Misuse of Payout APIs in Money Laundering

The document highlights the misuse of payout APIs by rogue business correspondents (BCs) and payment aggregators, which are contributing to money laundering activities.

Role of Business Correspondents (BCs)

• BCs are authorized agents by banks to deliver banking services in remote areas, facilitating local remittances.
• Some BCs are misusing their role by posing as 'merchants' and utilizing APIs from payment aggregators to collect and launder money.

Mechanism of Money Laundering

• Unscrupulous BC agents collect untraceable cash from individuals.
• The cash is deposited into the BC's bank account.
• The BC utilizes the API from a payment aggregator to distribute funds to various beneficiary accounts.
• Money moves from the BC's account to the PA's account, and subsequently to mule accounts, complicating traceability.

Role of Payment Aggregators

• Payment aggregators facilitate online payments and are licensed by the RBI.
• Some aggregators collaborate with BCs, sharing APIs to enable large-scale money laundering.

Challenges in Controlling Laundering

• Legitimate direct money transfers by BCs are capped, limiting their use for laundering.
• No transaction limits exist for fund transfers through a PA's bank account, allowing extensive laundering operations.
• Corporate BCs such as companies, NGOs, and micro-lenders are more involved in these practices than individual BCs.

Industry and Regulatory Response

• The BC industry has informed the RBI and Financial Intelligence Unit about API misuse.
• There is a call for tighter regulations, including restricting API sharing, verifying merchant identities, and limiting payouts.
• Proper onboarding and due diligence by PAs for each merchant are crucial in curbing these activities.

The document emphasizes the need for stricter controls and oversight to prevent the misuse of banking technologies for money laundering.