Money Laundering vs. Terrorist Financing vs. Sanctions Evasion

Three transactions cross your monitoring screen. The first: a flood of cash from an unknown source, washed clean. The second: a small, ordinary salary, sent to fund something terrible. The third: a payment that looks completely normal, except one hidden party is on a sanctions list. All three are financial crimes. But if you treat them the same way, you'll miss two of them. By the end of this lecture, you'll understand why these three crimes need three different lenses.

You already know this one. Money laundering takes the proceeds of a crime, dirty money, and disguises them so they look legitimate. The direction is "dirty to clean." The source is always a predicate offense. And the launderer's goal is to *enjoy* the money without getting caught.

So what does that tell your detection systems to look for? Unexplained wealth. Cash that doesn't match a profile. Funds that move in tangled, purposeless ways. The money itself is the evidence of the crime, because it came *from* a crime. That's the key feature of laundering: follow the money backward and you find the original offense.

Now flip it. Terrorist financing isn't about hiding dirty money. It's about funding violence. And the part that catches people off guard, and that the CAMS® exam loves to test, is this: **the money is often clean to begin with.**

A terrorist cell might be funded by a legitimate salary, a small business, a charity donation, or a government sympathizer. There's no predicate offense generating the funds. The money is "clean" on the way in. What makes it criminal is its *destination*, not its origin.

This is the "clean money" problem, and it breaks the usual playbook. Money laundering goes dirty-to-clean. Terrorist financing often goes clean-to-harmful. You can't catch it by looking for proceeds of a crime, because there may be no prior crime to find.

There's a second twist: amounts. Terrorist financing often moves in *small* amounts. Planning an attack can be shockingly cheap, sometimes just a few thousand dollars for vehicles, materials, and travel. So the big-cash red flags that catch launderers sail right past a terrorist financier moving small, clean sums.

So what *does* signal terrorist financing? Different things entirely. Funds flowing to high-risk conflict regions. Links to a known facilitator or extremist network. A charity or nonprofit whose money trail doesn't match its stated mission. Small transfers to an individual with no economic logic. FinCEN advisories and FATF typologies emphasize these *behavioral and geographic* signals precisely because the *amount* and *source* often look innocent. You're not following the money backward to a crime. You're watching where it's going and who's connected to it.

The third crime is different again. Sanctions evasion isn't fundamentally about clean or dirty money. It's about getting around a *prohibition*.

Sanctions are legal restrictions. In the United States, the Office of Foreign Assets Control, OFAC, administers them. OFAC maintains the SDN list, the Specially Designated Nationals list, naming individuals, entities, and countries that U.S. persons are forbidden from dealing with. If a sanctioned party is involved, the transaction is simply off-limits, no matter how clean the money is or where it came from.

So sanctions evasion is the art of hiding a *forbidden party* in a transaction that otherwise looks ordinary. How? By using front companies to disguise the real owner. By routing payments through intermediary countries to obscure the origin. By stripping identifying information out of wire messages, a tactic regulators call "wire stripping." By transshipping goods through a neutral third country.

The crucial point is this: the money in a sanctions case can be perfectly legitimate. The crime isn't where the money came from. The crime is *who* is secretly on the other end. That's why this is a prohibition problem, not a proceeds problem.

And one more thing the exam expects: OFAC sanctions are generally **strict liability.** You can violate them without intending to, simply by processing a payment involving a sanctioned party. That's why screening every transaction against the SDN list is non-negotiable.

Let's tie it together, because this is the real lesson. These three crimes need three different detection lenses.

For money laundering, you watch the *source and pattern* of funds, looking for proceeds and the layering that hides them. For terrorist financing, you watch the *destination and connections*, because the money may be small and clean, so the suspicious part is where it's headed and who's linked to it. For sanctions evasion, you *screen the parties*, matching names, ownership, and geography against sanctions lists, because the problem is a prohibited person, not a tainted dollar.

That's why a strong compliance program runs all three in parallel. Transaction monitoring tuned for laundering patterns will *not* reliably catch a small, clean transfer to a terrorist facilitator. And neither of those will catch a sanctioned party hiding behind a front company, only name-and-ownership screening does that. Use one lens, and you go blind to the other two.

Let's recap. Money laundering hides dirty money, dirty to clean, and you detect it by tracing the source. Terrorist financing funds violence, often with clean money in small amounts, so you detect it by watching the destination and the network, that's the "clean money" problem. Sanctions evasion hides a forbidden party in an otherwise normal payment, so you detect it by screening the parties against lists like OFAC's SDN, and remember, it's often strict liability. Three crimes, three lenses.

Next, we start mapping these threats onto the real world, sector by sector. We'll look at how banks, money services businesses, insurers, and securities firms each get exploited in their own particular way, and why a method that works in one sector falls flat in another.