In the wake of the Danske Bank money scandal, Danish law enforcement agencies are examining whether payment services providers assisted Russian organized crime in moving and cleaning dirty money that flowed through the bank. The fact that some (but only a small segment) payment service providers employ offshore jurisdictions more commonly known as tax havens, or offshore financial centers, has raised the possibility that some money laundering is occurring, mixed into legitimate payment processing for online commerce.
The insurance industry has identified Malta and Cyprus as major avenues through which payment service providers process their clients' financial transactions, which raises risk levels, due to the fact that Russian organized crime groups are deeply engaged in money laundering through those two EU countries. Additionally, the fact that both jurisdictions offer Citizenship by Investment (CBI/CIP) passports and nationalities for sale means that PSP "clients" could be posing as Maltese or Cypriot nationals, which are low-risk, when in truth and fact they are from extremely high risk countries.
Finally, the fact that payment service providers can funnel the money through multiple jurisdictions, en route to the client, which looks suspiciously like layering, raises risk levels significantly. Does the industry need AML/CFT supervision ? Absolutely, but first the threats must be properly identified and made known to the financial institutions that may be facilitating it.