Underground Banking: Definition and Use in Compliance

What is Underground Banking?

Underground banking is any mechanism that transfers money between parties without using licensed financial institutions. No bank account is opened, no SWIFT message is sent, and no regulated entity records the transaction.

The mechanics work like this. A customer in London gives cash to a local broker. That broker calls or messages a counterpart in Karachi. The Karachi counterpart pays out an equivalent amount, minus a fee, to the named recipient. The funds come from earlier settlements between the two brokers. No money crosses a border through any regulated channel. Settlement between the brokers happens later, through trade invoice manipulation, bulk cash couriers, or commodity deals.

Financial Action Task Force (FATF) classifies this category as informal value transfer systems (IVTS). The category includes hawala (South Asia, Middle East), fei-ch'ien (China), hundi (India and Pakistan), and black market peso exchange (Latin America). All share one defining feature: value moves without funds passing through a regulated channel.

The Counter-Financing of Terrorism (CFT) dimension is well-documented. The 9/11 Commission Report found that a portion of the attack financing moved through hawala-adjacent channels. Al-Qaeda relied on underground banking networks through the 1990s because they produce no trail for intelligence agencies or financial investigators to follow.

For compliance officers, the critical distinction is between licensed money services businesses (MSBs) that operate remittance services legally with AML programs and suspicious transaction reports, and underground networks that do neither. Both move money across borders. Only one operates under any regulatory oversight. That's the gap underground banking exploits, and it's why regulators treat it as a priority financial crime typology.

How is Underground Banking Used in Practice?

From a compliance standpoint, underground banking surfaces as a transaction monitoring typology. Nobody labels their cash deposit "underground banking." Analysts identify it by looking at patterns across accounts and time.

The most common detection pathway is a cash-intensive customer with no plausible business rationale. The pattern is consistent: frequent inbound cash deposits, often structured just below reporting thresholds, followed by same-day or next-day outbound wires to international currency exchange businesses. A second pathway is law enforcement referral, where a Financial Intelligence Unit (FIU) or police agency provides account numbers tied to known broker networks.

When a transaction monitoring alert fires on a cash-in/wire-out pattern, the standard workflow is to pull 12 to 24 months of transaction history. If the pattern holds and Customer Due Diligence (CDD) records show no licensed MSB registration, the case escalates to the MLRO. The MLRO applies Enhanced Due Diligence (EDD), including adverse media checks and correspondent information about receiving entities.

Where EDD confirms the concern, the MLRO files a Suspicious Activity Report (SAR). A strong SAR narrative names the IVTS typology explicitly, documents the cash-deposit and wire-out pattern with specific figures, identifies the geographic corridor (UK to UAE, US to Pakistan), and notes any concentration in high-risk business types such as currency exchanges or gold dealers.

A concrete example: a SAR documenting "$240,000 in 14 cash deposits over 10 weeks, each between $3,000 and $9,900, followed by same-day wires to three currency exchange businesses in Dubai" gives the FIU actionable intelligence. A SAR saying "unusual cash deposits" does not.

Banks in high-risk corridors build dedicated IVTS transaction monitoring rules. A rule that aggregates customer cash deposits over rolling 7-day and 30-day windows, then flags the combination of high cash volume plus same-day outbound wires, catches substantially more underground banking activity than single-transaction rules.

Underground Banking in Regulatory Context

The regulatory model for underground banking is "license and monitor." Hawala and other IVTS are not categorically illegal in most jurisdictions. What's illegal is running them without registration and without implementing AML/CFT controls.

FATF Recommendation 14 requires all member countries to license money or value transfer service providers and subject them to full AML/CFT obligations. In the United States, this means registration with Financial Crimes Enforcement Network (FinCEN) as a money services business under the Bank Secrecy Act. FinCEN's MSB registration guidance sets out the specific requirements. Operating without registration is a federal crime under 18 U.S.C. § 1960 (unlicensed money transmitting business), carrying up to five years imprisonment per count.

In the UK, any business providing money transfer services must register with HMRC under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017. Unregistered operators face criminal prosecution and civil asset forfeiture.

For correspondent banking relationships, underground banking creates indirect exposure. If a respondent bank's customer base includes unlicensed IVTS operators, the correspondent relationship becomes a channel for underground funds. This is why correspondent due diligence now includes routine analysis of the respondent's customer mix, specifically to identify unlicensed money service operators embedded within it.

Countries on the FATF Grey List frequently have structural underground banking problems tied to weak IVTS licensing enforcement. Compliance programs for high-risk corridors should treat grey-listed jurisdictions as elevated risk and apply enhanced scrutiny to all MSB-adjacent customer relationships originating from those countries.

The EU's Sixth Anti-Money Laundering Directive (6AMLD) extended criminal liability for money laundering predicates to legal entities. Corporate structures behind underground banking networks can now be prosecuted directly, not only the individual brokers running the operation.

Common Challenges and How to Address Them

Underground banking is hard to detect because each individual transaction appears unremarkable. A cash deposit is not suspicious in isolation. A wire to a currency exchange is not inherently suspicious. The pattern across accounts and time is what reveals the typology.

The first challenge is structuring. Customers feeding cash into underground banking networks frequently split deposits to stay below reporting thresholds. This technique, called smurfing, defeats standard transaction-level controls that fire on single transactions above $10,000. Rules that aggregate a customer's cash deposits over rolling 7-day and 30-day windows, flagging total volume rather than individual amounts, are substantially more effective.

The second challenge is geographic opacity. Underground banking corridors frequently run through jurisdictions with weak KYC enforcement. A US bank sees its customer wire funds to a currency exchange in a country where that exchange has no registration obligation and files nothing with any regulator. The bank's visibility ends at its own transaction.

Network analysis addresses part of this problem. Instead of reviewing individual accounts, analysts map connections: shared phone numbers, shared addresses, similar amounts wired to the same counterparties on overlapping dates. This graph-based approach regularly surfaces broker networks that account-level review misses entirely. A 2020 FATF typology study on hawala-linked remittance networks concluded that cross-account correlation of transaction data detected significantly more network participants than single-account analysis.

From a controls standpoint, banks in high-risk corridors should maintain a dedicated IVTS typology watchlist, run rolling-window cash aggregation rules, and include underground banking risk explicitly in their AML Risk Assessment. Customer onboarding for cash-intensive businesses in high-risk corridors should trigger EDD as a default step. This adds processing time at onboarding, but the accuracy gain is worth it compared to carrying undetected underground banking exposure through the correspondent chain.

Related Terms and Concepts

Underground banking sits within a cluster of related AML typologies and regulatory frameworks. Understanding how they connect prevents confusion in case documentation, SAR narratives, and internal risk training.

Hawala is the most studied variant of underground banking. It originated in South Asia and the Middle East and runs on a debt-settlement model between brokers called hawaladars. The terms are sometimes used interchangeably, but hawala is one specific type of underground banking; the broader category covers all informal value transfer mechanisms regardless of geographic origin.

Informal Value Transfer System (IVTS) is the FATF technical term covering all underground banking variants: hawala, fei-ch'ien, hundi, and any other broker-network mechanism that moves value without regulated channels. IVTS is the correct label for SAR narratives and formal risk documentation.

Trade-Based Money Laundering (TBML) intersects directly with underground banking because trade invoice manipulation is one of the most common broker-settlement methods. Brokers in London and Karachi might settle accumulated debts by inflating the invoice on a textile shipment by $50,000, moving value without any cash crossing a border.

Smurfing and structuring frequently co-occur with underground banking. They're distinct typologies, but customers feeding cash into broker networks routinely use them to avoid triggering reporting thresholds.

Money mule accounts sometimes serve as the cash-injection point for underground banking networks. A mule deposits cash collected from multiple customers; a broker aggregates it and wires the total to the destination counterpart. Detecting mule networks through cross-account graph analysis can surface underground banking operations that transaction-level monitoring misses entirely.

Understanding these overlaps matters for detection rule design. A rule built specifically for hawala will miss Chinese fei-ch'ien patterns. A broader IVTS rule set, combined with behavioral and network analytics, gives better coverage across all underground banking variants.