How to Combat the Looming Threat of DPRK Fincrimes

A joint advisory notice was issued to alert the international community, private sector, and the public, regarding the increased attempts by DPRK and DPRK IT workers to obtain employment as non-DPRK nationals. The impact of these attempts is far reaching, inundating freelancer platforms and introducing additional financial crimes risk on payment providers.  According to data from Ernst and Young, the annual cost of money laundering and associated crimes ranges from USD $1.4 trillion to USD $3.5 trillion. This new type of financial crime could potentially increase the range of costs. While a reactive approach to identifying and reporting fraud may once have been the industry rule, in the face of these growing threats law enforcement and financial technology companies (fintechs) – especially those facilitating cross-border payments – need to work together to proactively mitigate the wide range of risks associated with DPRK IT workers: theft of intellectual property, data, funds, and legal consequences. and legal consequences. 

A new type of Fincrime is emerging 

As the movement of money has become increasingly digitized, opportunities to work remotely via freelancing have become abundant. This presents another channel of funds movement that requires risk and compliance monitoring. Fraudsters have been focused on attacking financial institutions like payment service providers, traditional banks, and neobanks, which are notoriously siloed. If the private sector continues to build fraud solutions in isolation, removing bad actors like DPRK-IT workers from the financial ecosystem will become far too dispersed and complex. Awareness of the problem at hand is an important first step; how the industry responds to it will be another.  

Three ways to fight emerging fincrime 

1. Fintech-law enforcement cooperation: The only way to navigate the current fincrime landscape is for fintechs to demonstrate a strong commitment to global risk management and platform security, working with law enforcement on a continual basis to mitigate the threat of fraud. A one-way conversation in which fintechs flag suspicious activity and pass cases to law enforcement is not enough anymore. In today’s instant, complex environment, fintechs need to regularly collaborate with law enforcement to identify and co-investigate suspicious activity in an ongoing two-way conversation. For example, at Payoneer, we host workshops with law enforcement agencies, regulators, other financial institutions, and businesses to increase awareness among our customers and peers. These types of workshops are intended to proactively identify emerging threats, develop solutions, and maintain an open dialogue aimed at help creating a safer global economy. Our most recent workshop was specifically aimed at addressing the joint advisory notice and sharing knowledge on how best to mitigate emerging financial crimes, including DPRK IT Worker fraud.  
2. Lead with compliance: Fintechs also need to make sure their own houses are in order, taking a strong “compliance first” approach to cross-border growth. Startups are known for growing fast and breaking rules, but working with regulators to ensure compliance across every business unit and in every country in which the company does business is essential to protecting funds. Instead of being avoided, regular third-party auditing should be encouraged, because the integrity of the financial ecosystem is based on customer trust. 
3. Invest in technology: Finally, fintechs need to be strategic with their approach to combatting fincrime and fraud. As criminals use increasingly sophisticated AI (e.g. deep fakes) to try to steal funds, fintechs need to use AI to identify and prevent criminal activity. It’s not enough simply to spot patterns anymore, today’s security AI needs to predict and eliminate potential future avenues for crime. Investing in technological development and security protocols is therefore non-negotiable, as is continually optimizing AI risk frameworks. KYC systems need to be resilient and dynamic, adapting to the evolution of financial crime. 

While increasing technological sophistication presents significant growth opportunities for small businesses, it also creates new risks when it comes to fraud. Real-time collaboration between fintechs and law enforcement, a laser-focus on compliance, and investing in robust, adaptive AI is the best way fintechs can stand against evolving threats. It is also the way to retain customer trust and protect the integrity of global trade.