In settling criminal charges brought by the U.S. government, Western Union made a remarkable admission about the scope of illegal activity on its fabled money transmission network.

The Englewood, Colo.-based firm acknowledged receiving customer complaints of more than $500 million in fraudulent transactions between 2004 and 2012.

But that number represents only the tip of the iceberg. Many fraud victims did not complain directly to Western Union, authorities said.

What’s more, the half-billion dollars did not include substantial additional sums that were moved illegally with the assistance of complicit Western Union agents. Some of that money was connected to drug dealing and human trafficking.

The company, which operates in more than 200 countries, allegedly had lots of information about particular agents who were enabling illicit transactions but did not do enough to weed them out.

“Even when faced with clear evidence that many of its agents were committing fraud, Western Union kept taking people’s money,” the Federal Trade Commission said in a blog post Thursday. There were “probably billions in fraud-related transfers sent since January 2004.”

The case, in which Western Union agreed to forfeit $586 million, highlights a couple of important points about the government’s zealous efforts to crack down on money laundering and other illegal uses of the U.S. payment system.

First, the dense web of controls that is designed to thwart criminals and terrorists is only as effective as its weakest links.

Since 2012, Western Union has apparently made significant strides. But before that time, the company appears to have represented a large hole in the anti-money-laundering net.

Second, for all of the recent focus on how digital currencies can be used to move illicit funds, an enormous amount of criminal conduct has been relying on an older, far less fashionable mechanism for moving money.

Western Union was founded in 1851, 14 years after the invention of the telegraph. Today it is a publicly traded firm with more than 500,000 agents across the globe.

Compared with banks, where operations are typically tightly controlled, Western Union operates in a decentralized manner. The firm signs contracts with agents, who then enroll subagents, who offer Western Union money transfers at retail locations.

Western Union’s internal reports identified certain locations where large percentages of the transactions — more than 75% in at least one case — involved confirmed fraud, potential fraud or other suspicious activity, according to an FTC complaint filed Thursday.

“Western Union has allowed many of these agents and subagents to continue operating, with only temporary suspensions, if any,” the complaint stated.

Western Union filed many thousands of suspicious activity reports — the same reports that banks are required to send to authorities when they have a bad hunch. But the company acknowledged that it rarely identified its agent locations as suspicious actors in those reports.

Over time, certain Western Union locations that proved willing to enable illegal conduct gained substantial business. A vitamin and herbal supplements store in Monterey Park, Calif., was described by a Western Union employee in 2006 as the firm’s No. 1 China account.

Between 2005 and 2010, this store sent more than $310 million in Western Union transactions to China, roughly half of which were structured to avoid the creation of required records or reports.

Since 2004, another agent location in Detroit has paid out at least 194 money transfers that were reported as fraudulent, totaling $379,031, according to the FTC.

“Although this agent has received Western Union’s fraud prevention training multiple times, it has continued to receive fraud complaints,” the FTC’s complaint stated.

In recent years, as Western Union came under close government scrutiny, the firm has stepped up its efforts to comply with federal law.

Between 2013 and 2015, Western Union more than doubled the number of employees in its compliance department and increased the department’s budget by more than 60%. The firm said Thursday that it now spends roughly $200 million per year on compliance.

Now the question is: Where will the next big hole in the net appear?

Subscribe Now

Authoritative analysis and perspective for every segment of the payments industry

14-Day Free Trial

Authoritative analysis and perspective for every segment of the industry