Transcrime ¦ Criminal Red Flags in AML Due Diligence for High-Risk Customers and Supply Chains (DATACROS III)

Organized crime has changed its shape

Organized crime has become more fluid, more corporate, and more financially skilled. Criminal networks use legitimate business structures, banking channels, real estate, logistics, virtual assets, and even artificial intelligence to move illicit funds and hide their activities. In many cases, they do not sit outside the economy – they operate inside it, using the same tools as lawful companies but for unlawful purposes.

This shift matters for anti-money laundering teams, compliance officers, auditors, investigators, and supply chain professionals. The old image of organized crime is no longer enough. The real threat today often sits behind clean documents, respectable front companies, and complex ownership structures that look normal at first glance.

Why AML due diligence needs a wider view

The core problem is that criminal actors increasingly exploit ordinary commercial systems. They seek access to cash-intensive businesses, public subsidies, procurement contracts, and sectors with weak oversight. They may use shell companies, nominee directors, layered ownership chains, and cross-border structures to make the flow of funds hard to trace. They also use digital tools, including crypto mixing services, fake identities, and automated fraud techniques, to stay ahead of traditional monitoring systems.

For AML teams, this means due diligence cannot stop at basic identity checks. It must include beneficial ownership analysis, transaction pattern review, source of funds and source of wealth checks, adverse media screening, and a close look at whether the company’s business logic actually makes sense. A formal document is not enough if it does not match economic reality.

Bastian Schwind-Wagner _Follow

"Organized crime has become increasingly corporate in style, using legitimate businesses, complex ownership structures, and cross-border flows to hide illicit activity. For AML teams, the key challenge is to spot when a company’s structure, transactions, or behavior no longer match its stated business purpose.

Effective due diligence depends on looking beyond formal documents and checking whether the economic reality makes sense. Red flags such as opaque ownership, unusual payment patterns, and links to high-risk jurisdictions should trigger closer review and, where needed, escalation."

The criminal playbook: infiltration through legitimate businesses

One of the biggest red flags in modern financial crime is the use of lawful business structures for unlawful ends. Criminal groups often choose financially stressed companies, weakly controlled businesses, or sectors where large amounts of cash or complex subcontracting make detection harder. The process can begin with an apparent investment or private loan, followed by pressure, intimidation, or the gradual replacement of legitimate management. Over time, the company becomes a vehicle for laundering proceeds, issuing fake invoices, moving contraband, or winning fraudulent contracts.

This process often follows a clear pattern. First comes target selection. Then comes initial penetration through capital injection or nominee involvement. After that, the criminals seek operational control by influencing key staff, financial signatories, or compliance functions. The final stage is full integration, where the legal entity is used as a front for ongoing criminal activity. At that point, the company may still appear normal from the outside, even though it is now serving the interests of organized crime.

Sectors that attract criminal networks

Criminals do not choose sectors at random. They focus on industries with useful weaknesses.

The financial sector remains a prime target because it allows dirty cash to be converted into liquid, harder-to-trace assets. Criminals also exploit weak regulatory environments and fragmented supervision across countries.

Construction is attractive because it is capital intensive, relies on subcontracting, and often involves complex billing and wage structures. Fake invoices, inflated material costs, and cash wage payments can hide large volumes of illicit money.

Waste management is another common choice. It combines regulation, low public visibility, and opportunities for illegal dumping, document manipulation, and underpricing. Environmental crime often carries lower penalties than drug trafficking, which makes it a highly attractive route for profit and laundering.

Renewable energy is increasingly vulnerable because of public subsidies, tax incentives, and large upfront investments. These projects can absorb significant sums of illicit money while appearing consistent with policy goals. Similar logic applies to real estate, which allows large-scale laundering through property purchases, shell buyers, and rapid flipping.

Logistics and supply chain operations are also exposed. Criminal groups use shipping networks, port access, falsified cargo records, and container concealment to move goods or funds across borders. Hospitality businesses such as hotels, restaurants, and bars remain useful because they handle regular cash turnover that can easily be mixed with illegal proceeds.

What AML professionals should watch for

In customer due diligence (CDD), some of the clearest warning signs are not dramatic. They are often ordinary-looking inconsistencies. A company may have ownership that is too complex for its size or activity. Its directors may change repeatedly. Its registered address may be shared with many unrelated entities. Its declared business purpose may not fit its actual transactions. It may be based in, or linked to, jurisdictions with weak AML controls or poor transparency.

Behavior also matters. A customer who is evasive about ownership, unwilling to provide documents, slow to answer basic questions, or unusually knowledgeable about thresholds, reporting rules, or money laundering methods may require closer scrutiny. So may a client whose lifestyle clearly does not match declared income, or a business that has adverse media, criminal links, or unexplained interest in complex corporate arrangements.

Transaction behavior is just as important. Red flags include unusual amounts, irregular frequency, rapid movement of funds, repeated rejected payments, use of dormant accounts, payments split just below reporting thresholds, and flows that have no clear economic purpose. Complex routing through several companies or countries for a simple transaction is another warning sign. The more red flags appear together, the stronger the concern should be.

Why beneficial ownership matters

A recurring issue in financial crime is opacity around the true owner or controller of an entity. Criminals often hide behind trusts, offshore companies, nominee directors, and layered holding structures. On paper, the company may look legitimate. In practice, the real control may sit elsewhere.

This is why beneficial ownership checks are so important. AML professionals need to understand not just who is named in the documents, but who actually controls the entity, who benefits from it, and whether the structure makes sense in light of the business activity. When ownership is hidden or unnecessarily complicated, the risk rises sharply.

Supply chain risks extend beyond tier one

Financial crime in supply chains does not end with the immediate supplier. Risks can spread through tier two, tier three, and beyond. Trade-based money laundering, TBML, is especially important here because it can use invoices, pricing, shipping records, and product descriptions to move value through the chain. That means supply chain due diligence needs to look not only at direct counterparties, but also at the wider network of relationships, documents, and flows.

A good supply chain risk process starts with mapping the chain, assessing the most relevant risks, deciding on mitigation measures, and monitoring results over time. This is not a one-time exercise. Risk changes, suppliers change, routes change, and criminals adapt quickly. Visibility across the chain is essential, especially where logistics, sourcing, or vendor access can be exploited.

Transparency, verification, and continuous monitoring

Transparency is often used loosely, but it really depends on two things: visibility and disclosure. You have to know what is happening, and you have to share the right information with the right people. Traceability helps establish where goods or funds came from. Visibility helps manage risk internally. Transparency is the deliberate sharing of relevant information with stakeholders.

Still, transparency is only useful if the underlying data is reliable. A supplier map or company registry entry can create a false sense of security if the data has not been checked. That is why verification, audits, site visits, and continuous monitoring matter. The goal is not to look once and move on. The goal is to keep the picture current and to spot changes early.

Technology can help, but it does not replace judgment

Automation, artificial intelligence, blockchain tools, biometric checks, and network analysis can all support AML and supply chain due diligence. They can help detect anomalies faster, reduce false positives, and make monitoring scalable. But technology also has limits. Poor training data, bias, weak explainability, and manipulation risks can create new problems.

This is why human judgment remains essential. Automated systems should flag unusual patterns, but people still need to review the context, assess credibility, and decide whether to escalate. The best results come when data, tools, and expertise work together.

The main lesson for compliance teams

The biggest takeaway is simple. Organized crime works through legitimate business structures, not just outside them. That means AML due diligence must be built around behavior, economic logic, ownership transparency, and cross-border risk, not just formal paperwork. The same is true for supply chains, where hidden risks can move far beyond the first supplier and into deeper tiers.

For financial crime professionals, the task is to notice what does not fit: ownership that is too opaque, transactions that make no economic sense, business activity that does not match the profile, and supply chain patterns that hide rather than explain. Good due diligence is not about finding one perfect answer. It is about connecting the signs, testing the story, and following the evidence carefully before crime becomes fully embedded.