What Is a Smurf and How Does Smurfing Work?

What Is a Smurf?

A smurf is a colloquial term for a money launderer who seeks to evade scrutiny from government agencies by breaking up large transactions into a set of smaller transactions that are each below the reporting threshold. Smurfing is an illegal activity that can have serious consequences.

Current bank regulations require banks or other financial institutions to report cash transactions exceeding $10,000—or any others they deem suspicious—on a suspicious activity report (SAR).

Key Takeaways

  • Smurfing is a money-laundering technique involving the structuring of large amounts of cash into multiple small transactions.
  • Smurfs often spread these small transactions over many different accounts, to keep them under regulatory reporting limits and avoid detection.
  • Smurfing is a form of structuring, in which criminals use small, cumulative transactions to remain below financial reporting requirements.
  • The Patriot Act gave law enforcement agencies broader powers to curb money laundering by putting in place reporting requirements for any deposits, withdrawals, or currency exchanges exceeding $10,000.
  • The term "smurf" appears to be borrowed from illegal drug manufacturers, who use multiple accomplices to evade the legal purchasing limits of drug components.

Currency Transaction Report (CTR) Guide

Understanding Smurfing

Smurfing involves depositing illegally gained money into multiple bank accounts for under-the-radar transfer in the near future.

To prevent money laundering by criminals involved in illegal activities, such as drugs and extortion, countries such as the United States and Canada require a currency transaction report to be filed by a financial institution handling any transaction exceeding $10,000 in cash.

To evade these reporting requirements, criminal groups might attempt to cover their tracks by splitting their cash into multiple smaller deposits and dividing them between a number of geographically dispersed accounts. This is a form of structuring transactions to avoid regulatory detection.

Shortly after the 9/11 terrorist attacks, the USA Patriot Act expanded anti-money-laundering measures by allowing investigative tools designed for organized crime and drug trafficking prevention to be used in terrorist investigations and making reporting of transactions of $10,000 or more mandatory.

How a Smurf Works

Smurfing takes place in three stages: placement, layering, and integration. In the placement stage, the criminal is relieved of guarding large amounts of illegally obtained cash by placing it into the financial system. For example, a smurf may pack cash in a suitcase and smuggle it to another country for gambling, buying international currency, or other reasons.

During the layering stage, illicit money is separated from its source by a sophisticated layering of financial transactions that obscures the audit trail and breaks the link to the original crime. For example, a smurf may move funds electronically from one country to another, then divide the money into investments placed in advanced financial options or overseas markets.

The integration stage is when the money is returned to the criminal. Although there are numerous ways of getting the money back, funds must appear to come from a legitimate source, and the process must not draw attention. For example, valuables such as property, artwork, jewelry, or high-end automobiles may be purchased and given to the criminal.

Example of Smurfing

One way criminals move money internationally is known as “cuckoo smurfing.” Suppose that a New York criminal owes a London criminal $9,000, and a London merchant owes a New York supplier $9,000.

  1. The London merchant goes to London Bank and deposits $9,000, with instructions to transfer the money to the New York supplier’s bank.
  2. The London banker, working with the New York criminal, instructs the New York criminal to deposit $9,000 in the New York supplier’s bank account.
  3. The London banker then transfers $9,000 from the London merchant’s account to the London criminal’s account.

The London merchant and the New York supplier do not know the funds were never directly transferred. All they know is that the London merchant paid $9,000 and the New York supplier received $9,000. However, if caught, the London banker could face serious consequences.

Another common method is structuring transactions with a group of accomplices, each with their own bank accounts. For example, a person might have $50,000 to send abroad, which would ordinarily trigger a Currency Transaction Report and call attention to the source of their income. In order to avoid a CTR, that person could have ten accomplices make bank transfers of $5,000 each. Even if the money is legally sourced, the act of dividing the transaction to avoid being reported is itself a crime.


There is no general law against handling large sums of money. However, the act of structuring transactions to evade federal reporting limits is a serious crime, even if the money is legally sourced.

Smurf FAQs

Why Is It Called Smurfing?

The name "Smurf" appears to be borrowed from illicit methamphetamine manufacturers. In order to accumulate regulated precursor chemicals, drug manufacturers will often send accomplices to make multiple purchases at multiple locations, without exceeding the legal purchasing limits.

What Is Smurfing in Money Laundering?

In finance, Smurfing refers to the practice of avoiding regulatory scrutiny by dividing a large sum of money into multiple smaller transactions, sometimes divided into multiple different accounts.

Why Is Smurfing Bad?

Smurfing is a form of money-laundering which may allow criminal groups to move illegally acquired money into the regulated financial system.

What Is Smurfing in Cybersecurity?

Unrelated to financial Smurfing, in cybersecurity Smurfing refers to a Distributed Denial-of-Service Attack in which multiple servers are tricked into communicating with the target all at once. Although each contact is small, the cumulative effect is to make the target's network unusable.