VoxEQ - Voice Intelligence Solution - VoxEQ® logo

AML, CTF, and Proliferation Financing for Inbound Contact Centers (UNODC Framing) — and Where VoxEQ Fraud Screen Fits

UN framing: definitions and treaty anchors

Money laundering (ML): UNODC definition + Vienna Convention (1988)

UNODC defines money laundering as “the processing of criminal proceeds to disguise their illegal origin.” This matters because it allows criminals to benefit from proceeds while reducing the chance the origin is detected.

UNODC also cites the UN Vienna Convention (1988), Article 3.1, which describes money laundering as, in part: “the conversion or transfer of property, knowing that such property is derived from any offense(s)… for the purpose of concealing or disguising the illicit origin.” (ellipses added for brevity). UNODC presents this wording in its overview of money laundering. For the same UNODC overview that includes this language, see UNODC’s money laundering overview.

UNTOC (2000): AML-related obligations and article ranges

UNODC highlights that the United Nations Convention against Transnational Organized Crime (UNTOC, 2000) contains multiple provisions related to anti-money laundering, including:

  • Articles 6–7: provisions related to combating money laundering.

  • Articles 12–14: provisions related to confiscation of proceeds of crime.

These ranges matter in practice because UNTOC ties together (a) criminalization and (b) systems and cooperation that make investigation, restraint, seizure, and confiscation possible across borders.

UNCAC (2003): AML-related obligations and article ranges

UNODC also points to the United Nations Convention against Corruption (UNCAC, 2003) as another treaty that includes measures relevant to money laundering and proceeds of crime, including:

  • Articles 14, 23, 24: measures related to combating money laundering.

  • Article 31: provisions for freezing and confiscation of proceeds of crime.

  • Articles 51–59 (Chapter V): provisions relating to asset recovery, including freezing and confiscation.

The key takeaway for regulated organizations is that AML is not “just transaction monitoring.” It is a combined set of expectations about criminalization, prevention, detection, cooperation, and recovery of proceeds.

The three stages of money laundering (and why they overlap)

UNODC describes money laundering as a process that typically follows three stages:

  1. Placement: moving funds away from direct association with the crime.

  2. Layering: disguising the trail to frustrate investigation.

  3. Integration: making funds available to criminals from what appear to be legitimate sources.

UNODC emphasizes a critical nuance: real cases may not contain all three stages; stages can be combined; and stages can repeat.

Example of overlap/repetition (money mules + shell companies)

UNODC provides an illustrative pattern:

  • cash is split into small deposits by money mules (placement), and

  • then transferred as “payments for services” to a shell company (layering),

which can compress placement and layering into a single combined step. This is one reason AML controls often focus on patterns, narratives, and inconsistencies, not a single “one-and-done” event.

Scale of money laundering: the global estimate (with uncertainty)

UNODC provides a widely cited global estimate: the amount of money laundered globally in one year is about 2–5% of global GDP, or roughly $800 billion to $2 trillion (in current U.S. dollars).

UNODC also cautions that, because money laundering is clandestine, it is difficult to estimate the true total that flows through laundering cycles. In other words: the range is useful for scale, not precision.

Money laundering vs terrorist financing (TF)

UNODC distinguishes the two concepts by purpose and “shape”:

  • Money laundering is often circular: proceeds originate in crime, are processed, and ultimately return to (or benefit) those who generated them.

  • Terrorist financing is more often linear: funds are raised/acquired and then used to support terrorist activities.

UNODC notes that terrorist funding can come from legitimate sources (e.g., businesses and charities) as well as criminal sources (e.g., drug trade, weapon smuggling, kidnapping for ransom).

TF stages (UNODC)

UNODC breaks terrorist financing into four stages:

  • Raise

  • Store

  • Move

  • Use

Proliferation financing (PF): definition gap + a 3-stage WMD finance model

UNODC frames proliferation broadly as the spread of nuclear, radiological, chemical, or biological weapons; their means of delivery (e.g., missiles/rockets/unmanned systems); and related sensitive materials, equipment, and technology.

No internationally agreed definition (UNODC)

UNODC states that there is no internationally agreed definition of proliferation financing yet. However, UNODC describes PF as providing financial services for the transfer and export of nuclear, chemical, or biological weapons; their means of delivery; and related materials. It can involve financing trade in proliferation-sensitive goods and other support to people/entities engaged in proliferation.

3-stage WMD finance model (UNODC)

UNODC divides the financial elements of a WMD program into three stages:

  • Raising of funds

  • Obscuring of funds

  • Shipping of necessary items

One-glance comparison (ML vs TF vs PF)

Topic Primary objective Typical “shape” (per UNODC framing) Stages (per UNODC)
Money laundering (ML) Disguise illicit origin of criminal proceeds Often circular Placement → Layering → Integration (can overlap/repeat)
Terrorist financing (TF) Fund terrorist organizations/acts Typically linear Raise → Store → Move → Use
Proliferation financing (PF) Financial support for transfer/export of WMD-related items/materials Operational supply-chain oriented Raise → Obscure → Ship

Why this matters in inbound contact centers

Inbound contact centers are a high-leverage non-face-to-face servicing channel where legitimate customers and bad actors both attempt high-impact account actions.

From an AML/CTF/PF perspective, the contact center is often where:

  • a criminal attempts to social-engineer servicing staff to move value (e.g., add a payee, change a disbursement destination, request an expedited payout, initiate a transfer, change contact details used for future authentication),

  • a legitimate customer calls during a high-stress life event (when fraud attempts can blend into real urgency), and

  • the organization must demonstrate risk-based, proportional controls that match scrutiny to the risk of the requested action.

This is not about claiming the call center “does AML monitoring” by itself. It is about recognizing that voice interactions are frequently the initiation point for decisions and workflows that can either prevent or enable downstream financial crime.

2025 U.S. scam proceeds and money movement: what’s changing (Bio

Catch) Recent 2025 reporting in U.S. financial services reinforces why servicing channels (including inbound calls) are increasingly relevant to AML risk narratives: scams are driving proceeds, and real-time rails are moving those proceeds quickly.

What’s changing (typologies + movement)

  • More money laundering accounts tied to scams. BioCatch data reported via IBS Intelligence describes a 168% increase in detected money laundering accounts at U.S. financial institutions in H1 2025 vs. the prior year. That implies a materially larger volume of accounts being used to receive and move scam proceeds (a placement/layering concern in UNODC’s framing). Source: IBS Intelligence summary of BioCatch’s 2025 report.

  • “Twin engines” of fast movement: stablecoins + APP. In the same BioCatch reporting, stablecoins and authorised push payments (APP) are described as “the twin engines of real-time money movement in the fraud and money laundering space.” This matters because these mechanisms can compress laundering stages into minutes or hours—reducing the window for downstream detection and recovery. Source: IBS Intelligence.

  • Scam mix is broad—but cost concentrates. The BioCatch reporting notes impersonation and purchase scams as the most frequent, while investment scams are tied to the largest losses (reported as $6.5B+ in 2024 losses). Source: IBS Intelligence.

Operational implication for inbound contact centers

In many organizations, the inbound call is where a bad actor tries to set up the money movement event (or remove friction before it happens), for example:

  • adding/changing a payee or destination

  • changing contact details that enable future approvals

  • requesting expedited payouts or exceptions

  • pressuring agents with urgency (“I need it done right now”) common in impersonation and investment scam narratives

In AML terms, these servicing requests can be enablers for placement/layering—especially when stablecoins and APP accelerate how quickly funds leave a recoverable perimeter.

U.S. regulatory snapshot (example jurisdiction): impersonation scams and FTC enforcement

Impersonation fraud is not only a loss driver—it is also increasingly shaped by specific consumer-protection rules and enforcement in the U.S.

  • FTC-reported 2024 losses (impersonation scams): The FTC reported $2.95B in consumer losses from impersonation scams in 2024 (as summarized by PYMNTS). Source: PYMNTS: “FTC: Impersonation Scams Cost Consumers Nearly $3 Billion in 2024”.

  • Government and Business Impersonation Rule: PYMNTS reports the FTC’s Government and Business Impersonation Rule took effect in April 2024. Source: PYMNTS.

  • Enforcement activity noted by the FTC (per PYMNTS): Since the rule took effect, the FTC has reportedly brought five cases and took down 13 websites allegedly impersonating the FTC online. Source: PYMNTS.

Why this matters for proportional controls in contact centers: The same PYMNTS coverage (citing PYMNTS Intelligence) notes that scam victims span demographics, so risk-based handling should avoid assuming impersonation risk is confined to any single age group.

How this maps to VoxEQ Fraud Screen (proportional, risk-based controls upstream of ID/V)

This 2025 scam-and-movement pattern strengthens the rationale for early, proportional controls in the voice channel:

  • Fraud Screen provides an upstream risk signal to help decide how much scrutiny is appropriate before sensitive servicing actions proceed.

  • Because it is designed for first-time and infrequent callers, it helps close a common coverage gap where scam-driven requests often appear.

  • The goal is not to label Fraud Screen as “authentication,” but to support risk-based handling (e.g., proceed, step-up, limit, or escalate) when the requested call outcome could rapidly lead to the movement of scam proceeds.

Where VoxEQ Fraud Screen fits (risk-based assessment upstream of ID/V)

VoxEQ Fraud Screen is positioned as a Risk-Based Assessment (RBA) capability designed for first-time and infrequent callers, where traditional approaches (e.g., enrollment-based methods or device registration) are often impractical.

Key positioning (guardrails):

  • Fraud Screen is not Identification/Verification (ID/V).

  • Fraud Screen does not authenticate callers.

  • It provides an early risk signal to help determine how much scrutiny is appropriate before allowing sensitive servicing actions to proceed.

Why this maps cleanly to “proportional controls”

In a proportional-controls model, you want to avoid two failure modes:

  • Over-checking low-risk interactions (creating friction, longer handle times, and customer dissatisfaction).

  • Under-checking high-risk interactions (creating compliance gaps and fraud losses).

Fraud Screen is designed to sit upstream and inform routing/handling decisions such as:

  • proceed normally when the risk signal is low,

  • apply step-up scrutiny, limits, or escalation when the risk signal is elevated.

Privacy and deployment posture (as positioned)

Fraud Screen is positioned as privacy-respecting and operationally low-friction:

  • No voiceprints

  • No biometric enrollment

  • No recordings / no stored files

  • No back-office data handling

This posture is intended to reduce compliance and privacy risk while still adding RBA coverage to voice-channel servicing—especially for the “infrequent caller” scenarios that create blind spots when controls depend on prior enrollment.

Note: Fraud Screen should be positioned as an upstream RBA signal that complements (not replaces) an organization’s existing AML/CTF program elements (e.g., policy, procedures, investigations, transaction monitoring, sanctions screening, and reporting).