What is a Money Mule Account?

A key mechanism in cashing-out the proceeds of crime (POC) is money mule activity. Money mule activity refers to a money laundering process in which POC are moved and transferred through personal and/or business bank accounts.

Mule accounts are defined as intermediary accounts used for money laundering, acting to create complex transaction chains in order to reduce detection by the financial services sector and law enforcement of an organised crime network (OCN) and/or individual offenders.

Mule accounts might be operated by a money mule, which is a person who transfers illegally acquired money on behalf of others, knowingly or unknowingly. Often, a mule account is controlled by a recruiter (sometimes known as a herder), potentially on a temporary basis, after the account holder has provided the recruiter with their account details, bank card, pin and/or passwords in exchange for a fee.

It is worth noting that OCNs and offenders are highly likely to use a combination of different methods to obtain as many mule accounts under their control as possible.

Common indicators of money mule activity

This list covers many of the common indicators that may suggest money mule activity in accounts, transactions and other financial activity. However, this list is not definitive and criminals will be dynamic in their deployment and development of new methods.

1. Significant branch or Post Office cash deposits without legitimate explanation.
2. Same day/closely-spaced cash deposits across multiple branches or regions.
3. Deposit cash values just below transaction thresholds.
4. Deposit cash values below round numbers.
5. Purchase of significant volumes of high-value luxury goods.
6. High concentration of Scottish and Northern Irish banknotes.
7. Test payments (also known as ‘coupling’) to make small payments to link accounts together to legitimise new payees and IP addresses.
8. Suspicious activity continues despite account holder being contacted by financial firm.
9. Transactions to/from crypto-currency exchanges.
10. Transactions to or from payment service providers or electronic money institutions.
11. For cryptocurrency wallets, funds may re-emerge after they have been through a tumbler service.
12. Company accounts linked with a UK company newly registered with Companies House or purchased ‘off-the-shelf’ from a formation agent.
13. Company accounts used to co-mingle funds from multiple crime types alongside legitimate income.
14. Significant cash deposits or transfers from another account in receipt of cash deposits, followed by a bulk shopping spree on luxury goods.
15. Use of a second personal account in order to keep activity from impacting on their primary account.
16. Thousands of pounds being spent at the same retailer or within short periods of time, with repeat purchases of the same amount, indicating purchase of duplicate high-value luxury goods.
17. Fraud transactions from multiple source accounts sent into one account.
18. Types of document used to pass Know Your Customer (KYC) checks may include:

• Fraudulently obtained genuine documents – documents issued authentically but applied for using false information.
• Counterfeit documents – a reproduction from scratch of an officially issued document.
• Forged documents – a genuine document altered in some way, such as with changed personal details (often a utility bill or bank statement).
• Pseudo documents – documents with the appearance of a legitimate document, but which are not officially recognised.
• Impersonation documents – person is a ‘look-alike’ presenting someone else’s genuine documents.

19.    Account holder is a person who, for physical or health reasons, can not reasonably be expected to manage their finances.

 

What to do if you suspect money mule activity

If you identify activity that may be indicative of the activity detailed above, and your business falls under the regulated sector, you may wish to make a Suspicious Activity Report (SAR). If you decide to make a report in this way you should adopt the usual mechanism for doing so. It will also help our analysis if you would include the SAR Glossary Code XXJMLXX within the text if submitting on SAR online or including 0701-NECC in the alert reference number section of the new SAR portal.

 

Find out more

To learn more about the NECC and UKFIU perspective on money mules, listen the money mules episode of the UKFIU podcast: