the decision in R v Gold &

Schifreen (1988) 1 AC 1063. Critics of the bill complained that it was introduced hastily

and was poorly thought out. Intention, they said, was often difficult to prove, and that the

bill inadequately differentiated "joyriding" crackers like Gold and Schifreen from serious

computer criminals. The Act has nonetheless become a model from which several other

countries, including Canada and the Republic of Ireland, have drawn inspiration when

subsequently drafting their own information security laws.

The Crime Control Act of 1990,

The Act bans the manufacture and import of certain semi-automatic assault weapons

The FDIC Improvement Act of 1991

It allowed the FDIC to borrow directly from the Treasury department and mandated that

the FDIC resolve failed banks using the least-costly method available. It also ordered the

FDIC to assess insurance premiums according to risk and created new capital

requirements

Criminal Justice Act of 1993,

(With its many variations) is a stock short title used for legislation in the United

Kingdom, the Republic of Ireland and Canada relating to the criminal law (including both

substantive and procedural aspects of that law). It tends to be used for Acts that do not

have a single cohesive subject matter.

The Drug Trafficking Act of 1994,


Where the defendant is convicted of a drug trafficking offence and the prosecutor applies

to the Crown Court for a confiscation order the court must determine whether the

defendant has benefited from drug trafficking.

Human rights act 1998,

The Act makes available in UK courts a remedy for breach of a Convention right, without

the need to go to the European Court of Human Rights in Strasbourg. It also totally

abolished the death penalty in UK law

Data protection act 1998,

It is a United Kingdom Act of Parliament which defines a legal basis for handling in the

United Kingdom (UK) of information relating to people living within. It is the main piece

of legislation that governs the protection of personal data in the UK. Although the Act

does not mention privacy, in practice it provides a way in which individuals can enforce

the control of information about themselves

Proceeds of Crime Money Laundering Act of 2000,

These Regulations implement, in part, Directive 2005/60/EC of the European Parliament

and of the Council on the prevention of the use of the financial system for the purpose of

money laundering and terrorist financing (“the Directive”)

U.S.A. PATRIOT Act 2001,

The Act increases the ability of law enforcement agencies to search telephone, e-mail

communications, medical, financial, and other records; eases restrictions on foreign

intelligence gathering within the United States; expands the Secretary of the Treasury’s

authority to regulate financial transactions, particularly those involving foreign

individuals and entities; and enhances the discretion of law enforcement and immigration

authorities in detaining and deporting immigrants suspected of terrorism-related acts.


The act also expands the definition of terrorism to include domestic terrorism, thus

enlarging the number of activities to which the USA PATRIOT Act’s expanded law

enforcement powers can be applied

Sarbanes-Oxley Act 2002,

The legislation establishes new or enhanced standards for all U.S. public company

boards, management, and public accounting firms. It does not apply to privately held

companies. The Act contains 11 titles, or sections, ranging from additional Corporate

Board responsibilities to criminal penalties, and requires the Securities and Exchange

Commission (SEC) to implement rulings on requirements to comply with the new law

Proceeds of Crime Act (POCA) 2002,

It is an Act of the Parliament of the United Kingdom which provides for civil recovery of

the proceeds from crime and created the Assets Recovery Agency.

Serious Organised Crime and Police Act 2005.

It is an Act of the Parliament of the United Kingdom aimed primarily at creating the

Serious Organised Crime Agency, it also significantly extended and simplified the

powers of arrest of a constable and introduced unprecedented restrictions on expressing

political dissent in public

Internet Gambling Prohibition Act of 2006.

The Internet Gambling Prohibition Act (IGPA) was a 1999 bill in the US Senate to ban

Internet gambling. Passage of the bill was defeated, in large part, by the lobbying efforts

of Jack Abramoff. The bill was supported by Christian conservative groups such as Focus

on the Family, Moral Majority, and the Christian Coalition. A new version of this

legislation was attached to the Safe Port Act and became law in 2006.

Directive 2006/24/EC.


Directive is a legislative act of the European Union which requires member states to

achieve a particular result without dictating the means of achieving that result.

Directive 2006/24/EC also know as data retention directive of the European Parliament

and of the Council of 15 March 2006 on the retention of data generated or processed in

connection with the provision of publicly available electronic communications services or

of public communications networks and amending Directive 2002/58/EC" is a Directive

issued by the European Union and relates to Telecommunications data retention.


Unlawful Internet Gambling Enforcement Act (SAFE Port Act of 2006).

The Security and Accountability for Every Port Act of 2006 was an Act of Congress in

the United States covering port security and to which an online gambling measure was

added at the last moment. The House and Senate passed the conference report on

September 30, 2006, and President Bush signed the Act into law on October 13, 2006.

Reference and Bibliography Cyberlaundering

Reference and Bibliography

[1]James R. Richards (1999) Transnational Criminal Organizations, Cybercrime, and Money Laundering, CRC PRESS

[2]Androniki n. Tzivanaki, University of Leicester Information society services in south-eastern Europe as a means for money laundering. AthensJanuary 2001

[3]Dirty dealing the untold truth about global money laundering, international crime and terrorism By Peter Lilly 2006

[4]The Washing Machine: How Money Laundering and Terrorist Financing Soils Us By Nick Kochan 2006

[5]http://osaka.law.miami.edu/~froomkin/seminar/papers/bortner.htm

[6]http://www.fincen.gov/international/files/fiuinaction.pdf

[7]http://www.barbadosfiu.gov.bb/guidelines.asp as on [27 Feb 2009])

[8]http://www.antimoneylaundering.ukf.net/papers/solicitor.htm#risk as on [28 Feb 2009])

[9]Steven Philippsohn, Money Laundering on the Internet, Computers & Security, Volume 20, Issue 6, 1 September 2001, Pages 485-490, ISSN 0167-4048, DOI: 10.1016/S0167-4048(01)00606-X.(http://www.sciencedirect.com/science/article/B6V8G-44416WY-6/2/c6c2ea35a4f1db4dffd547a9b36fe5ad )

http://www.sciencedirect.com/science/article/B6V8G-44416WY-6/2/c6c2ea35a4f1db4dffd547a9b36fe5ad

http://www.sciencedirect.com/science/article/B6V8G-44416WY-6/2/c6c2ea35a4f1db4dffd547a9b36fe5ad

http://www.antimoneylaundering.ukf.net/papers/solicitor.htm#risk

http://www.barbadosfiu.gov.bb/guidelines.asp

http://www.fincen.gov/international/files/fiuinaction.pdf

http://osaka.law.miami.edu/~froomkin/seminar/papers/bortner.htm


[10]Money Laundering in CyberspaceThe World BankFinancial Sector Working PaperNovember 15, 2004Tom Kellermann, CISM

[11]http://www.softduit.com/mavenmappersinformation/2001/06/01/cyberlaundering-low-tech-meets-high-tech/

[12]2007 National Money Laundering Strategyhttp://www.treas.gov/press/releases/docs/nmls.pdf

[13]www.nab.gov.pk

[14]www.nr3c.gov.pk

[15]http://www.usdoj.gov/dea/agency/mission.htm

[16]www.soca.gov.uk

[17]Stephen Saxby, News and comment on recent developments from around the world, Computer Law & Security Report, Volume 19, Issue 4, July 2003, Pages 328-347, ISSN 0267-3649, DOI: 10.1016/S0267-3649(03)00412-6.(http://www.sciencedirect.com/science/article/B6VB3-491Y5V0-D/2/4cfa096a9b12268a5862b9208dc47eeb)

[18]http://www.apacs.org.uk/resources_publications/card_facts_and_figures.html

[19]Cyberpayments and Money Laundering: Problems and Promise. Roger C. Molander, David Mussington, Peter Wilson; RAND 1998

[20]https://secure-web2.secondlife.com/statistics/economy-data.php?d=2009-04-12

https://secure-web2.secondlife.com/statistics/economy-data.php?d=2009-04-12

http://www.apacs.org.uk/resources_publications/card_facts_and_figures.html

http://www.sciencedirect.com/science/article/B6VB3-491Y5V0-D/2/4cfa096a9b12268a5862b9208dc47eeb

http://www.sciencedirect.com/science/article/B6VB3-491Y5V0-D/2/4cfa096a9b12268a5862b9208dc47eeb

http://www.soca.gov.uk/

http://www.usdoj.gov/dea/agency/mission.htm

http://www.nr3c.gov.pk/

http://www.nab.gov.pk/

http://www.treas.gov/press/releases/docs/nmls.pdf

http://www.softduit.com/mavenmappersinformation/2001/06/01/cyberlaundering-low-tech-meets-high-tech/

http://www.softduit.com/mavenmappersinformation/2001/06/01/cyberlaundering-low-tech-meets-high-tech/


[21]http://www.guardian.co.uk/technology/2007/may/17/media.newmedia2

[22]http://www.redplc.com/red210.asp

[23]http://www.telegraph.co.uk/news/uknews/5215413/Every-phone-call-email-or-website-visit-to-be-monitored.html

[24]http://www.securityfocus.com/brief/951

[25]http://www.priv.gc.ca/information/pub/sl_080411_e.cfm#sec233

[26]http://www.newscientist.com/article/dn11533-fbi-investigates-virtual-casinos-in-second-life.html

[27]http://www.secondlifeupdate.com/news-and-stuff/linden-lab-bans-second-life-camping-bots-traffic-bot-alt-avatars/

[28]http://business.timesonline.co.uk/tol/business/industry_sectors/leisure/article1613283.ece

[29]http://communities-dominate.blogs.com/brands/2009/02/second-life-at-16-million-users-says-cnn-today.html

[30]http://www.zdnetasia.com/news/internet/0,39044246,62015826,00.htm

[31]http://www.ndu.edu/IRMC/CDC_SecondLife.pdf

[32]http://secondlife.com/corporate/privacy.php

[33]http://www.salon.com/opinion/feature/2008/02/25/avatars/

[34]http://www.virtualworldsnews.com/2008/05/homeland-securi.html#morehttp://www.nextgov.com/nextgov/ng_20080514_8611.php?oref=search

http://www.nextgov.com/nextgov/ng_20080514_8611.php?oref=search

http://www.virtualworldsnews.com/2008/05/homeland-securi.html#more

http://www.salon.com/opinion/feature/2008/02/25/avatars/

http://secondlife.com/corporate/privacy.php

http://www.ndu.edu/IRMC/CDC_SecondLife.pdf

http://www.zdnetasia.com/news/internet/0,39044246,62015826,00.htm

http://communities-dominate.blogs.com/brands/2009/02/second-life-at-16-million-users-says-cnn-today.html

http://communities-dominate.blogs.com/brands/2009/02/second-life-at-16-million-users-says-cnn-today.html

http://business.timesonline.co.uk/tol/business/industry_sectors/leisure/article1613283.ece

http://www.secondlifeupdate.com/news-and-stuff/linden-lab-bans-second-life-camping-bots-traffic-bot-alt-avatars/

http://www.secondlifeupdate.com/news-and-stuff/linden-lab-bans-second-life-camping-bots-traffic-bot-alt-avatars/

http://www.newscientist.com/article/dn11533-fbi-investigates-virtual-casinos-in-second-life.html

http://www.newscientist.com/article/dn11533-fbi-investigates-virtual-casinos-in-second-life.html

http://www.priv.gc.ca/information/pub/sl_080411_e.cfm#sec233

http://www.securityfocus.com/brief/951

http://www.telegraph.co.uk/news/uknews/5215413/Every-phone-call-email-or-website-visit-to-be-monitored.html

http://www.telegraph.co.uk/news/uknews/5215413/Every-phone-call-email-or-website-visit-to-be-monitored.html

http://www.redplc.com/red210.asp

http://www.guardian.co.uk/technology/2007/may/17/media.newmedia2


[35]http://www.ilga.gov/commission/jcar/admincode/038/038001200000100R.html

[36]http://en.wikipedia.org/wiki/Linden_dollar

[37]http://www.finextra.com/fullstory.asp?id=19790

[38]http://www.livinginternet.com/i/is_crypt_kra.htm

[39]http://www.naseerahmad.com/2008/01/24/prevention-of-electronic-crimes-ordinance-pakistan-2007.html

[40]http://www.tax-news.com/archive/story/Fraud_Advisory_Panel_Warns_On_Virtual_Tax_Evasion_Money_Laundering_xxxx27275.html

[41]http://www.jus.uio.no/lm/un.against.corruption.convention.2003/14.html

http://www.jus.uio.no/lm/un.against.corruption.convention.2003/14.html

http://www.tax-news.com/archive/story/Fraud_Advisory_Panel_Warns_On_Virtual_Tax_Evasion_Money_Laundering_xxxx27275.html



http://www.naseerahmad.com/2008/01/24/prevention-of-electronic-crimes-ordinance-pakistan-2007.html

http://www.naseerahmad.com/2008/01/24/prevention-of-electronic-crimes-ordinance-pakistan-2007.html

http://www.livinginternet.com/i/is_crypt_kra.htm

http://www.finextra.com/fullstory.asp?id=19790

http://en.wikipedia.org/wiki/Linden_dollar

http://www.ilga.gov/commission/jcar/admincode/038/038001200000100R.html

Cyber Laundering Final

Documents

Transcript of Cyber Laundering Final