Hidden in plain sight: The financial crimes investigators see every day

Popular media often depicts financial crime as fast-paced, high-tech, and orchestrated by archetypal villains in shadowy off-shore schemes.

In real-life, investigators see a very different picture.

At XapienCon, practitioners described the reality of modern financial crime. They spend their days uncovering fraud, sanctions breaches, and corporate misconduct. It turns out these crimes don’t look like the flashy, white-collar crime we see in films. Instead, bad actors hide their wrongdoing behind what appears to be ordinary operations and boring paperwork. Here are the most common fraud patterns they come across.

The paper (and people) trail

Investigators find signs of fraud through routine paperwork fulfilled through standard legal channels. Financial crime is often perpetrated under registered companies, meaning single pieces of paperwork appear legitimate. It’s only when practitioners examine a fraudulent company’s activity over time and across related entities that misconduct becomes visible.

Deceptive paperwork takes many forms:

• Utility bills and proof of address documents that can be edited online and instantly downloaded
• Corporate filings where false addresses or directors are accepted until challenged
• Probate, registration, or directorship steps completed with minimal identity checks

Each document appears legitimate on its own. Taken together, they reveal a convincing but fabricated paper trail.

Alongside carefully crafted paperwork, many criminal networks use real people to cover their tracks. They’ll often target young people and other vulnerable individuals, exploiting their visa status or financial vulnerability. These networks may pay individuals small sums to act as directors or shareholders. To avoid attention, fraudulent businesses often rotate directors and shift ownership.

When dissolved companies keep trading

Criminals may operate companies after they’ve already been shut down. They may still sell goods through major ecommerce marketplaces such as Amazon and eBay. Or, they may continue to receive payments via standard fulfilment and logistics programmes. Customers may be unaware that the business has legally dissolved.

Fraud networks capitalise on this lack of knowledge and create large numbers of similar companies. If an investigator begins asking questions about a business, the network will quickly dissolve the entity in question and replace it with a near-identical replica. Investigators struggle to pinpoint this behaviour using point-in-time checks, only catching it when actively examining patterns over time and in context.

Why teams miss this type of fraud

At XapienCon, investigators stressed that compliance teams are often doing their best but traditional due diligence processes can’t keep up with the complexity and speed of fraud networks. Teams often run checks too late. Once a relationship is already in motion, commercial momentum is hard to stop.

These checks are often too narrow and miss a subject’s wider networks. Additionally, high volumes of requests add pressure to the process, pushing teams to prioritise speed over depth. Teams then tend to treat a clean result as a green light, rather than a reason to question what’s missing. The absence of information is rarely neutral.

All legitimate companies have a footprint showing their history of trading, receiving payments, or engaging counterparties. When that footprint cannot be found or clearly understood, it usually reflects limits in coverage or intentional opacity. Rather than a low-risk signal, “nothing found” should prompt teams to ask why that information is missing and should be searched to properly resolve the identity.

Here are quiet patterns that investigators look for:

• Repeated reuse of the same addresses, agents, or service providers
• Directors appearing across unrelated businesses within short timeframes
• Trading activity that does not align with company age or filing history
• Corporate changes that coincide with regulatory scrutiny or adverse attention

The new standard in due diligence

To meet this evolving landscape of fraud, modern due diligence requires more than surface-level screening. Regulators now expect a defensible audit trail showing organisations took every reasonable step to mitigate risk. That means compliance teams must go beyond basic name checks across jurisdictions to build a detailed analysis of business structure, behaviour, and patterns. They must interrogate activity that presents as normal.

Xapien gives teams an early look at the patterns investigators usually uncover much later. Our platform reveals hidden identities and risks, all fully sourced so teams can investigate red flags before they become problems. With Xapien, organisations can interrogate suspicious patterns from the outset, and catch and explain risks before they compromise the business. Discover due diligence, uncompromised.