Common AML Schemes: Account Takeover


Bryan Chapman

Publish Date



  • AML and Financial Crime

Money laundering and financial crimes pose large risks to financial firms, both from a reputational and regulatory perspective. However, these schemes can take many forms making it difficult for firms to do their due diligence to protect themselves and their investors.

We’ve put together a series of the most common forms of money laundering and financial crimes and what firms can do to combat each one.

Account takeover

Account takeover (ATO) schemes are a type of cybercrime when attackers gain unauthorized access to an individual's or business's online accounts, often for the purpose of committing fraud or stealing sensitive information. ATO schemes can take many forms, but some common tactics include:

  • Phishing: Attackers send fake emails or texts that appear to be from a legitimate source, such as a bank or a service provider, and contain a link or attachment that, when clicked or downloaded, installs malware, or prompts the recipient to enter login credentials.
  • Malware: Attackers use malware, such as viruses or trojans, to infect a device or network and gain access to login credentials or other sensitive information.
  • Social engineering: Attackers use psychological manipulation or trickery to obtain login credentials or other sensitive information.

ATO schemes can be used to facilitate money laundering when attackers use stolen login credentials to transfer funds or make purchases without the account owner's knowledge or consent.

For example, an attacker who gains access to a business's bank account could transfer funds to a shell company, or other account controlled by the attacker, making it difficult to trace the funds or identify the perpetrator.

How to combat ATO

Several precautions can be taken to prevent an ATO scheme, such as:

  • Check the URL of the website before logging in to ensure that it is legitimate
  • Use two-factor authentication to add an extra layer of security to an account
  • Be suspicious of unsolicited emails asking to login to an account, even if they appear to be from a reputable source
  • Monitor accounts for unusual activity and report any suspicious activity to law enforcement and financial institutions as soon as possible

By taking these precautions, the individual could have prevented the attackers from gaining access to his account and stealing his money.

How we help

ACA’s AML and Financial Crimes practice offers advisory services and solutions to assist financial services firms in addressing threats and regulatory obligations associated with financial crime. We work with investment advisers and broker-dealers, among others, to assess risk, develop policies and procedures, and perform independent tests and gap analyses. Our support can incorporate our ComplianceAlpha® regulatory technology and managed services to help your firm meet its data screening, ongoing monitoring, remediation and reporting needs.

Reach out to your ACA consultant, or contact us to find out how ACA can help you meet your AML requirements. 

Contact Us