News

Editor’s Note: In the 11^th installment of our series, the moneylaundering.com legal team covers the rise of money laundering through video games.

The accessibility and potential anonymity of online video games have made them an increasingly popular vehicle for laundering illicit proceeds, according to research from multiple sources.

As recently as October, Valve, the software firm behind the Counter-Strike video game series, banned players from using its online marketplace to sell or trade certain in-game items for government-issued cash after finding that “worldwide fraud networks” were using it “to liquidate their gains.”

“At this point, nearly all … purchases that end up being traded or sold … are believed to be fraud-sourced,” Valve disclosed at the time.

Sixgill, a cybersecurity firm based in Israel, reported in January 2019 that several online games have fallen prey to the phenomenon, including Fortnite, where criminals have bought gaming items with stolen credit-card details and sold them at a discount on the dark web, gamer-specific markets like G2G and G2A, and even on eBay.

An April 2018 report by Mike McGuire, a senior lecturer at the University of Surrey in Guildford, England, who has studied the trend, flags Asian nations as “hotspots for in-game currency laundering” but notes that criminal exploitation of online gaming platforms is not new.

Ten years prior to the report, South Korean police made several arrests in connection with a scheme to transfer $38 million “gathered from online Korean video games” back to a “gold farming” group in China.

Recent years have seen Clash of the Titans, Marvel Contest of Champions, Clash Royale and other games that feature their own in-game currency abused in a similar fashion, according to Kromtech, a software firm headquartered in London.

FireEye, a cybersecurity firm in California, reported in August 2019 that Chinese cybercrime and espionage group APT41 mostly targets video game companies in East and Southeast Asia but occasionally defrauds U.S. companies as well by “abusing in-game currency mechanics.”

APT41 once raked in tens of millions of dollars in fewer than three hours by hacking into the production environment of “a popular game’s virtual currency.” The in-game funds were distributed to more than 1,000 gamer accounts controlled by the group, which most likely liquidated their gains on third-party websites.

Despite their vulnerabilities, game developers almost invariably fall outside the scope of anti-money laundering program requirements—with few exceptions.

In July 2019, California’s Linden Lab, the developer of Second Life, an online virtual world that uses an in-game currency exchangeable for mainstream cash, announced that players would have to provide their names, addresses, dates of birth and social security numbers going forward.

The company also established its own money services business, Tilia, which is now registered in at least 46 U.S. states.

Most developers will forego adopting compliance programs on a voluntary basis, according to the Royal United Services Institute. In October 2019, the London think tank called for regulating certain online games as virtual asset service providers and argued that the Financial Action Task Force should expand its definition of virtual currency, or cryptocurrency, to cover them.