Organized Crime Enablers

Global Agenda Council on Organized Crime
Organized Crime
Enablers
July 2012
World Economic Forum

2012 - All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means,
including photocopying and recording, or by any information storage and retrieval system.
The opinions expressed here are those of the individual members of the Council and not of
the World Economic Forum or any insititutions to which they are affiliated
REF 200712
Table of Contents
3
Acknowledgements
Executive Summary
Global Agenda Council on Organized

Crime 2011/2012 Report: Organized
Crime Enablers
Acknowledgements
6
Enablers Exploiting Illicit/Licit
Opportunities
7
What Are the Enablers?

8 1. Enablers of cybercrime
9 1.1. Main features
9 1.2. Achievements
10 1.3. Vulnerabilities
12 1.4. Cases
12 1.5. Good practices
13 1.6. Recommendations
Ernesto U. Savona
Chair, Global
Agenda Council on
Organized Crime
This report is the result of the continuous work of the Members of

the Global Agenda Council on Organized Crime. From September
2011 to March 2012 we worked together and discussed the
choice of topics as well as the structure of this report. Many
Members commented on the different sections and directly
contributed to drafting the report. Interactions with other World
Economic Forum Global Agenda Councils have been of particular
benefit. We wish to acknowledge the strong support received from
the Global Agenda Councils on Internet Security, Anti-Corruption,
Illicit Trade and Information & Communication Technologies.
Our interactions in Abu Dhabi in 2011 at the Summit on the
Global Agenda and in Davos-Klosters at the World Economic
Forum Annual Meeting 2012 helped us understand the multiple
consequences of the phenomena we are studying and the existing
obstacles in implementing effective policies. The issues contained
in this report have also been discussed with specialists within
international organizations, national governments, private industries
and academia. Many of them are dealing with the same issues in
their working agendas, and cooperation has been strengthened.
14 2. Enablers of money laundering:

Beneficial owners and
professionals
15 2.2. Achievements
Milan, July 2012
18 2.4. Cases
20 3. Enablers that exploit
international commercial
transactions: Free Trade Zones
21 3.2. Achievements
24 3.4. Cases
26

Members of the Global Agenda

Council on Organized
Crime 2011-2012
Executive Summary
Overview
The Global Agenda Council on Organized Crime focused on the
enablers of organized crime during the 2011-2012 term. This
broad concept includes individuals, mechanisms and situations
that play an important role in facilitating organized crime activities
whether intentionally or inadvertently increasing its benefits and
scale while reducing its risks.
Organized crime exacts a multibillion cost on legitimate business,
distorts markets and causes widespread ill-effects on society.
Fuelled by the same forces of globalization that have expanded
trade, communications and information worldwide, criminal
syndicates now have unprecedented reach not only into the lives
of ordinary people but into the affairs of multinational companies
and governments worldwide. Although law enforcement has long
focused on criminal gangs and illicit markets, only recently has it
paid greater attention to those factors that enable such activities.
This report focuses on the impact of enablers on three critical
areas: cybercrime, money laundering and Free Trade Zones.
In developing this report, the Council on Organized Crime took into
account two main criteria:
continuity with its work in 2010-2011 on cybercrime and on
money laundering in real estate
input received by Council on Organized Crime Members during
virtual meetings and at the Summit on the Global Agenda in
Abu Dhabi in October 2011
The Enablers of Cybercrime

Though this figure is disputed, cybercrime cost US$ 388 billion
this past year, according to the 2011 Norton Cybercrime Report.1
This includes US$ 114 billion in direct costs (amounts stolen or
expended to defend against it) and an estimated US$ 274 billion
worth of lost time. In addition to substantial corporate losses and
the unquantified emotional as well as economic damage suffered
by the victims of Internet scams, new hybrid threats have emerged
that target critical infrastructure. The scale of such activities
represents a considerable challenge to both the authorities and
service providers.
Cybercrime consists of crimes committed using the Internet,
affecting not only content on public websites but also information
exchanged directly over the Internet, such as peer-to-peer (P2P)
content. Examples of cybercrime include the use of a stolen credit
card to make purchases on the Internet, using the Internet to sell
counterfeit goods and the online distribution of child pornography.
Two general classes of cybercrime exist: high-value, low-volume
transactions in which cybercriminals can stage an effective single
attack, and high-volume, low-value transactions through which
cybercriminals pass almost unnoticed by attacking thousands of
accounts for small sums of money.
One assumption is that augmenting cybersecurity should result in
a commensurate reduction in cybercrime.2 However, the impact of
cybersecurity mechanisms is difficult to measure. More analysis is
needed to explain if and how certain types of cybercrime change
in response to cybersecurity measures. This examination would

help refine the measures and better understand the enablers of
cybercrime.
When identifying cybercrime enablers, Internet features or uses
that may themselves constitute crimes (illegal enablers) must
be distinguished from the general, inherent features of global
information and communications technology use that may lead
to certain vulnerabilities and facilitate crime (legal enablers). Illegal
enablers include the development and deployment of malicious
software or tools capable of creating a botnet or breaking
password protection, and the use of false identities to open
accounts or to obtain credit or funds in false or invented identities.
Legal enablers include e-mail, Internet banking, online medical
records and mobile Internet technology. Accordingly, these two
types of enablers require different methods of prevention: the
former, technological and legal approaches; the latter, raised
awareness and enhanced security balanced against an individuals
right to privacy and freedom of expression.
The continued evolution of the Internet and related digital
technologies demands a coordinated and collaborative response
that harnesses the expertise of a wide range of security
stakeholders aimed at preventing and countering cybercrime. The
following are the main recommendations developed by the Council:
establishing coordinating structures
raising awareness and developing instruction and prevention
programmes
enhancing cooperation and sharing information
strengthening public-private partnership
The Enablers of Money Laundering

Experts on combating money laundering distinguish two main
issues as priorities:
identifying the beneficial owners of corporate entities
clarifying the role of professionals and intermediaries in money
laundering and terrorist financing schemes
Both beneficial owners and professionals may play the role of
enablers of organized crime and corruption. They are today the
key doors for facilitating criminal financial transactions and keeping
a veil of opacity on criminal assets, making their detection and
confiscation more difficult.
Beneficial Owners
Criminals and criminal organizations may make use of complex
cross-border schemes of corporate vehicles with a Chinese box
structure to conceal their identities and hide illegal proceeds. Law
enforcement agencies have been handling an increasing number
of cases in which legitimate businesses co-mingle with illegal
businesses, and legitimate funds with illicit funds. Reconstructing
these schemes and identifying who lies behind them that is, their
beneficial owners (BO) is considered to be essential to reveal
the full infrastructure of a criminal enterprise and to prevent future
criminal activities.
Professionals
Professional service providers have been increasingly identified as
being involved (either knowingly or unwittingly) in money laundering
schemes. Given their trusted gatekeeper status, professionals can
misuse the absence of direct supervision to launder funds or act
as intermediaries in helping others to launder. This can occur in a
variety of contexts, such as in the securities or real estate markets.
Symantec (2011), Cybercrime Report 2011, http://www.symantec.com/content/en/uk/home_homeoffice/html/cybercrimereport. For a more sceptical approach, see Measuring the Cost of Cybercrime, http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf
Some forms of cybercrime committed by means of a computer (rather than against a computer or
data) cannot necessarily be prevented by increased cybersecurity.
Active criminal infiltration of professional roles or subornation of

professionals are key routes to criminal success. For example,
brokerages or firms of accountants and lawyers can be beneficially
owned by criminals, leveraging their professional status. The
extent to which this happens in practice is unknown, but it
represents a risk that requires management.
Free Trade Zones as Enablers of Organized Crime:

Exploiting International Commercial Transactions
Both issues beneficial owners and professional service providers

have been subjected to recent increases in regulations. These
regulations, however, are not always accompanied by an adequate
level of implementation.
With respect to banking and financial regulations, Free Trade

Zones are comparable to offshore countries. Their structure and
regulations make these areas very efficient for legitimate purposes,4
but they are at the same time weaker, less transparent and more
vulnerable to organized crime.
A global level playing field may be impossible to achieve, but

greater attention at the national and transnational levels must
be paid to enhance the harmonization and availability of data on
BO and to ensure that professionals and other service providers
behave responsibly.
This report puts forth the following recommendations:
Beneficial Owners
Regarding the registration of corporate entities3, it is
recommended that:
information registered with official agencies include both legal
owners (directors and shareholders) and beneficial owners
the registered information be verified by the registry authority
the registered information be updated in a timely manner by
the corporate entity when there are changes
the register be accessible to the public against payment online;
payment should be minimal to encourage access
Regarding beneficial owner identification, it is recommended that:
financial institutions and professional service providers be
required by law or regulation to identify and verify the identity of
a corporate customers beneficial owners when establishing a
business relationship with it
required by law or regulation to take reasonable measures to
determine who the people are who ultimately own or control
the corporate customer
Regarding the international sharing of beneficial owner information,
it is recommended that:
law enforcement agencies have direct access to official
registries of corporate entities
states allow (by law or regulation) law enforcement entities
to share beneficial owner information with their overseas
counterparts instantly without need for bilateral or mutual legal
agreement
Professionals
Regarding professionals, it is recommended that:
the wide disparity in the ways in which professionals of all
kinds accountants, lawyers and brokers are licensed,
scrutinized and disciplined be reduced
data be systematically collected on the mechanisms by which
professionals assist criminals, both in the perpetration of
offences and in the laundering of the proceeds from criminal
activity
This in addition to the revised Financial Action Task Force (FATF) Recommendations, Financial
Action Task Force (FATF) (2012), International Standards on Combatting Money Laundering and the
Financing of Terrorism & Proliferation: The FATF Recommendations, http://www.fatf-gafi.org/media/
fatf/documents/recommendations/pdfs/FATF%20Recommendations%20approved%20February%20
2012%20reprint%20March%202012.pdf?.
Under Organized Crime Enablers, this report considers the issue of

Free Trade Zones (FTZs), as the crime risks associated with them
have been neglected until recently.
More generally, as noted in a report by the Financial Action

Task Force (FATF)5 , FTZs are designated areas created within
jurisdictions in which incentives are offered to promote trade,
support new business formation and encourage foreign direct
investment. These incentives involve exemptions from duty and
taxes, the simplification of administrative procedures and the
duty-free importation of raw materials, machinery or equipment.
Created to boost economic opportunities, these incentives often
result in reduced financial and trade controls.
There is broad agreement that FTZs stimulate economic growth
and play a large role in the globalization of the world economy.
Not surprisingly, Free Trade Zones have proliferated significantly
in recent years, with an estimated 3,000 FTZs in 135 countries.
In what is sometimes termed as a race to the bottom, FTZs
generate reduced trade in competitor jurisdictions, which
encourages them, in turn, to create FTZs, reducing the overall
level of transparency and bureaucracy, while facilitating crime
and tax avoidance in those jurisdictions. One result: organized
crime groups and counterfeiters use FTZs to move illegal products
around the world without detection.
The crucial challenge FTZs pose to todays law enforcement
agencies and policy-makers is how to balance security issues while
facilitating trade. A number of vulnerabilities have been identified:
relaxed oversight: weak procedures to inspect goods and
register legal entities, including inadequate record-keeping and
information technology systems
lack of transparency: inadequate money laundering and
terrorism finance safeguards
inadequate coordination and cooperation between Zone and
Customs authorities
differences among regulations in various regions of the world
All these weaknesses make Free Trade Zones ideal for laundering,
counterfeiting and other criminal acts. The following are
recommendations to addresses this issue:
building and developing international, regional and national
platforms for cooperation
building IT and intelligence capabilities in Free Trade Zones
raising public awareness and educating officials about the harm
that FTZ crime causes for trade and business
developing and enacting balanced legislation for Free Trade
Zones
developing better mechanisms to trace the origin and
destination of goods
developing Customs primary cooperation
Thomas Farole and Gokhan Akinci (eds) Special Economic Zones: Progress, Emerging Challenges,
and Future Directions, The World Bank, Washington DC, 2011.
FATF (2010), Money Laundering Vulnerabilities of Free Trade Zones, p. 4, http://www.fatf-gafi.org/

dataoecd/45/47/44888058.pdf.
Global Agenda Council on

Organized Crime 2011-2012
Report: Organized Crime
Enablers
Enablers Exploiting Illicit/Licit

Opportunities
The Global Agenda Council on Organized Crime focused on

Organized Crime Enablers during the 2011-2012 term.
The 2010 United Nations Office on Drugs and Crime (UNODC)

assessment of transnational organized crime noted that organized
crime today is less the work of a group of individuals involved in a
range of illicit activities than it is a group of illicit activities in which
some individuals and groups are currently involved. As such,
the search to find solutions to problems related to transnational
organized crime may initially require an understanding of the scale
and nature of illicit flows be they of persons, firearms, drugs,
money, counterfeit products, computer data or environmental
resources.
In developing this report, the Council took into account two

main criteria:
continuity with its work in 2010-2011 on cybercrime and on
money laundering in real estate
input received by Council on Organized Crime Members during
virtual meetings and at the Summit on the Global Agenda in
Abu Dhabi in October 2011
Accordingly, a broader conception of the problem of organized

crime describes it as a more fluid networked crime that includes
such enabling elements of successful crime as the financing of
criminal activity, precursor chemicals for drugs (and terrorism),
information and communications technology (ICT) and the creation
of legal frameworks, legal entities and accounts by professionals
(e.g. lawyers and accountants) that facilitate crime and money
laundering. These broader frameworks are given the term
organized crime enablers.
In particular, illicit markets and flows come and go rapidly as
organized crime groups exploit emerging opportunities or suffer
setbacks as risks are increased due to focused policing or
prevention and security measures. Identifying and even predicting
such market shifts, including through concerted cooperation at
the international level, can be key in disrupting and combating
organized crime as a whole. For this reason, this report focuses on
the enablers of organized crime. This broad concept thus includes
the individuals, mechanisms and facilities used for primarily legal
purposes that are adapted for criminal objectives. They play an
important role in facilitating organized crime activities, whether
intentionally or inadvertently, increasing its benefits and scale, and
predominantly reducing its risks. The shape that organized crime
takes varies by market and region worldwide.
What Are the

Enablers?
Among the enablers, this report focuses on
three specific types:
the enablers of cybercrime
the enablers of money laundering, mechanisms that produce
opacity such as the concealed beneficial ownership of assets
held in the name of others, and the role of professionals in
helping money laundering processes
the enablers that exploit international commercial regulations
and instruments: the case of Free Trade Zones
1. Enablers of cybercrime
Cybercrime can be defined as any crime committed using a

computer. However, for the purposes of this report, cybercrime
is limited to crimes committed using the Internet that include
information exchanged directly over the Internet protocol (IP), such
as peer-to-peer (P2P) content, as well as content available on
public Internet sites. Examples of this type of cybercrime include
the use of a stolen credit card number to make purchases on
the Internet, using the Internet to sell counterfeit goods and the
distribution of child pornography on the Internet. For some of these
functions (and for the sale of large quantities of borrowed or
stolen identities), those seeking access to illicit markets may have
to prove themselves to be of good (criminal) faith.
Non-state sponsored cyberattacks are a type of cybercrime.
Cyberattacks often involve the unauthorized access to a computer
for purposes of taking or changing information in the attacked
computer. Another form of cyberattack is the denial of service
attack, which intentionally overloads the attacked computer for the
purpose of preventing legitimate users from accessing the attacked
computer.
Two general classes of cybercrime exist: high-value, low-volume
transactions in which cybercriminals can stage an effective single
attack, and high-volume, low-value transactions through which
cybercriminals pass almost unnoticed by attacking thousands of
accounts for small sums of money.
Although increasing cybersecurity should reduce cybercrime,6 the
impact of cybersecurity mechanisms on cybercrime is not known
because its measurement is difficult. Greater analysis of cybercrime
trends would explain if and how some types of cybercrime change
in response to cybersecurity measures. This examination would
help refine these measures and better understand the enablers of
cybercrime.
Estimates of cybercrime are difficult to validate. According to
the 2011 Norton Cybercrime Report,7 cybercrime cost US$ 388
billion globally last year. This includes US$ 114 billion in direct
costs (amounts stolen or expended to defend against it) and an
estimated US$ 274 billion in lost time. In addition to substantial
corporate losses and the unquantified emotional as well as
economic damage suffered by the victims of Internet scams, new
hybrid threats have emerged that target critical infrastructure. The
scale of such activities represents a considerable challenge to both
the authorities and service providers.
An increasingly digitalized and hyperconnected world and the
constant evolution of the Internet and other communication
technologies create vulnerabilities in the market that could be used
by criminal groups to commit illicit activities.
The purpose of this report is to identify the features of the Internet
and of Internet users that allow cybercrime to occur (the enablers
of cybercrime) and to make recommendations for reducing
such crime. Its aims are in line with promoting approaches to
collective enforcement, further exploiting public-private synergies
and seeking to engage all stakeholders, from Internet service
providers to end users, to better understand, prevent and counter
cybercrime.
Effective trust networks are essential to this response. Working
with the World Economic Forum Risk Response Networks initiative
on Risk and Responsibility in a Hyperconnected World, the
Council on Organized Crime will advance the establishment of a
multidisciplinary online platform for knowledge and information
exchange on developing threats and innovative disruption and
mitigation measures.
1.1. Main features

The Internet is now used in the commission of a range of serious
crimes, including drug trafficking, trafficking in human beings for
sexual exploitation, illegal immigration, mass marketing fraud, tax
fraud, currency counterfeiting and trade in prohibited firearms.
The widespread expansion of Internet capacity has also prompted
unprecedented growth in the market for intellectual property
theft, especially for copyrighted audio-visual material, copyrighted
software and child abuse material.
In addition to the use of the Internet for the commission of crimes,
increasingly evident in recent years is the emergence of a digital
underground economy in which large amounts of stolen data are
traded and converted into criminal proceeds. Credit card details
and compromised accounts, as well as information such as
addresses, phone numbers, full names and dates of birth, are new
illicit commodities that may be used, for example, to gain access
to bank accounts or credit cards. As such they have a monetary
value that is being exploited by criminal groups.
When identifying cybercrime enablers, Internet features or uses
that may themselves constitute crimes (illegal enablers) must
be distinguished from the general, inherent features of global
information and communications technology use that may lead to
certain vulnerabilities and facilitate crime (legal enablers).
Illegal enablers include the development and deployment of
malicious software or tools capable of creating a botnet or breaking
password protection, and the use of false identities to open
accounts or to obtain credit or funds in false or invented identities.
Legal enablers include e-mail, Internet banking, online medical
records and mobile Internet technology. Accordingly, these two
types of enablers require different prevention approaches: the
former, technological and legal approaches; the latter, raised
awareness and enhanced security balanced against an individuals
right to privacy and freedom of expression.
The continued evolution of the Internet and related digital
technologies demands a coordinated and collaborative response
that harnesses the expertise of a wide range of security
stakeholders aimed at preventing and countering cybercrime.
1.2. Achievements
It has been widely recognized at the international and regional
levels that the Internet is used by organized cybercriminals.
Europol, in its recent threat assessment entitled, Internet
Facilitated Organized Crime, indicates that:
Internet technology increasingly facilitates a wide range of serious
and organized crime activity as a communication, research,
logistics, marketing, recruitment, distribution and monetarization
tool.
() The dynamism of online illicit markets requires an equally
dynamic response which is constantly updated. Active partnership
with the private sector especially Internet Service Providers,
Internet security organizations and financial services is essential
to the success of this, not only for the sharing of intelligence
and evidence, but also in the development of technical tools for
law enforcement and design-based measures to prevent online
criminality. 8
Some forms of cybercrime committed by means of a computer (rather than against a computer or
data) cannot necessarily be prevented by increased cybersecurity.
Symantec (2011), Cybercrime Report 2011. Though see Measuring the Cost of Cybercrime,
Anderson, R., Barton, C, Bohme, R. Clayton, R., van Eeten, M., Levi, M., Moore, T. and Savage, S
(2012), http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf; and The Economist (30
June 2012), for a more skeptical approach to the costs.
EUROPOL (2011), Threat Assessment (Abridged) Internet Facilitated Organized Crime, iOCTA,
https://www.europol.europa.eu/sites/default/files/publications/iocta.pdf.
Such remarks are in line with many international instruments

and with the Council of Europe Convention on Cybercrime.9 This
is the first international treaty that seeks to address the threats
posed by computer crime and Internet crimes. As set out in the
preamble, its main objective is to pursue, as a matter or priority, a
common criminal policy aimed at the protection of society against
cybercrime, inter alia, by adopting appropriate legislation and
fostering international co-operation.
More specifically this Convention aims to:
harmonize the domestic criminal law provisions in the area of
cybercrime
provide and enable the use of effective powers and means of
investigation into such offences
set up and improve a swift and efficient system of international
cooperation
As such, the Council of Europe Convention on Cybercrime
provides a working example for an aspirational solution to the legal
problems associated with the international jurisdictional challenges
raised by cybercrime.
1.3. Vulnerabilities
As suggested by EUROPOL,10 key enablers of cybercrime include
botnets, social engineering, payment card data online and frequent
anonymity and opportunities for disguise.
Botnets11 are the tools most crucial to cybercrimes
industrialization and profitability. Their dismantling has a clear
impact on the capability of cybercriminals to act on a large
scale.12

Social engineering plays a central role in current criminal
business models. Raising awareness of the risks and
engendering individual and corporate user caution are key to
combating cybercrime.13

Social networking has flattened our social structure below elites
and above the digitally excluded, making it more networked.
Rather than being hierarchical, the new social model has
no centralized control groups. It is simply peer to peer,
delivering information and services at a speed, scale and level
of visibility never experienced. While this has enhanced the
ability to deliver beneficial services, such as education and
medical services, to a broader population, it also provides
unprecedented access for organized criminals to acquire skills,
opportunity and people to assist them in conducting their
criminal businesses.

Social networking has also improved opportunities for people to
become engaged in organized crime. In the past, participation
in a crime group required introductions and acceptance by the
group. This is no longer the case with organized crime groups
(OCG) operating in a virtual world. Also, with no organized
crime hierarchy in the structures, former roles, such as growers
(e.g. opium), distributers, wholesalers, importers/exporters
and supply chains, can be reduced to direct Internet contact
between the buyers and the suppliers, thereby reducing costs

to organized crime and decreasing interdiction opportunities
for law enforcement.
Online forums and social networking sites are essential
introduction and recruitment services for the digital
underground economy: they are where crimeware
components are advertised, and budding cybercriminals learn
their trade by means of tutorials.14

Internet service providers (ISP) and domain name registrars
(DNR) provide legitimate services that also enable cybercrime.
Increased cooperation between ISP and DNR and law
enforcement officials could identify and reduce the illegitimate
uses of these services.

Payment card data is the ideal illicit Internet commodity
because of the ease with which it is internationally transferred.
Organized crime groups benefit from globalization, moving to
different countries and even different continents to withdraw
cash from skimmed cards, and using foreign payment data
to purchase services such as transport and accommodation
online, thereby obscuring the money trail attached to this type
of criminality.15

The perceived anonymity afforded by communication
technologies such as e-mail, instant messaging and Internet
telephony (VoIP) has led to them being used increasingly
by organized crime groups as a countermeasure to law
enforcement detection and surveillance.16 This anonymity
also makes it difficult to gather accurate information on
cybercriminals and their activity. Countervailing concerns to
reducing anonymity are the desire to protect personal privacy
and the need for anonymity in countries where there is great
social unrest; anonymity is needed to prevent the tracking of
dissidents, journalists and bloggers.

Some cybercrime is the consequence of a lack of security in
infrastructure on a national level.

Increasing computer literacy enables more people to use the
Internet for legitimate purposes or cybercrime.

Encrypted and anonymous e-mail, peer-to-peer (P2P) instant
messaging (IM) and voice services (Voice over Internet
Protocol or VoIP) are just some of the recent communication
technologies that pose data access challenges to law
enforcement. In particular, e-mail delivers considerable
cybercrime activities such as spoofing,17 at the same time
allowing their illegal content to be passed through a number
of different countries during the transfer from the sender to the
recipient.

Internet connectivity continues to spread. Contrary to what
is commonly believed, cybercrime is not a problem that only
affects developed countries.18 Further expansion of Internet
connectivity in developing countries, where IT security
measures may not be as robust, is likely to prompt further
geographical shifts in malicious activity both in terms of attack
origin and the number of compromised computers. As a
consequence, the development of technical measures to
promote cybersecurity and proper cybercrime legislation is
COUNCIL OF EUROPE (2001), Convention on Cybercrime - http://www.unicri.it/emerging_crimes/

human_trafficking/legal_framework/docs/convention_on_cyber_crime.pdf.
10
EUROPOL (2011), Threat Assessment (Abridged) Internet Facilitated Organized Crime, iOCTA.
11
Botnets, or Bot Networks, are made up of vast numbers of compromised computers that have
been infected with malicious code, and can be remotely-controlled through commands sent via
the Internet. WILSON (2008), Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy
Issues for Congress, http://www.fas.org/sgp/crs/terror/RL32114.pdf, p. 8.
12
EUROPOL (2011), Threat Assessment (Abridged) Internet Facilitated Organized Crime,

iOCTA, p. 3.
13
Ibid.
10
14
Ibid., p. 6.
15
Ibid., pp. 5-6.
16
Ibid., p. 5.
17
In e-mail spoofing, the header of an e-mail appears to have originated from someone or
somewhere other than the actual source. Spam distributors and criminals often use spoofing in
an attempt to obtain personal data and information (e.g. account numbers and online banking
passwords).
18
See for example the OECD Report (2005) Spam Issues in Developing Countries, www.oecd.org/
dataoecd/5/47/34935342.pdf.
vital for both developed countries and developing countries.

Compared with the costs of grafting safeguards and protection
measures onto computer networks at a later date, it is likely
that initial measures taken right from the outset will be less
expensive. Developing countries need to bring their anticybercrime strategies into line with international standards from
the outset.19

Mobile devices are becoming the main tools used to access
the Internet and are being increasingly marketed in large
numbers to areas of the world that have previously enjoyed
limited Internet connectivity.20 The always on culture fostered
by mobile devices ensures that potential victims are online
and data is exposed for a longer period of time, thereby giving
criminals more opportunities to access data. One recent
study shows a 42% increase in mobile operating system
vulnerabilities in 2010.21

Open wireless networks can enable perpetrators to gain remote
access to the Internet without identifying themselves. Public
Wi-Fi networks typically collect basic information, such as the
type of device, operating system and browser.

Commercial trends invite increased storage of personal data
on the Internet: Retailers and other businesses are continually
asking customers to enrol into their clubs or loyalty
programmes. This creates significant retention of data on the
Internet about individuals, their account details, their interests
and their connections to other like activities that can be
exploited by cybercriminals if there is insufficient cybersecurity.

Todays Internet is characterized by very many computers at
very many locations, with each computer/location combination
holding a small fraction of the total data on the Internet. Cloud
computing refers to the consolidation of Internet data on fewer
computers at fewer locations. This consolidation reduces the
overall IT cost by reducing the amount of hardware, software
and administrative support needed for the fewer computers
at fewer sites. When credit card information or other data
useful for crime is consolidated, cybercriminals gain more
data for their criminal enterprises by penetrating a single cloud
computer than by penetrating a single computer in todays
Internet.

Another aspect of cloud computing is the outsourcing of
computer services to a third party who owns and runs the
cloud computers. Instead of being at a companys premises,
the computers and the companys data are in another location
or locations that could be in a different country from the
company. This geographic difference could mean that the
data protection and criminal laws applicable to the company
may differ from those laws applicable to the companys data.
If, for example, cybercriminals from a third location steal the
companys data from the cloud computer, the investigation
and prosecution of that crime could involve the laws and
law enforcement personnel of three jurisdictions: where the
company is located, where the cloud computers are located
and where the cybercriminals are located. This increased legal
and law enforcement complexity benefits cybercriminals.

Above all, a significant vulnerability is the lack of an organized
international law enforcement process to counter cybercrime.
The bureaucratic structures of law enforcement agencies
and their partners around the world were designated before

cyberthreat was known. No single entity is in charge, no single
entity knows the full extent of the problem. This situation is
being exploited by OCGs. The ubiquitous nature of cyber does
not fit with our current response frameworks.
The development of a cybercrime-related legal framework is
needed. The fact that provisions exist in the criminal code that
are applicable to similar acts committed outside the network
[such as fraud, copyright violations or child pornography] does
not mean that they can be applied to acts committed over
the Internet as well.22 It is necessary to create substantive
criminal law provisions that would effectively criminalize acts of
cybercrime and provide the necessary procedural powers for
law enforcement agencies to carry out the type of specialized
investigative measures required to identify cybercriminals
(such as the interception of Internet traffic or the use of remote
forensic software).
Insufficient collaboration between the public and private
sectors also prevents collection of the intelligence necessary
to understand the scope of the cybercrime problem and to
implement collaborative law enforcement against cybercrime.
As cybercrime has a transnational nature, international
cooperation is a key element in combating it. However, in
this field very few treaties and agreements on mutual legal
assistance among states exist.23 Current agreements are based
on formal and complex procedures that often refer to the
principle of dual criminality.24 According to this principle, only
those crimes that are criminalized in all participating countries
are globally investigated. For this reason, regional differences
in legislation and practices among states play an important
role and can make international cooperation very difficult.
One example is the illegal content of certain materials. Some
countries or regions criminalize the dissemination of materials
which are lawfully distributed in other countries.25
Finally, it must be pointed out that a majority of cybercrime
is not reported to the competent authorities, either because
individuals do not realize that the offence is taking place or
because (especially for banks, business and industries) they do
not want to expose themselves to the reputational damage it
causes.26 The high degree of under-reporting is an obstacle to
combating cybercrime and the use of the Internet by criminal
groups. If these crimes are not reported, they will not be
investigated.
22
International Telecommunication Union (2009), Understanding Cybercrime: A Guide for

Developing Countries, p. 13.
23
19

Developing Countries, http://www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-understandingcybercrime-guide.pdf, p. 16.
20
The recent report by Symantec points out that about 44% of mobile phone owners globally
use their mobile phone to access the Internet. This percentage rises to more than half of adults in
emerging countries. Symantec (2011), Cybercrime Report 2011.
21
Symantec (2011), Internet Security Threat Report: Trends for 2010, https://www4.symantec.
com/mktginfo/downloads/21182883_GA_REPORT_ISTR_Main-Report_04-11_HI-RES.pdf.
UNODC (2011), Working Paper Draft collection of topics for consideration within a
comprehensive study on impact and response to cybercrime, http://www.unodc.org/documents/
treaties/organized_crime/EGM_cybercrime_2011/Working_Papers/UNODC_CCPCJ_EG4_2011_2_
rev1_-_amended_-_final.pdf.
24

Developing Countries.
25
Ibid; UNODC (2011), Working Paper Draft collection of topics for consideration within a
comprehensive study on impact and response to cybercrime.
26
See for more details: McAfee, (2011), Underground Economies, http://161.69.13.40/us/

resources/reports/rp-underground-economies.pdf; Symantec (2011), Cybercrime Report 2011.
11
1.4. Cases
1.5. Good practices
Case 1: Mariposa Botnet27

Spanish authorities used a multidisciplinary task force (military,
international law enforcement, academia, private sector) to
dismantle the Mariposa botnet in 2010. The botnet infected more
than 12.7 million personal computers in more than 190 countries
and more than 3,000 smartphones before they were shipped from
the factory.
Good practices minimize the value of cybercrime enablers to

cybercriminals by making the enablers more difficult to use
(increased cybersecurity) or by making cybercrime easier to detect
and prosecute through international cooperation by governments
and private industry.
Case 2: Rustock Botnet28

Each infected machine communicated with control nodes via
posts that appeared to be legitimate posts to a bulletin board or
Web forum. The command and control servers were all located
in the US and most were managed by small hosting firms that
were unaware of the botnets presence. This case illustrates how
cybercriminal enterprises rely on a criminal infrastructure (the digital
underground economy) and the value of the tools developed by the
criminals.
Case 3: Operation Aurora29
Advanced persistent threats (APT) are attacks that use deceptive
techniques (such as sending an e-mail from a trusted source)
to gain access to systems. After obtaining control of the target
system, specific data and intellectual property was stolen.
Intellectual property theft and cyber espionage are growing
problems in a world where data is a leading commodity.
Case 4: Operation Night Dragon/Shady RAT30
Attackers from several locations in China used command and
control servers from purchased hosted services in the United
States and from compromised servers in the Netherlands to
attack global oil, gas and petrochemical companies, individuals
and executives in Kazakhstan, Taiwan, Greece and the United
States to acquire proprietary and highly confidential information.
The attackers ran regular business hours for as long as four years,
illustrating professionalism of attack (cybercrime as a business).
Case 5: Anonymous31
The development of a new distributed model of malfeasance over
the last two years has spilled over into the offline Occupy protests.
Anonymous is now a global brand in free speech and freedom
fighting, espoused for a variety of anti-capitalist and anarchic
causes, and even by lawmakers. Of particular interest here is the
variety of cells operating under the Anonymous brand and the
range of issues targeted in its name. These include attacks on the
EU parliament related to the Anti-Counterfeiting Trade Agreement
(ACTA), law enforcement conference calls, the use of tear gas
in Bahrain, threats to Mexican drug cartels, and the exposure of
e-mails belonging to a law firm representing US marines accused
of murdering Iraqi civilians revealing links between nationalist
politicians and extremist groups. These are ideologically motivated
electronic attacks with no consistent theme.
In the United States, CERT,32 Symantec,33 and McAfee34 provide

information on how individuals and businesses can increase their
cybersecurity to make cybercrime more difficult. One objective
is to prevent cybercriminals from accessing the information they
need to commit cybercrimes.
The Council of Europe has reported on best practices for
international cooperation against cybercrime35 and last year
the Council on Organized Crime reported cooperative law
enforcement through the Virtual Global Taskforce.36
A convention or protocol at the United Nations level has been
proposed to improve on the regional cooperation framework
established by the Council of Europe Convention on Cybercrime.37
The Twelfth United Nations Congress on Crime Prevention and
Criminal Justice, held in April 2010, resulted in UN Resolution
65/230,38 which calls for the creation of an open-ended
intergovernmental expert group ... to conduct a comprehensive
study of the problem of cybercrime and responses to it by Member
States, the international community and the private sector,
including the exchange of information on national legislation, best
practices, technical assistance and international cooperation.
In fact, an increasing number of cybercrimes have an international
dimension, particularly due to the fact that offenders, operating
through the transnational Internet, often do not need to be
present at the location of the victim. This separation in the location
between the victim and the offender and the mobility of offenders
make it necessary for law enforcement and judicial authorities to
cooperate internationally and assist the state that has assumed
jurisdiction. Effective international cooperation poses one of the
major challenges in combating increasingly globalized crime, both
in its traditional forms and as cybercrime. ... Effective international
cooperation requires a degree of common understanding and the
adoption of common approaches of legislation.39
32
http://www.us-cert.gov/reading_room/.
33
http://www.symantec.com/about/news/release/article.jsp?prid=20110831_01 and http://www.

symantec.com/theme.jsp?themeid=ncsa&depthpath=0&header=0.
27
http://www.theregister.co.uk/2010/03/19/voda_spain_mariposa_latest/ and http://www.

theregister.co.uk/2010/03/02/mariposa_botnet_takedown/.
28
http://www.theregister.co.uk/2011/03/23/rustock_takedown_analysis/.
29
http://www.mcafee.com/us/resources/white-papers/wp-protecting-critical-assets.pdf.
30
http://www.mcafee.com/ca/resources/white-papers/wp-global-energy-cyberattacks-nightdragon.pdf, http://www.networkworld.com/news/2011/021011-night-dragon-attacks-from-china.
html, http://graphics8.nytimes.com/packages/pdf/technology/mcafee_shadyrat_report.pdf, http://
www.chinaeconomicreview.com/node/56796
31
http://www.guardian.co.uk/technology/2012/feb/22/acta-stalled-european-commission, http://
www.guardian.co.uk/technology/2012/feb/06/anonymous-haditha-killings, and http://www.guardian.
co.uk/world/2012/feb/01/bnp-emails-far-right-anonymous.
12
34
http://www.mcafee.com/us/campaigns/fight_cybercrime/cru/information/best_practices.html.
35
http://www.mcafee.com/us/campaigns/fight_cybercrime/cru/information/best_practices.html.
36
http://www3.weforum.org/docs/WEF_GAC_OrganizedCrime_Report_2010-11.pdf, p. 19.
37
http://www.cybercrimelaw.net/documents/A_Global_Protocol_on_Cybersecurity_and_Cybercrime.
pdf, p. i.
38
UNODC RES/65/230, Resolution adopted by the General Assembly Twelfth United Nations
Congress on Crime Prevention and Criminal Justice, http://daccess-dds-ny.un.org/doc/UNDOC/
GEN/N10/526/34/PDF/N1052634.pdf?OpenElement and http://www.unodc.org/documents/justiceand-prison-reform/AGMs/General_Assembly_resolution_65-230_E.pdf, p. 3.
39
UNODC (2011), Working Paper Draft collection of topics for consideration within a
comprehensive study on impact and response to cybercrime, p. 11 and 9.
1.6. Recommendations
Specific Recommendations
General Recommendations
Enhancing cooperation and sharing information:

Establish an efficient means for private industry and
government to share information about cybercrime
The US government has begun exchanging cyberthreat
information with government contractors; legislation is pending
to make it easier to share this information.40 The World
Economic Forums initiative on Risk and Responsibility in
a Hyperconnected World provides a platform for decisionmakers to undertake coordinated action to set in place the risk
evaluation, detection and response mechanisms necessary to
protect networked communications and future growth in the
online networked economy.41

Strengthening public-private partnership:
Dismantling the command and control servers of botnets would
mitigate the threat. Law enforcement agencies (LEA) should
collaborate with academia, IT industry stakeholders and local
Computer Emergency Response Teams (CERT) to exchange
intelligence on the locations of botnet servers to remove or
disable them.

Botnets are crucial tools to commit e-banking fraud. LEAs
should engage the banking industry to impose additional
security measures. One simple step that could drastically
mitigate the risk is to limit all third-party money transfers to
pre-registered accounts only.
Establishing coordinating structures:

A structure analogous to that of the UNODC is needed to
evaluate and quantify the global cybercrime problem. UNODC
should encourage the creation of appropriate legislation and
INTERPOL should enhance law enforcement capacity by
coordinating the regional efforts of EUROPOL, the Federal
Bureau of Investigation (FBI), Australian Federal Police (AFP)
and others. This coordinated regional and international
response should include a consistent approach to law
enforcement cooperation with the private sector (effectively
reducing the number of law enforcement counterparts
that global corporation must deal with by offering them
regional points of contact such as EUROPOL, and the future
INTERPOL centre in Singapore). Until such capability is
available, the full extent of that component of the cybercrime
problem for which law enforcement action is appropriate will
not be known.

Raising awareness and developing instruction and prevention
programmes:
The knowledge of how cybercrime schemes work must be
increased and widely disseminated.

Social engineering techniques are commonly used in e-mail
scams. Victims unknowingly give their money to criminals
because the victims mistakenly think the communicating
parties are their friends or business partners. As a result,
inadvertent victims around the world continuously lose huge
amounts of money in these e-mail scams. Intensified publicity
and crime prevention programmes would play an instrumental
role in reminding the public to recognize and avoid these
scams.

Botnets have posed a significant threat to the cybersecurity
of major information systems. Typical of this threat is the
distributed denial of service (DDoS) attack which utilizes
botnets to launch premeditated, coordinated and simultaneous
denial of service attacks from many points of origin against
a single or multiple targets. Cybercriminals usually make use
of botnet-inflected machines to launch the attack. Hence,
it is vital to raise public awareness about the need to keep
computers and servers free from botnet infection by constantly
updating the anti-virus software.
40
http://www.reuters.com/article/2011/12/01/us-usa-cyber-intelligence-idUSTRE7B001H20111201
41
http://www.weforum.org/content/pages/risk-and-responsibility-hyperconnected-world.
13
2. Enablers of
money laundering:
Beneficial owners
and professionals
14
In the anti-money laundering movement, two main issues have

raised significant consideration:
identifying the beneficial owners of corporate entities
clarifying the role of professionals and intermediaries in money
laundering and terrorist financing schemes
Figure 1 Professionals who came into contact with the proceeds

of crime
Source: Margaret Beare & Stephen Schneider. 2007. Money Laundering in Canada:
Chasing Dirty and Dangerous Dollars, University of Toronto Press, p. 135
Both beneficial owners and professionals may, in fact, play the role
of enablers of organized crime and corruption.
2.1. Main features

Beneficial Owners
Criminals and criminal organizations may make use of complex
cross-border schemes of corporate vehicles with a Chinese
boxes structure to conceal their identities and to hide illegal
proceeds. Law enforcement agencies have been handling an
increasing number of cases in which legitimate businesses comingle with illegal businesses, and legitimate funds with illicit funds.
Reconstructing these complex corporate schemes and identifying
who lies behind them, i.e. identifying their beneficial owners (BO),
is considered to be essential to reveal the full extent of the criminal
infrastructure and to prevent future criminal activities.
Professionals
In addition to the increasing emphasis on the need to improve the
transparency of corporate beneficial ownership, special attention
must be paid to the role of professionals as gatekeepers, or
conversely, as enablers of organised crime and corruption.
Professional service providers have been increasingly identified as
being involved (either knowingly or unwittingly) in money laundering
(ML) and financing of terrorism (FT) schemes. Given their trusted
gatekeeper status, professionals can misuse the absence of direct
supervision to launder funds themselves and/or act as good faith
intermediaries in helping others to launder. This can occur in a
variety of contexts, such as the securities and derivatives markets,
the real estate market, etc., only some of which are discussed
here. Active criminal infiltration of professional roles or subornation
of existing professionals are key routes to criminal success. For
example, brokerages or even multidisciplinary firms of accountants
and lawyers can be beneficially owned by criminals, leveraging their
professional status. The extent to which this happens in practice is
unknown, but it represents a risk that requires management.
The increased misuse of professionals for criminal purposes is the
natural consequence of the evolution in ML/FT patterns: in fact,
the severe restraints and strict controls on the activities of credit
and financial institutions (on which money launderers originally
relied to conceal the proceeds from crime) produced a displacing
effect, forcing criminals to find another entry point to the financial
system and to exploit new channels and intermediaries to conduct
their business. Criminals had thus to find alternative methods for
laundering dirty money, moving from now better regulated financial
institutions to non-regulated businesses and professions, that is to
those areas with a less stringent regulatory regime.42
2.2. Achievements
Both issues beneficial owners and service providers have seen
an increase in regulations recently. These regulations, however, are
not always accompanied by an adequate level of implementation.
A global level playing field may be impossible to achieve, but
greater attention must be paid, at the national and transnational
levels, to enhance the harmonization and availability of data on
BO and to ensure that professionals and other service providers
behave responsibly.
Beneficial Owners
With reference to the beneficial owners, governments have
recognized the importance of curbing the misuse of corporate
vehicles to conceal beneficial ownership, and in response, they
have adopted certain international standards.43 The two key
international standards dealing with BO identification are the
United Nations Convention against Corruption44, and the 40
Recommendations45 drawn up and revised by the Financial Action
Task Force (FATF) in 2003, and significantly revised in 2012.46
More specifically, FATF Recommendations 24 and 25 aim
at enhancing the transparency of legal entities and indicate
identification of the beneficial owner as a key measure. In particular,
they (R24) require that, Countries should ensure that there is
adequate, accurate and timely information on the beneficial
ownership and control of legal persons that can be obtained or
accessed in a timely fashion by competent authorities.47
43
World Bank/UNODC, (2011), The Puppet Masters: How the Corrupt Use Legal Structures to
Hide Stolen Assets and What to Do About It, http://www1.worldbank.org/finance/star_site/documents/Puppet%20Masters%20Report.pdf, p. 4.
44
UNITED NATIONS RES/58/4 (2003), United Nations Convention against Corruption,

http://www.un-documents.net/a58r4.htm.
45
FATF (2003) 40 Recommendations, http://www.fatf-gafi.org/media/fatf/documents/40%20

Recommendations.pdf.
46
42
FATF (2011), The Review of the Standards - Preparation for the 4th Round of Mutual Evaluation.
Second public consultation, June 2011, http://www.fatf-gafi.org/dataoecd/27/49/48264473.pdf.
FATF (2012) The FATF Recommendations: International Standards on Combating Money

Laundering and the Financing of Terrorism & Proliferation, http://www.fatf-gafi.org/dataoecd/49/29/49684543.pdf.
47
Ibid., p. 22.
15
In recognizing the vulnerability to laundering from a lack of

transparency regarding beneficial ownership issues, the FATF
has revised and enhanced their earlier recommendations to now
include far greater precision as to what countries should have in
place in order to comply. Countries should have mechanisms that:
(a) identify and describe the different types, forms and basic
features of legal persons in the country
(b) identify and describe the processes: (i) for the creation of those
legal persons; and (ii) the obtaining and recording of basic and
beneficial ownership information
(c) make the above information publicly available
(d) assess the money laundering and terrorist financing risks
associated with different types of legal persons created in the
country48
The FATF recommends that to determine who the beneficial
owners of a company are, competent authorities will require certain
basic information about the company, which, at a minimum,
would include information about the legal ownership and control
structure of the company. This would include information about the
status and powers of the company, its shareholders and directors.
Among a long list of requirements, all companies created in a
country should be registered in a company registry.49
The crucial importance of BO identification in the fight against ML
and TF has been fully recognized, for example, at the EU level.
In particular, the Third EU Anti-Money Laundering Directive,50
cornerstone of the whole EU Anti-Money Laundering (AML)
regulatory framework, was intended to expand existing countermeasures to a significant group of professionals and service
providers. In this perspective, it requires intermediaries such as
banks, auditors, accountants, lawyers and notaries to identify,
in the framework of Customer Due Diligence procedures, the
beneficial owner of their clients (Art. 8, par. 1 b).
Professionals
The potential risk of professionals being abused for illicit purposes
has become a significant issue in the anti-money laundering
legislative framework: the recent trend in Anti-Money Laundering
and Countering the Financing of Terrorism (CFT) legislation is to
expand existing counter-measures applicable to credit and financial
institutions to a significant group of professional service providers,
both at the international and European levels. The increasing
number of cases involving professionals has prompted competent
authorities to place more categories of professionals under antimoney laundering obligations.51
This approach has been adopted, for example, by the EU AML
regulatory framework, which has expanded AML obligations to a
greater number of professionals and service providers, such as:
(a) credit institutions
(b) financial institutions
(c) auditors, external accountants and tax advisers
(d) lawyers
(e) notaries
(f) trust and company service providers
(g) real estate agencies
(h) casinos
48
Ibid., p. 83.
49
Ibid.
50
EU DIRECTIVE 2005/60/EC of the European Parliament and of the Council of 26 October 2005
on the prevention of the use of the financial system for the purpose of money laundering and terrorist
financing, http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2005:309:0015:0036:en:PDF.
51
The imposition of due diligence obligations on service providers is important for two main reasons.
First, it obliges service providers to collect information and conduct due diligence on matters about
which they might prefer to remain ignorant. This obligation is important because in the majority of
cases in which a corporate vehicle is misused, the intermediary is negligent, wilfully blind, or actively
complicit. If a service provider is obligated to gather full due diligence information, it becomes
impossible for the intermediary to legitimately plead ignorance regarding the background of a client
or the source of his or her funds. Second, having all such information duly gathered by the service
provider means that investigators have an adequate source of information at their disposal. World
Bank/UNODC, (2011), The Puppet Masters: How the Corrupt Use Legal Structures to Hide Stolen
Assets and What to Do About It, p. 6.
16
Beneficial Owners
With regard to the identification of beneficial owners, some
problems must be taken into account, representing vulnerabilities
that could be seen by criminal groups as actual opportunities for
money laundering or financing terrorism.
An effective anti-money laundering regime to prevent corporate
entities from being abused for money laundering should have at
least three components:
(a) a central registry of corporate entities that provides beneficial
owner information
(b) beneficial owner identification systems by financial institutions
and professional service providers
(c) an international sharing system for beneficial owner information
Unfortunately many weak links in all three components exist
worldwide.
A) Central registry of corporate entities:
There is currently no international standard requiring states to
have a central registration system for corporate entities, such
that not many states have a system that makes BO information
available to those who need it for the purpose of anti-money
laundering.

Some states have fragmented registration systems, e.g. for tax
or public listing purposes, etc., but these fragmented systems
are not designed for the purposes of anti-money laundering
and so are not conducive to them. Moreover, access to these
systems for BO information can only be made in certain limited
circumstances, e.g. for a criminal or tax investigation etc.,
and the associated information retrieval process is extremely
inefficient and very often requires judicial scrutiny.

For those states having a central registry of corporate
entities, in the absence of international standards on what BO
information a corporate entity must register with the authority
and how often the information needs to be updated, the
registers are very often found to be unreliable, i.e. not updated,
and pertaining only to legal ownership/control as opposed to
actual beneficial ownership.

B) Beneficial owner identification systems:
As for BO identification systems, despite the Third EU
Directive and the FATF Recommendations, currently many
states, including those well developed states in which the
world financial centres are situated, have yet to put in place
proper enforceable means to require financial institutions
and professional service providers to identify and verify the
beneficial ownership of corporate entities in their customer due
diligence processes. Nor are they required to understand the
ownership and control structure of corporate customers with
complex ownership structures.

Law enforcement agencies from time to time come across
investigations involving shell companies being used for money
laundering. Criminals or money launderers make use of the
services of the professional service providers to set up shell
companies to open bank accounts for illicit transactions with
staff of the professional service provider acting as nominee
directors of the corporate customers. Banks without proper
customer due diligence practices do not know and do not
bother to ask (if the state has no such requirement for them to
do so) about the actual beneficial owners of such corporate
customers and the bank accounts.

C) International sharing of beneficial owner information:

Given the fact that money laundering is frequently carried out in
an international context, the problem of corporate entities being
abused for money laundering is aggravated by the ease with
which corporate entities can be incorporated overseas. Law
enforcement agencies, financial institutions and professional
service providers increasingly come across or deal with
companies incorporated offshore. Offshore corporate entities
have hindered the respective customer due diligence and
investigation processes, if not making them impossible.

While the availability of overseas BO information to financial
institutions and professional service providers still leaves much
to be desired, the effectiveness and efficiency of international
sharing of BO information among law enforcement agencies
are also in question because (a) not every state allows its law
enforcement agencies to have free access to the relevant
register for international sharing without judicial scrutiny; and
(b) not every law enforcement agency can share information
with an overseas counterpart without a bilateral cooperation
agreement or mutual legal assistance agreement.

For financial institutions, aside from the unavailability of
overseas BO information, another concern is the high cost
incurred and the long time spent in obtaining information
from overseas authorities. Therefore, very often, in case of
complex company structures involving offshore corporate
entities, financial institutions are reluctant to identify and verify
the identity of the BO of all the structures layers. They simply
check the first and last layers and rely on the declaration of the
customers to tell them what the intermediate layers are.
Professionals
With reference to professionals risk of being involved in ML
schemes, other vulnerabilities may be identified that allow criminals
and terrorists to take advantage of them. Each of the vulnerable
sectors has a role for professionals to play whether as willing
conspirators or naive facilitators. One of the most effective ways to
aid the laundering process is to engage the cooperation of corrupt
professionals, or for a criminal enterprise to place operatives within
financial institutions. By doing so, an offender can bypass scrutiny,
falsify documents and avoid mandatory transaction reporting
requirements. Internal conspiracies and corruption have been
identified in the following cases:
A) Some criminals might try to take advantage of professional
secrecy obligations that apply to the gatekeeper.52

In anti-money laundering discussion, the term gatekeepers
refers to a broad range of professionals (such as lawyers,
52
FATF (2010) Global Money Laundering & Terrorist Financing Threat Assessment,
http://www.coe.int/t/dghl/monitoring/moneyval/web_ressources/FATF_GTA2010.pdf, p. 46.
notaries, accountants, company formation agents and others)

who, as a result of their status, have the ability to provide
financial expertise and allow access to the financial system.
Therefore, gatekeepers should be meant as protectors of
the gates to the financial system.53 As such, they are those
through whom the users of the system, including potential
launderers, must pass to enter it. This is why AML regulation
has increasingly directed its attention to these figures by
establishing specific anti-money laundering obligations in the
execution of their functions.

B) A most common technique used to help expedite the
laundering process is the use of nominees, involving some
attempt by the offender to obscure a direct connection
between himself and assets he owned, primarily by registering
legal title to the asset in the name of another individual, usually
a relative, a friend or a lawyer. In an analysis of Royal Canadian
Mounted Police cases, it was found that the assets most
often placed in the name of nominees were real estate, cars,
companies and banks accounts.54

C) According to a report authored by the Financial Action Task
Force (FATF), ...inadequate codes of conduct and ethics with
a low likelihood of disciplinary action (emphasis added) all help
to shape businesses in ways that enable criminals to take
advantage of the services they offer. Professionals and insiders
who are sole traders and have no management or compliance
oversight, along with vulnerable business models that cannot
support sophisticated AML systems, are often seen as soft
targets for criminals who wish to use their services for illegal
gain.55

D) In the absence of corresponding ethics and internal controls,
the practice of making decisions to promote or continue
employment based on performance criteria, and the use
of sales-driven remuneration packages and performance
assessments may unintentionally promote unlawful greed in
individuals and increase their vulnerabilities. This can create
an environment characterized by corruption that can be easily
exploited by criminals.56 What gets measured, gets done,
therefore it is important to consider the reward system within
institutions. These rewards individual and group are partially
responsible for irrational exuberance in banking decisions
(i.e. unwise loans and credit lines, etc.). Peer pressure from
group incentives is particularly powerful. Hence any policy that
results in the loss of customers especially customers with
large amounts of money is operating against the current
reward structure. Financial institutions rhetoric may declare
that all bank objectives are equal profit, risk management,
customer satisfaction and societal pressures to reduce money
laundering when in reality they often are not given the same
attention.

E) Inter alia, special attention must focus on lawyers services and
real estate transactions.
53
FATF 2010, Global Money Laundering & Terrorist Financing Threat Assessment. A view of how
and why criminals and terrorists abuse finances, the effect of this abuse and the steps to mitigate
these threats. http://www.coe.int/t/dghl/monitoring/moneyval/web_ressources/FATF_GTA2010.
pdf, p. 44.
54
Beare, M. and Schneider, S. (2007). Money Laundering in Canada: Chasing Dirty and Dangerous
Dollars. In one case, a Calgary-based cocaine trafficker had signing authority for 25 bank accounts;
most were registered in the names of relatives, favouring his mother and father-in-law.
55
FATF (2010) Global Money Laundering & Terrorist Financing Threat Assessment, p. 46.
56
Ibid.
17
Lawyers
The services provided by lawyers are frequently part of a series
of commercial and financial transactions conducted by the
most sophisticated criminal entrepreneurs. In an unknown but
presumably very large proportion of cases, the lawyer is not
aware that the scheme s/he is facilitating is illicit. However, in
certain criminal and regulatory cases, the services of lawyers were
explicitly sought out and, in some instances, repeatedly used by
criminal offenders to launder their criminal proceeds.57
More specifically:
Lawyers came into contact with the proceeds of crime through
their role in facilitating a real property transaction by a drug
trafficker or accomplice.
Lawyers are used to conceal the true source of funds provided
to them by offenders through the use of legal trust accounts
and the invocation of solicitor-client privilege, which can place
stringent restrictions on the ability of law enforcement to gather
information from law offices.
They have also helped to conceal criminal ownership of assets
by registering titles in the names of nominees and, in some
cases, their own names.
They allow their client and office accounts to be used to
receive cash from offenders and supply them with financial
instruments (cheques and transfers) that will appear clean to
bankers.
They have been involved in transferring funds derived from
criminal activities to secrecy haven countries, including
establishing shell companies in these countries.
They have been used to create a seemingly legitimate source
of revenue for criminal offenders. This service is largely
accomplished by establishing shell and active companies,
selling assets on behalf of offenders, and purchasing revenuegenerating rental properties.
Real Estate
The real estate market allows criminals to use large quantities
of cash and manipulate other services associated with real
estate transactions, such as mortgages and the use of nominee
accounts, and dealings that are possible through the construction
industry. Launderers benefit in multiple ways because they can
often acquire valuable and appreciating investments at the same
time that they launder money into the legitimate economy.58
Some evidence also exists that offenders seek out a mortgage
to limit their equity in a home, to minimize their personal financial
loss if the property is forfeited to the Crown or, if the property
is to be used for an illegal marijuana or other grow-operation, it
may decrease their loss of capital in case of a building destroyed
by the chemicals used. In some cases, a mortgage (as well as
title to the property) appears in the name of a nominee. In other
cases, a criminal entrepreneur can personally finance a mortgage
for property that he controls, but that is registered in the name of
a nominee. This laundering technique provides the bogus owner
with a seemingly legitimate source of funds to purchase the
home, while hiding the true criminal ownership of the property.
Alternatively, mortgage financing can be provided by a nominee,
such as a family member or a business associate, for property
registered to a criminally accused person (in a past case, for
example, the mortgage was fake and the funds were ultimately
traced to the accused). Mortgages may also be financed by
criminally-controlled companies, often off-shore. The absence
of will among many real estate professionals in many parts of the
57
Middleton, D. and Levi, M. (2005) The role of solicitors in facilitating Organized Crime: Situational
crime opportunities and their regulation, Crime, Law & Social Change 42 (2-3): 123-161; Levi, M.,
Nelen, H. and Lankhorst, F., (2005) Lawyers as crime facilitators in Europe: An introduction and
overview, Crime, Law & Social Change 42 (2-3): 117-121. For an empirical study of lawyers roles in
US cases, see Cummings, L. and Stepnowsky, P. (2010) My Brothers Keeper: An Empirical Study
of Attorney Facilitation of Money-Laundering through Commercial Transactions,
http://digitalcommons.law.umaryland.edu/cgi/viewcontent.cgi?article=1970&context=fac_pubs.
For an empirical study of Canadian cases, see Beare M.E. and Schneider S. Money Laundering
in Canada: Chasing Dirty and Dangerous Dollars. U of Toronto Press 2007, chapter 3. See, more
generally, Shaxson, N. (2011) Treasure Islands: Tax havens and the men who stole the world,
London: Bodley Head.
58
World Economic Forum (2011), Global Agenda Council on Organized Crime 2010-2011 Term
report, http://www3.weforum.org/docs/WEF_GAC_OrganizedCrime_Report_2010-11.pdf, p. 9.
18
world to conduct due diligence on their clients and the absence

of sanctions for complicity in money laundering in real estate have
exacerbated the problem.59 Furthermore, sanctions have not
been applied against other professionals allied with the real estate
business, such as notaries and mortgage brokers, who have
facilitated such laundering.
2.4. Cases
Case 1: Delaware Laws, Helpful to Arms Trafficker, to Be
Scrutinized60
A Russian businessman who investigators say is the worlds
largest arms trafficker used secret corporations formed in Delaware
and other states to finance his activities. ... Delaware and the other
states have business-friendly laws that encourage the creation of
opaque shell companies, allowing their true owners to be disguised
or obscured. The Senate is considering new legislation to stop
the formation of two million such American corporations a year in
various states.
Officials say the Russian businessman, Viktor Bout, used at least a
dozen shell companies in Delaware the leading state that allows
the formation of such companies as well as Texas and Florida. ...
Senator Carl Levin, Democrat of Michigan, who co-sponsored
the legislation, contends that the state laws effectively allow arms
trafficking, money laundering, drug smuggling and tax fraud to
flourish. ...
The proposed legislation would require states to collect the names
of beneficial owners of corporations and limited liability companies
formed under their laws, and to provide that information to law
officials when requested.
Case 2: The use of professional intermediaries to facilitate money
laundering
A law enforcement operation identified an accountant, J, who
was believed to be part of the criminal organisation involved in
money laundering and re-investment of illicit proceeds derived from
drugs trafficking led by X. Js role was mainly that of a legal and
financial consultant. His task was to analyse the technical and
legal aspects of the investments planned by the organisation and
identify the most appropriate financial techniques to make these
investments appear legitimate from a fiscal stance. He was also
to try, as much as possible, to make these investments profitable.
J was an expert in banking procedures and most sophisticated
international financial instruments. He was the actual financial
mind of the network involved in the re-investment of proceeds
available to X. J operated by sub-dividing the financial transactions
among different geographical areas through triangle transactions
among companies and foreign credit institutions, by electronic
transfers and stand-by credit letters as a warrant for commercial
contracts which were later invested in other commercial activities
(Source: extracted from website of JE Financial Services
Commission).61
2.5. Good practices

Beneficial Owners
Beneficial Owner Identification by Financial Institutions
The efforts of the FATF do give momentum to system improvement
in member states or jurisdictions such as Hong Kong SAR. A major
financial centre, Hong Kong is very concerned about the integrity of
its financial systems. In response to the findings of the FATFs third
round of mutual evaluation, Hong Kong passed new anti-money
59
Ibid., p. 11.
60
The New York Times, 4 November 2009, http://www.nytimes.com/2009/11/05/business/05tax.

html?scp=11&sq=beneficial%20owners%20laundering&st=cse.
61
FATF (2010), Money Laundering Using Trust and Company Service Providers,
http://www.fatf-gafi.org/dataoecd/4/38/46706131.pdf, p. 41.
laundering legislation, which among other obligations requires

financial institutions to identify the beneficial owners of customers,
taking reasonable steps to verify their identity and know who they
are, including, where the customer is a legal person, measures
enabling the financial institutions to understand the ownership and
control structure of the legal person.
On the basis of the vulnerabilities mentioned above, the Council
suggests the following recommendations, which apply across the
areas discussed in this section:
Pursuant to the legislation, the respective regulators of financial

institutions formulated legally enforceable guidelines setting out
detailed requirements for how the identification and verification
of beneficial owners should be conducted. In brief, if a customer
is a legal entity, e.g. a corporation, an unincorporated body,
a partnership, etc., the guidelines require identification and
verification of all beneficial owners who own or control, directly
or indirectly, more than 10% of the legal entitys shares or who
exercise ultimate control over the management of the corporation.
Beneficial Owners
A) Regarding the central registry of corporate entities,67 it is
recommended that:
the information to be registered include both legal owners
(directors and shareholders) and beneficial owners
the registered information be verified by the registry authority
the registered information be updated in a timely manner by
the corporate entity when there are changes, e.g. within one or
two months
the register be accessible to the public against payment online;
payment should be minimal in order not to discourage access

B) Regarding beneficial owner identification, it is recommended
that:
required by law or by other legally enforceable means to
identify and verify the identity of a corporate customers
beneficial owners when establishing a business relationship
with it
required by law or by other legally enforceable means to take
reasonable measures to determine who the natural persons
are who ultimately own or control the corporate customer

C) Regarding the international sharing of beneficial owner
information, it is recommended that:
apart from via investigation powers, law enforcement agencies
have direct access to the register of corporate entities
states allow (e.g. by law) law enforcement entities to share
beneficial owner information with their overseas counterparts
instantly without need for any bilateral or mutual legal
agreement
the access to the register of corporate entities be made
available online against payment to facilitate overseas
searches; payment should be minimal in order not to
discourage access
Financial institutions must understand the ownership and control

structure of a corporation, even if it has multiple layers, by, for
example, obtaining a directors declaration that includes an
ownership chart describing the intermediate layers. At a minimum,
information included in the chart should include the names of the
companies of the intermediate layers, the places of incorporation
and the rationale behind the particular structure employed.
International Sharing of Information
The Egmont Group is an international network of Financial
Intelligence Units (FIU), which provides a forum for member units,
comprised of central, national agencies that handle financial report
information, to improve cooperation in the fight against money
laundering and the financing of terrorism. The network enables
member units to efficiently share intelligence, including information
on corporate entities through a secure website, without the need
for a bilateral agreement. However, a prerequisite for the sharing
of information is that the member state has (a) a centralized
registration system of legal persons and (b) its financial intelligence
unit has direct access to the system database.
Professionals
With reference to the involvement of professionals in money
laundering cases, good practices have focused on the
strengthening of codes of conduct and on including new
categories under the AML/CFT regulation. For example, the
Offshore Group of Banking Supervisors Trust and Company
Service Providers Working Group62 has focused on the crucial
position of trust and company service providers (TCSPs).
Professionals
A) Regarding the regulatory framework, it is recommended:
to reduce the wide disparity in the ways in which professionals
of all kinds accountants, lawyers and securities brokers are
licensed, scrutinized and disciplined. It seems inevitable that
these differences will continue in the foreseeable future. The
mechanisms by which lawyers, for example, are regulated
need to be scrutinized by international bodies, along the lines
of the functional equivalence concept developed by the
Organisation for Economic Co-operation and Development
(OECD) Working Party on Bribery. In the first instance, the
FATF and FATF-style regional bodies (FSRBs) should press
member states to bring into effect agreements on AML
compliance by professionals to which they are already
signatories.

B) Regarding criminal and regulatory investigations, it is
recommended:
to collect data systematically on the mechanisms by which
professionals assist criminals, both in the perpetration of
offences and in the laundering of proceeds from criminal
activity. In this way better evidence of interventions can be
built, including both criminal justice sanctions and preventive
measures, such as controls over licensing and professional
disciplinary sanctions.
Given the role of TCSPs as intermediaries and introducers of

businesses to institutions that manage funds or assets, their
inclusion under the anti-money laundering framework is a key step
for the effectiveness of AML and CFT measures.63 On the contrary,
the Offshore Group of Banking Supervisors Trust and Company
Service Providers Working Group has found that a number of
jurisdictions still do not regulate or supervise the operations of
TCSPs appropriately.64
Accordingly, the Group drew up a Statement of Best Practice65 for
Trust and Company Service Providers, which was completed in
2002.66
62
OGBS TRUST AND COMPANY SERVICE PROVIDERS WORKING GROUP (2004), Securing
Effective Exchange of Information and Supervision, http://www.ogbs.net/attachments/036_
ogbstrustandcos.pdf.
63
FATF (2010), Money Laundering Using Trust and Company Service Providers, p. 11.
64
Ibid. This fractured and unreliable pattern of supervision renders effective co-operation unlikely
and ... represents a significant weakness in the global defences against money laundering and the
financing of terrorism, as well as a genuine lack of customer protection in respect of the sectors
clients.
65
OGBS TRUST AND COMPANY SERVICE PROVIDERS WORKING GROUP (2001), Statement of
Best Practice, http://www.ogbs.net/attachments/037_Trust%20and%20Company%20Service%20
Providers%20-%20Statement%20of%20Best%20Practice%20.pdf.
66
Ibid., p. 1. This statement of best practice is intended for use by jurisdictions generally in
reviewing the position of their trust and company service providers. It is also intended for use by
international organizations such as the IMF when they are engaged in an assessment of individual
jurisdictions in respect of their policy/procedures/practices from a financial regulatory/anti-money
laundering standpoint.
67
This in addition to the revised FATF Recommendations.

19
3. Enablers that exploit

international commercial
transactions:
Free Trade Zones
20
Under the umbrella of Organized Crime Enablers, this report

considers international commercial regulations and in particular the
issue of Free Trade Zones. The crime risks associated with these
Zones have been neglected until recently, although one early study
highlighted their exploitation for tax-related money laundering and
value transfers in tobacco smuggling, for example.68
With respect to banking and financial regulations, Free Trade
Zones are comparable to offshore countries. Their structure and
regulations make these areas very efficient for legitimate purposes,69
but they are at the same time weaker, less transparent and more
vulnerable to organized crime.
3.1. Main features

According to the International Convention on the Simplification and
Harmonization of Customs Procedures (so-called the Revised
Kyoto Convention), a Free Zone (or Free Trade Zone) is a part of
the territory of a Contracting Party where any goods introduced
are generally regarded, insofar as import duties and taxes are
concerned, as being outside the Customs territory.70
More generally, to promote trade, facilitate new business creation
and encourage foreign direct investment, FTZs offer a number
of incentives such as duty exemptions, simplified administrative
procedure and free import duty on raw materials, machinery or
equipments. Created to boost economic opportunities, these
incentives often result in reduced financial and trade controls.71
Two recent reports (one is the FATF report entitled Money
Laundering Vulnerabilities of Free Trade Zones72 and the other is
the Business Action to Stop Counterfeiting and Piracy (BASCAP)
document entitled The role and responsibilities of FTZs73) have
drawn attention to the collateral risks posed by Free Trade Zones.
They acknowledge that Free Trade Zones have been created
to reduce barriers and facilitate global trade and that they have
become particularly important for the integrated economy: they
stimulate economic growth and play a large role in the globalization
of the world economy. Not surprisingly, Free Trade Zones have
proliferated significantly in recent years, confirming their central role
for economic growth. Today, approximately 3,000 Free Trade Zones
exist in 135 countries around the world. In what is sometimes
termed a race to the bottom, FTZs generate reduced trade in
competitor jurisdictions, which encourages them, in turn, to create
FTZs, reducing the overall level of transparency and bureaucracy,
while facilitating crime and tax avoidance, in those jurisdictions.
As the above reports convey, there is a downside. FTZs represent
an attractive opportunity not only for legitimate businesses but also
for wholly and partially illegal endeavours. Organized crime groups
and counterfeiters use FTZs to move illegal products around the
world without detection. Whats worse is that to do so, they exploit
the very ecosystem that governments have put in place to help
FTZs contribute to economic development:
such as the limited regulatory oversight in Free Trade Zones; such
as Customs, tax and product regulations that do not apply or
are rarely enforced; such as the limited inspections of containers
in transit; and, the simple inaction of governments who may
consider Free Zones to be immune from the laws that govern the
rest of the economy.74
Inaction is particularly likely where the crimes involved hurt

only people or governments in other jurisdictions. Generally,
counterfeiters use the transit or trans-shipment of goods through
multiple, geographically diverse ports as a means to disguise
the nature of the product and make it more difficult for law
enforcement to track their activity. Counterfeiters import shipments
of counterfeit goods into warehouses in the FTZs and then change
the final destination and re-export them. In this way FTZs are
used to sanitize shipments and documents, thereby disguising
their original point of manufacture or departure. This can be done
to evade trade sanctions and arms controls, as well as for more
conventional forms of criminality.
Counterfeiters also import unfinished goods and then further
manufacture them in FTZs by adding counterfeit trademarks, or
repackage or re-label the goods and then export the finished
counterfeit goods to other countries. Last but not least, the
complete manufacturing of counterfeit goods also takes place
in FTZs.
The crucial challenge FTZs pose to todays law enforcement
agencies and policy-makers is how to balance security issues with
facilitating trade or, in other words, how to merge efficiency and
transparency. What is needed is to improve controls to diminish the
risks related to organized crime without hindering the advantages
in trade efficiency provided by FTZs.
3.2. Achievements
As suggested by the World Customs Organization (WCO), in
todays hyperconnected and globalized world, international trade
and investment will flow towards efficient, supportive and facilitative
locations.75 Todays efficient and effective customs systems and
procedures can significantly increase economic competitiveness
through the creation of a safe trading environment, which in turn
would promote international trade and investment. Furthermore,
as customs are now also responsible for national security, they
need to ensure that they facilitate exclusively legitimate trade
while addressing the threats posed by terrorism and transnational
organized crime, and tackling the problems of counterfeiting and
piracy.76
As a result of these changes and new challenges, the WCO revised
and updated its original Kyoto Convention of 1974, to ensure that
it kept pace with the development of international trade.77 In its
revised form78 the Kyoto Convention is widely regarded as the
blueprint for modern and efficient Customs procedures in the 21st
century. Once implemented widely, it will provide international
commerce with the predictability and efficiency that modern trade
requires.79
With specific reference to the legislation, in Europe a single
Customs Code (the Community Customs Code) exists, for
instance. However, there is no common Customs legislation at the
international level and, in any event, there are variations in code
enforcement between different jurisdictions, even without taking
into account the issue of FTZs. This situation reflects tensions
between monitoring costs and smooth commerce, and occasional
corruption/incompetence in Customs and excise taxes.
68
For an early discussion see, Financial Havens, Banking Secrecy and Money-Laundering (J. Blum,
M. Levi, T. Naylor and P. Williams), Issue 8, UNDCP Technical Series, New York: United Nations
(1998) UN document V.98-55024.
69
Thomas Farole and Gokhan Akinci (eds) Special Economic Zones: Progress, Emerging
Challenges, and Future Directions, The World Bank, Washington DC, 2011.
70
International Convention on the Simplification and Harmonization of Customs Procedures (1999),

http://www.wcoomd.org/Kyoto_New/Content/Body_Gen%20Annex%20and%20Specific%20
Annexes.pdf, p. D.2/1.
71
FATF (2010), Money Laundering Vulnerabilities of Free Trade Zones.
72
Ibid.
73
BASCAP (2011), The role and responsibilities of FTZs, http://www.iccwbo.org/uploadedFiles/

BASCAP/Pages/FTZ%20points_WCO%20Open%20Day_28%20June2011%20_2_%20(2).pdf.
74
Ibid., p. 1.
75
WCO (2006), Revised Kyoto Convention: your questions answered, http://www.wcoomd.

org/files/1.%20Public%20files/PDFandDocuments/Procedures%20and%20Facilitation/kyoto_
yourquestionsanswered.pdf, p. 3.
76
Ibid.
77
The revised Kyoto Convention on the simplification and harmonization of customs procedures
was adopted by the WCO in June 1999 and entered into force on 3 February 2006 after 40
Contracting Parties had acceded to it.
78
WCO (1999), International Convention on the Simplification and Harmonization of Customs

Procedures, http://www.wcoomd.org/Kyoto_New/Content/Body_Gen%20Annex%20and%20
Specific%20Annexes.pdf.
79
WCO (2006), Revised Kyoto Convention: your questions answered, p. 4.

21
The so-called Modernised Customs Code (MCC),80 supported

by Decision 70/2008/EC of the European Parliament and of the
Council81 on a paperless environment for Customs and trade,
is part of a Community approach to modernize EU Customs
legislation. The MCC will replace the current Community Customs
Code.82
More specifically, the MCC addresses two major issues:
Simplification: The MCC will streamline the codes structure
(the number of articles has been reduced from 264 to 188) and
will simplify Customs procedures (the number of procedures
has been reduced from 13 to 3, all with consistent rules). The
current Community Customs Code is, in fact, cumbersome
and not easily accessible. The aim of the MCC is therefore
to optimize the efficiency and effectiveness of Customs and
Customs-related procedures and controls, making them flow
better and more coherent and operative.

Computerization: For the same purpose, jointly with EC
Decision 70/2008, the MCC aims to provide the progressive
computerization of all Customs procedures and formalities,
with a view to achieving a completely paperless environment
for Customs and trade. Some measures to achieve this goal
include, for example:
electronic lodging of Customs declarations and accompanying
documents
use of a centralized clearance to declare goods electronically
and pay Customs duties
introduction of the single window83 and one-stop-shop84
concepts
Decision 2004/387 of the European Parliament85 calls for
measures to increase the efficiency of the organization of Customs
controls and ensure the seamless flow of data in order to, among
other things, make Customs clearance more efficient, reduce
administrative burdens, help to combat fraud, organized crime
and terrorism, protect intellectual property and cultural heritage,
and increase the safety of goods and the security of international
trade. To achieve these objectives, the provision of information
and communication technologies (ICT) for Customs purposes is of
crucial interest.86
80
REGULATION (EC) No 450/2008 of the European Parliament and of the Council of 23 April 2008
laying down the Community Customs Code (Modernised Customs Code), http://eur-lex.europa.eu/
LexUriServ/LexUriServ.do?uri=OJ:L:2008:145:0001:0064:EN:PDF.
81
DECISION No 70/2008/EC of the European Parliament and of the Council of 15 January 2008 on
a paperless environment for customs and trade, http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?
uri=OJ:L:2008:023:0021:0026:EN:PDF.
82
Though the MCC was adopted in April 2008 and entered into force that year, its provisions are
applicable only once the Implementing Regulations are also applicable, at the latest by 2013.
83
Single window can be described as a system that allows traders to lodge information with a
single body to fulfil all import- or export-related regulatory requirements. United Nations Economic
Commission for Europe, The Single Window Concept: Enhancing the Efficient Exchange of
Information between Trade and Government, 2003, http://ec.europa.eu/taxation_customs/
resources/documents/customs/policy_issues/e-customs_initiative/ind_projects/swannexv.pdf
84
One-stop-shop is a concept related to facilitation of custom and border control, in a situation

where goods or travellers are still required to be checked at the border. The one-stop-shop
manages controls for different purposes on behalf of all involved government agencies at the border.
This will contribute to a more expedient, predictable and cost-efficient movement of goods and
travellers together with more efficient use of government resources. One-stop-shop is dependent
on the single window that provides the pre-information needed to perform documentary checks
and risk analysis. One-Stop-Shop, KGH Border Services, accessed 26 June 2012,
http://www.kghcustoms.com/en/business-areas/border-services/one-stop-shop.aspx.
Pursuant to that Decision, the computerization of Customs aims to

achieve the following objectives:
to facilitate import and export procedures;
to reduce compliance and administrative costs and to improve
clearance times;
to coordinate a common approach to the control of goods;
to help ensure the proper collection of all Customs duties and
other charges;
to ensure the rapid provision and receipt of relevant information
with regard to the international supply chain;
to enable the seamless flow of data between the
administrations of exporting and importing countries, as well
as between Customs authorities and economic operators,
allowing data entered in the system to be re-used.87
Other achievements relevant to Free Trade Zone regulations
against crime also exist in four major Free Trade Agreements,
which aim to regulate Free Trade Zones in their respective region.
These include:

North American Free Trade Agreement (NAFTA)

China-ASEAN Free Trade Area (ACFTA)
European Union
Trans-Pacific Partnership (TPP) Agreement
These agreements focus on free trade issues and include

preliminary considerations on fighting crime in Free Trade
Zones. For example, NAFTAs Customs Procedures, Article 504:
Obligations Regarding Exportations prescribes:
1. Each Party shall provide that:
a) an exporter in its territory, or a producer in its territory that
has provided a copy of a Certificate of Origin to that exporter
pursuant to Article 501(3)(b)(iii), shall provide a copy of the
Certificate to its Customs administration on request; and
b) an exporter or a producer in its territory that has completed
and signed a Certificate of Origin, and that has reason to
believe that the Certificate contains information that is not
correct, shall promptly notify in writing all persons to whom
the Certificate was given by the exporter or producer of
any change that could affect the accuracy or validity of the
Certificate.
2. Each Party:
a) shall provide that a false certification by an exporter or a
producer in its territory that a good to be exported to the
territory of another Party qualifies as an originating good
shall have the same legal consequences, with appropriate
modifications, as would apply to an importer in its territory
for a contravention of its Customs laws and regulations
regarding the making of a false statement or representation;
and
b) may apply such measures as the circumstances may
warrant where an exporter or a producer in its territory fails
to comply with any requirement of this Chapter.
3. No Party may impose penalties on an exporter or a producer
in its territory that voluntarily provides written notification
pursuant to paragraph (1)(b) with respect to the making of an
incorrect certification.88
This provision suggests that while NAFTA recognizes opportunity
for criminal fraud exists and proposes measures to prevent it, the
agreement also attempts to balance its overall effects.
85
DECISION 2004/387/EC of the European Parliament and of the Council of 21 April 2004 on
interoperable delivery of pan-European eGovernment services to public administrations, businesses
and citizens (IDABC), http://spol.unica.it/teleamm/2010/fonti-en/decisione2004387-en.pdf.
86
DECISION No 70/2008/EC of the European Parliament and of the Council of 15 January 2008 on
a paperless environment for customs and trade, L 23/21.
22
87
88
Ibid., L 23/22.
NAFTA, Chapter Five: Customs Procedures, Article 504: Obligations Regarding Exportations,
http://www.nafta-sec-alena.org/en/view.aspx?conID=590&mtpiID=129#A504.
As separate Customs areas created to encourage trade and
foreign direct investment, FTZs are subject to unique laws,
regulations, and oversight to take account of their role in job
creation and economic development policies.89 This may result
in weaknesses that make FTZs vulnerable and expose them to
misuse by illegal actors. Generally, these weaknesses mainly
encompass the lack of a standard Customs Code, which is
common at the international level, the lack of legal but instrumental
coordination between the Customs authority and the Zone
authority; and the lack of strict regulatory oversight.
More specifically, consistent with the FATF report,90 the following
vulnerabilities of FTZs are highlighted:
Relaxed oversight: Although FTZs are most often located
near ports of entry (air, sea or land), they operate apart
from traditional rules governing commercial and Customs
procedures: administrative and oversight schemes are reduced
or even eliminated, goods introduced may be subject to
processing and manufacturing operations within the Zone,91
special taxes and administrative arrangements are available to
exporters and export service providers.92

Weak procedures to inspect goods and register legal entities,
and inadequate record-keeping and information technology
systems: In most cases merchandise entering and exiting a
FTZ must be accompanied by commercial documents, for
example a bill of landing and a commercial invoice.93 Yet
Customs and Zone authorities use different and separate
systems to monitor shipments entering and exiting FTZs. Many
countries are still using a paper-based system that makes
cross-national flows impossible to monitor actively, although it
may offer forensic evidence after the fact. A mix of paper and
IT systems, as is often the case, increases the time it takes to
control and check related documents (inbound vs outbound).94
Existing FTZ software systems are often not integrated in
Customs IT systems. The lack of a unique and clear standard
related to Customs clearance and record procedures makes it
very difficult to monitor the flows entering and exiting a FTZ.

Lack of transparency: The regulation of FTZs lacks clarity; in
certain cases it is unclear whether government or the Customs
authority has the jurisdiction to exercise controls. The degree of
Customs intervention is often limited or even absent, controls
are frequently carried out by random selection rather than
on the basis of risk assessment or risk indicators, and Zone
authorities promote the ease of establishing a legal entity in a
FTZ or may not request ownership information from companies
setting up in order to attract business and foreign investment.95

Inadequate safeguards against money laundering and the
financing of terrorism: In many cases, rules and regulations
governing FTZs are outdated as they have not kept pace
with FTZ development. Thus they do not adequately take
into account the Zones money laundering and financing of
terrorism vulnerabilities or the risks of illegal activities being
carried out within them. Moreover, a number of jurisdictions do
not apply the same anti-money laundering or counter-terrorism
financing regulations in the Zone as in the rest of the country,
so these provisions may not be applied to businesses and
89
FATF (2010), Money Laundering Vulnerabilities of Free Trade Zones, p. 15.
90
activities within the special Zones. Some businesses located in

FTZs may fall outside the AML/CFT framework simply because
their activities or operations do not fall within the scope of
traditional financial sector providers located onshore.96 In fact,
money laundering has been taken into consideration in some
newly-enacted laws, but the proceeds of crime relating to
offences such as tax evasion, smuggling, foreign trade law
violations and foreign exchange manipulations have often
remained outside the scope of the new laws.97

Lack of adequate coordination and cooperation between
Zone and Customs authorities: A lack of coordination and
cooperation exists between Customs and Zone management
systems, such that certain data, documents and information
often are not shared between the different authorities.98 In
addition to Customs and Zone authorities, additional regulatory
or law enforcement agencies may be involved at different levels
within the Zone. What is necessary is therefore international
cooperation with a view towards developing a uniform
framework for regulating trade systems in FTZs.

Lack of worldwide regulation on dealing with FTZs and on the
data each should track and pass on: If each FTZ were required
to tag the goods and the cargo carrying the goods through to
destination, the paths of illicit goods could be better identified.
Yet no international procedures or global information sharing
mechanisms exist to track illegal proceeds or goods and
therefore to identify and take action against the criminals.

Lack of unity in rules and regulations globally: There are major
regional differences in terms of the rules, procedures and
oversight by which authorities regulate Customs and trade.
North America, for example, has a more structured framework
and its rules and regulations are stronger than those in China
and/or South-East Asia, where certain financial systems are
weak and judicial systems are less uniform.

In Europe, members of the European Union have similar legal
codes and there is general consistency in regulations. By
contrast, a major feature in many areas of Asia is the diversity
of the justice system, particularly in matters related to FTZs.

Developing countries are establishing FTZs as a vehicle to
facilitate economic development and generate revenue for the
government, although many do not have the ability to provide
the appropriate controls or means to track goods going in and
out of the Zones. As already mentioned, some countries are
still using a paper-based system to administer FTZs.

Aboriginal communities in Canada can be compared with Free
Trade Zones. These communities Sovereignty Rights give them
immunity from certain regulations and allow them to operate
outside the control of the State. While both markets are being
refuted by the Canadian government, a large trade in illegal
cigarettes has emerged and is spreading across the country
between Aboriginal communities, and one community controls
the worlds largest online gambling service an operation that
could be used by money launderers.

The regulatory differences between world regions give rise to
a wide range of concerns about the vulnerability of FTZs and
their potential exploitation by criminal groups.
91
Ibid., p. 16. The tracking of shipments, especially for repackaging is a key element in the control
of FTZs. The same shipment may use FTZs as a base around the globe for no other purpose than to
launder funds.
92
Ibid., p. 8.
96
93
Ibid.
97
94
Ibid., p. 17.
95
Ibid., p. 16.
Ibid., p. 15.
See for example C. Satapathy, Money Laundering: New Moves to Combat Terrorism. Economic
and Political Weekly, Vol. 38, No. 7 (15-21 February 2003), pp. 599-602.
98

23
These various weaknesses make Free Trade Zones ideal for

sheltering criminal operations, counterfeiting and piracy. Generally,
counterfeiters use the transit or trans-shipment of goods through
multiple, geographically diverse ports as a means to disguise
the nature of the products and make it more difficult for law
enforcement to track their activity. As noted earlier, FTZs can
be used to disguise the origins of fake goods and to distribute,
process and even totally manufacture fakes. Ample opportunities
for trade-based money laundering exist, and the low levels of
supervision within FTZs make such operations more difficult to
detect and defeat.
Case 3: Counterfeiting
In the FTZ of Ras-Al-Khaimah in the United Arab Emirates (UAE)
in 2009 a successful criminal prosecution was brought against
a counterfeiter making fake cooling gas cylinders branded with
a famous mark in that industry. (To our knowledge this is the first
known successful criminal prosecution against any enterprise
operating within a Free Zone and is a welcome development
that should serve as best practice development in achieving an
improved regulatory framework against illicit operators in FTZs).101
3.4. Cases
The FATFs Money Laundering Vulnerabilities of Free Trade Zones

is the first global report to address the issue of FTZs as enablers
of crime. However, it is not the first time that the money laundering
and terrorist financing vulnerabilities of FTZs have been identified.
As suggested by the FATF report, the work of the Caribbean
Financial Action Task Force (CFATF) and of the Aruba Free Trade
Zone has developed a number of best practices.
Case 1: Counterfeit Drugs Path Eased by Free Trade Zones

DUBAI, United Arab Emirates ... when the authorities
announced that they had seized a large cache of counterfeit drugs
from Euro Gulfs warehouse deep inside a sprawling Free Trade
Zone here, they gave no hint of the raids global significance.
But an examination of the case reveals its link to a complex supply
chain of fake drugs that ran from China through Hong Kong, the
United Arab Emirates, Britain and the Bahamas, ultimately leading
to an Internet pharmacy whose American customers believed they
were buying medicine from Canada, according to interviews with
regulators and drug company investigators in six countries.
The seizure highlights how counterfeit drugs move in a global
economy, and why they are so difficult to trace. And it underscores
the role played by Free Trade Zones areas specially designated
by a growing number of countries to encourage trade, where tariffs
are waived and there is minimal regulatory oversight.
The problem is that counterfeiters use Free Trade Zones to hide
or sanitize a drugs provenance, or to make, market or relabel
adulterated products, according to anticounterfeiting experts. ...
Dubai is vulnerable because of the huge volume of goods that
move through its free trade areas, and because of what is
perceived by some in the pharmaceutical industry to be a murky
line of authority for rooting out counterfeits there. It is not clear
that the normal Dubai Customs authorities have jurisdiction, said
Rubie Mages, a director of global security for Pfizer.99
Case 2: Contraband Smuggling and Tax Evasion
This investigation involved a money laundering and contraband
cigarette smuggling organization led by PAUL. The large-scale
organization smuggled contraband cigarettes into the United
States from China and subsequently structured cash deposits
to avoid payment of millions of dollars in Washington State tax
revenue. The cigarettes were imported into an FTZ located in
Hawaii, then diverted to the state of Washington, rather than to
the claimed destination, a Native American reservation in Idaho.
PAUL then sold the illegally gained cigarettes in Washington, and
laundered the proceeds.
As a result of the investigation 16 warrants were executed in
Washington and in Hawaii, which yielded 1 451 697 million packs
of contraband cigarettes, one vehicle and over USD 600 000. This
seizure of the cigarettes reflects USD 2 068 668.20 in revenue loss
to the State of Washington, the second largest such seizure in
the history of the State. PAUL and his associates were eventually
indicted for smuggling and trafficking of cigarettes, money
laundering, and structuring financial transactions.100
99
The New York Times, 17 December 2007, http://www.nytimes.com/2007/12/17/world/

middleeast/17freezone.html?_r=1&adxnnl=1&pagewanted=all&adxnnlx=1332833065cwxpj3+XRjT1sxJTIeRqJA.
100
24

3.5. Good practices
Caribbean Financial Action Task Force (CFATF): The CFATF

first began to investigate the money laundering and terrorist
financing vulnerability of FTZs in 2000. Its work led in 2001 to
the formulation of prevention guidelines and recommendations
to CFATF member governments. In general, members
are required to devise, enact, and effectively implement
a comprehensive legislative regime affecting Free Trade
Zones.102

Of some interest is that these recommendations also specify
that where necessary, such a legislative regime should meet
the following requirements:

The Free Trade Zone Authority, if necessary, should be
physically present and operate in the Free Trade Zone.
The appropriate National authorities should, at minimum,
oversee and supervise all operations in the Free Trade Zone
and enforce sanction violations of all applicable laws and
regulations.

Businesses operating in Free Trade Zones must comply
with all applicable laws and regulations and must establish
an anti-money laundering compliance program which
includes an independent review and internal audits. It
is strongly recommended that businesses designate a
compliance officer who shall be responsible for monitoring
and ensuring implementation of the compliance program.

Businesses operating in Free Trade Zones should be
required to identify their clients and to keep the record of
each transaction and to report suspicious activities to the
competent authorities.103

Arubas experience:104 In the mid 1990s, Arubas Free Trade
Zone received a good deal of international bad press, with
allegations ranging from mafia presence and money laundering
to smuggling. This was obviously devastating to Arubas
economy, based heavily on tourism, the single most important
economic pillar.

To deal with the situation, the Aruban Government decided to
research the vulnerabilities of the economy, including its Free
Trade Zone, to identify a general framework by which to solve
the problems and address the weaknesses identified.

101
BASCAP (2011), The role and responsibilities of FTZs, p. 2.
102
103
FATF (2010), Money Laundering Vulnerabilities of Free Trade Zones, pp. 34-35.
104
Ibid., The information on Arubas experience was drawn from the FATF Report.
To protect FTZs from being used for illegal activities, such

as money laundering, underground banking and smuggling,
the guiding principle ... has been prevention: how to raise the
threshold, make it more difficult to launder illegal proceeds,
and protect the integrity of the trade system. The development
of a program based on promoting integrity, prevention,
transparency and risk assessment is a best practice.105
New legislation, based on the principle of trade system
integrity, was introduced, updating and strengthening the
existing rules and regulations. The crucial element of this
new regulatory framework was that all FTZ companies that
wanted to continue operating within the Zone had to pass due
diligence checks and be re-admitted under the new rules and
regulations. The due diligence was mainly performed by means
of pre-admission screening, consisting of background controls,
a business plan and a source of funds declaration:
The Zone authority requires transparency of the company
structure: who is/are the ultimate beneficiaries? The
background checks are done on all shareholders, directors
and persons with a relevant power-of-attorney. Furthermore,
the potential clients must submit a business plan detailing
the intended type of business: what type of goods, services;
between which countries; information on clients. It helps define
a client profile needed for the risk-based approach. Also, the
client must sign a statement declaring the source of funds
which will be used to start up operations and the fact that
these funds do not originate from criminal activity.106
Some clients, for various reasons, never completed the
admission procedures; some companies chose not to be readmitted. It seems to work as a threshold for businesses that
cant or dont want to maintain transparency into their intended
business operations.107
As suggested by the FATF report and the Aruba experience,

although supervisions and controls cannot replace law
enforcement, they are an effective line of first defence. It is at least
heartening to see how many of the challenges were overcome
simply by conducting regular checks at the various companies.108
However, given the transnational nature of trade, the first national
level of defence is not sufficient. International cooperation is also
needed. Unfortunately, an international framework does not exist
in this field and exchanging information among the authorities of
different countries remains difficult. The already noted proliferation
of FTZs makes concerted action necessary globally, but it is not
easy to make changes to reduce the Zones capacity to enable
organized crime and control exchange evasion without destroying
the light touch regulation that is their raison dtre.
105
Ibid., p. 39.
106
Ibid., pp. 39-40.
107
Ibid., p. 41.
108
Ibid., p. 42.
General Recommendations
Building and developing international, regional and national
platforms for cooperation:
Since FTZ crimes typically occur across national and regional
borders, building collaborative platforms at different levels, in
particular at the international level, is essential to effectively
combat FTZ crimes. Such collaboration should include
strategic, legislative, judicial, as well as administrative,
regulatory, resource, enforcement, technical, intelligence,
and other means as necessary. Current platforms should be
examined to identify their pros and cons, using them to plan
and create a system of platforms for cooperation.

Building IT capabilities, and intelligence gathering, processing
and utilization in Free Trade Zones:
Given the serious lack of resources available to contain,
detect and control FTZ crimes in general, and particularly in
developing countries, funds must be allocated to build and
strengthen infrastructure in the fight against FTZ crimes, initially
by enhancing IT and intelligence capabilities.

Enhancing IT capabilities
A standardized procedure for Customs record-keeping,
reducing or eliminating paper records, could greatly
reduce opportunities for fraudulent activities. The MCCs
recommendation on computerization was primarily
proposed to enhance customer efficiency but it also
increases the capacity to combat FTZ crimes. The Council
recommends the wider adoption of the World Customs
Organizations Single Window concept.
Enhanced IT capabilities in FTZ management will not only
better serve businesses in the registration of their activities
but will also improve Customs capacity to monitor and
check these activities without adding undue burdens on
businesses as they conduct their normal commercial
affairs.

Enhancing intelligence capabilities
Intelligence capabilities can be improved by building
and enhancing Financial Intelligence Units and other law
enforcement agencies intelligence data gathering and
analysis abilities.
It is also necessary to enhance cooperation and intelligence
sharing among FIUs, law enforcement entities, Customs
and FTZ authorities.

Raising public awareness and educating officials about the
harms of FTZ crimes:
Many of the FTZs vulnerabilities stem from official inaction.
Existing rules and common sense are not applied to detect
and identify crimes. Certain officials believe fighting crime is not
as important as developing economic activity and trade
in FTZs.

Information campaigns must be launched to communicate
the seriousness of the crimes committed within Free Trade
Zones and the huge amount of harm they cause for the
global economy and trade. One suggestion is to organize and
conduct an assessment of the threats posed by organized
crime in FTZs, communicating its results to a broader
audience.

A call to support systematic research on criminal activity in
FTZs is also desirable. Systematically collecting data on Free
Trade Zone crimes by analysing the cases, describing the
vulnerabilities and identifying the mechanisms would contribute
to a better understanding of FTZ crimes and the Zones
exploitation by organized crime groups.
25
Specific Recommendations
Developing and enacting balanced legislation for Free Trade
Zones:
At the heart of FTZ operations (and criminality) is the relaxation
of regulations meant to increase efficiency. Improved legislation
must thus fully consider this basic feature of Free Trade Zones
in order not to defeat their original purpose. Only balanced
legislation can achieve the desired results and be enforceable.
Thus recommendations include:
developing legislation against the establishment of new
crimes in FTZs that fills existing legal gaps
giving priority to enhancing AML/CFT legislation, including
provisions such as seizing illicit proceeds and recovering
illicit assets
giving priority to enhancing legislation focusing on fraud,
since much of the organized crime in FTZs is fraudulent.
Fraud can be identified in every criminal case in FTZs
empowering authorities, particularly Customs or other law
enforcement agencies, to conduct secondary inspections
enhancing legislation empowering law enforcement
agencies and FIUs to detect FTZ crimes and collect
evidence
enhancing legislation empowering prosecutors to
prosecute FTZ crimes

Developing better mechanisms to trace the origin and
destination of goods:
Developing systematic, efficient and effective regulation
and technology is key to countering FTZ organized crimes.
Therefore, crucial features to be developed globally include:
regulations and technology to trace goods
record-keeping regulations covering the entire itinerary of
traded goods
mechanisms to prevent double invoicing
labelling regulations and checking technology
regulations and technology to facilitate the authenticity of
the goods and identify their origin
the registration and documenting of parts
information requirements to identify ownership
risk assessment tools to facilitate the sampling of goods for
verification and monitoring purposes

Developing Customs primary cooperation:
given the existing structure and achievements, encouraging
the World Customs Organization to take the lead at the
international level, and Customs authorities to take the lead
at other levels
developing international collaboration on a standard
Customs Code
developing an international standard for Customs
clearance
developing model coordination regulations between
Customs and Zone authorities
26
Members of the Global Agenda

Council on Organized Crime
2011-2012
Chair
Ernesto U. Savona, Director, Transcrime, Italy
Vice-Chair
Rob Wainwright, Director, Europol (European Police), The Hague,
Netherlands
Members
Margaret Beare, Professor, Osgoode Hall Law School, York
University, Canada
Nelson Cheng, Deputy Commander of the Eastern District, Hong
Kong Police Force, Hong Kong SAR, Peoples Republic of China
Peter Gastrow, Senior Fellow and Director, International Peace
Institute (IPI), USA
David E. Kaplan, Partner, Investigative Journalism Consultants,
USA
Michael J. Keelty, Adjunct Professor, Charles Sturt University,
Australia
Michael Levi, Professor, Crime, Security and Justice Research
Group, Cardiff University, United Kingdom
Liu Jianhong, Professor of Criminology, University of Macau,
Peoples Republic of China
Richard Magnan, Associate, General Council, Kudelski Group,
Switzerland
Larisa Miculet, Head, Personnel, Legislation and Litigation
Division, Ministry of Foreign Affairs and European Integration of
Moldova, Moldova
Grant Newsham, Executive Director, Corporate Security, Morgan
Stanley Japan, Japan
Kuniko Ozaki, Judge, International Criminal Court (ICC),
Netherlands
Hernan Penafiel, Head, Teaching, Universidad Mayor Law School,
Universidad Mayor, Chile
John Sandage, Director, Division for Treaty Affairs, United Nations
Office on Drugs and Crime (UNODC), Vienna, Austria
Mas Achmad Santosa, Member, Presidential Anti-Judicial Mafia
Task Force, Government of Indonesia, Indonesia
Louise Shelley, Professor, School of Public Policy, George Mason
University, USA
For information on projects initiated by the Global Agenda Council

on Organized Crime, please contact Navitri Putri Guillaume at
navitri.putriguillaume@weforum.org.
The World Economic Forum

is an independent international
organization committed to
improving the state of the world
by engaging business, political,
academic and other leaders of
society to shape global, regional
and industry agendas.
Incorporated as a not-for-profit
foundation in 1971 and
headquartered in Geneva,
Switzerland, the Forum is
tied to no political, partisan
or national interests.
World Economic Forum

9193 route de la Capite
CH-1223 Cologny/Geneva
Switzerland
Tel.: +41 (0) 22 869 1212
Fax: +41 (0) 22 786 2744
contact@weforum.org
www.weforum.org

Organized Crime Enablers

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Organized Crime Enablers

Transféré par

Droits d'auteur :

Formats disponibles

Global Agenda Council on Organized Crime

World Economic Forum

Global Agenda Council on Organized

What Are the Enablers?

This report is the result of the continuous work of the Members of

14 2. Enablers of money laundering:

Milan, July 2012

Members of the Global Agenda

Global Agenda Council on Organized Crime

The Enablers of Cybercrime

in response to cybersecurity measures. This examination would

The Enablers of Money Laundering

Global Agenda Council on Organized Crime

Active criminal infiltration of professional roles or subornation of

Free Trade Zones as Enablers of Organized Crime:

Both issues beneficial owners and professional service providers

With respect to banking and financial regulations, Free Trade

A global level playing field may be impossible to achieve, but

Under Organized Crime Enablers, this report considers the issue of

More generally, as noted in a report by the Financial Action

FATF (2010), Money Laundering Vulnerabilities of Free Trade Zones, p. 4, http://www.fatf-gafi.org/

Global Agenda Council on

Enablers Exploiting Illicit/Licit

The Global Agenda Council on Organized Crime focused on

The 2010 United Nations Office on Drugs and Crime (UNODC)

In developing this report, the Council took into account two

Accordingly, a broader conception of the problem of organized

Global Agenda Council on Organized Crime

What Are the

Global Agenda Council on Organized Crime

Global Agenda Council on Organized Crime

Cybercrime can be defined as any crime committed using a

1.1. Main features

Such remarks are in line with many international instruments

between the buyers and the suppliers, thereby reducing costs

COUNCIL OF EUROPE (2001), Convention on Cybercrime - http://www.unicri.it/emerging_crimes/

EUROPOL (2011), Threat Assessment (Abridged) Internet Facilitated Organized Crime,

Global Agenda Council on Organized Crime

Ibid., pp. 5-6.

vital for both developed countries and developing countries.

and their partners around the world were designated before

International Telecommunication Union (2009), Understanding Cybercrime: A Guide for

International Telecommunication Union (2009), Understanding Cybercrime: A Guide for

International Telecommunication Union (2009), Understanding Cybercrime: A Guide for

See for more details: McAfee, (2011), Underground Economies, http://161.69.13.40/us/

1.5. Good practices

Case 1: Mariposa Botnet27

Good practices minimize the value of cybercrime enablers to

Case 2: Rustock Botnet28

In the United States, CERT,32 Symantec,33 and McAfee34 provide

http://www.symantec.com/about/news/release/article.jsp?prid=20110831_01 and http://www.

http://www.theregister.co.uk/2010/03/19/voda_spain_mariposa_latest/ and http://www.

Global Agenda Council on Organized Crime

Enhancing cooperation and sharing information:

Establishing coordinating structures:

Global Agenda Council on Organized Crime

Global Agenda Council on Organized Crime

In the anti-money laundering movement, two main issues have

Figure 1 Professionals who came into contact with the proceeds

2.1. Main features

UNITED NATIONS RES/58/4 (2003), United Nations Convention against Corruption,

FATF (2003) 40 Recommendations, http://www.fatf-gafi.org/media/fatf/documents/40%20

FATF (2012) The FATF Recommendations: International Standards on Combating Money