Main/

Actors Taxonomy Design

Actors taxonomy is an integral part of the AMLTRIX framework, aimed at standardizing how diverse and multi-purpose roles—spanning individuals, legal entities, networks, or structures—are represented in money laundering threat models. By clearly defining who might be involved and how, AMLTRIX provides a consistent reference for describing, contextualizing, and explaining money laundering techniques.

1. Motivation & Background

1.1 Why Actors Matter

In money laundering (ML), terrorist financing (TF), and related illicit behaviors, which actors are involved can be just as critical as how illicit activities are conducted. An “actor” might be:

  • A regulated financial institution (e.g., a licensed bank)
  • A private individual (e.g., a cardholder, account holder, beneficial owner)
  • A criminal organization or network (e.g., drug traffickers, terrorist financiers, professional money launderers)
  • A special-purpose entity (e.g., a shell company, an offshore trust, or a nonprofit that can be exploited)

Often, these categories overlap in practice. A single business may be thoroughly legitimate yet unwittingly exploited by criminals, or an individual might simultaneously be a professional advisor, a nominee, or even a money mule. Consequently, AMLTRIX emphasizes a flexible yet structured approach to classifying actors, ensuring consistent labeling in a machine-readable knowledge graph.

2. Two-Dimensional Classification for Actors

In AMLTRIX, actors are categorized along two distinct dimensions:

  1. A Main Group (Functional Role), to indicate the actor’s primary domain or purpose.
  2. An Actor Type (Legitimate, Illicit/Criminal, or Potentially Exploited), to capture the actor’s default posture or risk profile.

Each actor archetype in the knowledge graph is defined by exactly one Main Group and exactly one Actor Type. This structure ensures clarity when referencing “who” is involved in money laundering techniques—without overwhelming the taxonomy with duplicates or multi-category listings.

2.1 Main Group (Functional Role)

The Main Group reflects an actor’s core function, indicating the sort of activity, service, or organizational identity the actor typically represents. AMLTRIX recognizes seven high-level Main Groups, each capturing a broad slice of real-world actors:

  1. Financial Institutions & Services

    • Definition: Regulated (or partially regulated) entities that offer deposit-taking, investment, lending, payment, money transfer, insurance, or other financial services.
    • Real-World Examples: Banks, credit unions, prepaid card issuers, money services businesses (MSBs), virtual asset service providers (VASPs), insurance firms, finance or leasing companies, investment brokers.
    • Context & Vulnerabilities:
      • May serve as entry/exit points for illicit funds.
      • Required to implement AML controls (KYC, CDD, transaction monitoring), but criminals may attempt to exploit weak compliance or use front accounts.
      • Might be unwitting facilitators (if staff lack training) or complicit enablers (if corrupt).

  2. Professional Services & Advisors

    • Definition: Specialized service providers that offer consulting, legal, accounting, auditing, fiduciary, or advisory services.
    • Real-World Examples: Lawyers, accountants, auditors, notaries, tax advisors, corporate/trust service providers, insurance brokers, compliance consultants, real estate or investment advisers.
    • Context & Vulnerabilities:
      • Often handle sensitive client information (beneficial ownership, complex transactions) and can help structure deals or corporate vehicles.
      • Can be exploited if there are gaps in due diligence or if professionals become willfully blind to suspicious activities.
      • Some are officially categorized as DNFBPs (Designated Non-Financial Businesses and Professions) in certain jurisdictions.

  3. Corporate & Commercial Entities

    • Definition: Private businesses formed for commercial purposes, offering products or services outside the primary scope of financial services.
    • Real-World Examples: Retailers, manufacturers, trading companies, shipping/logistics providers, gaming operators (e.g., casinos), precious-metals dealers, art dealers, online marketplaces.
    • Context & Vulnerabilities:
      • Might handle high-volume cash transactions or international supply chains—facilitating layering or trade-based money laundering.
      • Can be legitimately operating while still used for falsified invoicing, over/under-invoicing, or cross-border smuggling.
      • Some segments (casinos, dealers in precious metals/stones) have explicit AML obligations depending on jurisdiction.

  4. Government & Public Sector

    • Definition: Actors in or closely affiliated with national, regional, or local government structures, including elected officials, public agencies, or state-owned enterprises.
    • Real-World Examples: Legislators, ministers, mayors, regulatory bodies, central banks (in their governmental capacity), government contractors, public development funds.
    • Context & Vulnerabilities:
      • Politically Exposed Persons (PEPs) fall here, presenting higher risk of bribery or corruption.
      • A public official might misuse their position to launder illicit funds (e.g., corruption proceeds) or provide cover for others.
      • Public sector organizations can be targeted for embezzlement or infiltration by criminal networks seeking a veneer of official legitimacy.

  5. Customers, Clients & Private Individuals

    • Definition: Individual persons acting in a personal capacity (as opposed to institutional or corporate capacity).
    • Real-World Examples:
      • Retail bank customers, credit card holders, e-wallet users, beneficial owners, employees, high-net-worth individuals, or informal private investors.
    • Context & Vulnerabilities:
      • Individuals can be money mules, nominees, or unwitting participants if criminals co-opt their accounts or identities.
      • Fraudsters may use stolen identities to open multiple personal accounts.
      • Compliance teams often rely on KYC procedures to detect anomalies or unusual activity from private individuals.

  6. Criminal & Illicit Networks

    • Definition: Actors or groups explicitly engaged in predicate offenses, money laundering facilitation, or direct complicity in criminal activities.
    • Real-World Examples: Organized crime syndicates, professional money laundering networks, drug traffickers, terrorist cells, illicit arms dealers, sanctioned entities, document forgers.
    • Context & Vulnerabilities:
      • Inherently outside legal frameworks, they develop specialized laundering techniques and may infiltrate legitimate actors to disguise funds.
      • Typically flagged for enhanced due diligence or outright prohibition by financial institutions.
      • Require ongoing intelligence and law enforcement cooperation to detect and disrupt.

  7. Special Purpose Entities & Structures

    • Definition: Legal vehicles or organizational forms created for specific financial, asset-management, or wealth-protection goals—often leveraged for secrecy, anonymity, or complex ownership arrangements.
    • Real-World Examples: Shell companies, front companies, offshore trusts, private foundations, real estate investment trusts (REITs), nonprofits or charities that can be misused.
    • Context & Vulnerabilities:
      • May be legitimate tools for asset protection or tax planning but also widely used in layering or obfuscating beneficial ownership.
      • Minimal disclosure requirements in certain jurisdictions make them prime targets for criminals.
      • Institutions often have difficulty verifying the ultimate beneficial owner behind such structures.

Choosing a Single Main Group

A single organization can appear to fit multiple groups (e.g., a consulting firm offering regulated financial advice). AMLTRIX, however, enforces one best-fit classification—whatever domain is most relevant to the role the actor typically plays in money laundering. Additional details or cross-functional notes can be stored separately (e.g., via sub-tags or relationships).

2.2 Actor Type

Once an actor’s Main Group is identified, we assign its Actor Type—essentially signaling whether it generally operates lawfully, is inherently illicit, or stands at a higher risk of unwitting exploitation:

  1. Legitimate

    • Definition: Actors presumed compliant with AML/CFT obligations, abiding by legal requirements, and not knowingly facilitating money laundering.
    • Indicators: Licensing or registration, adherence to relevant regulations, normal corporate governance, transparent beneficial ownership (if relevant).
    • Examples: A well-known bank, a reputable accounting firm, an established retailer operating within legal norms.

  2. Illicit / Criminal

    • Definition: Actors primarily engaged in, or sanctioned for, criminal pursuits; or who exist to facilitate illicit activity.
    • Indicators: Known involvement in predicate crimes (e.g., drug trafficking, document forgery), blacklisted or sanctioned status, repeated involvement in suspicious transactions.
    • Examples: Organized crime networks, fraudulent shell entities set up explicitly for laundering, sanctioned individuals or cartels.

  3. Potentially Exploited

    • Definition: Actors that might be used (knowingly or not) by criminals to launder funds, yet are not inherently criminal.
    • Indicators: High-volume cash activity, complex or opaque ownership, location in weak regulatory environments, minimal oversight or AML controls.
    • Examples: Cash-intensive businesses (restaurants, casinos in some jurisdictions), offshore entities with limited transparency, nonprofits lacking strong financial governance.

Why This Matters

  • Legitimate vs. Illicit helps separate routine, fully compliant activity from clear wrongdoing.
  • Potentially Exploited captures that gray zone where actual complicity isn’t confirmed, but the structural features or lack of oversight expose the entity to higher ML risk.

3. Methodological Rationale

3.1 Bridging High-Level & Operational Perspectives

Legal vs. Operational Definitions

Regulatory frameworks (FATF, EU Directives, etc.) provide categories like “DNFBPs” or “Financial Institutions,” while frontline AML practitioners deal with more granular terms like “shell companies,” “import/export firms,” and “professional enablers.” AMLTRIX merges these two perspectives, offering a single reference that is both regulator-friendly and operationally relevant.

Single Assignment, Multiple Details

By allocating each actor to one Main Group, AMLTRIX simplifies queries (e.g., “Show all Corporate & Commercial Entities flagged as Potentially Exploited”). More specific details (e.g., “licensed for trust services,” “has personal bank account,” “shares board members with X”) can be stored in an institution’s own extended data, without cluttering the core actor classification.

Conceptual Actors vs. Real Entities

Labels like “Shell or Front Company” or “Professional Money Launderer” are archetypal. Determining if a real-world business or individual actually fits that role depends on investigative findings. AMLTRIX only defines the typological category—the real-life assignment is performed by analysts or investigators.

3.2 Linking Actors to Techniques

AMLTRIX focuses on who enables or performs which laundering techniques. For instance, a “Shell or Front Company” (in “Special Purpose Entities & Structures,” often “Potentially Exploited”) can map to the technique “Use of shell companies.” This helps compliance teams or investigators see how particular types of actors typically facilitate illicit flows.

4. Common Pitfalls & Edge Cases

4.1 Staff vs. Institution

  • Institution: e.g., “Bank ABC” → Main Group: “Financial Institutions & Services,” typically “Legitimate”
  • Individual Staff: e.g., “John Doe, bank teller” → Main Group: “Customers, Clients & Private Individuals,” typically “Legitimate” (unless proven complicit)

4.2 Outright Criminal Roles

Certain actors are inherently illicit, such as “Drug Trafficker” or “Document Forger.” They map to “Criminal & Illicit Networks” with Actor Type = “Illicit/Criminal.”

4.3 Special Purpose Vehicles

“Shell or Front Company,” “Offshore Entity,” “Private Interest Foundation,” or “Nonprofit with lax controls” often go to “Special Purpose Entities & Structures” as “Potentially Exploited.” They are not necessarily criminal by default; they are simply known to pose higher ML risk.

4.4 PEPs & Public Officials

“Politically Exposed Persons (PEPs)” usually go in “Government & Public Sector,” Actor Type = “Legitimate,” although corruption cases could shift them to “Illicit/Criminal.”

4.5 Sanctioned vs. Criminal

AMLTRIX generally classifies “Sanctioned Entity or Individual” as “Criminal & Illicit Networks” because dealing with a sanctioned party is effectively an illicit activity from a compliance standpoint.

5. One Real Entity, Multiple Potential Labels

5.1 Role-Centric vs. Entity-Centric

A single real-world individual or company can hold several AMLTRIX roles:

  • A lawyer who is also a nominee for beneficial ownership in a client’s company and possibly even a money mule if she knowingly transfers illicit funds.

AMLTRIX is role-centric: “Lawyer,” “Nominee,” “Money Mule” each get one Main Group + one Actor Type. A compliance system, meanwhile, typically takes an entity-centric approach—“Alice Smith” might appear in all three roles simultaneously, depending on her behavior or level of complicity.

5.2 Practical Implications

  • The same real-world person or organization can match multiple AMLTRIX archetypes as new evidence arises.
  • Each role archetype focuses on a distinct set of vulnerabilities or methods criminals might exploit.

6. Threat Modeling vs. Case Investigations

6.1 Static vs. Dynamic Classification

  • Threat Modeling: AMLTRIX sets broad definitions for “Potentially Exploited,” “Illicit,” or “Legitimate” as typical risk profiles, not final judgments.
  • Case Investigations: Real-world evidence may shift an entity’s classification from “Legitimate” to “Illicit/Criminal,” or confirm it as “Potentially Exploited,” in time-stamped investigative systems. AMLTRIX remains a static reference of possible roles.

6.2 No Actor-to-Actor Edges in AMLTRIX

AMLTRIX does not model direct relationships between actors (e.g., “Tax Advisor is connected to Document Forger”). Instead, it focuses on mapping each role to the techniques they might enable or perform. Actual investigative details about co-conspirators or “social graphs” belong in separate intelligence platforms.

7. Maintaining the Taxonomy

7.1 Governance

A taxonomy governance committee could help maintain consistency, deciding borderline assignments (e.g., “Is a ‘Mobile Money Agent’ a Financial Institution, or a Private Individual?”). Jurisdictions may refine categories—like splitting “Professional Services” further—while preserving AMLTRIX’s core structure.

7.2 Intent vs. Formal Filing

“Money Mule,” “Shell Company,” or “Professional Money Launderer” reflect functional roles or intent. None are official registration statuses; they are risk-based archetypes drawn from recognized laundering typologies.

8. Why This Matters for AML/CFT

  • Clarity in Threat Modeling
    By defining who does what, AMLTRIX illuminates how each role might facilitate different money laundering techniques.

  • Enhanced Detection & Prevention
    Monitoring systems can incorporate the “Actor Type” dimension: “Illicit/Criminal” triggers immediate alerts, “Potentially Exploited” prompts enhanced due diligence.

  • Interoperability
    Consistent labeling fosters easier collaboration between financial institutions, regulators, and third-party solution providers—everyone refers to the same actor definitions.

  • Flexibility & Precision
    As new corporate structures, fintech products, or advanced laundering methods emerge, AMLTRIX’s high-level approach can accommodate updates without fragmenting existing data.

9. Concluding Observations & Recommendations

Implementing the AMLTRIX Actors Taxonomy supports a more unified approach to AML/CFT threat modeling:

  • Keep It Simple
    Seven main groups cover most scenarios. Subdivide only if absolutely needed for local conditions.

  • Assign “Legitimate” by Default
    Unless there is strong evidence of criminality or exploitation, treat an actor as “Legitimate.”

  • Document Borderline Cases
    If “Mobile Money Agent” is classified under “Customers, Clients & Private Individuals,” note why. Consistency is crucial.

  • Use AMLTRIX as a Reference, Not a Case Tool
    AMLTRIX’s classifications are conceptual. Actual status changes (e.g., “an entity newly proven illicit”) are recorded in investigative or compliance systems.

  • Governance and Versioning
    Maintain an internal process to update the taxonomy or add new actor roles, with time-stamped records to track these decisions.

By integrating this taxonomy, institutions and regulators can more systematically capture the who behind illicit behaviors, complementing data on how laundering unfolds (techniques) and supporting robust, scalable AML/CFT frameworks.