WingNews logo WingNews
top | item 46253311

(no title)

pflenker | 2 months ago

I don’t mean to defend this, but I know from experience that gift cards are frequently used for money laundring. The laws against that are very strict, incentivizing companies to overshoot and block false positives.

At the same time, AML solutions tend to be a closely guarded black box which simply tells you to block a customer, finding out why is pretty difficult.

To add more to the problem, some anti money Landry solutions are … AI powered.

discuss

order

monerozcash|2 months ago

>At the same time, AML solutions tend to be a closely guarded black box which simply tells you to block a customer, finding out why is pretty difficult.

For a good reason! You, as a rule, really don't want to tell the customer why you're blocking them. What will happen in the end is that you will be facing federal charges for assisting the money launderers because you kept telling them what they're doing wrong.

dnet|2 months ago

See https://doctorow.medium.com/como-is-infosec-307f87004563

> This is the same failure mode of all security-through-obscurity. Secrecy means that bad guys are privy to defects in systems, while the people who those systems are supposed to defend are in the dark, and can have their defenses weaponized against them.

embedding-shape|2 months ago

> The laws against that are very strict, incentivizing companies to overshoot and block false positives.

Yes, in many countries they are, but I don't think the laws are dictating Apple to completely turn off the accounts, but instead dictate that Apple should take measures against it.

They could disable those gift card features + Apple wallet/pay if they suspect fraud, and if no one complains within a month, then disable the entire account, rather than start with disabling the account. Would give them space/time to investigate, and wouldn't be a huge pain in the ass when the inevitable false-positives happen, like in this case.

mcherm|2 months ago

> I don't think the laws are dictating Apple to completely turn off the accounts, but instead dictate that Apple should take measures against it.

You misunderstand the nature of financial regulation. The laws on things like money laundering are intentionally vague, they say things like "Apple should take measures against it". And financial regulators will not come out and say (especially in writing) that you MUST do any particular thing (like ban customers entirely on suspicion).

What they WILL do is ask probing questions, frown a lot, and make suggestions. Which the company had better take seriously. Because the financial regulators have the ability to simply close down your business, and if you cross enough of the unclear lines they will do so.

pflenker|2 months ago

All this costs money for little return of invest. As long as the collateral damage is below a threshold that causes reputational damage, there is no business incentive to solve this.

ben_w|2 months ago

Ironically, I had Amazon flag and undo some gift card purchases (of cards, not with cards) that I made for Christmas, while myself thinking about this category of problem, about why cards are a mechanism for scams rather than specifically money laundering.

The cards were to family members that I normally send gift cards to at Christmas, and the activity was counted as "sus" even though I was asked to validate my card number and expiration date before being allowed to make the purchase.

pacifika|2 months ago

I agree. The way they make sending parcels internationally more difficult through custom declarations and taxes and fines for smaller occasions it’s more practical to send a gift card from the destination country.

supriyo-biswas|2 months ago

> The laws against that are very strict, incentivizing companies to overshoot and block false positives.

On that note[1] is a good read (Cmd+F: "suspicious activity report"), although this specific case is about gift cards, but the AML/T&S etc. space is remarkably similar.

[1] https://www.bitsaboutmoney.com/archive/debanking-and-debunki...

nullfield|2 months ago

An excellent blog. Their piece on credit card rewards programs is an excellent read as well.

gpvos|2 months ago

AML = ?

(edit) Ah, right, anti-money-laundering, found it in your last sentence.

mkl|2 months ago

Anti-money laundering.