Financial Fraud or Financial Crime covers a range of criminal acts or offences that extend beyond national borders. These offences are international in nature and executed in Cyberspace (Boorman & Ingves, 2001). They impact financial sectors and international banking. These form of crimes affect organizations, nations, as well as individuals, negatively impact the social and economic system and cause considerable loss of money. These crimes involve Money Laundering, embezzlement, theft, skimming, Money Laundering, Ponzi schemes and phishing to name a few (Assocham, 2015).

These are often committed by organized criminal networks and motivated by prospects of earning huge profits from the activities. Assets are obtained illegally through Financial Fraud. The differences between countries, including differences in national jurisdictions, the level of expertise of different countries’ prosecutorial and investigative authorities make it difficult for law enforcement officers to trace criminals engaging in Financial Fraud (Interpol, 2017).

Financial Intelligence can curb Cybercrime by understanding what motivates Cybercriminals. This paper seeks to understand Cybercrime in the context of three types of Cybercriminals – Petty Thieves (PT), Professional Criminals (PC) and Information Warriors (IW). Rogers (2011) originally proposed a nine model classification of Cybercriminals based on what motivates them. Of these nine types of Cybercriminals, PT, PC and IW’s motivations revolve around Money Laundering and Financial Fraud.


Petty Thieves (PT) engage in Cybercriminal activities to further their criminal activities (Rogers , 2005). They are less interested in notoriety. Their attraction to the Internet and technology is to follow their traditional targets, which include banks and naïve people. PTs learn and acquire the prerequisite skills that can enable them to perpetrate Cybercrime. This group often possesses a maturation of skills and are largely motivated by greed, revenge and financial gain (Parker, 1998).

Unlike Petty Thieves, Professional Criminals (PC) have larger ambitions and a higher set of technical abilities and skills. Like professional criminals within the traditional criminal domain, PCs are motivated to engage in criminal activities by financial and monetary gains. They seek to gain fame and bragging rights; PCs take pride in accomplishing their criminal tasks. However, due to their sophistication, they are rarely caught or attract the authority’s attention. Individuals belonging to this group are mature developmentally, psychologically and chronologically with a high level of technical acumen. They often work with organized Cybercriminal groups who are adept at using Internet technology in furthering their criminal goals (Rogers & Ogloff, 2004).

The Information Warriors (IW) consists of persons who defend and conduct attacks, which are aimed at destabilizing, affecting or disrupting the integrity of information and data systems that control and command decisions (Sewell, 2004; Rogers, 2005). This group is composed of non-traditional as well as traditional state sponsored technology-based warfare outfits. Individuals belonging to this group are highly skilled, highly trained and motivated by patriotism to engage in Cybercrime.

PC and IW are considered the most dangerous Cybercriminals. They are ex-intelligence operatives and professional criminals and are guns for hire (Post, Shaw, & Ruby, 1998; Post, 1998). These individuals being extremely well trained, specialize in corporate espionage and have the access to necessary state of the art equipment for executing their plans (Denning, 1998).


It is recognized that Cybercrime can be managed through financial Crime Risk Assessment, which is part of Financial Intelligence. There are three prevailing narratives that support this argument. The first narrative is that information technology is creating new services and products, driving disruptive innovation and destroying and impacting the already established business models. Examples include mainframes giving rise to Internet enabled online banking, ATM and the Web driving the creation of person-to-person payments and banking apps. The second narrative is that organized Cybercrime is moving in tandem with innovations to identify and exploit the vulnerabilities and weaknesses of fraudulent gains. According to Ganaspersad and Shirilele (2015) organized Cybercriminals are using fraudulent topologies that mirror the development of products. These topologies include stolen cheques and cards, increased levels of sophisticated Cyber-attacks, attacks on Internet protocols weaknesses and advanced persistence threats. The common thread linked to these narratives includes the increased speed of change in areas of retail payment and banking, and the ability of Cybercriminals to respond with speed (SIPA, 2011).

The third and swiftly emerging narrative emphasizes the convergence of IT security and fraud risk management to overcome the shortcomings of the traditional model which is characterized by constrained communication, shared understanding and separated functions. This narrative emphasizes the need for change, indicating that the existing risk management framework does not effectively guard institutions from financial loss and attack with resultant damage to the regulatory relationships and reputation. It emphasizes the importance of designing agility into the risk management processes for financial institutions to help facilitate proactive response to criminal and innovation threat (Daws, 2015).

Indeed, in line with these narratives, it is widely recognized that Cybercriminals require financing in order to fund their operations. They require sustainable cash flows to fund their operations. Financial Intelligence emerges from this context. It encompasses methods and means used by actors within the financial industry to reveal, deter and disrupt financing of Cybercriminals. Cybercriminals often engage in a range of financial activities with a view to ensuring that the security agents do not disrupt cash flows. Their modes of operations are diverse. They receive donations from unwitting and complicit sources. Common means of their financing include fraud, counterfeiting, kidnapping and extortion. Some actors engage in security schemes and market-based commodities. All these activities are underpinned by a practice referred to as Money Laundering (American Security Project, 2011).

Money Laundering is a process involving concealing illicitly gained funds and making them appear as funds that was sourced legitimately. These are the funds that international financial institutions and security experts seek to curtail by using Anti-Money Laundering practices and policy. Transactions of any nature or amount made via conventional channels are detected and traceable (American Security Project, 2011). Money Laundering allows Cybercriminals to clean up criminal proceeds and disguise their unlawful and illicit origins (Crown Prosecution, 2002). This is often achieved when Cybercriminals hack the government or an organization’s IT infrastructure by means of various malware. This allows them to track people’s online activities and transactions, obtain passwords and other personal information. This way, they siphon billions of dollars worth of intellectual property, technology and trade secrets from the computer systems of corporations, research institutions and government agencies (Nakashima, 2011).

The use of conventional means combined with extensive cooperation between financial industry, governments and international financial institutions can yield considerable success in deterring Cybercrime by combating Money Laundering. However, it is challenging for financial institutions and governments to detect and disrupt Informal Value Transfer Systems like “hawala”. These systems may not comply with the requirements of formal financial systems, which require firms to track and report Money Laundering activities. These systems are by nature abstract and unregulated. This way, they facilitate secrecy and allow Cybercriminals and other illegitimate actors to exploit Cyberspace with increasing regularity and conduct their financial operations without being detected (Passas, 2003). Restricting the organizations’ ability to access resources is an important component of the broader security strategy.

Financial Intelligence is by nature adaptive and requires a broad range of forensics, network analysis, technology complement by effective and smart policies (Bank of England, 2016). By understanding factors influencing current practices and trends in the area of Financial Intelligence, industry leaders and policymakers will be well-informed and empowered to come up with effective judicious policies and private-public partnerships needed to help secure the global financial system, effectively combat threat finance, and facilitate information-sharing.

SIPA (2011) proposes two trends that can enable firms to overcome Cyber threats: collective intelligence and providing technical and professional services. With regard to collective Financial Intelligence, SIPA (2011) suggests that the evolving and distributed nature of Cyber threats requires financial institutions to create a networked and collaborated defence. Within the Cyber security context, collective intelligence involves sharing information concerning remedies, vulnerabilities and threats between security vendors, the government and enterprises. It can inform Cyber forensics to audit areas of suspected and known weaknesses. It can also reveal areas and trends that warranty investing additional security measures. Vendors are developing shared Financial Intelligence features including anonymously injecting data feeds and aggregated data about email addresses, file names, IP addresses, search strings and query into their security monitoring dashboards with a view to help improve security for their users. As suggested by Ganaspersad and Shirilele (2015), the key aim of Cyber security should be to promote the sharing of vulnerability and Cyber threat information between private sectors and the public.

With regard to technology and Financial Intelligent professional services, it is indicated that it is increasingly becoming difficult for traditional Cyber security products namely antivirus scanners and firewalls to thwart every threat created as a result of security vulnerability brought about by mobile, cloud and social computing. Network security analysers and other tools make it difficult for enterprises to use effectively without specialized Cyber security talent and help from other firms. Professional services companies have introduced security offering that integrate human intelligence and analytical and automation capability of information technology platforms to help users cope. These technology offering enable firms to collect, analyse and monitor large data sets in order to identify patterns that suggest any breaches attempted by Cybercriminals. This allows enterprises to respond with more agility to threats. It also allows firms to thoroughly audit Cyber security risks whenever they are expected to disclose their security incidents and risks. Firms are no longer relying on using passive defences to protect against Cyber attacks. As such, joining analytics and automation to human judgment and tapping into collective Financial Intelligence can enable them to lower costs of mitigating Cyber attacks and reduce risk of such attacks (Bissell, Mahidhar, & Schatsky, 2013).

According to Seddon (2015) Financial Crime Risk Assessment should encompass the following: access rights and controls; data loss prevention; vendor management; training; and incident response plan. Adequate access rights and controls such as implementing multifactor authentication are required to help prevent unauthorized access to Information Systems. This includes reviewing controls associated with customer logins; remote access; tired access; network segmentation and passwords. Data loss prevention involves implementing adequate and effective controls in areas of system configuration and patch management, including monitoring network traffic and the potential transfer of unauthorized data via uploads and email attachments (Ganaspersad & Shirilele, 2015).

Vendor Management encompasses controls and practices aimed at selection and evaluation of external providers. These controls and practices include due diligence in relation to vendor monitoring, selection, and oversight. It also includes how to consider vendor relationships are part of the ongoing risk assessment process of the firm (Seddon, 2015).

There is need for adequate training of vendors and employees with respect to Confidentiality of Customer Information, Customer Security and records. According to Seddon (2015) the training should be tailored to encourage responsible Vendor and Employee Behaviour, and on how to integrate incident response procedures into regular training programs. Incidence response plans includes the assessment of System Vulnerabilities, Assigning Roles, and determining which firm, assets, services, or data warrant protection.


In conclusion, Financial Intelligence is a critical area for unravelling financial networks that support these illicit and dangerous Cybercriminal. The efforts to combat Cybercrime must therefore involve a multidisciplinary approach to help understand enabling factors and driving forces of Cybercrime. The cost-benefit and efficacy of existing Anti-Money Laundering practices should also be taken into account.


1.American Security Project. (2011). Threat Finance and Financial Intelligence. Retrieved 2017 from

2.Assocham. (2015, June). Current fraud trends in the financial sector. Retrieved 2017 from PWC:

3.Bank of England. (2016). CBEST Intelligence-Led Testing: Understanding Cyber Threat Intelligence Operations. Retrieved 2017 from

4.Bissell, K., Mahidhar, V., & Schatsky, D. (2013, August 13). Fighting Cybercrime with Collective Intelligence and Technology. Retrieved 2017 from The Wall Steet Journal:

5.Boorman, J., & Ingves, S. (2001, Febuary 12). Financial System Abuse, Financial Crime and Money Laundering— Background Paper. Retrieved 2017 from IMF:

6.Crown Prosecution. (2002). Proceeds Of Crime Act 2002 Part 7 – Money Laundering Offences. Retrieved 2017 from

7.Daws, M. (2015, September 18). Fraud risk management and IT security should converge to protect against organized and cyber crime . Retrieved 2017 from

8.Denning, D. (1998). Information Warfare and Security. Reading: Addison-Wesley.

9.Ganaspersad, R., & Shirilele, N. (2015, July 23). Financial Crime Risk Management (FCRM) Policy. Retrieved 2017 from–hollard-fcrm-policy_2015-final-approved-by-board.pdf

10.Interpol. (2017). Financial crime. Retrieved 2017 from

11.Nakashima, E. (2011, November 6). Warning as US companies lose out through cyber-spies. Retrieved 2017 from

12.Parker, D. (1998). Fighting computer crime: A new framework for protecting information. New York: John Wiley & Sons, Inc.

13.Passas, N. (2003). Hawala and Other Informal Value Transfer Systems: How to Regulate Them? Risk Management , 5 (2), 49–59.

14.Post, J. (1998). The dangerous information system insider: psychological perspectives. From

15.Post, J., Shaw, E., & Ruby, K. (1998). Information terrorism and the dangerous insider. InfowarCon’98. Washington, DC.

16.Rogers, M. K. (2011). Chapter 14 The Psyche of Cybercriminals: A Psycho-Social Perspective. In S. Ghosh, & E. Turrini, Cybercrimes: A Multidisciplinary Analysis. Springer-Verlag Berlin Heidelberg.

17.Rogers, M. (2005). The development of a meaningful hacker taxonomy: a two dimensional approach. NIJ National Conference 2005. Purdue University.

18.Rogers, M., & Ogloff, J. (2004, Spring). A comparative analysis of Canadian computer and general criminals. Canadian Journal of Police & Security Services , 366-376.

19.Seddon, J. (2015, October 7). Cyber crime – a growing threat to financial institutions. Retrieved 2017 from Cyber crime – a growing threat to financial institutions

20.Sewell, W. (2004). Protecting against Cyber terrorism. Public Works , 135 (3), 39-43.

21.SIPA. (2011, February). Financial Intelligence Department. (2011). Guidelines For Risk Assessment And Implementation Of The Law On Prevention Of Money Laundering And Financing Of Terrorist Activities For Obligors. Retrieved 2017 from Financial Intelligence Department, Bosna i Hercegovina Ministarstvo sigurnosti:






Cybercrime has emerged as a new form of crime following the introduction of the internet. The actions of these crimes range from petty theft to destruction with malicious intent. Individuals who engage in cybercrime have a psychological mindset that is attuned to it. Like other forms of physical crime, cybercriminals are drawn to committing cybercrimes because of certain factors. As such, to curb cybercrime, law enforcement officers must understand their nature, why they get attracted to it, and how they can effectively reduce criminal behaviour. This paper discusses the motive behind cybercrime and what makes cybercrime attractive to cybercriminals.

Cybercrime attracts individuals with a will and ability to choose between right and wrong. The will to choose is influenced by the environment and heredity factors. Rogers (2010) believes that characteristic such as personality traits and socio-demographics and others correlate with the type of crime a cybercriminal commits. Rogers (2010) asserts that psychologists can develop taxonomies of criminals and their profiles based on these common features. These categories can be useful to law enforcement officers when developing effective and practical approaches to help reduce cybercrimes.


Rogers, Smoak and Jia (2006) categorizes cybercrimes into nine models: Scrip Kiddies (SK) or Novice (NV), Cyber Punks (CP), Hachtivist (H) or Political Activists (PA), Thieves (T) or Petty Thieves (PT), Virus Writers (VW), Internals (IN), Old Guard Hackers (OG), Professional Group (P) or Professional Criminals (PC), Cyber-Terrorist (CT) or Information Warriors (IW).

The Novice (NV) criminals have limited programming and computer skills. They can only conduct their attacks when they have toolkits. Their motives for committing a cybercrime is primarily media attention. Cyber-Punks (CP) have advanced technical skills and can write their own software. They are well informed about the system they attack with many engaging in telecommunication fraud and stealing credit card numbers. Internals (IN) include the disgruntled ex-employees or employees, Petty Thieves (PT), Virus Writers (VW), Information Warriors (IW), Professional Criminals (PC), and Old Guard Hackers (OG). Virus Writers (VW) are coders that write script and use automated tools. They basically mentor Novice (NV). They seek to gain prestige and power. They have the capability of using strong malware such as Trojans to commit cybercrime. Disgruntled ex-employees or employees with technological know-how pose a security threat. They use the privileges of knowing the system to commit cybercrime (Rogers, Siegfried, & Tidke, 2006).

Hachtivist (H) or Political Activists (PA) comprises individuals or a group that justify their behaviour on moral grounds like political issues. However, it is very difficult to ascribe whether these motives are political as their actions have aspects of revenge, power, greed or just public attention (Rogers, Siegfried, & Tidke, 2006).

Petty Thieves (PT) are opportunistic computer literate people who take advantage of the organization’s poor internal security. Old Guard Hackers (OG) seem not to have the intention to commit a crime and are disinterested in intellectual activities. They disrespect personal property. Professional Criminals (PC) are specific in their activities. They hire guns and engage in corporate espionage. They have access to the necessary state-of-the-art equipment. They are also highly trained. Lastly, Information Warriors (IW) are well funded to participate in cyber attacks that may be politically motivated (Rogers, Siegfried, & Tidke, 2006).

Rogers (2010) combines the skill level and motivation into a circumflex model as shown in Figure 1. The four motivational aspects are (1) revenge, (2) financial, (3) notoriety and (4) curiosity. Information Warriors (IW), Professional Criminals (PC), Political Activists (PA) and Old Guard Hackers (OG) are at the highest level of skills. Internals (IN) and Virus Writers (VW) are motivated by revenge; Information Warriors (IW), Petty Thieves (PT) and Professional Criminals (PC) are motivated by financial motives; Cyber Punks (CP) and Political Activists (PA) are motivated by notoriety; and Novice (NV) and Old Guard Hackers (OG) are motivated by curiosity.

Figure 1: A circumplex model describing nine models of cybercriminals, their skill level and motives [Source (Rogers, 2010)]


Various theories from criminology, sociology and psychology explain why people offend. These theories suggest that the aetiology of cybercriminal behaviour is influenced by diverse factors: social control, industrialization, learning, psychopathologies, class strain and physiological deficiencies. Moral Disengagement and Social Learning Theories are the most popular theories used to explain what attracts cybercriminals to commit their criminals’ activities (Rogers, 2006).

Social Learning Theory posts that a high-level learning process can produce conforming or deviant behaviour. These theories view learning process as operating within the context of interactions, social structure and situations. It is suggested that the conforming or criminal behaviour resulting from the learning process is a function of reinforcement and other variables associated with social learning process. In view of Akers cited in Rogers and Siegfried and Tidke (2006) an individual is more likely to engage in cybercrime when the following circumstances exist. Firstly, the individual is differently related to other individuals who support, commit or model the legal and social norms. Secondly, the individual is less exposed to conforming models and more exposed to deviant models. Thirdly, the individual’s learning favours engaging in deviant acts. Lastly, the individual’s violative behaviour is supported and reinforced at the expense of the behaviour that supports the conformity to existing norms.

Social Learning Theory also suggests that differential imitation and reinforcement are the primary learning mechanisms for a cybercriminal. From this perspective, the learning mechanisms are influenced by and operate through differential association process. The social environment for the criminals is created through differential association (Rogers, 2006). The social environment exposes these offenders to imitation and definitions of models. While in a social environment, cybercriminals acquire definitions by observing, learning and imitation. Similarly, external and internal sources create differential reinforcement that presents themselves in the form of tangible rewards of the criminal activity. The rewards may include social rewards, money and increase in the status of the peer. Over time, the actions’ consequences and reinforcement prominently determines the probability with which the criminal activity will be sustained as imitation become less important. Social Learning Theory suggests that errant behaviour is likely to increase and continue unabated where there is very high ratio of two variables namely positive reinforcement and punishment. In view of this theory traditional learning mechanisms namely operant and classical learning influence the offender’s criminal behaviour. Again, it becomes difficult for law enforcement officers to neutralize the criminal’s errant behaviour where the there is a resilient learning paradigm that is caused by variation in the ratio of positive reinforcement to the punishment administered (Rogers, 2006).


The Moral Disengagement model by Bandura (1996) examines the process via which criminals justify and rationalize their aberrant or deviant behaviour. The moral engagement asserts that individuals tend to participate in behaviour that goes against their moral standards, and that these actions may lead to self-sanctions and possibly self-condemnation. Bandura (1990) argues that individual behaviours are influenced by moral standards. Bandura (1990)’s self-regulatory system only functions when activated. Bandura (1990) held that it is possible to disengage self-sanctions from behaviour. From the Social Cognitive Theory perspective, these mechanisms are viewed as Moral Disengagement (Bandura, Barbaranelli, Caprara, & Pastorelli, 1996).

In view of this theory, cybercriminals may defeat their internal moral control in the self-regulatory systems by ensuring their internal moral control decoupled from detrimental conduct in four ways identified in Bandura et al. (1996). These include obscuring personal causal agency, disregarding or misrepresenting the action’s negative consequences, re-construing the conduct, and vilifying the victims, blaming them and mistreating them. Evidence show that cybercriminals often reduce self-censure by using these four methods of Moral Disengagement. It is believed that these criminals often misconstrue or minimize the consequences.

It is also believed that individuals who engage in cybercrimes demonstrate higher rates of differential reinforcement, differential association, and moral disengagement as compared to non-criminals. It is also believed that a combination of these three (i.e., moral disengagement, differential reinforcement and differential association) better predicts the behaviour of a cybercriminal (Rogers, Siegfried, & Tidke, 2006). Social Learning Theory posits that the continuation of a criminal activity may be influenced by the interaction between the reinforcement and the neutralizing definitions.


Social Control Theory on the other hand provides an explanation on why people obey rules and how behaviour conforms to expectations in society. Social Control Theory suggests that internal constraints develop during childhood and crime occurs because of inadequate constraints. In other words, the free will gives offenders the choice and consequently responsibility for their deviant behaviour (Kempf-Leonard & Morris, 2012).

Social Control Theory supports the assertion that online anonymity encourages permissiveness. According to Social Control Theory, individuals are compelled to refrain from criminal and deviant behaviours where social controls, including social ostracisation and laws are present. However, the deviance grows where the controls or assumed power of controls are missing or diminished (Rogers, Siegfried, & Tidke, 2006).


Lastly, a unique factor in cybercrime that attracts cybercriminals is anonymity. Internet protocols allows individuals to operate virtually anonymously. The anonymity afforded by Internet has been leveraged by cyber-predators and paedophiles that gain the victims’ trust by pretending to be young females. Internet’s underlying protocols and technology allows these criminals to make it virtually impossible for victims to track them by obfuscating their physical locations. Studies on individuals’ behaviour online have revealed that individual’s real world behaviour differs from online behaviour. It is believed that people reflect their true nature in the real world where self-control and societal pressures and norms regulate behaviour (Rogers, 2006). It is believed that real world moderate individuals’ behaviour is based on social identity that incorporates cultural morality and social norms.


As technology becomes pervasive in our connected world, it has brought certain deviant characters along with it. These cybercriminals have developed their skills to a level where they can cause massive destruction to social life and commerce. This article tries examines the motives behind cybercriminals to understand who engages in these activities and why they do it.

Even though cybercrime is considered a new type of crime, the motives behind it are not new. A model was presented that classifies cybercriminals based on their skill levels and their motives. Motives have been broadly categorised in four – revenge, financial, notoriety and curiosity. Four different social theories were examined – Social Control Theory, Moral Disengagement Theory and Social Control Theory. Anonymity is also seen as a contributor to deviant behaviour.


Baggili, I. (2009). Effects of anonymity, pre-employment integrity and anti-social behavior on self-reported cyber crime engagement: An exploratory study. Purdue University.

Bandura, A. (1990). Mechanisms of moral disengagement. In W. Reich, Origins of Terrorism; Psychologies, Ideologies, Theologies, States of Mind (pp. 161-191). New York: Cambridge University Press.

Bandura, A., Barbaranelli, C., Caprara, G., & Pastorelli, C. (1996). Mechanisms of moral disengagement in the exercise of moral agency. Journal of Personality and Social Psychology , 71, 364-374.

Bednarz, A. (2004). Profiling cybercriminals: A promising but immature science. Retrieved 2016 from Network World:–a-promising-but-immature-science.html

Rogers, M. K. (2006). The development of a meaningful hacker taxonomy: A two dimensional approach. Digital Investigations , 97–102.

Rogers, M. K. (2010). The Psyche of Cybercriminals: A Psycho-Social Perspective. In S. Ghosh, & E. Turrini, Cybercrimes: A Multidisciplinary Analysis (pp. 217–235). Berlin: Springer-Verlag.

Rogers, M. K., Siegfried, K., & Tidke, K. (2006). Self-reported computer criminal behavior: A psychological analysis. Lafayette: The Digital Forensic Research Conference.

Rogers, M. K., Smoak, N., & Jia, L. (2006). Self-reported criminal computer behavior: A big-5, moral choice and manipulative exploitive behavior analysis. Journal of Deviant Behavior , 27 (3), 245–268.

Translate »