Let's take a look at exactly how it is reshaping our financial landscape.

Blockchain's Security Measures

Blockchain technology democratizes security measures with a decentralized system.

Through its peer-to-peer network, blockchain utilizes thousands of computers to validate transactions. This consensus mechanism leaves no single point of vulnerability, making it highly unusual and difficult for fraudsters to manipulate the data.

 If we consider the traditional centralized banking systems, they are more prone to cyber-attacks as they provide a single point of breach. On the contrary, blockchain's inherent structure enhances its robustness against such threats, providing a formidable shield against fraudulent activities like money laundering and credit card fraud.

Blockchain and Money Laundering

Blockchain technology is serving as a powerful tool against money laundering. This is due to its ability to provide enhanced transparency in every financial transaction.

While traditional banking systems can sometimes obscure the origins of funds, blockchain leaves an indelible, traceable record.

The transparent and traceable nature of blockchain technology plays a significant role in curbing money laundering.

Every transaction that takes place over the blockchain network is recorded on a public ledger. This opens doors for stringent scrutiny since the source and destination of every transaction can be traced.

By revealing sources, intermediaries, and destinations linked to potentially illicit transfers, blockchain allows for more effective policing and criminal prevention.

Moreover, integrated programs within the blockchain could monitor suspicious activities.

Imagine automated software, scanning through millions of transactions in seconds. It could flag those whose patterns or volumes suggest possible illicit activity. In turn, that would propel efficient investigations and quicker responses.

Blockchain and Credit Card Fraud

Credit card fraud has been steadily increasing over the years, thus highlighting the vulnerabilities of conventional security measures. However, thanks to blockchain technology, there are potential solutions on the horizon.

Blockchain’s incorporation into credit card transactions introduces an unprecedented level of security. Each transaction is encoded into a block with unique identifiers which makes any unauthorized attempts highly noticeable.

With this level of encryption along with constant monitoring capabilities, instances of credit card fraud could significantly decrease.

Impact on Regulatory Compliance

Introducing blockchain technology can drastically improve regulatory compliance in financial institutions because it offers an auditable trail of all transactions that regulators can access to ensure compliance with Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations.

This means that regulatory bodies can go through the details of each transaction without needing permission from any organization or individual.

The level of transparency offered by blockchain could pave the way for more efficient regulatory practices, thereby deterring potential money launderers or credit card fraudsters.

The Future of Blockchain in Preventing Financial Crimes

The promising attributes of blockchain technology hint towards an influential shift in preventing financial crimes. Leveraging its potential can transform the way money transfers are monitored, verifying authenticity, and ensuring security across every segment of finance.

Institutions around the globe have begun to take note of this technology and are actively exploring ways to integrate it into their systems.

While there may be challenges ahead for its widespread adoption, the benefits it brings against combating financial fraud will surely accelerate its acceptance.

In the meantime, if you find yourself a victim of fraud, make sure you consult a reputable and experienced lawyer in your local area.

For instance, these strong-willed criminal lawyers in Monmouth County handle a variety of cases, including fraud. So, if you live in New Jersey and you need help with a criminal case, look them up.

The Takeaway

As the financial world continues to digitize, blockchain technology stands at the forefront of innovation, safeguarding transactions.

Its play against conventional crimes like money laundering and credit card fraud marks a significant stride toward integrity and security in the financial realm.

Ultimately, blockchain technology is a promising beacon of hope in an ever-evolving digital landscape.

Dr Henry Balani, Head of Industry & Regulatory Affairs for Encompass Corporation, explains how embracing technology can ease the burden on financial regulators.

Money laundering in the UK, specifically, is far more complicated than people may first anticipate, with thousands of complex relationships between finance professionals and international criminals contributing to money laundering and the wider financial crime economy. Despite increased levels of financial crime since the start of the pandemic, analysis shows that penalties against regulated firms, specifically for money laundering, decreased significantly last year. This does not, however, signal weaker enforcement. Rather regulatory and enforcement agencies have prosecuted other areas of financial crime, primarily in pandemic fraud scams related to unemployment assistance schemes. 

One illicit method we have seen during the pandemic has been Covid bounce back loans which saw the government lend millions of pounds to small businesses. These loans did not include sufficient credit checks or verification. As a result, we have seen examples such as two men being jailed in December last year for running a £70 million money laundering scheme involving £10 million from Covid loans.

By November 2021, the government stated that they had lost over £5 billion from pandemic fraud scams against these schemes with perpetrators targeting the Coronavirus pandemic in an attempt to stay ahead of regulators, resulting in greater focus being placed on this area. As a result, there has been a lesser concentration on money laundering and subsequently lesser and fewer penalties issued, contributing to the decline in penalties against global financial institutions.  

It is also worth noting that while 2021 represents a current peak, it is still the third-highest year on record after 2020 and 2014 where AML fines reached US$2.9 billion. The peaks and valleys over the years are not necessarily surprising as financial crime investigations are comprehensive and can take a long time to prosecute. It would be not surprising to see a large backlog of cases that will come to fruition in 2022.

Complacency is not an option

Financial crime has been a long-standing issue in Britain, and in London in particular, due to colonial ties to offshore tax havens in places such as the Caribbean, Cayman Islands and Jersey which by law encourage the registration of offshore trusts as a business service which have become hubs for money laundering and tax avoidance. Financial institutions cannot become complacent in their efforts to bolster their defences against money laundering, especially as current geopolitical events indicate increased criminal activity as highlighted in the Pandora Papers and possible increased sanctions against Russia and threats from Iran and North Korea.

The International Consortium of Investigative Journalists (ICJJ) coordinated and published findings from a series of leaked documents outlining the inner workings of offshore companies used to limit company ownership identification. And, it was uncovered that there were 956 companies in offshore havens connected to 336 politicians and public officials with the majority of companies set up in offshore hotspots in the British Virgin Islands. This serves as a reminder that money laundering is still occurring at an alarming rate, and will, unfortunately, almost certainly persist over the coming year.

Technological advances

Technology, specifically RegTech, enables organisations to implement more effective processes to identify, mitigate and investigate financial crime. It is heartening to note that regulators, both in the UK and the USA, continue to encourage dialogue with RegTech firms to ensure legislation encourages and supports the adoption of new technologies for improved compliance, more effective investigations, and bolster defences against financial crime. 

In response to the evolving Covid-19 world, now more than ever, technology must be utilised to our advantage, and embracing new technologies is a clear route forward for all possible factions that are complicit in or impacted by financial crime, such as the institutions themselves. 

Due-diligence and compliance technologies represent examples of RegTech which can help to increase the effectiveness of investigations to stop financial criminals in their tracks, and hopefully dissuade future money laundering crimes being committed. We are also seeing evolving modes of money laundering through criminals using more complex means to hide illicit gains, such as cryptocurrency. Further technological innovation is occurring in this area to ensure regulators have access to the best solutions available to combat new forms of financial crimes. We are now seeing blockchain analytics technology being used to ‘track and trace’ ransomware and other illicit activity using cryptocurrency. It will not be surprising to see greater amounts of prosecutions and money laundering penalties due to illicit use of cryptocurrency as a trend going forward on top of money laundering through traditional fiat currency.

We must also see greater proactivity and cooperation from firms and financial professionals to ensure this criminal behaviour is sufficiently identified and prevented. As the global pandemic subsides, more professionals will return to physical offices, presumably resulting in greater collaboration and efficiencies in identifying potential illicit criminal activities in their customer portfolios. Adoption of new technologies, including the use of artificial intelligence and automated process analysis tools, combined with greater action from these firms and professionals will refine reporting activity. This will subsequently help ease the burden on regulators by ensuring suspicious activity reports are accurately filed with their respective financial intelligence units. 

The positive dialogue between RegTech firms and regulators is welcome with the new technologies set to take centre stage in money laundering regulation moving forwards, and with these developing technological innovations alongside greater preventative involvement and due diligence from finance professionals, regulators and enforcers will be able to maximise their efforts in identifying, preventing and punishing financial crime.

In the past weeks, Binance has come under pressure from regulators across the world due to concerns over the use of crypto in money laundering and the risks it poses to consumers. In June, the FCA banned Binance from conducting any regulated activity within the UK and placed numerous requirements on the platform. 

In a document dated June 25, the FCA explains: "Based upon the Firm’s engagement to date, the FCA considers that the Firm is not capable of being effectively supervised. This is of particular concern in the context of the Firm’s membership of a global Group which offers complex and high-risk financial products, which pose a significant risk to consumers.”

A spokesman for Binance said that the crypto exchange platform has fully complied with all the FCA’s requirements and that it will continue to engage with the watchdog to resolve any outstanding issues. In Wednesday’s document, the FCA confirmed that Binance’s UK arm was not currently carrying out any regulated activity within the country and had not done so for over 12 months.

However, the FCA also said that it sent two requests for information about Binance’s wider global business model and its stock tokens. In the document, the UK watchdog said: "The FCA considers that the firm's responses to some questions amounted to a refusal to supply information.”

Danske Bank AS announced on Monday that CEO Chris Vogelzang has resigned after being named as a suspect in connection with an investigation into potential violations concerning the prevention of money laundering at ABN AMRO in the Netherlands.

Vogelzang held several positions at ABN AMRO between 2000 and 2017, including as its head of global retail and private banking activities and as a member of its management board. In a statement on Monday, he said that he would step down to prevent speculations about his person interfering with the development of Danske Bank.

“I am very surprised by the decision by the Dutch authorities,” said Vogelzang. ““I am very surprised by the decision by the Dutch authorities. I left ABN AMRO more than four years ago and am comfortable with the fact that I managed my management responsibilities with integrity and dedication.”

“My status as a suspect does not imply that I will be charged.”

Karsten Dybvad, Chairman of Danske’s board of directors, commended Vogelzang for his efforts at the company. “He has been instrumental in the initiation of the ongoing transformation of Danske Bank and the progress and results it has already created,” Dybvad said. “We fully understand and respect his decision and thank him for his huge efforts.”

Danske has tapped Chief Risk Officer Carsten Egeriis to replace Vogelzang as CEO, effective immediately. Director Gerrit Zalm has also elected to resign from the bank’s board effective today.

[ymal]

Danske Bank previously became the subject of a money laundering investigation after admitting that it failed to appropriately vet about $230 billion in transfers through its branch in Talinn, Estonia, primarily by Russian clients, between 2007 and 2005.

Wayne Johnson, CEO of Encompass Corporation, offers Finance Monthly his thoughts on where responsibility lies in the case of the FinCEN Files and how better tech can prevent money laundering from going unnoticed.

On 20 September, it was globally publicised that the FinCEN Files had been leaked to BuzzFeed News. Said files exposed some of the world’s largest banks, suggesting that they had been aware of cases of money laundering, corruption and fraudulent activity, contained in up to $2 trillion worth of transactions over an 18 year period between 1999 and 2017.

As a result, global banking shares plummeted by up to 8% on 21 September, and public outrage was aimed at those caught up in the scandal. News editors and agenda setters were quick to pin the blame on the banks, but is it that clear-cut?

The leaked FinCEN Files refer to approximately 2,100 Suspicious Activity Reports (SARs) filed by banks with the US Department of Treasury’s Financial Crime Enforcement Network (FinCEN). These files refer to suspicious and potentially illicit activity reported by financial institutions in the private sector, to financial intelligence units.

Reporting these findings is required by law and, as soon as a SAR is filed, it becomes the responsibility of regulators to investigate these leads, in order to stop any money laundering in its tracks. Reporting to a customer that a SAR has been filed is illegal and can compromise substantial investigations or impact national security.

Of course, suggesting that the banks are entirely blameless in the context of the money laundering exposed by the FinCEN Files leak would be false. The fact that criminals have even signed up to a bank successfully is an indictment on a bank’s initial customer due diligence and onboarding processes.

It is therefore clear that improved money laundering prevention methods are required by the banks themselves to stop instances like this from ever occurring again. However, the extensive and comprehensive Know Your Customer (KYC) processes that are required to identify risk at the point of onboarding a new customer have placed such a burden on resources that banks are struggling to maintain the quality of KYC. ICIJ’s analysis of the FinCEN Files leak found that in 160 SARs banks actively sought more information about the corporate vehicles behind the transaction without response. These gaps in initial KYC expose banks to significant risks down the line, as the FinCEN leaks have made clear.

The fact that criminals have even signed up to a bank successfully is an indictment on a bank’s initial customer due diligence and onboarding processes.

Acknowledging that existing processes are unsustainable, and that RegTech offers the only way forward, these once novel solutions are now seen as critical tools to be incorporated in a bank’s initial due diligence policy when onboarding and evaluating all customers. These solutions can collect, analyse and integrate critical KYC information far more quickly and accurately than humans, making it far easier for banks to determine beneficial ownership and other information needed for sound onboarding decisions.

The use of RegTech allows banks to truly unlock the potential of their data for KYC purposes. This improves a bank’s ability to detect and fend off risk at the earliest possible opportunity and throughout the entire customer lifecycle. And in the event of risks emerging further down the line, a complete customer profile allows a bank to craft SARs that provide meaningful information that help regulators prioritise and maximise the success of investigations.

The financial sector has made strides in implementing technology to address their regulatory challenges - there is more to be done for sure, but we are seeing banks globally incorporating RegTech and the pace of digital transformation accelerating.

In the case of the FinCEN Files, the issue resides across the entire ecosystem of the regulatory process. It is understood that a severe backlog of SARs, and a lack of adequate funding, has meant that regulators have not had the means to address or thoroughly investigate each and every case. Emboldened criminals are taking full advantage to launder money and expand their empires, and regulators now have no choice but to look at their own processes and make the improvements needed to get through the backlog of SARs and improve responsiveness to new ones.

Fortunately, solutions are available and able to support the SARs programme by helping to improve the reporting policy, both in terms of allowing banks to measure anomalies and ‘suspicious’ activity more accurately, and allowing regulators to prioritise certain cases and conduct efficient investigations.

[ymal]

SupTech (supervisory technology) is a category adjacent to fintech and RegTech and refers to technology used by regulators to improve their ability to supervise the implementation of and adherence to Anti-Money Laundering (AML) and other regulation. This approach could help further sift out irrelevant information, so that regulators and law enforcement agencies aren’t overloaded when investigating leads, and are able to focus on what they really need to.

Furthermore, RegTech, especially in the case of automation, is an increasingly important part of a bank’s technology stack. As previously mentioned, a robust KYC process that generates and maintains accurate and complete digital KYC files will ensure that subsequent activities, such as transaction screening and monitoring, are as precise and effective as possible.

Regardless of who, or what, is to blame for the gross abundance of money laundered through some of the world’s leading banks since 1999 (which, incidentally, is only a tiny fraction of the total amount of money laundered in this period), the fact remains that processes across the landscape are outdated, and the SARs reporting and investigation system must be changed if it is to effectively diagnose and eradicate the more sophisticated methods of criminal activity that have emerged. Solving this issue with RegTech and SupTech is key to improving the effectiveness of compliance at all points, and is essential to stamping out the financial crime that will continue to affect the world’s leading financial institutions.

Syed Rahman, Legal Director at Rahman Ravelli, offers Finance Monthly an analysis of the implications that the FinCEN Files hold for financial services and regulators.  

To use an old phrase, you shouldn’t wash your dirty laundry in public. But with the FinCEN Files it seems as if the banks have had many of their dirtiest secrets made very public. And, appropriately enough, they relate to their failure to tackle money laundering.

The FinCEN Files are 2,657 leaked documents; 2,121 of which are Suspicious Activity Reports (SARs) from some of the world’s largest banks and financial institutions. They identify more than $2 trillion in transactions between 1999 and 2017 that were flagged by financial institutions’ internal compliance officers - via SARs - as relating to possible money laundering or other crime.

Significantly, the documents beg the question why the banks did little or nothing to follow up their concerns. They are a blow to the credibility of both financial institutions and those that regulate them. The quality of SARs as well as the timing of them shows a meeting of the minimum requirements rather than any real intent when it comes to tackling money laundering. Quite how far any retrospective analysis of this conduct goes remains to be seen. But any identifiable failings could prompt civil or criminal proceedings.

Estimates put the leaked SARs as being a mere 0.02% of the total filed to FinCEN (the US Financial Crimes Enforcement Network). Yet while they may be a small percentage of the full picture, they raise big concerns about the lack of thorough checks being made by banks and the implications of this.

These concerns have made the news for a variety of reasons and in a wide range of reports. But while the headlines about facts, figures and prominent personalities are all worth absorbing, our main focus in all of this needs to be on the inadequacy of the system – or the operation of the system - that has allowed money laundering on such a huge scale. The FinCEN files would seem to indicate that we are at a tipping point when it comes to the banks and money laundering: either governments put more resources into the agencies who are supposed to investigate SARs or they work with the financial institutions, regulatory agencies and law enforcement bodies to repair or even replace what appears to be a system with serious fault lines running through it.

Estimates put the leaked SARs as being a mere 0.02% of the total filed to FinCEN.

There has been recent tightening in the UK and US of legislation in relation to laundering. In the UK alone, we have seen implementation of money laundering directives, creation of the National Economic Crime Centre, the arrival of unexplained wealth orders and account freezing orders and government commitments in its Economic Crime Plan. Yet it appears that more needs to be done. The fact that more than 3,000 UK companies appear in the FinCEN files cannot be ignored. This is more than any other state, and confirms the UK’s unwanted title of most favoured location for money launderers.

At this stage, it is perhaps too early to say with certainty precisely how the blame should be shared out. The fallibility of the system, the shortcomings of the banks and law enforcement’s lack of action or resources appear to be the prime suspects. Closer scrutiny of the individual SARs in question – if and when they become available – may help identify exactly where responsibility for this lies.

Yet wherever the finger is pointed, those who face criticism may well be able to point to mitigating circumstances. In terms of resources, there is no doubt that the SARs regime is placing huge strain on the National Crime Agency’s UK Financial Intelligence Unit (UKFIU), whose job it is to process them. April 2017 to March 2018 saw UKFIU receive more than 450,000 SARs. And while banks and other financial institutions may be criticised, they can point to the fact that by filing the SARs they have complied with their statutory requirements. If, in the wake of these leaks, these requirements are not deemed adequate or effective then another approach – even a whole new way of tackling the problem – may need to be devised. But at the very least a lot of thought needs to be given to the allocating of more resources to the existing approach.

The Law Commission has recommended certain improvements to the UK SARs regime; most notably including a call for them to be made more useful to law enforcement. The Commission said too many reports are of poor quality, as they are mainly made primarily as a defence to any potential allegation of money laundering against the financial institution. It also said that the current system is complex, resource intensive and lacks any accompanying guidance.

[ymal]

The leaking of thousands of documents has, if anything, validated the Commission’s views. The main issue now is what is done to improve or replace a system that suits nobody other than those it is supposed to be working against.

A study has made a link between powerful bank CEOs and the risk of money laundering. Syed Rahman of business crime specialists Rahman Ravelli considers the research and argues that prevention is everyone’s responsibility.

It may not please certain figures at the top of a number of financial institutions, but research has linked powerful bank CEOs with money laundering dangers.

According to researchers at the University of East Anglia, banks that have such CEOs and smaller, less independent boards will probably take more risks and, as a result, be more prone to money laundering than those with a different concentration of power at the top.

The researchers’ study examined a sample of 960 publicly-listed US banks for the period from 2004 to 2015. The study’s results showed that money laundering enforcement was associated with an increase in bank risk. From its findings, researchers stated that the impact of money laundering is more pronounced where a powerful CEO is present – and is only partly reduced by the presence of a large, independent executive board. They concluded that banks that have powerful CEOs attract the attention of regulators engaged in anti-money laundering efforts, and that this is especially the case if the bank’s board of directors is small and lacks independence.

The study has been viewed by some as the first to demonstrate that money laundering is a significant driver of bank risk. This effectively means that it can take its place alongside business models, ownership structures, competition in the marketplace and regulation as having an impact on risk.

[ymal]

It is perhaps surprising that previous research on banks’ risk-taking has not explicitly homed in on the possible effect of money laundering, especially as regulators have made no secret of the importance they attach to tackling it. But now, it could be argued, is an appropriate time to make that link. The increased numbers of cross-border transactions – and the sheer scale of many of them – have made banks more vulnerable to money laundering. Regulators are carrying out ongoing assessment of money laundering risks posed by organised crime and those with terrorist links while states – many of which have had obligations placed on them in recent years – are increasing their use of sanctions against countries, organisations and individuals.

The banks that do not recognise and respond appropriately to this state of affairs could well find themselves suffering fines, claims against them and significant reputational damage. Such outcomes are the logical consequences for any bank that can be shown not to have done all it could or should to minimise the dangers of money laundering.

It is worth noting, at this point, the researchers’ argument that the size and independence of a bank’s board can mitigate the impact of money laundering on bank risk but cannot fully compensate for the possible adverse effects. Aside from the study’s conclusions, what also needs to be emphasised is that the shape of fraud and money laundering is constantly changing and developing. As the risks posed by money laundering grow, the regulators adapt to rise to the challenges and the banks themselves have to meet their obligation to identify and assess the risks to which they are exposed. Just as importantly, the banks need to ensure that those risk assessments are kept up to date.

Such procedures can and will, of course, be instigated by those at the top. But regardless of the concentration of power in the upper echelons, once those procedures are in place the bank needs to make sure that its employees understand and comply with them. Those procedures need to be subject to regular monitoring, review and, when necessary, revision to ensure they are effective in countering the threat posed by money laundering. Banks have many methods available to them to ensure this is achieved. It almost goes without saying that banks will have a money laundering officer to supervise all anti-money laundering activities. Investing in anti-money laundering controls involving artificial intelligence (AI) technology is another approach, as it can support enhanced due diligence, transaction monitoring and automated audit trails. But what cannot happen is that the CEO or the board simply issues an edict about the wish to prevent money laundering: genuine prevention will only succeed if it is adopted and carried out by all levels of personnel.

Investing in anti-money laundering controls involving artificial intelligence (AI) technology is another approach, as it can support enhanced due diligence, transaction monitoring and automated audit trails.

The standing of a CEO in a bank and the relative power of its board may well have an impact on the risk posed by money laundering. But a bank will always be vulnerable if its approach to tackling that risk is not embraced by all levels of its workforce.

A report from BuzzFeed and other outlets on Sunday cited documents leaked from the US Financial Crimes Investigation Network (FinCEN) which indicated suspicious transactions being conducted through numerous banks, alleging that banking officials allowed criminals to shuttle money through their organisations.

Around 2,100 suspicious activity reports (SARs) were leaked, along with over 17,600 other records, which are being collectively referred to as the FinCEN files. They cover roughly $2 trillion in transactions between 1999 and 2017.

The documents were shared with the International Consortium of Investigative Journalists (ICIJ) and have been combed for evidence of wrongdoing. Among the revelations known so far are signs that HSBC enabled fraudsters to move millions of dollars of stolen money around the globe even after learning of the scam; JP Morgan allowed a company potentially owned by an FBI-wanted mobster to transfer over $1 billion through a London account, and a confidant of Russian President Vladimir Putin may have been using Barclays Bank in London to dodge sanctions imposed across the West.

Documents also revealed that the UK was known to the intelligence division of FinCEN as a “higher risk jurisdiction” comparable to Cyprus, and that the husband of a major Conservative Party donor was being secretly funded by another Russian oligarch close to Putin.

Shares in HSBC dipped by 4% in Hong Kong after the leaked documents came to light, the bank’s highest stock fall to date.

Anti-corruption organisation Transparency International UK said the leaked SARs “repeatedly cite weak money laundering defences in the UK financial sector as a major problem”, with chief executive Daniel Bruce adding that the revelations “are a damning indictment of the system that is supposed to prevent the UK and other financial centres becoming havens for dirty money.”

[ymal]

John Dobson, CEO at anti-money laundering specialists SmartSearch, also commented on the content of the FinCEN files. “This is nothing short of a betrayal for all those thousands of businesses doing their bit in the global fight against money laundering and financial fraud,” he said.

“We speak to customers in the UK and the US day-in, day-out, who are all working hard to make sure they have the best tools and technology available to prevent money laundering, and to be compliant with the law. While at the same time, if these documents can be believed, one of the world’s biggest banks has effectively turned a blind eye and enabled criminals to take full advantage.”

In a statement, HSBC said “All of the information provided by the ICIJ is historical.” As of 2012, the bank said, “HSBC embarked on a multi-year journey to overhaul its ability to combat financial crime across more than 60 jurisdictions.”

Other banks implicated in the FinCEN files have also issued statements.

Chief executive of Westpac, Brian Hartzer plans to step down next week after the bank was sued by Australian regulators for an alleged 23 million breaches of counter-terrorism and money laundering regulations involving $11bn worth of transactions.

Controversy has also risen surrounding the $2.7 million payout Hartzer will receive, as confirmed by Westpac last week.

BBC reports that the majority of the infractions involved late reporting of overseas transactions, and the Australian Transaction Reports and Analysis Centre (Austrac) claims it has also linked several of the transactions to "child exploitation risks". Westpac, also the oldest bank in Australia, allegedly failed to monitor the accounts of an Australian convicted sex offender who had been sending money over to the Philippines.

The bank’s chairman, Lindsay Maxsted has rejected the notion that more board members at the bank should be axed and

The Australian government has described the reported breaches as “very serious” and the Labor opposition spokesman, Jim Chalmers, says the failures of Westpac are "nothing short of disgraceful.”

Non-stop regulation to tackle emerging money laundering threats

For senior executives within regulated industries, yet another article exploring the next round of regulation to tackle international money laundering is likely to have them scratching their heads or maybe raising their eyebrows.

But, whilst many firms are still bedding down new systems and processes to comply with the 5th EU Anti-Money Laundering Directive (5AMLD), additional rules to counter the growing global threat of money laundering were introduced by the European Parliament at the end of last year.

The 6^th Anti-Money Laundering Directive (6AMLD) will be transposed into member states’ national laws by December 2020, and organisations within all member states will be required to implement the new regulations by 3^rd June 2021.

Importantly, the regulations will cover all regulated entities across the EU, plus any UK organisations that are operating within the EU after Brexit, whatever the outcome of current political negotiations. Brexit does not represent a way around 6AMLD; any UK business wanting to operate within the EU need to comply with the new rules.

What’s more, there’s a definite likelihood that non-EU states around the world will replicate the content and spirit of 6AMLD within their own regulatory frameworks over the next few years. Much like we are seeing with the General Data Protection Regulation (GDPR), the EU’s recently implemented regulatory framework around data security and privacy, other economies wishing to trade with the EU are developing their own versions of these EU-mandated rules in order to reduce barriers to global trade and drive consistency.

The new regulation lists 22 predicate offences relating to money laundering, providing for clear and harmonised definitions of each specific crime.

So, whilst business leaders and risk and compliance directors across a range of sectors – from financial services to payments, online marketplaces and gaming – may be starting to feel as though they are caught in an AML compliance hamster-wheel, they must get to grips with 6AMLD now so that they can devise plans to ensure they are compliant come June 2021.

6AMLD – what you need to know

If 5AMLD was about expanding the scope of businesses’ obligations in countering money laundering, 6AMLD provides the detailed definition of these requirements. As is often the case, regulators cast the net wide in order to tackle emerging money laundering activities but are now clarifying and refining the rules in order to make them more effective and practical.

6AMLD is highly significant for a number of reasons, namely due to the fact it provides context around the newest forms of money laundering which are emerging within an increasingly digital-driven global economy. The new regulation lists 22 predicate offences relating to money laundering, providing for clear and harmonised definitions of each specific crime.

Importantly, the last of these offences is cyber-crime, which for the first time is included within AML regulation. This is significant because it enables organisations and regulators to root out money laundering crimes more easily and effectively across a wide range of online activities.

In addition to this, 6AMLD is noteworthy because it is very clear in its objective of pinpointing the individuals within an organisation who are responsible for money laundering crimes. The introduction of new offences such as ‘aiding and abetting’ and ‘attempting and inciting’ also extends criminal liability from those directly responsible for converting the proceeds of crime to accomplices in the laundering process. No longer can individuals hide behind a business entity; the regulation is designed to provide complete transparency around who owns and controls these entities.

6AMLD is noteworthy because it is very clear in its objective of pinpointing the individuals within an organisation who are responsible for money laundering crimes.

However, the real headline-grabber for 6AMLD is the introduction of far tougher punishments for money laundering crimes, with member states required to impose minimum prison sentences of five years, up from the previous minimum of one year.

Finally, the new regulation enshrines the requirement for member states to co-operate in the prosecution of money laundering crimes. For example, should two member states each have jurisdiction over the prosecution of an offence, they are required to collaborate and agree to prosecute in a single member state.

 Flexibility the key to meeting 6AMLD requirements and driving future growth

While 6AMLD is very much consistent with the spirit of both 4AMLD and 5AMLD, it will require regulated organisations to review their AML monitoring processes and identify areas for improvement within their customer onboarding and operational models.

This will undoubtedly mean further adoption of regulatory technology (RegTech) to automate more of their onboarding processes and tap into a far more comprehensive pool of information on prospective customers, both individuals and businesses.

However, while 6AMLD is set to be the next big deadline, risk and compliance professionals across all relevant sectors should recognise that AML regulation won’t stop there; as new money laundering threats continue to evolve rapidly across the global economy, the pace and scale of new regulation in this area will inevitably accelerate exponentially.

Faced with this level of complexity and change, businesses need to take a broader view of compliance and operational best practices and adopt new processes and technologies in order to stay on the front foot.

So, rather than taking a reactive approach and focusing solely on being compliant with 6AMLD come June 2021, business leaders should focus on instilling a more agile and flexible approach to compliance and strive to establish a governance framework which operates at a higher level than the next, most immediate regulatory requirement, whether that be 6AMLD, 7AMLD or whatever comes next.

Many organisations are now realising that a ‘do the bare minimum’ approach to compliance is simply not sustainable in the digital economy. Instead they are coming to view compliance, and in particular the adoption of RegTech, as a revenue generator and key strategic differentiator. By ensuring they have the flexibility to adapt to changing regulatory requirements easily and quickly, banks can ensure they can be first to market with new products and services, whilst simultaneously minimising their risk.

Indeed, that is why so many businesses are positioning risk and compliance at the centre of their operational model. Whereas once the compliance department was viewed and treated as a back-office function, we see Heads of Risk and Heads of Compliance being elevated into strategic roles and playing a major part in shaping the future direction of the business.

So, as business leaders turn their attention to 6AMLD heading into 2020, they should not only ensure they have the processes, systems and technologies to fulfil their new obligations and minimise risk, but also look on their efforts to do so as an opportunity to achieve a higher level of governance, setting them apart from their competitors in the market. By ensuring they have the flexibility to adapt to an ever-more complex and dynamic regulatory environment, businesses can acquire the speed and agility needed to thrive in the future economy.

According to Chris Mangioni, Associate Director at Protiviti, banks, financial and credit institutions (including FinTechs and MSBs) as well as other “obliged entities” must be prepared to take urgent action if they haven't already.

4AMLD originally came into effect through local laws in the UK and other EEA (European Economic Area) jurisdictions in June 2017. This Directive and related legislation brought about some of the most comprehensive and high impact changes to the AML approach that the “obliged entities” have yet to experience.

In May 2019, the European Commission (EC) mandated that obliged European home-based regulated entities must conduct a full assessment of every non-EEA country which they have branches or subsidiaries based, by 3^rd September. This includes the following:

• Performing a detailed country-by-country assessment of whether the local regulatory requirements for these non-EEA jurisdictions fall below the Group/EEA requisite standards; meaning that less strict requirements may be applied (including for suspicious transaction identifying and data sharing).
• Having a written AML/CTF risk assessment in each third country, including obtaining senior management approval at Group level for the assessment.
• “Without undue delay” (within 28 days maximum), informing their home member state regulator (e.g. Financial Conduct Authority, Central Bank of Ireland, BaFin, Banque de France, Dutch National Bank, etc) of any operations in countries in higher risk jurisdictions where they are unable to comply with all Group-wide policies and requirements.
• Consider taking further additional measures, such as obtaining consent from customers to overcome any data privacy/local restrictions (where possible).
• Consider carrying out enhanced reviews of operations in higher risk third countries, including carrying on on-site visits or independent audits to adequately identify, assess and manage ML/TF risks.
• Carry out enhanced and tailored training for any staff in higher-risk third countries.
• Ensuring that source of funds (SoF) and destination of funds for a business relationship or occasional transaction (one-off transaction) is adequately determined.

If the obliged entity cannot effectively manage the ML/TF risks in a higher risk third country through the additional measures applied, then the organisation shall close-down some or all of their operations in that country. Upon request, the obliged entity must be able to demonstrate to their AML supervisors/regulators the extent of the additional measures applied to help mitigate any the ML/TF risks. EEA Member state AML supervisors can also require obliged entities to terminate business relationships or even cease operations in the higher risk third country jurisdictions identified.

If the obliged entity cannot effectively manage the ML/TF risks in a higher risk third country through the additional measures applied, then the organisation shall close-down some or all of their operations in that country.

These provisions are in addition to the stricter Enhanced Due Diligence (EDD) measures for relationships with clients from or established in the EC high-risk third country list. This list is considered to be a good starting point for firms assessing the ML/TF risks of non-EEA countries. Further, the FATF list of jurisdictions with strategic deficiencies should also have been considered as identifying potentially higher risk third countries.

Existing State: 4AMLD

Many organisations are assessing how to differentiate their TM and ongoing monitoring process for EC high-risk third countries. 4AMLD brought in a stricter EDD requirement for any business relationship or transaction with a person established in an EC high-risk third country (this is not required for branches or majority-owned subsidiaries of EEA entities, where they can show they comply with Group-wide EEA policies and procedures). This stricter requirement includes making enhancements to ongoing monitoring with an obligation to increase the degree and nature of monitoring of the business relationship in which the transaction is made to determine whether that transaction or that relationship appear to be suspicious. The increase in the monitoring of the business relationship should include the greater scrutiny of transactions.

The EC high-risk third country list originally consisted of 12 countries and now stands at 16 countries after changes made in 2019. One of the proposed additional countries in February 2019 included Saudi Arabia, however, this was retracted by the EC.

Firms that have not yet differentiated their TM and ongoing monitoring processes for clients based in EC high-risk third countries are potentially non-compliant with 4AMLD.

[ymal]

Future State: 5AMLD – Implementation date: 10 January 2020 at the latest

Unlike 4AMLD, there is expected to be no grace period for firms after 10 January 2020. Therefore, it is critical that organisations are taking the necessary steps to plan and implement the necessary changes in advance of the 5^th Anti-Money Laundering Directive (5AMLD) being transposed into local EEA law.

Although the date of the 5AMLD related UK Money Laundering Regulations is still to be confirmed, the law will be transposed before obliged entities need to comply with it by January 2020. Other EEA regulators are also progressing with publishing their transposition of 5AMLD into local law.

5AMLD will bring new services and entities into scope for obliged entities. These include crypto-asset related entities (virtual currencies), e-money entities, art intermediaries, tax advisors, letting agents, corporate service providers, high-value dealers and entities involved in the issuance and distribution of anonymous pre-paid payment cards.

Amongst other things, 5AMLD will:

• Expand upon the stricter EDD ongoing monitoring requirements and measures for EC high-risk third countries. This is now likely to include enhanced ongoing monitoring where a client is ‘involved’ in an EC high-risk third country (as opposed to ‘established’ under 4AMLD).
• Broaden the criteria for the EC in assessing high-risk third countries.
• Set out circumstances where remote or electronic forms of ID verification may be used.
• Help to ensure that there is better information sharing and improved international cooperation between EEA law enforcement bodies, financial intelligence units (FIUs) and regulatory bodies.

5AMLD is also expected to clarify the technical specifics for EEA Company registry’s concerning ultimate beneficial ownership information. Further, it is likely to create additional reporting requirements upon obliged entities to report discrepancies identified on EEA company registers.

As 5AMLD is now less than 6 months from the final implementation date in early January 2020, what necessary steps and measures has your firm taken to help ensure it can comply from day 1 or face potential regulatory backlash and increased scrutiny, including possible associated reputational risks? 

Here, encompass industry adviser Dr Henry Balani, a financial services expert and academic, examines the key developments within the latest directive and what they will mean.

 What is 5MLD and how is it different from previous anti-money laundering directives?

5MLD represents the latest update to the Anti-Money Laundering (AML) directives put out by the European Union (EU). Like those before it, its goal is to stay current and on top of changes in money laundering techniques that criminal actors have been adopting.

Financial crime continues in whatever form is available to these bad actors, and regulators need to adapt to these changing circumstances with new updates. 5MLD is especially pressing, given the high-profile terrorist attacks in Paris and Brussels in 2015 and 2016 respectively. In both cases, terrorists used non-conventional techniques to finance their criminal activity, including the use of pre-paid cards, which under 4MLD was not adequately covered for potential money laundering abuse.

The Panama Papers leak in early 2016 also highlighted the shadowy nature of how corporations can hide the true owners of shell companies that are used for illicit activities.

Politically Exposed Person definition clarified

There are several major updates that distinguish 5MLD from 4MLD, with the first clarifying the definition of a Politically Exposed Person (PEP).

Under 5MLD, member states will be required to identify beneficial owners and to maintain public registers of these.

By virtue of their positions, PEPs are more susceptible to corruption, given their government role and influence. Corruption is a predicate crime to money laundering, and financial institutions have to conduct enhanced due diligence on their PEP customers due to this increased risk.

Previously, there was no clear definition of a PEP – for example, while the Mayor of London is a PEP, what about the Lord Mayor? How about a Mayor of a small village in Spain? To achieve some level of consistency, member states will now need to maintain a list of prominent public functions that Obliged Entities (OE) – institutions that are required to comply with the Money Laundering Directives – like financial organisations, can then use to develop their due diligence procedures.

While this change is a step in the right direction, there are still challenges, which are largely due to the inconsistent definitions of these functions, especially across all the different EU member states.

More of a spotlight on information sharing

The second update relates to information sharing by EU member states’ Financial Intelligence Units (FIU). FIUs are tasked with identifying potential money laundering activity based on information received by financial institutions that report suspicious activity. Sharing information across member states helps improve criminal activity detection, especially when these criminal activities move across borders.

5MLD requires member states to set up centralised bank account registers to identify account holders, including the Ultimate Beneficial Owners (UBO) of these accounts. Ultimately, OEs will need to be able to set up efficient processes to share their customer account information with the FIUs.

The Paris and Brussels attacks have heightened the role of law enforcement in identifying terrorists, which results in these agencies requesting customer account information without the need for suspicious activity reports (SARs).

Under 5MLD, member states will be required to identify beneficial owners and to maintain public registers of these.

Previously, law enforcement agencies would only act on potential money laundering suspicions based on the filing of SARs by OEs. However, 5MLD now allows law enforcement agencies the ability to track potential terrorists without these SARs. OEs will need to be able to provide timely, accurate and relevant customer account information as needed.

More transparency is now required when identifying UBOs

Another significant update within 5MLD relates to the need for additional transparency related to identifying UBOs of corporations.

The Panama Papers leak made clear that many shell companies were used for both legitimate and nefarious business transactions. Shell companies make it easy to ‘hide’ assets of corrupt government officials (PEPs). The Prime Minister of Iceland is one prominent PEP uncovered in the Panama Papers leak, resulting in his removal due to less than transparent financial transactions.

Under 5MLD, member states will be required to identify beneficial owners and to maintain public registers of these. The result of such public registers is an increase in transparency, making it more challenging to disguise illicit transactions including terrorism and money laundering.

Added screening around virtual currencies

The rise of new financial technologies has provided consumers with greater choice and flexibility in conducting financial transactions across borders. An example is the introduction of cryptocurrency, including bitcoins.

Virtual currency exchanges and custodian wallet providers have now sprung up to service consumers. However, criminals also take advantage of these financial technologies. The innovation from cryptocurrency requires regulations to prevent widespread abuse. 5MLD changes require virtual currency exchanges to screen their customers for potential money laundering. Banks will also now need to screen these virtual currency exchanges as well, including their customers.

Cryptocurrency already holds great promise when it comes to driving greater efficiency and lowering costs for cross-border transactions, and the 5MLD requirements can help in greater adoption of this new technology.

5MLD changes require virtual currency exchanges to screen their customers for potential money laundering.

Lower identification threshold for pre-paid cards

Other innovations in financial technology have also resulted in the greater use of pre-paid cards. Unfortunately, post analysis of the Paris and Brussels attacks revealed that the terrorists financed their activities using these prepaid cards. These anonymous instruments made it easy for them to disguise their identities, consequently meaning it was difficult for law enforcement agencies to track their financing operations.

As a direct result of these attacks, 5MLD now lowers the identification threshold of these prepaid cards to over €150 (down from €250), with any remote payment transactions over €50. Any institution selling prepaid cards will need to conduct due diligence checks on their customers to identify suspicious transactions.

It is clear that technology innovation and new payments processes are driving greater ease of use in financial transactions globally. While they benefit the general public, bad actors will always be looking to take advantage of these trends to finance their illicit activities.

5MLD represents a significant step forward in addressing these loopholes. However, technology change, especially in financial services, continues to accelerate. 6MLD is already in discussion amongst EU regulators. And it is clearer than ever that there is a need to make it count if we are to stay vigilant and on top of the never-ending fight against money laundering and terrorism.

Website: https://www.encompasscorporation.com/