Money Muling in Corporate Accounts: When Ignorance is No Defense Under the AFASA Legislation
Introduction: Why corporate accounts are being used in scams
Corporate bank accounts are attractive tools for scammers because they can make suspicious fund movements look like ordinary business activity. For corporate treasurers and finance officers, the legal risk is no longer limited to internal policy violations or reputational harm: under the Anti-Financial Account Scamming Act, allowing company accounts to be used to receive, park, or pass through illicit funds can expose individuals and the company to criminal and regulatory consequences—even when the defense raised is “I did not know what it was for.”
This article explains the governing rules on “money muling,” how liability can arise in corporate settings, and what treasurers should do to prevent accounts from being used to route scam proceeds.
Governing laws and issuances
R.A. No. 12010 (Anti-Financial Account Scamming Act or AFASA) is the primary statute penalizing financial account scamming, including money muling and social engineering schemes. AFASA also recognizes that prosecutions may proceed alongside other criminal laws where applicable.
R.A. No. 9160 (Anti-Money Laundering Act or AMLA), as amended remains relevant because money mule activity frequently overlaps with money laundering concepts, reporting obligations for covered institutions, and asset-freezing/forfeiture processes.
For implementation and enforcement, relevant Bangko Sentral ng Pilipinas (BSP) issuances include:
BSP Circular No. 1214, s. 2025 (Rules of Procedure on BSP inquiry into financial accounts and sharing of financial account information pursuant to AFASA).
BSP Memorandum to Authorized Agent Banks M-2024-029 (guidelines connected to risk management controls under AFASA Section 6).
BSP Memorandum to Authorized Agent Banks M-2024-030 (consumer asset protection and temporary hold of disputed funds, referencing AFASA).
What “money muling” means under AFASA (and why corporate officers should care)
AFASA treats as money muling the act of using, borrowing, or allowing the use of a financial account for the purpose of obtaining, receiving, depositing, transferring, or withdrawing proceeds that are known to be derived from crimes, offenses, or social engineering schemes. It also covers buying/renting accounts, selling/lending accounts, and recruiting others to do the same (R.A. No. 12010, Section 4).
In a corporate environment, the highest-risk conduct often looks deceptively “routine,” such as:
1) permitting an outsider to “temporarily” use the company account to receive funds;
2) receiving funds described as “customer payments” but unrelated to actual sales;
3) being instructed to transfer amounts immediately to multiple third-party accounts;
4) accepting “commission” or “service fee” arrangements for merely passing money through.
“Ignorance is no defense”: where the risk comes from in real life
As a general rule, criminal offenses require a culpable mental state. However, treasurers should understand how “I didn’t know” becomes a weak position in practice when the facts show clear warning signs and a person still participated or allowed the account to be used.
AFASA’s money muling definition emphasizes the use or allowance of use of an account for handling proceeds known to be derived from crimes or scams (R.A. No. 12010, Section 4). In corporate settings, “knowledge” is often inferred from circumstances—especially when transactions are inconsistent with the company’s business, lack supporting documents, or are structured to evade scrutiny.
Relatedly, the Supreme Court has explained, in the money laundering context, that knowledge may be established by direct or circumstantial evidence, and cases for money laundering may proceed independently of the predicate offense, provided the prosecution proves beyond reasonable doubt that the property involved are proceeds of an unlawful activity (Lingad v. People of the Philippines, G.R. No. 224945, 2022).
While Lingad is an AMLA case and not an AFASA prosecution, it signals a practical litigation reality for finance personnel: courts do not require an admission of knowledge; a pattern of suspicious transactions and deliberate disregard of controls can support adverse findings.
When money muling becomes “economic sabotage”
AFASA treats prohibited acts as “economic sabotage” when certain aggravating circumstances exist, such as when committed by a group of three or more persons conspiring, or against three or more persons, or using a mass mailer (R.A. No. 12010, Section 4(c)).
For corporations, this matters because scams commonly involve multiple actors (recruiters, account providers, “runners,” and controllers). Even if a treasurer is not part of the original scam group, repeated accommodation of suspicious fund flows can place the transaction pattern under heightened scrutiny.
BSP inquiry powers and the reduced shield of bank secrecy in AFASA investigations
Treasurers should assume that suspicious corporate-account activity can be examined quickly. AFASA is designed to support investigation of financial account scams and information-sharing with law enforcement under statutory limits. The Supreme Court has also discussed AFASA in connection with cybercrime investigations and the BSP’s role in applying for cybercrime warrants in relation to AFASA violations (Eastwest Rural Bank v. Philippine National Police Anti-Cybercrime Group, et al., G.R. No. 273720, 2025).
In addition, BSP Circular No. 1214, s. 2025 provides procedures for BSP inquiry into financial accounts and sharing of financial account information in AFASA-related matters.
Institution liability, restitution exposure, and why “bank error” may not save the account owner
AFASA requires institutions to protect access to client financial accounts through adequate risk management systems and controls, such as multi-factor authentication and fraud management systems (R.A. No. 12010, Section 6). If the BSP determines the institution is compliant, the institution is generally shielded from liability for losses arising from offenses under AFASA Sections 4 and 5.
However, institutions may be liable for restitution for failure to employ adequate controls or failure to exercise the highest degree of diligence, and conviction is not a prerequisite to restitution (R.A. No. 12010, Section 6). BSP Memorandum M-2024-029 reiterates how these standards affect accountability in practice.
For corporate treasurers, this means disputes may not end with “the bank should reimburse us.” If internal corporate conduct enabled account misuse (e.g., sharing credentials, allowing outsiders to direct transfers, ignoring red flags), banks and regulators may treat the incident as avoidable, and the company may still face investigation and potential exposure.
Common corporate scenarios that raise money mule red flags
The following patterns often appear in money mule cases and should be treated as urgent compliance and legal issues:
Scenario A: “Pass-through” collections — A third party asks the company to receive funds from unknown payors, then transfer them to multiple recipients, keeping a “fee.”
Scenario B: “Vendor settlement” without a contract — The company is told to receive funds as a “settlement” but there is no underlying agreement, invoice trail, or board authorization.
Scenario C: “Urgent release” with secrecy instructions — Someone pressures the treasurer to execute immediate transfers and discourages internal reporting or audit documentation.
Scenario D: “Account rental” disguised as business partnership — A person offers monthly compensation for using the corporate account because their own account is “restricted.”
Compliance checklist for treasurers: controls that reduce criminal and operational risk
Below is a consolidated table of controls that, when properly implemented, help prevent account misuse and strengthen defensibility if an incident occurs.
Summary table: risk areas and recommended controls
Risk Area / What It Looks Like / What To Do
Account access / Shared credentials; OTPs sent to non-corporate devices / Enforce named users, MFA, and device control; remove shared inbox/phone dependencies (R.A. No. 12010, Section 6).
Transaction purpose / Funds received unrelated to the company’s business / Require documentary basis: contract, invoice, delivery proof, board/management approval for unusual receipts.
Beneficiary validation / Transfers to unrelated third parties / Implement beneficiary whitelisting and verification calls to known contacts; require dual approval for new beneficiaries.
Speed pressure / “Transfer now” instructions; avoidance of audit trail / Treat urgency as a red flag; require escalation to compliance/legal and written justification.
Repeat small transfers / Structured movements to avoid internal thresholds / Monitor patterns, set alerts, and require review of repetitive pass-through behavior.
What to do if you suspect the corporate account was used as a money mule channel
Time matters. If suspicious funds are already in or out of the account, immediate steps can reduce harm and clarify responsibility:
1) Secure the account: change credentials, revoke access, and document who had access at relevant times.
2) Preserve records: download statements, transaction reference numbers, IP/device logs (if available), emails, chat instructions, and internal approvals.
3) Notify the bank promptly: request investigation steps and inquire about any available hold measures for disputed transactions (BSP Memorandum M-2024-030, referencing AFASA Section 7’s temporary hold authority).
4) Escalate internally: inform management, compliance, audit, and legal; consider placing implicated personnel on preventive measures consistent with company policy.
5) Avoid “self-help” reversals: do not attempt informal “returns” to unknown sources without guidance, as this can complicate tracing and legal exposure.
Relationship with other criminal laws (AFASA is not the only exposure)
AFASA expressly states that prosecution under it is without prejudice to prosecution under the Revised Penal Code and special laws, including the Access Devices Regulation Act (R.A. No. 8484), AMLA (R.A. No. 9160), and the Cybercrime Prevention Act (R.A. No. 10175) (R.A. No. 12010, Section 19). This means one course of conduct can lead to multiple cases, depending on the facts.
Final observations for corporate treasurers
Corporate accounts should never function as “temporary parking” for third-party funds without a clear, documented, and legitimate business basis. Under AFASA, allowing the use of a company financial account in suspicious circumstances can place a treasurer or finance officer under investigation and potential prosecution, especially where the transaction pattern suggests awareness or deliberate disregard of warning signs.
At minimum, treasurers should institutionalize strong access controls, strict documentation rules for incoming funds, verified beneficiary procedures, and a clear escalation path for unusual transactions. These measures reduce both the probability of account compromise and the likelihood that “I didn’t know” becomes an unpersuasive defense when the facts show repeated red flags.
About Nicolas and De Vega Law Offices
Nicolas and de Vega Law Offices is a full-service law firm in the Philippines. You may visit us at the 16th Flr., Suite 1607 AIC Burgundy Empire Tower, ADB Ave., Ortigas Center, 1605 Pasig City, Metro Manila, Philippines. You may also call us at +632 84706126, +632 84706130, +632 84016392 or e-mail us at [email protected]. Visit our website https://ndvlaw.com.

