Techniques used to fund terrorism and launder money evolve rapidly. At the moment, new payment methods, specific conventional banking areas and even charities and non-profit organizations are all targets for launderers.

New payment methods can offer anonymity, high acceptance and convenience of funds, supported by global access to cash via ATMs. All of these things make them very attractive to launderers. To compound the challenge for authorities and banks, not all of the new payment types are regulated by the same agencies as the financial institutions.

Pre-paid cards, virtual currencies, mobile payments and internet payment products mean money can change hands very rapidly. Because credit risk tends not to be assessed when accounts are created, the money can come into the banking system from unscrupulous sources because proper due diligence of the money mover was not done.

This action isn’t just confined to the latest and greatest trends—traditional banking areas are also under attack. Trade finance is being exploited to raise credit and secure funds for inventory that never existed to begin with—or was undervalued or overvalued in the trade transaction. Correspondent banking is being exploited to transfer funds through nested accounts that had direct ties to drug traffickers to launder their cash.

There’s another threat—cyber attacks are being used to create vulnerabilities through which money can be laundered. The spring 2014 bulletin from the Office of the Comptroller of the Currency warned of this possibility “Banks continue to be attractive targets of coordinated and sophisticated cyber attacks… There is concern that cyber criminals will transition from disruptive attacks to attacks that are intended to cause destruction and corruption.” Directly corrupting banking systems via a cyber attack in order to bypass AML measures is a new direction for cyber criminals, and one that would represent a significant challenge.

Finally, charities and not-for-profits can be exploited to innocently distribute money and services to terrorist networks. This assumes the charity or non-profit is legitimate in the first place, and not a criminal or terrorist front organization with a useful set of tax exemptions. While the majority of charities and the transactions that flow through them are legitimate, they remain a potential target for terrorist financing, and the harm this can do to innocent parties—and the people the charity might be trying to help in the first place—can be severe.

Identifying when something is not quite right in this context takes more than a sharp-eyed employee. Increasingly, and not just for huge multinational banks, it requires sophisticated, specialist technology.

A key part of fighting money laundering is knowing one’s customers, and understanding the risk they represent—a combination of the relationship they have with your business, the products they buy and where they transact business. This sort of risk profiling isn’t something that can be done once and then filed away. It is vital to update the risk rating of each customer as the nature of what they do, and where they do it, changes.

Sophisticated technology that combines financial and non-financial data and information that provides context and background helps analysts understand why an alert may have been raised. The challenge for any technological solution is to avoid false positives and give the humans involved in the AML or CTF process the chance to analyse, understand and act.

Understanding sanctions can also be a huge task, not least because world events and the people caught up in them change so rapidly. The range of different sanctions in place changes constantly, as does the list of Politically Exposed Persons (PEPs) that financial institutions need to be aware of and monitor. Given the amount of data involved, cross checking sanctioned names and entities against the known lists effectively is best done using list matching technologies.

To be prepared, financial institutions’ AML and CTF teams, must employ, a multi-pronged approach.  First, programs must be designed to keep pace with the plans and tactics of adversaries who never play fair, or do things by the book. Second, decision makers must stay abreast of the wealth of new products, services, and customers that your financial institution engages with. Finally, the AML systems in place need to be able to change and grow as your business does.

Laurie Gentz heads the North American Compliance group for BAE Systems Applied Intelligence.