Typologies of money laundering and terrorist financing by COAF

September 25, 2025

Preventing money laundering (ML) and terrorist financing (TF) is a global priority due to the threat these crimes pose to the integrity of financial systems, national security, and the socioeconomic stability of nations. In Brazil, the fight against these crimes is a key focus, driven by international commitments, robust domestic legislation, and the work of specialized bodies such as the Council for Financial Activities Control (COAF – Conselho de Controle de Atividades Financeiras), which is now also known as Brazil’s Financial Intelligence Unit (FIU) and operates under the Ministry of Finance.

The preventive nature of this work transcends national borders, requiring strong international cooperation and the harmonization of laws and regulations. Recognition of the transnational character of these crimes led to several international treaties, which have served as the basis for policy and legislation worldwide, including in Brazil.

A key pillar of this international architecture is the Financial Action Task Force (FATF). Established in 1989 by the G7, the FATF sets international standards – the 40 Recommendations – that countries are expected to implement to combat ML and TF, as well as the proliferation of weapons of mass destruction. Brazil is an active FATF member and has committed to aligning its legislation and practices with the group's recommendations, striving for compliance and effectiveness in its ML/TF prevention regime.

Other crucial international instruments include the United Nations Convention against Illicit Traffic in Narcotic Drugs and Psychotropic Substances (the 1988 Vienna Convention), one of the first major treaties to criminalize money laundering derived from drug trafficking. Also significant is the United Nations Convention against Transnational Organized Crime (the 2000 Palermo Convention), which broadened the definition of money laundering to include the proceeds of a wider range of serious crimes and promoted mutual legal assistance. For terrorist financing, the 1999 International Convention for the Suppression of the Financing of Terrorism was instrumental, providing a legal framework to criminalize the provision or collection of funds intended for terrorist acts.

Brazil's incorporation of these international standards into national law reflects its unequivocal commitment to combating these scourges. Law #9,613 of March 3, 1998, known as the “Money Laundering Act,” was the initial and most important milestone in criminalizing this offense in Brazil. Originally, this Act defined ML as concealing or disguising the nature, source, location, disposition, movement, or ownership of assets, rights, or values arising, directly or indirectly, from specific predicate crimes exhaustively listed within the law. However, Law #12,683 of 2012 significantly amended Law #9,613/98 by adopting the “all-crimes approach” (or “open list” theory). This change meant that any criminal offense could serve as a predicate crime for money laundering. Unlike the previous “closed list,” which required the predicate offense to be explicitly named in the legislation, the all-crimes approach allows for money laundering charges to be brought in connection with any underlying crime, without the need to specify the prior illegal action in the indictment. This expansion brought Brazilian legislation in line with international best practices and FATF recommendations.

Beyond criminalization, Brazilian law imposes obligations on a wide range of individuals and legal entities, known as “obliged subjects,” to implement internal controls, identify clients, record transactions, and, crucially, report any suspicious activity involving money laundering or terrorist financing to COAF. These obligated parties include financial institutions, insurance companies, jewelry stores, real estate agencies, factoring companies, credit card administrators, stock exchanges, and other sectors considered susceptible to being used for illicit purposes.

The importance of international cooperation in this context cannot be overstated. The transnational nature of organized crime and terrorism means that illicit funds often move through multiple jurisdictions. The exchange of information between FIUs of different countries, mutual legal assistance, and extradition are essential tools for dismantling global criminal networks. Brazil actively participates in cooperation networks such as the Egmont Group, which facilitates the secure and efficient exchange of information between FIUs.

At the domestic level, beyond Law #9,613/98 and its amendments, other legal and regulatory frameworks are fundamental. Brazil’s Central Bank (BACEN – Banco Central do Brasil), Securities and Exchange Commission (CVM – Comissão de Valores Mobiliários), Superintendence of Private Insurance (SUSEP – Superintendência de Seguros Privados), and other regulatory bodies issue circulars and resolutions detailing the prevention obligations for the sectors they regulate. The Anti-Corruption Act (Law #12,846/2013), while not directly focused on ML/TF prevention, reinforces the framework by penalizing companies for corrupt acts, which often generate the proceeds that are subsequently laundered. The National Financial System, in turn, is the primary conduit for these funds, which places a central role on banks and other financial institutions to identify and report suspicious transactions.

In summary, Brazil has built a solid legal and regulatory system to combat money laundering and terrorist financing. This system is dynamic, continually adapting in response to evolving criminal tactics and international guidelines. However, its effectiveness depends on the vigilance and proactive efforts of all involved parties, from the institutions required to file reports to the intelligence and law enforcement agencies.

Overview of Brazil’s Central Bank Circular #3,978/2020

Circular #3,978, issued by BACEN on January 23, 2020, represents a fundamental regulatory milestone for preventing and combating ML/TF within the financial sector and other institutions it authorizes. This circular revoked Circular #3,461/2009 and related regulations, consolidating and enhancing guidelines for implementing robust policies, procedures, and internal controls in line with FATF recommendations and international best practices.

The core objective of Circular #3,978/20 is to establish a risk-based approach to ML/TF prevention. This means financial institutions must identify, assess, and understand their ML/TF risks and then implement control measures proportionate to those risks. This approach optimizes resource allocation by concentrating efforts on areas of greatest vulnerability.

The main points of Circular #3,978/20 are outlined below:

Main Points of Circular #3,978/20

1. Money laundering and terrorist financing prevention policy: the Circular mandates that institutions develop and implement a formal ML/TF prevention policy, which must be approved by the board of directors or senior management. This policy must be comprehensive, address all relevant ML/TF risks to which the company is exposed, and be communicated to all employees. It serves as the overarching document governing the institution's anti-money laundering and counter-financing of terrorism (AML/CFT) actions.

2. Internal Risk Assessment (IRA): this is the backbone of the risk-based approach. Institutions must conduct periodic internal risk assessments to identify and evaluate ML/TF risks related to:

Clients: their profiles, activities, volume of operations;

Products and services: new technologies, payment methods, innovative products;

Distribution channels: digital, physical, and correspondents;

Geographical area: high-risk countries and regions with a high crime incidence.

The IRA must be documented, approved by senior management, and reviewed periodically to reflect changes in the risk or business environment.

3. Know Your Customer (KYC), Know Your Partner (KYP), and Know Your Employee (KYE): the circular expands on due diligence requirements.

KYC: institutions must collect sufficient information to understand a client's business nature, purpose, source of funds, and transaction patterns. The depth of this due diligence must be proportional to the client's risk level (standard, enhanced, or intensified). This includes identifying and verifying the identity of clients, their representatives, and beneficial owners.

KYP: applies to business partners, such as banking correspondents and service providers, requiring a risk analysis similar to that for clients.

KYE: emphasizes the importance of vetting employees, especially those in sensitive positions, to prevent internal complicity in ML/TF crimes.

4. Transaction monitoring, screening, and analysis: institutions must have systems and procedures to monitor client transactions, identifying those that deviate from expected behavior patterns or match ML/TF red flags. The circular encourages using technology and algorithms to automate and improve monitoring. Selecting suspicious transactions for in-depth analysis is a crucial step before reporting to COAF.

5. Reporting to COAF: This is the final step in the risk identification process. Institutions must report to COAF any transactions that may indicate ML/TF, regardless of value. Reports are also mandatory for cash transactions exceeding established regulatory thresholds (e.g., large withdrawals or deposits). The circular details deadlines and communication methods, which are handled through the COAF Information System (Siscoaf).

6. Governance and responsibilities: the standard reinforces the responsibility of senior management and the board for the effective implementation of the AML/CFT Policy. It requires the appointment of a compliance officer responsible for the AML/CFT area and the establishment of a dedicated function to manage these risks, endowed with autonomy and adequate resources.

7. Training: the Circular highlights the need for ongoing, comprehensive training programs for all employees, from senior management to frontline staff. The goal is to ensure everyone understands their AML/CFT responsibilities and can identify and report suspicious activity.

8. Internal Controls: institutions must establish effective internal controls to ensure compliance with AML/CFT policies and procedures. This includes periodic independent audits and testing to assess the system's adequacy and effectiveness.

For financial institutions, Circular #3,978/2020 has had profound implications, particularly regarding: (i) increased compliance complexity, (ii) the need for technological investment, (iii) a radical cultural shift, (iv) higher operational costs, (v) the adoption of proactive and continuous risk management, and (vi) intensified client due diligence under the threat of severe administrative sanctions from Brazil’s Central Bank.

In conclusion, the BACEM’s Circular #3,978/2020 is not merely a set of rules but a strategic guide for financial institutions to build effective defenses against money laundering and terrorist financing. It demands an ongoing commitment to governance, technology, and a culture of compliance, transforming the financial sector into an active and indispensable partner in safeguarding the country's economic and social security. Its effective implementation is vital to preserving the integrity of and confidence in the Brazilian financial system and ensuring Brazil continues to meet its international commitments in the fight against these crimes.

COAF Analysis: Creation, Purpose, and Functional Structure

The Financial Activities Control Council (COAF) serves as Brazil's Financial Intelligence Unit, playing a crucial role in preventing and combating money laundering and terrorist financing. Its existence and operations are cornerstones of the Brazilian AML/CFT system, functioning as the central link between the private sector (the obligated reporting entities) and the law enforcement and judicial authorities.

COAF was established on March 3, 1998, by Law #9,613 – the same legislation that criminalized money laundering in Brazil. Initially, COAF was a collegiate body under the Ministry of Finance. Its structure and jurisdiction were designed to allow it to function as the national FIU, tasked with receiving, examining, and disseminating information on suspicious financial transactions.

Over the years, COAF has undergone restructuring to enhance its autonomy and effectiveness. A significant change occurred in 2019 with Law #13,974, of January 7, 2020, which transformed COAF into a special autonomous FIU. While linked to BACEN, it was granted technical and operational autonomy. This change aimed to shield the unit from political interference and strengthen its operational capacity. Although the official name is now FIU, the acronym COAF remains widely used and recognized.

COAF's primary purpose is to protect the national financial system and the Brazilian economy from being exploited by criminals for money laundering and terrorist financing. Its importance lies in its function as an “intelligent filter” for information, transforming raw data into actionable intelligence for law enforcement agencies. Without COAF, the AML/CFT system would be less efficient, as critical information would be fragmented and difficult to analyze cohesively.

COAF’s functional structure is composed of the following elements:

COAF Structure

1. Director: appointed by the President of the Republic, the Director unit senior leader, responsible for its management and representation.

2. Plenary: this is the collegiate body that establishes the FIU's guidelines and deliberates on the application of administrative sanctions and communications regarding evidence of crimes. The plenary includes representatives from various public bodies and entities, such as:

– BACEM;

– CVM;

– SUSEP;

– Office of the Attorney General of the National Treasury;

– Brazil’s Federal Revenue Service;

– Brazil’s Federal Police;

– Ministry of Justice and Public Security;

– Ministry of Foreign Affairs;

– Federal Attorney General’s Office;

– the Brazilian Office of the Comptroller General (CGU).

– the Brazilian Intelligence Agency (ABIN);

– Others, as needed. This diverse representation ensures a multidisciplinary approach and integrates different areas of expertise in the fight against ML/TF.

3. Executive Secretariat: responsible for providing technical and administrative support to the Plenary and for managing the intelligence analysis teams. This is where most of the technical work – data analysis and the preparation of Financial Intelligence Reports – takes place.

4. Directorates and coordination: these internal subdivisions manage specific areas, such as intelligence analysis, standardization, inspection, information technology, and international and administrative cooperation.

The 87 Typologies of Money Laundering identified by COAF

Money laundering typologies are diverse, reflecting the creativity and adaptability of criminals in integrating illicit funds into the financial system and the legitimate economy. The identification of 87 distinct typologies demonstrates the granularity of COAF's analysis, covering a wide range of sectors and methods. It is important to note that these typologies are dynamic, constantly being revised and updated as new laundering techniques emerge.

These typologies characterize money laundering operations by providing concrete examples of how the three stages of laundering (placement, layering, and integration) can manifest. They categorize techniques based on:

  • Economic sector involved: finance, real estate, foreign trade, crypto assets, and the like.
  • Instrument used: cash deposits, electronic transfers, purchase of luxury goods, insurance, and the like.
  • People involved: use of “straw persons” (or "stooges"), shell companies, Politically Exposed Persons (PEPs).
  • Behavior patterns: Structuring transactions (“smurfing”), activity inconsistent with the client's profile, circular transactions.

The following sections present a selection of the typologies identified by COAF to illustrate the diversity and complexity of money laundering methods. We begin with typologies related to companies and corporate structures:

A. Typologies related to companies and corporate structures

1. Shell Companies: creating or acquiring companies with no real economic activity, solely for moving money, issuing fake invoices, or justifying transfers.

2. Use of straw persons ("stooges") or intermediaries: setting up companies or operating accounts in the name of third parties (relatives, employees, low-income individuals) who are not the real economic beneficiaries.

3. Complex corporate structures: creating chains of companies across different jurisdictions (often tax havens) to obscure the identity of the ultimate beneficial owner.

4. Fictitious loans or debt simulation: granting or receiving loans between related companies or individuals without a clear commercial purpose, real collateral, or under non-market terms.

5. Unjustified capital contributions: increasing a company's share capital with funds of dubious origin, especially when the partners' financial capacity is incompatible with the contribution.

6. Anomalous mergers and acquisitions: acquiring companies at inflated or deflated prices, or merging with/spinning off companies with low transparency, to integrate illicit assets.

7. Companies with multiple unrelated activities: entities engaged in a wide range of logically unrelated activities, which can be used to justify diverse financial movements.

8. Incompatible changes in company assets: companies showing asset or revenue growth that is disproportionate to their declared economic activity or historical performance.

9. Misuse of Associations, foundations, and Non-Profit Organizations (NPOs): using non-profit entities (NGOs, churches, charities) to disguise the origin of funds or channel them for illicit purposes.

10. Opening business accounts with high turnover of partners/attorneys: accounts of legal entities that frequently change their representatives or partners, particularly when large transactions are involved.

11. Companies with low share capital and large financial transactions: newly created companies or those with negligible capital that move large volumes of money.

The second typology category relates to new technologies and cryptoassets:

B. Typologies related to new technologies and cryptoassets

12. Use of cryptoassets (cryptocurrencies): acquiring cryptocurrencies with illicit money and subsequently selling them on different platforms or in different jurisdictions; or using “mixers” and “tumblers” (services that obfuscate transaction trails) to hinder tracking.

13. Online gaming and betting platforms: depositing illicit funds into online gaming/betting accounts and subsequently withdrawing them as simulated “winnings,” or using accounts for transactions between users.

14. Buying and selling Non-Fungible Tokens (NFTs): using high-value NFTs to move large sums between cryptoasset accounts, taking advantage of the subjectivity in their valuation.

15. Use of digital accounts and fintechs for structuring (“Smurfing”): opening multiple accounts with digital banks or fintechs to split amounts and avoid detection or reporting thresholds.

16. Peer-to-Peer (P2P) cryptoasset transactions without identification: direct exchange of cryptocurrencies between individuals, bypassing regulated exchanges to avoid registration and identification.

17. Creation of fictitious funds in metaverses or games: simulating earnings or investments in virtual environments to justify the movement of funds in the real world.

18. Use of anonymous or prepaid rechargeable cards: acquiring prepaid cards with illicit cash to move and spend resources without a trace in the formal banking system.

19. Digital fraud involving movement of crypto assets: converting money obtained through virtual scams (phishing, ransomware) into cryptoassets and moving them to complicate tracking.

The third typology category relates to the real estate sector:

C. Typologies related to the real estate sector

20. Purchase and sale of real estate at atypical prices: acquiring or selling properties at prices significantly above or below market value, with the difference paid in cash or through obscure means.

21. Cash payment for property acquisition: paying a large portion of a property's value in cash or through multiple transfers from unrelated third parties.

22. Use of “straw persons” ("stooges") or shell companies in real estate acquisition: registering properties in the name of third parties or companies to conceal the true owner and the source of funds.

23. Luxury renovations and construction without funding: undertaking high-value construction projects without the owner or responsible company having a clear financial capacity to do so.

24. Property exchanges at different values: swapping properties with declared values that do not reflect reality, aiming to “legalize” money.

25. Atypical real estate financing: obtaining real estate financing with a large down payment of dubious origin, or repaying a financing loan early in an unexplained manner.

26. Subletting or renting properties at inflated prices: paying rents well above market value, or by companies without a clear justification for such expenses, to legitimize the outflow of illicit money.

27. Acquisition of real estate at judicial or extrajudicial auctions by third parties: using intermediaries to purchase properties at auctions with funds of dubious origin.

The fourth typology category relates to specific professionals and activities:

D. Typologies related to specific professionals and activities

28. Use of attorneys or law firm accounts: moving client funds through the firm's accounts under the guise of “client funds” or fee payments, without proper transparency regarding the origin and destination.

29. Use of accountant or accounting firm accounts: moving funds for clients or shell companies through the firm's accounts to mask their origin.

30. Art and antiques trade: buying and selling high-value, portable items with subjective valuations, facilitating money laundering through over- or under-valued transactions.

31. Jewelry and precious metals trade: acquiring and reselling high-value jewelry, gemstones, and precious metals, often with cash payments or payments from third parties.

32. Luxury vehicle, aircraft, and vessel market: purchasing and selling high-value goods, frequently with cash payments or through complex corporate structures.

33. Casinos and gambling: exchanging illicit cash for chips, placing minimal bets, and then cashing out chips for checks or transfers to simulate legitimate winnings.

34. Atypical factoring activities: conducting receivables assignment transactions with non-traditional parties, transactions involving shell companies, or using discount rates incompatible with the market.

35. Unlicensed exchange bureaus (“black markets”): conducting informal currency exchanges or transactions at off-market rates for money laundering purposes.

36. Religious organizations with large financial movements: religious entities that receive and move large volumes of resources with little transparency or connection to their declared activities.

37. Trade in durable goods and electronics (large volumes): companies that sell these goods and demonstrate cash flow or inventory levels that are incompatible with their market segment or size.

The fifth typology category relates to cash transactions:

E. Typologies related to cash transactions

38. Inconsistent cash deposits and withdrawals: conducting significant cash deposits or withdrawals that are inconsistent with the client's professional activity, profile, or financial capacity.

39. Structuring deposits or withdrawals (“smurfing”): making multiple cash deposits or withdrawals in amounts just below mandatory reporting thresholds (e.g., BRL 30,000.00 for financial institutions) to avoid reporting to COAF.

40. Cash deposits by unidentified third parties: frequent cash deposits into an account made by different individuals who are not the account holder and have no apparent connection to them.

41. Payment of bills or invoices in cash by third parties: recurring payment of a third party's obligations in cash, done systematically and without justification.

42. Transportation of large volumes of cash: evidence of the physical transportation or movement of large sums of cash without a clear, legitimate origin or destination.

43. Constant exchange of small-denomination notes for large-denomination notes: individuals who regularly exchange large volumes of low-denomination banknotes for higher denominations, or vice versa, without a commercial justification.

The sixth typology category relates to bank transfers and transactions:

F. Typologies related to bank transfers and transactions

44. Atypical international transfers: sending or receiving large international wire transfers with no apparent economic purpose or inconsistent with the client's profile, especially to or from tax havens or high-risk jurisdictions.

45. Transfers between accounts with no logical connection: frequent movement of funds between accounts of different holders, or between accounts of the same holder at different banks, without a clear justification.

46. Circular transactions: a sequence of credit and debit transactions that ultimately return funds to the original account or holder, creating a circular pattern to obscure a money trail.

47. Transactions incompatible with the client's profile: financial activities that deviate radically from the client's established behavioral pattern in terms of amount, frequency, type, or counterparties.

48. Rapid account opening and closing: accounts that are opened and closed within a short period, exhibit high transaction volumes, and lack an economic rationale.

49. Use of “mule” accounts: accounts that receive large sums and immediately transfer them to other accounts, with minimal time elapsed, acting as a pass-through.

50. Multiple and split transfers to a single beneficiary: numerous small-value transfers originating from different accounts sent to a single beneficiary account to avoid monitoring thresholds.

51. Transactions with third parties unrelated to the declared business: clients who conduct transactions with individuals or companies that have no apparent connection to their stated economic activity.

52. Misuse of credit cards (fraud or accumulation of unjustified debt): accumulating significant credit card debt to justify the inflow of funds used to pay it off, or using cards for atypical purchases and cash advances.

53. Exchange transactions involving rarely used foreign currencies: buying or selling large volumes of currencies not commonly used for international trade or travel, without a plausible justification.

The seventh typology category relates to investments and capital markets:

G. Typologies related to investments and capital markets

54. Atypical securities transactions: buying and selling stocks, bonds, or other securities in large volumes without a clear investment strategy, often involving significant unjustified losses or suspicious counterparties.

55. Use of omnibus or grouped accounts: using investment fund or intermediary accounts to pool resources from multiple investors, thereby obscuring the identity of the ultimate beneficial owner.

56. Investments in insurance and pension plans: investing large sums in pension plans or life insurance policies with quick redemption clauses, followed by early redemption and transfer of funds to different accounts.

57. Early redemption of investments without justification: redeeming long-term investments prematurely, incurring loss of profitability without a plausible reason, often followed by unusual fund movements.

58. Anomalous hedging operations: using futures contracts, options, or other derivatives to move large volumes of money without a clear financial hedging strategy, or to generate fictitious losses or gains.

59. Purchase and sale of public or private securities with price discrepancies: trading securities at values significantly different from market prices to justify the movement of resources.

60. Use of investment funds (especially multimarket funds): frequent investing and divesting in complex funds to exploit their portfolio diversity to conceal the origin or destination of money.

61. Participation in Initial Public Offerings (IPOs) of suspicious companies: investing in public offerings from companies with low transparency or other risk indicators.

The eighth typology category relates to foreign trade:

H. Typologies related to foreign trade

62. Under- or over-invoicing of goods and services: declaring values on import/export invoices that do not correspond to market prices, used to move illicit money across borders.

63. Import/export shell companies: companies with minimal capital that conduct large volumes of foreign trade, often in hard-to-value goods, primarily to move funds.

64. Advance payment for exports not carried out: transferring funds abroad as advance payment for exports that are never completed or are canceled without plausible justification.

65. Fictitious imports or exports: reporting commercial transactions for goods or services that do not exist, for the sole purpose of moving money.

66. Trade in dual-use goods: transactions involving goods with both civilian and military applications, involving suspicious origins, destinations, or end-users.

67. Triangulation of foreign trade operations: involving multiple countries in a commodity's supply chain without a clear commercial logic, aiming to conceal the origin or final destination of funds.

68. Use of free trade zones and free ports: exploiting the reduced oversight and tax advantages of these zones to move illicit goods and money.

The behavioral and general typologies comprise the final category:

Behavioral and general typologies

69. Evasion or lack of justification: a client who is unable or unwilling to provide information about the source of funds, the purpose of a transaction, or the parties involved.

70. Lack of knowledge about one's own activity: a client who demonstrates poor understanding of their own declared business or the transactions they are conducting.

71. Unjustified haste to carry out transactions: a client who shows excessive urgency to complete transactions, disregarding details or costs.

72. Aversion to personal contact: a preference for conducting all transactions through digital channels or third parties, avoiding direct contact with the institution.

73. Excessive use of cash: a client or company that insists on using large amounts of cash despite having full access to banking services.

74. Income and financial transaction incompatibility: a client who moves amounts of money far exceeding their declared income or known financial capacity.

75. Use of false or erased documents: presenting identification or supporting documents that appear to be counterfeit, tampered with, or inconsistent.

76. Reluctance to provide documentation: a client who delays or refuses to provide documents requested for updates or transaction verification.

77. Use of multiple accounts in different institutions: maintaining several accounts at different banks and moving small amounts through each to avoid detection.

78. Cross-transactions between family/personal and business accounts: significant fund flows between personal and corporate accounts without a clear business justification.

79. Excessive complaints or bribery attempts: attempting to influence employees or avoid reporting through threats or offers of incentives.

80. Transactions with high-risk PEPs: transactions involving PEPs or their associates that are inconsistent with their known income or position.

81. Emergence of new businesses or unexpected sources of income: a client who suddenly declares a new, high-volume source of income or business with no prior history.

82. Transactions with high-risk or sanctioned countries: financial activities involving jurisdictions known for money laundering, corruption, terrorism, or that are under international sanctions.

83. Use of non-resident accounts: operation of accounts by individuals or legal entities not resident in Brazil, exhibiting suspicious characteristics.

84. Sudden change in operational behavior: a client who, after a period of inactivity or normal activity, suddenly begins conducting high-volume or atypical transactions.

85. Attempts to coerce or influence employees: a client who tries to intimidate or persuade employees not to record or report specific transactions.

86. Transactions involving holding companies with low transparency: financial activities with holding companies whose ownership structures are opaque.

87. Use of third-party accounts to pay personal expenses: payment of an account holder's personal expenses from the accounts of third parties without a justifiable business or familial link.

6 Typologies of terrorist financing identified by COAF

TF is the provision or collection of funds, by any means, with the intention or knowledge that they will be used, either totally or partially, to carry out terrorist acts. While the amounts involved in TF may be smaller than in money laundering, the impacts are devastating. Identifying TF typologies is essential for detecting the sources and channels used by terrorist groups. The six TF typologies identified by COAF focus on the most common mechanisms observed internationally and in Brazil.

Typologies related to terrorist financing

1. Fundraising through shell or legitimate NPOs: using shell entities or legitimate NGOs, charities, or foundations to collect and move funds under the guise of humanitarian aid, which are then diverted to terrorist activities.

Mechanisms: numerous small or large one-off donations, international transfers, fundraising events, in-kind collections, use of crowdfunding platforms.

2. Misuse of informal value transfer systems (Hawala): exploiting informal money transfer networks that operate outside the regulated banking system to send funds across borders without a formal transaction record, making them difficult to trace.

– Mechanisms: trust-based operations between operators (hawaladars), clearing of internal debts, use of codes or passwords to release funds.

3. Funding through small donations and “micro-funding”: collecting a large number of small donations from supporters, making detection difficult as individual transactions fall below reporting thresholds.

Mechanisms: cash collections, small online donations, purchase of low-value goods or services that benefit the terrorist group.

4. Use of traditional financial instruments to obscure the origin/destination of funds: using legitimate financial products like bank accounts, credit cards, and wire transfers to move funds while disguising their link to terrorism.

Mechanisms: opening multiple accounts in the names of “straw persons”, using anonymous prepaid cards, transfers to accounts of complicit or front companies.

5. Financing through legitimate business activities as a front: terrorist groups owning or controlling legitimate businesses (e.g., restaurants, import/export firms) to generate profits, launder money from other crimes, and channel funds for terrorism.

Mechanisms: diverting profits from legitimate businesses, manipulating invoices (under-/over-invoicing) to move funds through trade.

6. Funds from transnational illicit activities: TF is often financed by proceeds from serious crimes like drug trafficking, arms smuggling, kidnapping, or extortion. The illicit funds are laundered and then channeled to terrorist activities.

Mechanisms: integrating illicit money into the financial system and then directing it to support terrorist groups or operations.

Effectively combating these TF typologies requires a multi-faceted approach combining financial intelligence, international cooperation, rigorous regulation, and constant vigilance by obligated entities. Financial institutions play a vital role in identifying the warning signs associated with these typologies and promptly reporting them to COAF.

Reporting Money Laundering and Terrorist Financing

Suspected cases of money laundering and terrorist financing must be reported to Brazil's FIU – COAF. It is essential to understand that the obligation to report to COAF falls on a wide range of individuals and legal entities, known as “obliged subjects” or “obliged persons,” as defined by Article 9 of Law #9,613/98 and specific COAF sectoral resolutions. Key obliged persons include:

Obliged persons:

1. Financial institutions: banks, credit unions, consortium administrators, securities brokers and distributors, stock and commodity exchanges, payment institutions, and others authorized to operate by the Central Bank of Brazil.

2. Insurance companies, reinsurers, and capitalization companies.

3. Supplementary pension entities

4. Factoring companies

5. Credit card companies

6. Individuals or entities trading in luxury or high-value goods: jewelry, precious stones and metals, art objects, antiques, motor vehicles, boats, and aircraft.

7. Commercial boards

8. Professionals in high-risk ML/TF sectors: accountants, lawyers (in specific activities like asset or company management), auctioneers, real estate agents and brokers, and advisory, consulting, and auditing firms.

9. Virtual asset (cryptocurrency) service providers

The specific reporting requirements are detailed in COAF resolutions for each sector. Financial institutions, due to their central role in the movement of funds, face the most comprehensive and rigorous obligations.

Reports to COAF are submitted electronically through the Siscoaf. This platform is the primary tool for obliged persons to fulfill their reporting duties. The general procedure involves the following steps:

  1. Registration with Siscoaf: the obliged person or entity must register with the system, providing the necessary information for identification and naming a responsible officer.
  2. Identification of suspicious transaction: the institution identifies a transaction or proposed transaction that, based on COAF typologies, regulations like Circular #3,978/20 (for financial institutions), and its own risk assessment, indicates potential ML/TF activity. This is done through internal controls, monitoring systems, and employee analysis.
  3. Internal analysis: before filing a report, the institution's compliance department must conduct an in-depth analysis of the transaction to corroborate or dismiss the suspicion. This analysis must be thoroughly documented.
  4. Completing the communication in Siscoaf: if the suspicion remains, the institution accesses Siscoaf to complete a report. The two main types of reports are:
    • Suspicious Activity Report (DOS – Declaração de Operação Suspeita): used to report transactions that, after analysis, are suspected of involving ML/TF. The DOS requires a detailed description of the transaction, the amounts involved, the participants (clients, beneficiaries), the specific indicators that triggered the suspicion, and a justification for the report. Suspicion is the sole trigger, regardless of the transaction's value.
    • Cash Transaction Report (COE – Comunicação de Operação em Espécie): used to report cash payments or receipts that exceed thresholds established by COAF rules for each sector (e.g., BRL 30,000.00 for deposits/withdrawals at financial institutions). These are mandatory reports based solely on value, even in the absence of suspicion.
  5. Submitting the report: once completed, the report is sent electronically via Siscoaf. This ensures the confidentiality of the reporting entity and the information provided.

DOSs must be filed within 24 hours after the suspicion is identified. COEs have specific deadlines, often monthly, as defined by sector-specific regulations.

For a report to be useful to COAF, it must be as complete and clear as possible, including:

  • Identification data: complete and accurate information for all parties involved (clients, ultimate beneficial owners, third parties), including full name, tax ID (CPF/CNPJ – individual or corporate), and address.
  • Description of the transaction: detailed specifics of the transaction (type, amounts, dates, accounts involved, and instruments used).
  • Basis for suspicion: a clear and objective explanation of the factors that made the transaction suspicious, referencing applicable typologies or red flags and describing how the activity deviated from the client's profile.
  • Supporting documentation: reference to any internal documents that support the report, such as client risk analyses or records of contact, when applicable.

Law #9,613/98 ensures the confidentiality of information and protection for the reporting party, who cannot be penalized for fulfilling their legal duty of reporting COAF. The reporting party, being a financial institution, have the legal duty not to tip-off the client the they have been reported.

Alexandre Dalmasso

RECENT POSTS

Nova regulamentação da CGU para programas de compliance em licitações

September 24, 2025

Regulamentação da inteligência artificial no Brasil e no mundo

September 17, 2025

A Lei de Proteção de Dados Pessoais da China

September 9, 2025

New CGU regulations for compliance programs in public tendering

September 24, 2025

Regulation of artificial intelligence in Brazil and worldwide

September 17, 2025

China's Personal Information Protection Law

September 9, 2025

Contracts in the technology sector

December 11, 2024

Pharmaceutical Industry Contracts and Legal Perceptions

December 4, 2024

Limitation of liability clauses: balancing risks in contracts

November 28, 2024

LINKEDIN FEED

Newsletter

Register your email and receive our updates

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

FOLLOW US ON SOCIAL MEDIA

Newsletter

Register your email and receive our updates-

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

FOLLOW US ON SOCIAL MEDIA

Licks Attorneys' Government Affairs & International Relations Blog

Doing Business in Brazil: Political and economic landscape

Licks Attorneys' COMPLIANCE Blog

Typologies of money laundering and terrorist financing by COAF

September 25, 2025
No items found.

Preventing money laundering (ML) and terrorist financing (TF) is a global priority due to the threat these crimes pose to the integrity of financial systems, national security, and the socioeconomic stability of nations. In Brazil, the fight against these crimes is a key focus, driven by international commitments, robust domestic legislation, and the work of specialized bodies such as the Council for Financial Activities Control (COAF – Conselho de Controle de Atividades Financeiras), which is now also known as Brazil’s Financial Intelligence Unit (FIU) and operates under the Ministry of Finance.

The preventive nature of this work transcends national borders, requiring strong international cooperation and the harmonization of laws and regulations. Recognition of the transnational character of these crimes led to several international treaties, which have served as the basis for policy and legislation worldwide, including in Brazil.

A key pillar of this international architecture is the Financial Action Task Force (FATF). Established in 1989 by the G7, the FATF sets international standards – the 40 Recommendations – that countries are expected to implement to combat ML and TF, as well as the proliferation of weapons of mass destruction. Brazil is an active FATF member and has committed to aligning its legislation and practices with the group's recommendations, striving for compliance and effectiveness in its ML/TF prevention regime.

Other crucial international instruments include the United Nations Convention against Illicit Traffic in Narcotic Drugs and Psychotropic Substances (the 1988 Vienna Convention), one of the first major treaties to criminalize money laundering derived from drug trafficking. Also significant is the United Nations Convention against Transnational Organized Crime (the 2000 Palermo Convention), which broadened the definition of money laundering to include the proceeds of a wider range of serious crimes and promoted mutual legal assistance. For terrorist financing, the 1999 International Convention for the Suppression of the Financing of Terrorism was instrumental, providing a legal framework to criminalize the provision or collection of funds intended for terrorist acts.

Brazil's incorporation of these international standards into national law reflects its unequivocal commitment to combating these scourges. Law #9,613 of March 3, 1998, known as the “Money Laundering Act,” was the initial and most important milestone in criminalizing this offense in Brazil. Originally, this Act defined ML as concealing or disguising the nature, source, location, disposition, movement, or ownership of assets, rights, or values arising, directly or indirectly, from specific predicate crimes exhaustively listed within the law. However, Law #12,683 of 2012 significantly amended Law #9,613/98 by adopting the “all-crimes approach” (or “open list” theory). This change meant that any criminal offense could serve as a predicate crime for money laundering. Unlike the previous “closed list,” which required the predicate offense to be explicitly named in the legislation, the all-crimes approach allows for money laundering charges to be brought in connection with any underlying crime, without the need to specify the prior illegal action in the indictment. This expansion brought Brazilian legislation in line with international best practices and FATF recommendations.

Beyond criminalization, Brazilian law imposes obligations on a wide range of individuals and legal entities, known as “obliged subjects,” to implement internal controls, identify clients, record transactions, and, crucially, report any suspicious activity involving money laundering or terrorist financing to COAF. These obligated parties include financial institutions, insurance companies, jewelry stores, real estate agencies, factoring companies, credit card administrators, stock exchanges, and other sectors considered susceptible to being used for illicit purposes.

The importance of international cooperation in this context cannot be overstated. The transnational nature of organized crime and terrorism means that illicit funds often move through multiple jurisdictions. The exchange of information between FIUs of different countries, mutual legal assistance, and extradition are essential tools for dismantling global criminal networks. Brazil actively participates in cooperation networks such as the Egmont Group, which facilitates the secure and efficient exchange of information between FIUs.

At the domestic level, beyond Law #9,613/98 and its amendments, other legal and regulatory frameworks are fundamental. Brazil’s Central Bank (BACEN – Banco Central do Brasil), Securities and Exchange Commission (CVM – Comissão de Valores Mobiliários), Superintendence of Private Insurance (SUSEP – Superintendência de Seguros Privados), and other regulatory bodies issue circulars and resolutions detailing the prevention obligations for the sectors they regulate. The Anti-Corruption Act (Law #12,846/2013), while not directly focused on ML/TF prevention, reinforces the framework by penalizing companies for corrupt acts, which often generate the proceeds that are subsequently laundered. The National Financial System, in turn, is the primary conduit for these funds, which places a central role on banks and other financial institutions to identify and report suspicious transactions.

In summary, Brazil has built a solid legal and regulatory system to combat money laundering and terrorist financing. This system is dynamic, continually adapting in response to evolving criminal tactics and international guidelines. However, its effectiveness depends on the vigilance and proactive efforts of all involved parties, from the institutions required to file reports to the intelligence and law enforcement agencies.

Overview of Brazil’s Central Bank Circular #3,978/2020

Circular #3,978, issued by BACEN on January 23, 2020, represents a fundamental regulatory milestone for preventing and combating ML/TF within the financial sector and other institutions it authorizes. This circular revoked Circular #3,461/2009 and related regulations, consolidating and enhancing guidelines for implementing robust policies, procedures, and internal controls in line with FATF recommendations and international best practices.

The core objective of Circular #3,978/20 is to establish a risk-based approach to ML/TF prevention. This means financial institutions must identify, assess, and understand their ML/TF risks and then implement control measures proportionate to those risks. This approach optimizes resource allocation by concentrating efforts on areas of greatest vulnerability.

The main points of Circular #3,978/20 are outlined below:

Main Points of Circular #3,978/20

1. Money laundering and terrorist financing prevention policy: the Circular mandates that institutions develop and implement a formal ML/TF prevention policy, which must be approved by the board of directors or senior management. This policy must be comprehensive, address all relevant ML/TF risks to which the company is exposed, and be communicated to all employees. It serves as the overarching document governing the institution's anti-money laundering and counter-financing of terrorism (AML/CFT) actions.

2. Internal Risk Assessment (IRA): this is the backbone of the risk-based approach. Institutions must conduct periodic internal risk assessments to identify and evaluate ML/TF risks related to:

Clients: their profiles, activities, volume of operations;

Products and services: new technologies, payment methods, innovative products;

Distribution channels: digital, physical, and correspondents;

Geographical area: high-risk countries and regions with a high crime incidence.

The IRA must be documented, approved by senior management, and reviewed periodically to reflect changes in the risk or business environment.

3. Know Your Customer (KYC), Know Your Partner (KYP), and Know Your Employee (KYE): the circular expands on due diligence requirements.

KYC: institutions must collect sufficient information to understand a client's business nature, purpose, source of funds, and transaction patterns. The depth of this due diligence must be proportional to the client's risk level (standard, enhanced, or intensified). This includes identifying and verifying the identity of clients, their representatives, and beneficial owners.

KYP: applies to business partners, such as banking correspondents and service providers, requiring a risk analysis similar to that for clients.

KYE: emphasizes the importance of vetting employees, especially those in sensitive positions, to prevent internal complicity in ML/TF crimes.

4. Transaction monitoring, screening, and analysis: institutions must have systems and procedures to monitor client transactions, identifying those that deviate from expected behavior patterns or match ML/TF red flags. The circular encourages using technology and algorithms to automate and improve monitoring. Selecting suspicious transactions for in-depth analysis is a crucial step before reporting to COAF.

5. Reporting to COAF: This is the final step in the risk identification process. Institutions must report to COAF any transactions that may indicate ML/TF, regardless of value. Reports are also mandatory for cash transactions exceeding established regulatory thresholds (e.g., large withdrawals or deposits). The circular details deadlines and communication methods, which are handled through the COAF Information System (Siscoaf).

6. Governance and responsibilities: the standard reinforces the responsibility of senior management and the board for the effective implementation of the AML/CFT Policy. It requires the appointment of a compliance officer responsible for the AML/CFT area and the establishment of a dedicated function to manage these risks, endowed with autonomy and adequate resources.

7. Training: the Circular highlights the need for ongoing, comprehensive training programs for all employees, from senior management to frontline staff. The goal is to ensure everyone understands their AML/CFT responsibilities and can identify and report suspicious activity.

8. Internal Controls: institutions must establish effective internal controls to ensure compliance with AML/CFT policies and procedures. This includes periodic independent audits and testing to assess the system's adequacy and effectiveness.

For financial institutions, Circular #3,978/2020 has had profound implications, particularly regarding: (i) increased compliance complexity, (ii) the need for technological investment, (iii) a radical cultural shift, (iv) higher operational costs, (v) the adoption of proactive and continuous risk management, and (vi) intensified client due diligence under the threat of severe administrative sanctions from Brazil’s Central Bank.

In conclusion, the BACEM’s Circular #3,978/2020 is not merely a set of rules but a strategic guide for financial institutions to build effective defenses against money laundering and terrorist financing. It demands an ongoing commitment to governance, technology, and a culture of compliance, transforming the financial sector into an active and indispensable partner in safeguarding the country's economic and social security. Its effective implementation is vital to preserving the integrity of and confidence in the Brazilian financial system and ensuring Brazil continues to meet its international commitments in the fight against these crimes.

COAF Analysis: Creation, Purpose, and Functional Structure

The Financial Activities Control Council (COAF) serves as Brazil's Financial Intelligence Unit, playing a crucial role in preventing and combating money laundering and terrorist financing. Its existence and operations are cornerstones of the Brazilian AML/CFT system, functioning as the central link between the private sector (the obligated reporting entities) and the law enforcement and judicial authorities.

COAF was established on March 3, 1998, by Law #9,613 – the same legislation that criminalized money laundering in Brazil. Initially, COAF was a collegiate body under the Ministry of Finance. Its structure and jurisdiction were designed to allow it to function as the national FIU, tasked with receiving, examining, and disseminating information on suspicious financial transactions.

Over the years, COAF has undergone restructuring to enhance its autonomy and effectiveness. A significant change occurred in 2019 with Law #13,974, of January 7, 2020, which transformed COAF into a special autonomous FIU. While linked to BACEN, it was granted technical and operational autonomy. This change aimed to shield the unit from political interference and strengthen its operational capacity. Although the official name is now FIU, the acronym COAF remains widely used and recognized.

COAF's primary purpose is to protect the national financial system and the Brazilian economy from being exploited by criminals for money laundering and terrorist financing. Its importance lies in its function as an “intelligent filter” for information, transforming raw data into actionable intelligence for law enforcement agencies. Without COAF, the AML/CFT system would be less efficient, as critical information would be fragmented and difficult to analyze cohesively.

COAF’s functional structure is composed of the following elements:

COAF Structure

1. Director: appointed by the President of the Republic, the Director unit senior leader, responsible for its management and representation.

2. Plenary: this is the collegiate body that establishes the FIU's guidelines and deliberates on the application of administrative sanctions and communications regarding evidence of crimes. The plenary includes representatives from various public bodies and entities, such as:

– BACEM;

– CVM;

– SUSEP;

– Office of the Attorney General of the National Treasury;

– Brazil’s Federal Revenue Service;

– Brazil’s Federal Police;

– Ministry of Justice and Public Security;

– Ministry of Foreign Affairs;

– Federal Attorney General’s Office;

– the Brazilian Office of the Comptroller General (CGU).

– the Brazilian Intelligence Agency (ABIN);

– Others, as needed. This diverse representation ensures a multidisciplinary approach and integrates different areas of expertise in the fight against ML/TF.

3. Executive Secretariat: responsible for providing technical and administrative support to the Plenary and for managing the intelligence analysis teams. This is where most of the technical work – data analysis and the preparation of Financial Intelligence Reports – takes place.

4. Directorates and coordination: these internal subdivisions manage specific areas, such as intelligence analysis, standardization, inspection, information technology, and international and administrative cooperation.

The 87 Typologies of Money Laundering identified by COAF

Money laundering typologies are diverse, reflecting the creativity and adaptability of criminals in integrating illicit funds into the financial system and the legitimate economy. The identification of 87 distinct typologies demonstrates the granularity of COAF's analysis, covering a wide range of sectors and methods. It is important to note that these typologies are dynamic, constantly being revised and updated as new laundering techniques emerge.

These typologies characterize money laundering operations by providing concrete examples of how the three stages of laundering (placement, layering, and integration) can manifest. They categorize techniques based on:

  • Economic sector involved: finance, real estate, foreign trade, crypto assets, and the like.
  • Instrument used: cash deposits, electronic transfers, purchase of luxury goods, insurance, and the like.
  • People involved: use of “straw persons” (or "stooges"), shell companies, Politically Exposed Persons (PEPs).
  • Behavior patterns: Structuring transactions (“smurfing”), activity inconsistent with the client's profile, circular transactions.

The following sections present a selection of the typologies identified by COAF to illustrate the diversity and complexity of money laundering methods. We begin with typologies related to companies and corporate structures:

A. Typologies related to companies and corporate structures

1. Shell Companies: creating or acquiring companies with no real economic activity, solely for moving money, issuing fake invoices, or justifying transfers.

2. Use of straw persons ("stooges") or intermediaries: setting up companies or operating accounts in the name of third parties (relatives, employees, low-income individuals) who are not the real economic beneficiaries.

3. Complex corporate structures: creating chains of companies across different jurisdictions (often tax havens) to obscure the identity of the ultimate beneficial owner.

4. Fictitious loans or debt simulation: granting or receiving loans between related companies or individuals without a clear commercial purpose, real collateral, or under non-market terms.

5. Unjustified capital contributions: increasing a company's share capital with funds of dubious origin, especially when the partners' financial capacity is incompatible with the contribution.

6. Anomalous mergers and acquisitions: acquiring companies at inflated or deflated prices, or merging with/spinning off companies with low transparency, to integrate illicit assets.

7. Companies with multiple unrelated activities: entities engaged in a wide range of logically unrelated activities, which can be used to justify diverse financial movements.

8. Incompatible changes in company assets: companies showing asset or revenue growth that is disproportionate to their declared economic activity or historical performance.

9. Misuse of Associations, foundations, and Non-Profit Organizations (NPOs): using non-profit entities (NGOs, churches, charities) to disguise the origin of funds or channel them for illicit purposes.

10. Opening business accounts with high turnover of partners/attorneys: accounts of legal entities that frequently change their representatives or partners, particularly when large transactions are involved.

11. Companies with low share capital and large financial transactions: newly created companies or those with negligible capital that move large volumes of money.

The second typology category relates to new technologies and cryptoassets:

B. Typologies related to new technologies and cryptoassets

12. Use of cryptoassets (cryptocurrencies): acquiring cryptocurrencies with illicit money and subsequently selling them on different platforms or in different jurisdictions; or using “mixers” and “tumblers” (services that obfuscate transaction trails) to hinder tracking.

13. Online gaming and betting platforms: depositing illicit funds into online gaming/betting accounts and subsequently withdrawing them as simulated “winnings,” or using accounts for transactions between users.

14. Buying and selling Non-Fungible Tokens (NFTs): using high-value NFTs to move large sums between cryptoasset accounts, taking advantage of the subjectivity in their valuation.

15. Use of digital accounts and fintechs for structuring (“Smurfing”): opening multiple accounts with digital banks or fintechs to split amounts and avoid detection or reporting thresholds.

16. Peer-to-Peer (P2P) cryptoasset transactions without identification: direct exchange of cryptocurrencies between individuals, bypassing regulated exchanges to avoid registration and identification.

17. Creation of fictitious funds in metaverses or games: simulating earnings or investments in virtual environments to justify the movement of funds in the real world.

18. Use of anonymous or prepaid rechargeable cards: acquiring prepaid cards with illicit cash to move and spend resources without a trace in the formal banking system.

19. Digital fraud involving movement of crypto assets: converting money obtained through virtual scams (phishing, ransomware) into cryptoassets and moving them to complicate tracking.

The third typology category relates to the real estate sector:

C. Typologies related to the real estate sector

20. Purchase and sale of real estate at atypical prices: acquiring or selling properties at prices significantly above or below market value, with the difference paid in cash or through obscure means.

21. Cash payment for property acquisition: paying a large portion of a property's value in cash or through multiple transfers from unrelated third parties.

22. Use of “straw persons” ("stooges") or shell companies in real estate acquisition: registering properties in the name of third parties or companies to conceal the true owner and the source of funds.

23. Luxury renovations and construction without funding: undertaking high-value construction projects without the owner or responsible company having a clear financial capacity to do so.

24. Property exchanges at different values: swapping properties with declared values that do not reflect reality, aiming to “legalize” money.

25. Atypical real estate financing: obtaining real estate financing with a large down payment of dubious origin, or repaying a financing loan early in an unexplained manner.

26. Subletting or renting properties at inflated prices: paying rents well above market value, or by companies without a clear justification for such expenses, to legitimize the outflow of illicit money.

27. Acquisition of real estate at judicial or extrajudicial auctions by third parties: using intermediaries to purchase properties at auctions with funds of dubious origin.

The fourth typology category relates to specific professionals and activities:

D. Typologies related to specific professionals and activities

28. Use of attorneys or law firm accounts: moving client funds through the firm's accounts under the guise of “client funds” or fee payments, without proper transparency regarding the origin and destination.

29. Use of accountant or accounting firm accounts: moving funds for clients or shell companies through the firm's accounts to mask their origin.

30. Art and antiques trade: buying and selling high-value, portable items with subjective valuations, facilitating money laundering through over- or under-valued transactions.

31. Jewelry and precious metals trade: acquiring and reselling high-value jewelry, gemstones, and precious metals, often with cash payments or payments from third parties.

32. Luxury vehicle, aircraft, and vessel market: purchasing and selling high-value goods, frequently with cash payments or through complex corporate structures.

33. Casinos and gambling: exchanging illicit cash for chips, placing minimal bets, and then cashing out chips for checks or transfers to simulate legitimate winnings.

34. Atypical factoring activities: conducting receivables assignment transactions with non-traditional parties, transactions involving shell companies, or using discount rates incompatible with the market.

35. Unlicensed exchange bureaus (“black markets”): conducting informal currency exchanges or transactions at off-market rates for money laundering purposes.

36. Religious organizations with large financial movements: religious entities that receive and move large volumes of resources with little transparency or connection to their declared activities.

37. Trade in durable goods and electronics (large volumes): companies that sell these goods and demonstrate cash flow or inventory levels that are incompatible with their market segment or size.

The fifth typology category relates to cash transactions:

E. Typologies related to cash transactions

38. Inconsistent cash deposits and withdrawals: conducting significant cash deposits or withdrawals that are inconsistent with the client's professional activity, profile, or financial capacity.

39. Structuring deposits or withdrawals (“smurfing”): making multiple cash deposits or withdrawals in amounts just below mandatory reporting thresholds (e.g., BRL 30,000.00 for financial institutions) to avoid reporting to COAF.

40. Cash deposits by unidentified third parties: frequent cash deposits into an account made by different individuals who are not the account holder and have no apparent connection to them.

41. Payment of bills or invoices in cash by third parties: recurring payment of a third party's obligations in cash, done systematically and without justification.

42. Transportation of large volumes of cash: evidence of the physical transportation or movement of large sums of cash without a clear, legitimate origin or destination.

43. Constant exchange of small-denomination notes for large-denomination notes: individuals who regularly exchange large volumes of low-denomination banknotes for higher denominations, or vice versa, without a commercial justification.

The sixth typology category relates to bank transfers and transactions:

F. Typologies related to bank transfers and transactions

44. Atypical international transfers: sending or receiving large international wire transfers with no apparent economic purpose or inconsistent with the client's profile, especially to or from tax havens or high-risk jurisdictions.

45. Transfers between accounts with no logical connection: frequent movement of funds between accounts of different holders, or between accounts of the same holder at different banks, without a clear justification.

46. Circular transactions: a sequence of credit and debit transactions that ultimately return funds to the original account or holder, creating a circular pattern to obscure a money trail.

47. Transactions incompatible with the client's profile: financial activities that deviate radically from the client's established behavioral pattern in terms of amount, frequency, type, or counterparties.

48. Rapid account opening and closing: accounts that are opened and closed within a short period, exhibit high transaction volumes, and lack an economic rationale.

49. Use of “mule” accounts: accounts that receive large sums and immediately transfer them to other accounts, with minimal time elapsed, acting as a pass-through.

50. Multiple and split transfers to a single beneficiary: numerous small-value transfers originating from different accounts sent to a single beneficiary account to avoid monitoring thresholds.

51. Transactions with third parties unrelated to the declared business: clients who conduct transactions with individuals or companies that have no apparent connection to their stated economic activity.

52. Misuse of credit cards (fraud or accumulation of unjustified debt): accumulating significant credit card debt to justify the inflow of funds used to pay it off, or using cards for atypical purchases and cash advances.

53. Exchange transactions involving rarely used foreign currencies: buying or selling large volumes of currencies not commonly used for international trade or travel, without a plausible justification.

The seventh typology category relates to investments and capital markets:

G. Typologies related to investments and capital markets

54. Atypical securities transactions: buying and selling stocks, bonds, or other securities in large volumes without a clear investment strategy, often involving significant unjustified losses or suspicious counterparties.

55. Use of omnibus or grouped accounts: using investment fund or intermediary accounts to pool resources from multiple investors, thereby obscuring the identity of the ultimate beneficial owner.

56. Investments in insurance and pension plans: investing large sums in pension plans or life insurance policies with quick redemption clauses, followed by early redemption and transfer of funds to different accounts.

57. Early redemption of investments without justification: redeeming long-term investments prematurely, incurring loss of profitability without a plausible reason, often followed by unusual fund movements.

58. Anomalous hedging operations: using futures contracts, options, or other derivatives to move large volumes of money without a clear financial hedging strategy, or to generate fictitious losses or gains.

59. Purchase and sale of public or private securities with price discrepancies: trading securities at values significantly different from market prices to justify the movement of resources.

60. Use of investment funds (especially multimarket funds): frequent investing and divesting in complex funds to exploit their portfolio diversity to conceal the origin or destination of money.

61. Participation in Initial Public Offerings (IPOs) of suspicious companies: investing in public offerings from companies with low transparency or other risk indicators.

The eighth typology category relates to foreign trade:

H. Typologies related to foreign trade

62. Under- or over-invoicing of goods and services: declaring values on import/export invoices that do not correspond to market prices, used to move illicit money across borders.

63. Import/export shell companies: companies with minimal capital that conduct large volumes of foreign trade, often in hard-to-value goods, primarily to move funds.

64. Advance payment for exports not carried out: transferring funds abroad as advance payment for exports that are never completed or are canceled without plausible justification.

65. Fictitious imports or exports: reporting commercial transactions for goods or services that do not exist, for the sole purpose of moving money.

66. Trade in dual-use goods: transactions involving goods with both civilian and military applications, involving suspicious origins, destinations, or end-users.

67. Triangulation of foreign trade operations: involving multiple countries in a commodity's supply chain without a clear commercial logic, aiming to conceal the origin or final destination of funds.

68. Use of free trade zones and free ports: exploiting the reduced oversight and tax advantages of these zones to move illicit goods and money.

The behavioral and general typologies comprise the final category:

Behavioral and general typologies

69. Evasion or lack of justification: a client who is unable or unwilling to provide information about the source of funds, the purpose of a transaction, or the parties involved.

70. Lack of knowledge about one's own activity: a client who demonstrates poor understanding of their own declared business or the transactions they are conducting.

71. Unjustified haste to carry out transactions: a client who shows excessive urgency to complete transactions, disregarding details or costs.

72. Aversion to personal contact: a preference for conducting all transactions through digital channels or third parties, avoiding direct contact with the institution.

73. Excessive use of cash: a client or company that insists on using large amounts of cash despite having full access to banking services.

74. Income and financial transaction incompatibility: a client who moves amounts of money far exceeding their declared income or known financial capacity.

75. Use of false or erased documents: presenting identification or supporting documents that appear to be counterfeit, tampered with, or inconsistent.

76. Reluctance to provide documentation: a client who delays or refuses to provide documents requested for updates or transaction verification.

77. Use of multiple accounts in different institutions: maintaining several accounts at different banks and moving small amounts through each to avoid detection.

78. Cross-transactions between family/personal and business accounts: significant fund flows between personal and corporate accounts without a clear business justification.

79. Excessive complaints or bribery attempts: attempting to influence employees or avoid reporting through threats or offers of incentives.

80. Transactions with high-risk PEPs: transactions involving PEPs or their associates that are inconsistent with their known income or position.

81. Emergence of new businesses or unexpected sources of income: a client who suddenly declares a new, high-volume source of income or business with no prior history.

82. Transactions with high-risk or sanctioned countries: financial activities involving jurisdictions known for money laundering, corruption, terrorism, or that are under international sanctions.

83. Use of non-resident accounts: operation of accounts by individuals or legal entities not resident in Brazil, exhibiting suspicious characteristics.

84. Sudden change in operational behavior: a client who, after a period of inactivity or normal activity, suddenly begins conducting high-volume or atypical transactions.

85. Attempts to coerce or influence employees: a client who tries to intimidate or persuade employees not to record or report specific transactions.

86. Transactions involving holding companies with low transparency: financial activities with holding companies whose ownership structures are opaque.

87. Use of third-party accounts to pay personal expenses: payment of an account holder's personal expenses from the accounts of third parties without a justifiable business or familial link.

6 Typologies of terrorist financing identified by COAF

TF is the provision or collection of funds, by any means, with the intention or knowledge that they will be used, either totally or partially, to carry out terrorist acts. While the amounts involved in TF may be smaller than in money laundering, the impacts are devastating. Identifying TF typologies is essential for detecting the sources and channels used by terrorist groups. The six TF typologies identified by COAF focus on the most common mechanisms observed internationally and in Brazil.

Typologies related to terrorist financing

1. Fundraising through shell or legitimate NPOs: using shell entities or legitimate NGOs, charities, or foundations to collect and move funds under the guise of humanitarian aid, which are then diverted to terrorist activities.

Mechanisms: numerous small or large one-off donations, international transfers, fundraising events, in-kind collections, use of crowdfunding platforms.

2. Misuse of informal value transfer systems (Hawala): exploiting informal money transfer networks that operate outside the regulated banking system to send funds across borders without a formal transaction record, making them difficult to trace.

– Mechanisms: trust-based operations between operators (hawaladars), clearing of internal debts, use of codes or passwords to release funds.

3. Funding through small donations and “micro-funding”: collecting a large number of small donations from supporters, making detection difficult as individual transactions fall below reporting thresholds.

Mechanisms: cash collections, small online donations, purchase of low-value goods or services that benefit the terrorist group.

4. Use of traditional financial instruments to obscure the origin/destination of funds: using legitimate financial products like bank accounts, credit cards, and wire transfers to move funds while disguising their link to terrorism.

Mechanisms: opening multiple accounts in the names of “straw persons”, using anonymous prepaid cards, transfers to accounts of complicit or front companies.

5. Financing through legitimate business activities as a front: terrorist groups owning or controlling legitimate businesses (e.g., restaurants, import/export firms) to generate profits, launder money from other crimes, and channel funds for terrorism.

Mechanisms: diverting profits from legitimate businesses, manipulating invoices (under-/over-invoicing) to move funds through trade.

6. Funds from transnational illicit activities: TF is often financed by proceeds from serious crimes like drug trafficking, arms smuggling, kidnapping, or extortion. The illicit funds are laundered and then channeled to terrorist activities.

Mechanisms: integrating illicit money into the financial system and then directing it to support terrorist groups or operations.

Effectively combating these TF typologies requires a multi-faceted approach combining financial intelligence, international cooperation, rigorous regulation, and constant vigilance by obligated entities. Financial institutions play a vital role in identifying the warning signs associated with these typologies and promptly reporting them to COAF.

Reporting Money Laundering and Terrorist Financing

Suspected cases of money laundering and terrorist financing must be reported to Brazil's FIU – COAF. It is essential to understand that the obligation to report to COAF falls on a wide range of individuals and legal entities, known as “obliged subjects” or “obliged persons,” as defined by Article 9 of Law #9,613/98 and specific COAF sectoral resolutions. Key obliged persons include:

Obliged persons:

1. Financial institutions: banks, credit unions, consortium administrators, securities brokers and distributors, stock and commodity exchanges, payment institutions, and others authorized to operate by the Central Bank of Brazil.

2. Insurance companies, reinsurers, and capitalization companies.

3. Supplementary pension entities

4. Factoring companies

5. Credit card companies

6. Individuals or entities trading in luxury or high-value goods: jewelry, precious stones and metals, art objects, antiques, motor vehicles, boats, and aircraft.

7. Commercial boards

8. Professionals in high-risk ML/TF sectors: accountants, lawyers (in specific activities like asset or company management), auctioneers, real estate agents and brokers, and advisory, consulting, and auditing firms.

9. Virtual asset (cryptocurrency) service providers

The specific reporting requirements are detailed in COAF resolutions for each sector. Financial institutions, due to their central role in the movement of funds, face the most comprehensive and rigorous obligations.

Reports to COAF are submitted electronically through the Siscoaf. This platform is the primary tool for obliged persons to fulfill their reporting duties. The general procedure involves the following steps:

  1. Registration with Siscoaf: the obliged person or entity must register with the system, providing the necessary information for identification and naming a responsible officer.
  2. Identification of suspicious transaction: the institution identifies a transaction or proposed transaction that, based on COAF typologies, regulations like Circular #3,978/20 (for financial institutions), and its own risk assessment, indicates potential ML/TF activity. This is done through internal controls, monitoring systems, and employee analysis.
  3. Internal analysis: before filing a report, the institution's compliance department must conduct an in-depth analysis of the transaction to corroborate or dismiss the suspicion. This analysis must be thoroughly documented.
  4. Completing the communication in Siscoaf: if the suspicion remains, the institution accesses Siscoaf to complete a report. The two main types of reports are:
    • Suspicious Activity Report (DOS – Declaração de Operação Suspeita): used to report transactions that, after analysis, are suspected of involving ML/TF. The DOS requires a detailed description of the transaction, the amounts involved, the participants (clients, beneficiaries), the specific indicators that triggered the suspicion, and a justification for the report. Suspicion is the sole trigger, regardless of the transaction's value.
    • Cash Transaction Report (COE – Comunicação de Operação em Espécie): used to report cash payments or receipts that exceed thresholds established by COAF rules for each sector (e.g., BRL 30,000.00 for deposits/withdrawals at financial institutions). These are mandatory reports based solely on value, even in the absence of suspicion.
  5. Submitting the report: once completed, the report is sent electronically via Siscoaf. This ensures the confidentiality of the reporting entity and the information provided.

DOSs must be filed within 24 hours after the suspicion is identified. COEs have specific deadlines, often monthly, as defined by sector-specific regulations.

For a report to be useful to COAF, it must be as complete and clear as possible, including:

  • Identification data: complete and accurate information for all parties involved (clients, ultimate beneficial owners, third parties), including full name, tax ID (CPF/CNPJ – individual or corporate), and address.
  • Description of the transaction: detailed specifics of the transaction (type, amounts, dates, accounts involved, and instruments used).
  • Basis for suspicion: a clear and objective explanation of the factors that made the transaction suspicious, referencing applicable typologies or red flags and describing how the activity deviated from the client's profile.
  • Supporting documentation: reference to any internal documents that support the report, such as client risk analyses or records of contact, when applicable.

Law #9,613/98 ensures the confidentiality of information and protection for the reporting party, who cannot be penalized for fulfilling their legal duty of reporting COAF. The reporting party, being a financial institution, have the legal duty not to tip-off the client the they have been reported.

Related
No items found.

ABOUT US

Licks’ Blog provides regular and insightful updates on Brazil’s political and economic landscape. The posts are authored by our Government Affairs & International Relations group, which is composed of experienced professionals from different backgrounds with multiple policy perspectives.

Licks Attorneys is a top tier Brazilian law firm, speciallized in Intellectual Property and recognized for its success handling large and strategic projects in the country.

ABOUT US

Licks Attorneys Compliance’s Blog provides regular and insightful updates about Ethic and Compliance. The posts are authored by Alexandre Dalmasso, our partner. Licks Attorneys is a top tier Brazilian law firm, specialized in Intellectual Property and recognized for its success handling large and strategic projects in the country.

QUEM SOMOS

O blog Licks Attorneys Compliance fornece atualizações regulares e esclarecedoras sobre Ética e Compliance. As postagens são de autoria de Alexandre Dalmasso, sócio do escritório. O Licks Attorneys é um escritório de advocacia brasileiro renomado, especializado em Propriedade Intelectual e reconhecido por seu sucesso em lidar com grandes e estratégicos cases no país.

Follow Us on Social Media

Offices

Rio de Janeiro

Av. Oscar Niemeyer, 2000
9th floor, Aqwa Corporate
Rio de Janeiro RJ - Brazil
20220-297
Phone: +55 21 3550 3700
Fax: +55 21 3956 9444
info@lickslegal.com

Sao Paulo

Av. Nações Unidas, 12.901
North Tower - 15th floor
Sao Paulo/SP Brazil
04578-910
Phone: +55 11 3033 3700
info@lickslegal.com

Brasilia

SH/Sul Zone 06, Unit A,
Complexo Brasil 21, Block E,
Rooms 515 and 516 – Asa Sul
Brasilia DF - Brazil
70316-902
Phone: + 55 61 3772 3700
info@lickslegal.com

Curitiba

Curitiba PR – Brazil
Phone: + 55 41 2391 0680
info@lickslegal.com

Tokyo

Chiyoda Kaikan Bldg, 6F, 1-6-17
Kudan Minami Chiyoda-Ku
Tokyo - Japan
102-0074
Phone:+81 3 6256 8972
Fax:+81 (03) 6740 1453
japan@lickslegal.com

© Copyright 2025 Licks Advogados

Selo COVID-19 FIRJAN e Albert Einstein
Covid-19 Safe Certified Office