The June arrests of Chilean bank workers accused of ties to an international criminal organization has again underscored the need for anti-money laundering (AML) detection to embrace real-time transaction intelligence.
Authorities allege that a rogue Santander Chile employee was a key player in an $85-million USD money-laundering operation that channelled funds through accounts at almost every major bank in the country. The investigation into the criminal network’s financial activity has reportedly resulted in several arrests, with 18 people formally accused of money laundering and related offences.
For banks across Chile and far beyond, the case serves as a warning about all-too-familiar AML blind spots: regular bank accounts, front companies and cryptocurrency remittances allegedly used to move criminal proceeds across borders.
For AML teams, the financial trail is not separate from the harm. In fact, it is the infrastructure that allows harm to continue.
Why traditional fraud detection and prevention often misses methodical laundering
Money laundering is often treated as a back-office concern that begins after the underlying crime has occurred. In reality, however, laundering is part of the operating model. In reality, effective AML must be embedded into the institution’s operating model, enabling suspicious activity to be identified and acted upon as transactions occur—not after the funds have already moved.
A criminal enterprise that collects cash from drugs, extortion or exploitation cannot scale unless it can move value. It needs accounts, intermediaries, businesses, payment rails, insiders, mules, crypto remittances and cross-border corridors. It needs ways to make dirty money appear routine.
A single suspicious transaction may not reveal a transnational criminal network, but a pattern often will. In organized-crime cases, money may pass through personal accounts, new businesses, cash-intensive venues, event promoters, remittance channels, digital wallets or accounts controlled by nominees. Individual transactions may be calibrated to avoid thresholds, and counterparties may not yet be known to law enforcement. In short, the risk emerges from context.
That is why AML programs built mainly on population-based risk scoring can struggle with this class of threat. Comparing one customer to a broad peer group may catch crude anomalies, but it can miss a careful insider, mule account or front company that changes behaviour gradually. A better approach involves looking at whether an account, card, device, terminal, employee or business relationship appears unusual compared with its own behaviour, updated after every transaction.
This is the gap INETCO BullzAI is designed to close. The platform combines fraud detection and prevention with AML capabilities in a single environment, using real-time transaction monitoring, advanced AI, screening and individualized behavioural analysis to identify suspicious activity much more accurately than traditional programs.
KYT needs to complement KYC
Know Your Customer (KYC) controls remain essential: institutions must understand who customers are, screen them against sanctions, adverse media, Politically Exposed Persons lists and watchlists, and apply appropriate due diligence. But KYC is only the starting point. Organized-crime networks exploit the gap between who a customer appears to be at onboarding and how that customer behaves after the account is active. That’s where Know Your Transaction (KYT) becomes critical.
INETCO BullzAI integrates with KYC and customer due diligence (CDD) data for onboarding and continuous monitoring, helping institutions rescreen customers and detect changes in behaviour over time. It performs real-time checks on in-flight transaction activity, including cross-border payments, while monitoring transaction fields and metadata that can reveal risk indicators hidden inside payment messages.
For AML teams, this means moving from periodic review to continuous transaction intelligence and precise blocking of fraudulent transactions. A customer who once appeared legitimate can be reassessed as behaviour changes. A business account can be measured against actual counterparties, velocity, geographies, devices and payment patterns. A mule account can be detected by how quickly it forwards funds and whether it shares traits with other suspicious entities.
Mule accounts are the connective tissue
Criminal organizations don’t move illicit proceeds through one obvious account. They spread activity across many accounts, often using money mules, nominees, shell companies or coerced participants to receive, forward and withdraw funds. That makes mule detection critical: the question is not only whether one account looks suspicious, but whether a group of accounts is behaving like a coordinated network.
A modern AML system should be able to detect accounts that suddenly receive funds from unrelated parties, rapidly forward money, share beneficiaries with risky accounts, or behave inconsistently with their known profile. It should also connect this activity to suspicious terminals, compromised devices, unusual merchant behavior, cross-border transfers, rapid transaction patterns or message manipulations.
INETCO BullzAI continuously learns the unique behaviors of every customer account, card, device and terminal. The models refine themselves in real time after every transaction, improving risk scoring accuracy, anomaly detection and false-positive reduction without requiring data scientists to constantly retrain them.
That individualized approach matters because mule activity often hides in fragmentation. A complete view across accounts, devices, cards, terminals and channels helps separate legitimate behavior from laundering activity.
Bank insiders make visibility urgent
One of the most troubling elements reported in connection with Operación Tokio is the alleged involvement of bank-linked individuals. Insider risk is especially damaging because insiders may understand controls, help criminals avoid scrutiny and use institutional access to facilitate account activity.
The solution is not simply more training or attestations. It is stronger visibility. Banks need systems that identify anomalous activity at the transaction, account, device and network levels, with alerts that explain why activity is unusual, who else is connected and whether the pattern resembles known laundering behaviour.
INETCO BullzAI helps by providing end-to-end visibility into payment journeys, including all transaction message fields and metadata, such as device footprint intelligence, terminal IDs, geolocation information and other contextual data. That depth makes it easier to identify missing links, path deviations, message manipulation and compromised systems. These are the kinds of signals that matter when insiders or coordinated actors are involved.
AML and fraud teams need a shared view
The Chilean case also shows why AML and fraud can no longer operate in separate silos. The same network may use stolen identities, mule accounts, suspicious merchants, altered transaction messages, crypto remittances and front companies. Some activity looks like fraud, some looks like money laundering, and some looks like cyber compromise. In practice, it is often all part of the same financial-crime ecosystem.
INETCO BullzAI handles this convergence using integrated FRAML coverage: one platform for fraud detection and AML that reduces operational silos, blocks suspicious activity instantly and accurately, and accelerates compliance reporting. For banks and issuers, a shared view can improve detection, reduce false positives and help protect systems from threats other tools may not detect, including insider fraud, transaction-message tampering, cash-out attacks, rogue terminals and credential stuffing.
Faster investigations, better compliance
Detection is only half the battle. Once an alert is generated, AML teams need to investigate quickly, document decisions and produce reports that satisfy regulators. That requires prioritized case management, clear transaction context and an audit-ready record of what happened.
INETCO BullzAI includes case investigation capabilities that trigger customized alerts and provide one-click access to transaction details. Its AI-powered fraud agent, powered by a proprietary on-premise small language model, is designed to triage AML alerts, surface the highest-priority cases and provide explainability while keeping sensitive data inside the institution’s environment.
For institutions operating under Chile’s AML framework, including Law No. 19,913, Universal Authentication Framework (UAF) expectations and Collection Management Framework (CMF) oversight, this capability supports ongoing transaction monitoring, suspicious transaction reporting, enhanced due diligence, KYC/CDD compliance, risk-based scoring and audit-ready documentation.
The human cost should sharpen the compliance response
Every dollar successfully laundered makes it easier for criminal organizations to recruit, threaten, corrupt and expand.
For financial institutions, this should sharpen the purpose of AML. Compliance is not only about satisfying regulators. It is about protecting customers and denying criminal networks the financial infrastructure they need to operate.
Operación Tokio shows that financial investigations can be powerful. Following the money can expose networks that violence alone may not reveal. But the next step is to make detection earlier, faster and more connected.
That means moving beyond siloed systems, fragmented alerts and manual investigations that begin after the damage is done. It means combining real-time transaction monitoring, advanced analytics, individualized behavioral modeling, message-level decoding, KYC/CDD integration and network intelligence.
The lesson from Chile is clear: to disrupt organized crime, follow the money. To stop it from moving, follow it in real time.
Request a demo today to learn how INETCO BullzAI helps banks and payment providers detect mule accounts, uncover money laundering networks and stop suspicious transactions in real time before criminal activity can spread.