Chris Laws, Global Head of Product Development, Supply & Compliance Solutions at Dun & Bradstreet, explains why the EU blacklist is an important tool to combat financial crime and will be welcomed by those responsible for the fight against money laundering.
The EU recently updated its anti-money laundering blacklist that names countries it considers to have deficiencies in tax rules that could favour tax evasion and anti-money laundering (AML) activities. The European Commission introduced the list at the end of 2017 and recently added ten new jurisdictions including United Arab Emirates, Oman and Barbados. The updated list has been rejected by governments within the EU, and now Brussels is being forced to review the list that was established to promote tax governance and prevent tax avoidance. The published objectives include ensuring transparency and fair tax contribution, and coupled with the 5th EU Money Laundering Directive, the list was viewed as a valuable tool in the fight against money laundering, helping to protect global organisations from the reputational and financial risk of illegal activity within their supply chains.
The recent debate comes after a year of high-profile scandals engulfed some of Europe’s biggest banks and Nienke Palstra, at campaign group Global Witness believes that “Europe has a major money-laundering problem”. While organisations such as the Financial Action Task Force – a group established 30 years ago by the G7 – were set up to combat fraud at an international level, previous list have excluded countries such as Panama, which recently hit the headlines relating to high-profile financial fiascos. With a rapidly changing landscape and increasingly sophisticated financial crime, having accurate information on country level risk essential to help businesses to identify potential illegal activity and take steps to mitigate exposure.
The Brexit effect
The UK’s National Crime Agency reported a 10% rise in ‘Suspicious Activity Reports’ (SARs) in 2018 compared to the year before, with specific money laundering reports increasing by 20%. The agency’s report came as London was accused of “acting as a global laundromat, washing hundreds of billions of pounds in dirty money from around the world” and the impending departure from the EU is likely to exacerbate concerns about illegal activity within the UK.
With continued uncertainty over trade arrangements post Brexit, UK-based companies looking at trading opportunities outside of the EU will need to evaluate the risk involved with working within other markets and complete comprehensive due diligence and take steps to ensure strict controls over transactions with countries flagged as posing increased risk. According to the NCA, Brexit will increase the number of opportunities for money laundering as foreign firms could potentially look to invest ‘dirty money’ in British businesses as EU AML agreements become increasingly uncertain.
Is technology the answer?
Despite the uncertainty, businesses can evaluate potential risks and limit exposure by implementing an efficient and clear risk management policy – and ensuring they have a transparent view of supplier and partner relationships. A robust compliance process is achieved through a combination of the right data and the right technology to support effective Know Your Customer (KYC) and Know Your Vendor (KYV) activities. A PWC report in 2016 looked at the ‘future of onboarding’ and suggested that technology provides a solution to accurate identification and verification, using technologies such as biometrics, blockchain and digital identification. The utilisation of artificial intelligence (AI) is increasing and can be a valuable tool to support compliance processes.
AI can be used to develop an informed and accurate compliance model, untangle an overwhelming volume of data and identify (and therefore reduce) false information in monitoring systems. Traditional tools and technology are simply not able to manage the increasing amount of data sources and the speed of change that artificial intelligence can process. AI systems can reduce the time spent on manual processes, allowing compliance experts to devote attention to more in-depth analysis of suspicious activity.
The ongoing fight against money laundering
The ever-increasing sophistication of criminal organisations and their ability to mask illegal activities poses a genuine challenge for businesses operating in high risk jurisdictions. It’s more important than ever to know exactly who you are doing business with and having access to details such as beneficial ownership and ‘People with significant control’ (PSC). With a recent survey suggesting anti-money laundering compliance costs U.S. financial services firms $25.3bn a year, it’s an expensive and very real issue that businesses need to take seriously.
Tools such as the EU blacklist can play a crucial role in delivering increased transparency to deter and identify illegal activity and to ensure an enhanced level of scrutiny of business relationships to mitigate risk. Using third-party data to complement a company’s existing data set can improve due diligence, and having the latest technology in place to analyse huge volumes of data could be key to avoiding exposure to regulatory fines and reputational damage.
Blow by blow, a wave of claims has hit an increasing number of European banks who are alleged to have handled suspicious transactions involving Russian money. European banks such as Raiffeisen Bank, Sweden’s Swedbank AB and Finnish financial services group Nordea are some of the latest firms that have been drawn into Europe’s expanding money-laundering activities. The scandal first came to light when US authorities led an investigation into Latvia’s ABLV bank, accusing it of institutionalised money laundering, but the first major bank who was questioned over illegal activities back in 2017 was Danske Bank A/S after a whistleblower raised suspicions over the origins of billions of euros that had flowed through the Danish bank.
Investigations are currently underway after the most recent claims and the constantly increasing number of revelations suggests that the surprises won’t stop here. And although it may take months for regulators and enforcers to determine if any of the allegations from the past few months are substantiated by fact, the question on everyone’s lips is: if the claims are true, why do European banks continuously fail to detect the movement of illicit funds? What is wrong with the European banking system?
The how and the why
As Gregory White explains for Bloomberg, the transition to capitalism in Russia and its neighbouring countries set off a wave of hundreds of billions of dollars flooding out of the ex-Soviet Union. In most cases, the money was routed through offshore zones with restricted controls which predisposes for difficulties in telling the difference between legitimate business and illicit flows from criminal activity. This, in turn, led to some of this cash being moved to prominent international banks. What is interesting is that most of the banks accused of laundering Russia’s dirty money are either Baltic banks or Nordic banks that have Baltic units; in the case of Danske Bank, for example, $230 billion of suspicious transactions were allegedly handled by the bank’s branch in Tallinn, Estonia. On the one hand, financial institutions that operate across border tend to find themselves linked to suspicious activity oftentimes due to the difficulties they face when creating platforms and handling funds in foreign countries where a number of issues such as language differences could result in various complications. However, why is the wrongdoing so heavily focused on the Baltics?
A team of researchers estimated in 2017 that Russians’ offshore wealth is about $1 trillion, or the equivalent to three-quarters of the country’s GDP in 2015.
After the dissolution of the Soviet Union in 1991, the banking industries in all Baltic nations were thriving, partially because they began servicing flows of Russia and the rest of the former Soviet Union nations. According to regulators, a lot of banks started opening accounts for individuals and companies based in other countries (called ‘non-residential portfolios’), not questioning who the individuals were or where the cash came from. Due to tighter regulations, over the past decade banks have ceased doing business with clients who are believed to be dodgy, but past practices have left their mark on the Baltics’ banking industry.
Estimating the scale of the criminal activity is a difficult task due to launderers’ hard work to disguise the origin of their money and the fact that not every transaction that looks questionable is actually illegal. A team of researchers estimated in 2017 that Russians’ offshore wealth is about $1 trillion, or the equivalent to three-quarters of the country’s GDP in 2015.
Where are the regulators?
The key paradox in all of this is the lack of a centralised European authority tasked with investigating and prosecuting money laundering cases. To this day, the authorities that have been expected to investigate financial crime allegations have been local police and national regulators, which naturally leads to a mishmash of different laws and practices.
The key paradox in all of this is the lack of a centralised European authority tasked with investigating and prosecuting money laundering cases.
In September last year, in an attempt to tackle money laundering, the European Commission proposed tightening regulations and changing banking supervision, however, the introduction of a centralised agency is not on the agenda. For a long time, the European Banking Authority (EBA) has mentioned its physical inabilities to combat financial crime in the EU’s 28 states, due to being understaffed and not having enough power. At present, only two out of EBA’s 170 staff members work on money laundering cases.
The one thing that is perfectly clear is that the existing gaps need to be filled – exploiting the European banking system shouldn't be as easy as it seems to be. Relying on two people to monitor and investigate financial crime across all EU member states and all of their banks is unacceptable. Harmonising existing rules in the EU to investigate and punish money laundering would be a good place to start, but ultimately, the European Commission needs to increase its efforts in the fight against money laundering and introduce a centralised authority to crack down on flows of dirty money.
Below Nicola Sharp of Rahman Ravelli, considers the Danske Bank scandal and wonders why so many banks are weak on money laundering prevention.
Thomas Borgen’s reign as CEO of Danske Bank has ended after the board recently ousted him as CEO with immediate effect. The announcement came after revelations about the huge scale of money laundering that Denmark’s biggest bank had allowed to happen at its Estonian branch.
The bank’s decision to part ways with Borgen came after Danske finally admitted that most of the €200 billion (£178 billion) that had passed through its Estonian branch between 2007 and 2015 was money that was being laundered. The money in question was being moved illegally out of Russia, the UK and the British Virgin Islands.
Danske stated that its investigation had discovered “a series of major deficiencies” in its money laundering controls, with more than half of its 15,000 customers in Estonia now being treated as suspicious. It found that several dozen Danske staff may have colluded with customers to evade background and security checks. The bank has reported some past and present employees to the Estonian police.
Amid the resignation and admissions of wrongdoing, the bank’s chairman Ole Andersen talked of deplorable, unacceptable and unpleasant activity and inadequate controls
But Danske only admitted the scale of the problem after increasing political pressure and an announcement by US law enforcement agencies that they would be beginning their own investigation. And Borgen, who was in charge of Danske’s international operations - including Estonia - before becoming CEO in 2013, had previously dismissed other executives’ concerns about Estonia. In a 2010 investigation, he had stated that he had found nothing “that could give rise to concern”.
An independent report by a Danish law firm found that, under Borgen, the Estonian branch had not disclosed the full situation to Danske’s board. Borgen has stated that the law firm’s investigation found that he did not break the law but that he believes his resignation is “best for all parties’’.
His departure may well be best for all parties. But it does little to remove concerns about what could be called at best large-scale failings – and at worst, out-and-out criminal behaviour. Danske’s admissions come just weeks after Dutch bank ING paid €775M to settle an investigation that it had failed to detect money laundering. And 2017 saw Germany’s Deutsche Bank fined almost $700M for helping wealthy Russians move $10 billion out of the country.
Those with longer memories may wonder why such scandals are still occurring, 27 years after the catastrophic $20 billion collapse of the Bank of Credit and Commerce International amid criminality on a huge scale. The post mortem on BCCI uncovered global corruption, with it being involved – among other things - in worldwide money laundering and bribery of officials, support for terrorism, tax evasion and arms trafficking.
Danske’s problems seem to indicate how little we have progressed. Surely anyone who remembers BBCI will experience an unpleasant sense of déjà vu when reading about Danske or ING or Deutsche Bank – or whoever the next bank is that is caught failing spectacularly to meet its legal obligations.
Have the banks learnt absolutely nothing since BBCI fell apart in July 1991? And if not, is there any other profession that has made such little progress in crime prevention in almost three decades?
As yet, we cannot be 100 per cent sure whether Thomas Borgen has gone because he is responsible for what went on or because he feels that someone should be accountable and, as CEO, that person should be him. No doubt the criminal investigations that are being set in motion will produce a list of current or ex-Danske staff who will – at the very least – face some very difficult questions. It would beggar belief if a number of them are not prosecuted.
But it is important that Danske - and any other bank for that matter – does not fall into the trap of believing that one scandal ending with an investigation and, possibly, a number of prosecutions means that the problems have somehow magically disappeared. The potential for money laundering will never disappear unless each and every bank assesses thoroughly its vulnerability to it and devises and implements proper preventative procedures.
Without such an informed approach to tackling the problem of money laundering there will always be the likelihood of it happening. That is not scaremongering, it is a simple fact. There are enough people looking to move the proceeds of crime around the world and many, if not all, of them will look to induce banks to do that work for them.
It is up to the banks, therefore, to ensure they are protected from such a possibility. If they are not, they have no one to blame but themselves. Each and every bank may not have the necessary expertise under its roof to ensure it can always function in a corruption-free, legal way. But every bank can seek that expertise from outside experts.
The advice is there. The banks have to obtain it, act on it and ensure they are not vulnerable to the money launderers. If they fail to do this, they will be joining Danske and Mr Borgen on an ever-lengthening list of banks that paid the price for having poor precautions in place.
On the back of Deutsche Bank’s recent ordeal, Finance Monthly gets the lowdown from Zac Cohen, General Manager at Trulioo, who discusses the steps banks and other financial institutions can take to strengthen their fight against money laundering.
Deutsche Bank recently made headlines after the German financial watchdog BaFin appointed an independent auditor to monitor the bank’s Anti Money Laundering (AML) compliance. This is the first time such an appointment has been implemented, highlighting the bank’s failure to meet due diligence requirements surrounding terrorist financing, money laundering and other illicit flows of capital.
As banks and financial organisations now operate in an increasingly global marketplace, they must grapple with the consequences of handling cross border transactions. Having lax Know Your Customer (KYC) procedures in place can be potentially crippling for banks worldwide, with fines being issued in the hundreds of millions if chinks in their anti-money laundering armour are uncovered.1 Yet despite over $20 billion being spent on compliance annually, only 1 per cent of illicit transactions are seized each year.2
Financial globalisation, still very much a reality despite shifting geo-political attitudes towards it, makes international money laundering practices a real force to be reckoned with. Indeed, international money laundering is becoming more widespread and this is, in part, down to the difficulties in maintaining full transparency when dealing with international clientele.
Banks and other financial institutions are legislatively obliged under Anti-Money Laundering rules to have full knowledge over their clients’ identities and the origins of their wealth. With money coming in from all corners of the globe, banks must be able to perform Know Your Customer (KYC) and Know Your Business (KYB) checks on a client base that may be moving money all around the world. In addition, establishing a “beneficial owner”, a derivative of KYC, must be a priority before financial transactions occur. The 4th Anti Money Laundering Directive (4AMLD) stipulates the necessity of ascertaining the beneficial owner of business customers, partners, suppliers and other business stakeholders. Some transactions, originating from unknown geographic localities, can be particularly difficult to verify.
The key to combatting this problem is leveraging the available technologies that can be implemented to help promote transparency. This is crucial as these technologies have the view to reducing the occurrence of fraudulent transactions passing through banks and financial institutions. Bad actors are becoming increasingly sophisticated in their techniques in directing fraudulent money through banks, employing techniques such as under- or over-invoicing, falsifying documents, and misrepresenting financial transactions. This increasing sophistication that coincides with the rise in global money laundering, up 12 per cent from the previous year.3
There are however, multiple technical advances that are available to help implement and streamline the process of checking and verifying ultimate beneficial owners and promoting transparency. Automated systems and artificial intelligence programmes can be used to scour company documents for a streamlined electronic ID verification sytems to verify personally identifiable information in conjunction with ID document verification and facial recognition technology to help paint a full picture of each beneficial owner of a business.
Putting this all together to create certainty and transparency about who you’re doing business with is crucial. Deutsche Bank have suffered severe reputational damage as a result of several anti-money laundering breaches that have reached the public’s attention over the last few years. The question remains, can banks implement the technology and processes they need with sufficient effectiveness to recover from this reputational strain?
1 https://www.reuters.com/article/us-deutsche-bank-moneylaundering-exclusi/exclusive-deutsche-bank-reports-show-chinks-in-money-laundering-armor-idUSKBN1KO0ZC
2 https://www.politico.eu/article/europe-money-laundering-is-losing-the-fight-against-dirty-money-europol-crime-rob-wainwright/
3 https://www.pwc.com/gx/en/services/advisory/forensics/economic-crime-survey.html
Salvatore LaScala is a Managing Director at Navigant Consulting, where he is Co-Lead of the Global Investigation and Compliance and Anti-money Laundering (AML) Practices. Mr. LaScala has over 20 years experience conducing AML and Sanctions compliance programme reviews, Risk Assessments, Monitorships and Remediations and regularly assists his financial services clients with Navigating regulatory or law enforcement actions. Mr. LaScala also applies his expertise by assisting clients with AML & Sanctions optimisation services that increases the breadth and scope of risk coverage while making the programme more efficient. He oversees Navigant’s AML Technology Team and has helped develop STAR, Navigant’s proprietary Case Management System and Rules engine regularly utilised for AML Look-Backs, Sanctions Look-Backs, CDD Remediations and other compliance and investigative projects. Additionally, Mr. LaScala provides his clients with outsourced Financial Investigation Unit (FIU) teams to both augment existing FIUs on a permanent basis or by providing FIU Surge protection services whereby the Navigant team is deployed to handle an increase in investigative or compliance activity pursuant to a compliance technology transformation or acquisition of another institution or large scale customer on-boarding.
Mr. LaScala began his career as an accountant, attorney and Special Agent with the IRS Criminal Investigations Division of the Treasury Department and thereafter spent over 20 years providing AML compliance and investigative services. He has been with Navigant since 2010.
This month, Finance Monthly had the pleasure to connect with Mr. LaScala and discuss AML in the US and the impact that AI, Machine Learning and Robotics Process Automation have had on the sector.
What drew to the AML field? What excites you about the sector you work within?
My background initially drew me in. As an accountant, attorney and former law enforcement officer, it all came together initially with a consulting job in 1997 with a Big 4 firm specialising in AML and Forensic Accounting. I enjoyed both but spent far more time in AML. I loved developing and dispositioning AML and Sanctions alerts and constantly found ways to make the process more comprehensive and efficient. Eventually I developed ways to make large scale AML remediations, including Look-Backs more efficient by building rules engines, false positive review platforms and custom case management systems. My perspectives as an accountant, attorney and former law enforcement officer helped make these technologies, auditable, regulatorily responsive and feature rich for investigators, respectively. These days I am still excited to be involved because I like working with clients, and because the regulations, financial institutions, and money launderers constantly change. It’s constant learning, which works for me - otherwise I’d be bored.
What is the current state of AML in the US?
This is a very important time for AML compliance - regulators, examiners and law enforcement now know more about AML programmes, compliance technology and payment platforms than ever before, and as such, the stakes for financial institutions regarding compliance become increasingly higher. Financial institutions are quickly adapting and upgrading their technology and overall programmes to maintain compliance and prevent and detect money laundering, terrorist financing and fraud. The ‘bad guys’ however, seem to have far more payment methods and venues at their disposal to commit crimes than ever before in history.
What are some of the key challenges you face on a daily basis and how do you overcome them?
The key challenges include finding innovative and cost effective ways to serve our clients, who are often faced with fines and expensive remediations. Providing the right breadth and depth of services to them in a cost effective way is critical. We also work for financial institutions of all different shapes and sizes, some have been through enforcement actions two or more times and are in a position to better plan their way through those actions with a great appreciation of the effort it takes. Others have either not been through too many regulatory or law enforcement actions, or are unable to communicate to a home office in a foreign country the gravity of a US regulator or law enforcement action, and don’t get the financial support they need to get through it. The challenge in both instances still becomes handling ongoing work or “business as usual work” (BAU) along with regulatory action or some compliance technology transformation. Without consultants helping, there are just not enough hours in the day. Regardless of a financial institution’s capacity to respond to a regulatory action, it’s often best if we get in there early and get them off to a timely start so they don’t also fall behind on BAU, or react to regulators too slowly, which can lead to additional issues.
What are the current AML issues and solutions affecting American businesses?
AML is constantly undergoing transformations. Some of these are based on new and emerging AML and Fraud schemes that the industry has to respond to, other transformations are due to new regulations, such as NYSDFS Part 504 regulations, which add additional layers of accountability on AML programme owners. Still, other transformations are the result of enhancing the regulations and the technology behind it because every time we close a door on money launderers and fraudsters, they both seek out institutions without robust compliance and find new venues through which to launder money. The US and several other markets are attractive to money launderers, fraudsters and terrorists because the financial services industry is vast and because these markets are segmented. This means that some players in capital markets or money service business spaces are very technologically savvy with respect to compliance, while other smaller players in the same segment are not. In fact, we often see challenges where the larger and more sophisticated financial institutions de-market or close customer/client accounts which later pop up at smaller or less sophisticated financial institutions.
How has the introduction of Artificial Intelligence, Machine Learning and Robotics Process Automation impacted compliance and investigative solutions?
Navigant is highly focused on applying Artificial Intelligence (AI), a form of Machine Learning (ML) and Robotics Process Automation (RPA) to our clients in many different areas, including AML and Sanctions. For AML example, we believe that AI/ ML can help existing AML Transaction Monitoring Systems deliver enhanced detection scenario parameters by grouping behavioural patterning to cover more risk and produce fewer false positives. Concurrently, we are applying RPA to the expedite portions of the dispositions of such alerts by removing mundane rote tasks from the analysts purview so that he/she is spending more time on considering the facts, CDD, news and current transactions to determine whether the transaction should be filed on, and less time hunting for data and writing the disposition. Specifically, AI/ML, which helps increase coverage and reduce false positives, and RPA which provides the Investigator more time to analyse the actionable items, are remarkably powerful together.That said, there is a fair amount of work to do, and in the beginning, we need to focus AI/ML only on matters for which the data feed is clean and comprehensive and apply it in a way that is transparent and can readily be described to regulators, examiners and internal audit. The AI/ML revolution won’t survive if the providers that developed it and the financial institutions that use it are not completely transparent. Moreover, even RPA will be better received if it is introduced in stages and when implementations are accompanied by statistically valid data showing that it is more accurate, and saves time such that the ultimate work product contains more thoughtful analyses and is generating comprehensive filings useful to law enforcement.
With Governments increasingly aware of the moral and fiscal costs of white-collar crime, the Dutch crime authority’s decision to hit ING, the Netherlands largest financial services provider, with fines totalling €775 million is of little surprise.
Tackling money laundering is currently high on the national and international agenda of many countries; the EU recently proposed providing the European Banking Authority with greater powers to sanction banks of member states that may be implicated in such activity.
In the case of ING, the bank has been forced to pay out the substantial fine for failing to flag abnormal transactions, and financing terrorism “structurally” by not verifying the beneficiaries of client accounts. The Dutch public prosecution service said that it found “clients were able to use accounts held with ING for criminal activities for many years, virtually undisturbed” from 2010 to 2016. The settlement, which is the largest ever imposed on a company by the Dutch prosecution service, is made up of €675 million in fines, and €100 million as the return of illicit gains intended to deter future violations.
The bank’s CFO has since announced his decision to step down following growing backlash. In addition, measures against ten employees were taken, ranging from dismissals to clawing back bonuses, with the prosecutor accusing the bank of “culpable money laundering”.
This is not a stand-alone case either; watchdogs have clamped down on Credit Suisse and Danske Bank this month over similar money laundering concerns. With authorities prepared to take a hard-line stance against money laundering, there will be severe reputational and financial consequences for organisations which – however unintentionally – enable this offence.
The focus is not simply on the culprits of money laundering, but on ensuring perpetrators have fewer tools to commit such crimes. The relevant authorities will increasingly take a punitive approach to financial institutions with lax crime prevention strategies. Financial institutions, whatever their size, must ensure their tools are inaccessible to those seeking to commit financial crime, or otherwise face extensive fines comparable to ING’s.
This is no easy task and requires a significant investment of time and resource. Banks must ensure they have robust financial crime compliance strategies and programmes in place with appropriate training to reduce risk and mitigate the consequences. This was a point that was not lost on Ralph Hamers, ING’s CEO, who stated that “although [ING’s] investment … [has] been increasing since 2013, they have clearly not been to a sufficient level”.
However, matters should not stop there; processes require frequent review given that criminals adopt increasingly sophisticated strategies to commit offences. Banks, therefore, must remain proactive and vigilant. To this end, the Dutch prosecutor noted that ING’s compliance department “was understaffed and inadequately trained”. In the case of ING, compliance failures were exploited by clients for years for money laundering practices before it was detected.
Effective streamlined processes, such as customer screening and alert processing, informed by risk assessments and financial crime regulations should leave little room for error during due diligence activities.
Iskander Fernandez, White Collar Crime Expert and Partner at commercial law firm BLM
Finance Monthly speaks with Alma Angotti - Managing Director and Co-head, of Navigant Consulting, Inc.’s Global Investigations & Compliance practice, based in the company’s Washington DC office. With her 35 years of public and private sector legal, regulatory, and consulting experience, Alma currently works with financial institutions to, among other things, help them develop, implement, assess, and enhance anti-money laundering (AML) and counter-terrorist financing (CTF) compliance programs required under the Bank Secrecy Act (BSA). She provides BSA/AML/CTF and Sanctions training. She also assists financial institutions in designing their own BSA/AML/Sanctions training policies and programs, conducts investigations and transaction look backs and provides training on AML compliance, examinations, and investigations to regulators globally.
In your opinion how robust is current anti-money laundering (AML) regulation? Is there anything that could be improved?
Legislatively speaking, the current US AML laws are robust.
One important gap in the AML laws is that Investment Advisers are not currently required to comply with the BSA. Investment Advisers sometimes have implemented AML compliance programs as a matter of best practice, but they have no obligation to file Suspicious Activity Reports. Because there is no enforcement mechanism, it is unclear how effective their programs are at detecting money laundering, terrorist financing, and other financial crime. There is a rule proposal that has been pending for several years. I think this is a risk area for the US and global financial systems.
Another area for potential improvement includes a legislative mandate for all companies registering in the US to include beneficial ownership information as part of the registration process and better cooperation among secretaries of state to assist in the identification of potential shell companies and corporations. Requiring the identification and information on the ultimate beneficial owner of a company deters shell companies and corporations from misusing registration systems and entering the US financial market. Understanding the beneficial owner of a customer account, or the ultimate beneficial owner of a financial transaction, are key elements for financial institutions to understand their customers and assess customer risk appropriately. Additionally, if the customer engages in suspicious behaviour, or suspicious transactions, knowing the ultimate beneficial party is integral to any potential law enforcement investigation.
Another area needing enhancement is the ability to share information with law enforcement and between financial institutions more easily. There is currently a US House bill introduced on this subject, H.R. 5783, the Cooperate with Law Enforcement Agencies and Watch Act of 2018. This bill limits a financial institution’s liability for maintaining a customer account in compliance with a written request by a federal, state, tribal, or local law enforcement agency. Additionally, the federal or state agency may not take an adverse supervisory action against a financial institution with respect to maintaining an account consistent with this request.
Beyond legislation and regulatory rule-making, however, consistent and robust enforcement of existing laws, rules, and regulations is critical to ongoing compliance by financial institutions.
What are the current AML issues and solutions affecting businesses and individuals operating in the US?
Some emerging issues that will impact financial institutions are the wider use and holding of cryptocurrencies, virtual currency exchanges (VCEs) looking for banking services, and issuers of initial coin offerings (ICOs) looking for broker-dealer and clearing platforms. Many banks and broker-dealers are de-risking and not providing banking services to VCEs and other high-risk clients (e.g. companies in the medical marijuana industry and customers holding penny stock portfolios) to save on BSA/AML/Sanctions compliance costs. As US regulators of financial institutions rush to regulate these emerging trends, financial institutions are struggling with how to take on these risks without running afoul of ever-changing regulatory expectations.
BSA/AML/Sanctions compliance related to cryptocurrency transactions and performing appropriate due diligence to know your customer when onboarding a VCE is further complicated in the US by the lack of a consistent regulatory definition of cryptocurrency. While many countries view cryptocurrency as currency or legal tender, the US regulatory authorities and law enforcement currently do not agree on whether it is legal tender, a security, or something else. For example, in a 2013 Guidance, FinCEN defined virtual or cryptocurrency as a ‘medium of exchange’ that operates like a currency in some environments but does not have all the attributes of real currency or operate as legal tender in any US jurisdiction. Whereas in 2016, the SEC suggested that cryptocurrency is a security. The Commodity Futures Trading Commission currently believes that it is a commodity, while the IRS views Bitcoin and the like as property that should be taxed.
Regarding ICOs, issuers are coming to consultants like Navigant to help understand unclear regulatory requirements, and broker-dealers are seeking advice on how to underwrite these issuers or onboard ICO companies to their platforms while continuing to comply with BSA/AML/Sanctions compliance laws, rules, and regulations.
What are the AML challenges affecting businesses operating cross-border transactions?
Growth in the volume of cross-border transactions, and greater integration of the world’s economies, have increased the risks that banks and financial institutions face in processing these transactions. Most financial institutions, however, still face challenges that diminish the efficiency and effectiveness of their AML/CFT programs such as: poor data quality and fragmented data sources; outdated technology; poorly tuned transaction-monitoring systems, resulting in high rates of false positives; and the continuous launch of new and complex products and services.
Another major challenge to businesses operating cross-border transactions is the advent and use of mobile payment processing services, and the use of mobile phone payment services, to pay third parties. Millennials are leading this trend by texting cash to friends and third parties, using apps such as Venmo (owned by PayPal), Square Cash or Cash App (owned by Square), Apple Pay, Samsung Pay, and others linked to social media apps like Snapchat. These payment systems obscure whether the transaction is a cross-border transaction, as well as significantly complicating issues such as who the ultimate beneficiary of the transaction may be.
Why is it so important to take an active stance on AML? What are the penalties associated with AML in the US?
Terrorism and transnational organised crime take a terrible toll on societies. The horrific terrorist acts we have seen over the past 20 years cost money and were financed by someone. Our AML/CTF and Sanctions laws, rules, and regulations are in place to stop and deter terrorists from using our financial institutions to finance terrorism, and to stop criminals from laundering the proceeds of other abhorrent practices such as human, sex, or drug trafficking, financing weapons of mass destruction, and nuclear proliferation. Financial institutions play a critical role in protecting the US and global financial systems from these bad actors. We all must be vigilant in this fight.
The importance of financial institutions’ role in fighting terrorism and keeping proceeds of illicit practices out of our monetary system explains the steep penalties for violations of these rules. Individual penalties can range from $500,000 to $1 million (such as the case of Thomas Haider of MoneyGram International) and up to 20 years in prison. Fines for financial institutions vary by regulator and violation. According to Bloomberg,[1] in the first quarter of 2018 alone, federal banking regulators and FinCEN concluded two major AML enforcement actions with almost $1 billion in forfeitures and penalties, the highest ever annual total for federal authorities.
Financial institutions are arguably the most at risk from fraud. What measures can they take to ensure fraudulent behaviour is minimised both internally and externally?
There are many steps financial institutions can take to minimise fraud risk, but at the core of these steps is training and the four-eye principle. Potential fraud — whether internal or external — is significantly reduced by proper training of all staff on the red flags of fraud. Risk is further reduced by ensuring that all processes include more than one set of eyes (i.e., two people — four eyes). Ideally, for transactions most at risk for potential fraud, financial institutions would have a supervisor or quality assurance/control person review the transaction in addition to the employee originating the transaction. A properly tuned transaction-monitoring alert system would then identify any anomalies or potentially suspicious activity post-transaction, further minimising risk.
What changes would you like to see implemented in AML legislation, both nationally and internationally?
As I stated above, I believe it is past time for US regulatory agencies such as the Department of Treasury and FinCEN to assert regulatory authority and oversight over Investment Advisors as financial institutions under the BSA and other AML laws, rules, and regulations. Internationally, it would be ideal to have a centralised repository of beneficial ownership information accessible to financial institutions and law enforcement. Efforts are beginning in some countries to centralise this information, but privacy laws and concerns about confidentiality are often a stumbling block to the sharing of this type of information.
About Navigant
Navigant is a specialised, global professional services firm with focus on industries and clients facing transformational change and significant regulatory or legal pressures. Navigant provides a range of advisory, consulting, outsourcing, and technology/analytics solutions, primarily serving clients in the financial services, healthcare, and energy sectors. Headquartered in Chicago, the company has approximately 5,900 employees across North America, Europe, the Middle East, and Asia-Pacific.
Website: https://www.navigant.com/
[1] Robert Kim, “Q1 Ends with Record $1B in Federal Anti-Money Laundering Penalties and Forfeitures,” Bloomberg Law, April 6, 2018.
New research by BAE Systems has found that 74% of business customers think banks use machine learning and artificial intelligence to spot money laundering. In reality banks rely on human investigators to manually sift through alerts – a hard-to-believe fact selected only by 31% of respondents. This lack of automation and modern processes is having a major impact on efficiency and expense when it comes to the fight against money laundering.
Brian Ferro, Global Compliance Solutions Product Manager at BAE Systems Applied Intelligence, said: “Compliance investigators at banks can spend up to three days of their working week dealing with alerts – which most of the time are false positives. By occupying key personnel with these manual tasks, banks are limiting the investigators’ role, impacting on their ability to stop criminal activity.”
Money laundering is known to fund and enable slavery, drug trafficking, terrorism, corruption and organised crime. Three quarters (75%) of business customers surveyed see banks as central actors in the fight against money laundering. The penalty for failing to stop money laundering can be high for banks – and is not restricted to significant fines. When questioned, 26% of survey respondents said they would move their business’ banking away from a bank that had been found guilty and fined for serious and sustained money laundering that it had not identified.
Ferro continued: “For banks to be on the front foot against money laundering, their investigators need to be supported by machine intelligence. Simplifying, optimising and automating the sorting of these alerts to give human investigators more time is the single most valuable thing banks and the compliance industry can do in the fight against money launderers. Right now, small improvements in efficiency of the systems banks use to find laundering can yield huge results.
“At BAE Systems we use a combination of intelligence-led advanced analytics to track criminals through the world’s financial networks. By putting machine learning and artificial intelligence systems to work to narrow down the number of alerts, human investigators can concentrate on tasks more suited to their talents and insight.”
(Source: BAE Systems)
For our May edition, Finance Monthly has the pleasure to connect with Salvatore LaScala. With over 20 years of hands-on experience to conduct investigations and compliance reviews on behalf of financial institution clients responding to regulatory or law enforcement matters concerning anti-money laundering, Bank Secrecy Act, USA PATRIOT Act and Office of Foreign Assets Control, he now co-leads Navigant Consulting’s Global Investigations and Anti-Money Laundering Practice in New York. His company serves financial institutions of all kinds by providing assistance with responding to Regulatory Actions in addition to more proactive services. This work includes AML/Sanction Program compliance projects such as including Look-backs, CDD remediations, Monitorships, Investigations, Risk Assessments, Compliance Gap Analyses, Model Validations, NYSDFS Part 504 work and AML/Sanctions Compliance technology enhancement, implementation and optimization. Navigant also provides investigators to clear FIU surge activity, outsourced FIU services, and embedded compliance officers.
In your opinion, how robust is the current anti money laundering (AML) regulation?
It is appropriately robust and evolving in a manner consistent with changes in banking, securities and payment systems.
Typically how do financial institutions manage their money laundering compliance obligations? How can they remain up-to-date and compliant?
Financial institutions face numerous compliance challenges from different areas, including AML and Sanctions. Considering the complexity of these regulations, the rigor of examination and competitive business landscape, these financial institutions typically do very well. We are, however, more frequently reminded of examinations that result in an action, whereas successful exams get no mention. Good risk assessments, independent reviews and Governance, in particular, accountability, oversight and training, go a long way towards keeping AML and Sanction programs up-to-date.
Tell us a bit about your work in the field.
I lead large teams that regularly perform historical transaction reviews (Lookbacks) and KYC/CDD/EDD file remediation work. I also help clients overcome AML and OFAC backlogs by deploying teams embedded at our clients’ work sites to that disposition alerts.
My expertise includes assisting clients with the selection, implementation, optimisation and validation of AML and OFAC compliance technology and enhancing AML transaction monitoring detection scenarios and sanctions filter interdiction logic.
My work is exciting. I am able to market our great services to client, deliver those services, lead teams of highly talented people and enjoy the satisfaction of jobs well done. Moreover, as someone who needs to constantly learn and evolve, the introduction of Artificial Intelligence, Machine Learning and Robotics Process Automation lets us provide more effective compliance and investigative solutions than ever before.
Contact details:
Email: salvatore.lascala@navigant.com
Phone: +1 212.554.2611
Website: https://www.navigant.com
Global Witness and leading anti-corruption MP Margaret Hodge have recently called on the UK’s Financial Conduct Authority to take action over the role of RBS and Standard Chartered in handling more than US$2 billion of embezzled funds in a major international corruption scandal. The call comes as Global Witness publishes a new analysis of the role of the bankers, auditors and lawyers in enabling Malaysia’s 1MDB corruption scandal that is likely to have robbed the Malaysian people of an estimated US$4.5 billion.
According to the US Department of Justice the billions embezzled from 1Malaysia Development Berhad (1MDB), a government owned-company, by a variety of people were spent on luxury properties, high-end art and lavish lifestyles, as well as payments to the Malaysian Prime Minister Najib Razak. Most famously, money taken from 1MDB allegedly funded the Leonardo DiCaprio film the Wolf of Wall Street.
Global Witness and Margaret Hodge have written to the Financial Conduct Authority (FCA) calling for it to investigate the role of two UK-based banks, RBS and Standard Chartered, for their oversight of their Swiss and Singapore branches’ money laundering controls. Regulators in Singapore and Switzerland have fined the two banks’ foreign branches a total of $12 million for breaches of anti-money laundering regulations in relation to the scandal. Those investigations were completed over a year ago, with Swiss regulators passing their findings to the FCA at that time. However, there has been no sign of any action from the UK authorities.
In response to Global Witness’ findings, prominent Labour MP Margaret Hodge said: “It is time for the FCA to take firm action to hold banks that handle dirty money to account. The FCA must also explain its apparent inaction over this case, when other countries completed their investigations over a year ago.”
The role of the two banks feature in Global Witness’ new analysis of how a range of banks, lawyers and auditors either turned a blind eye, signed off on suspicious transactions or were simply not obliged by the rules to question origin of funding.
“Our analysis shows that the international anti-money laundering system is not working,” said Global Witness Senior Campaigner Murray Worthy. “The 1MDB scandal would simply not have been possible if the system worked; the financial professionals involved would have spotted this dirty cash and prevented the money from being ever being taken.”
The report concludes that for the banks involved in the 1MDB scandal, this was not a problem of inadequate regulations but a failure of bankers to follow those rules. The banks were either simply not conducting the checks that they were required to do, or they were willing to ignore the risks they saw.
Murray Worthy continued: “The UK should not allow banks based here to handle the proceeds of crime or corruption, wherever they operate in the world. The people of Malaysia are now facing a bill greater than the country’s annual healthcare budget as a result of this scandal – and these banks enabled this scandal to happen.”
(Source: Global Witness)
Here Laura Hutton, Executive Director at Quantexa, explains the money laundering phenomenon, describing the typical profile of a money laundering ring, the added variety some display, and the challenges banking systems currently face in identifying money laundering systems.
Global money laundering transactions are currently estimated at 2 to 5% of global GDP, or up to US$2 trillion, funding crimes such as terrorism, corruption, tax evasion, drug and human trafficking. By 2020, experts predict that there will be more than 50 billion connected devices across the world. This is a cause for concern for banks and financial institutions alike, as criminals will be attracted to fresh ways to communicate and partake in criminal activity.
Shockingly, over 25% of financial services firms have not conducted AML/CFT risk assessments across their global footprint (PWC) – so it is no surprise that criminals are still finding loop holes. However, according to Wealth Insight, global AML spending is predicted to rise from US$5.9 billion in 2013 to US$8.2 billion in 2017 – promising a stronger barrier to money laundering activities. In part, this has been driven by the increasingly strict regulatory landscape and some eyewatering fines, but organisations are also keen to tackle the problem for both moral and reputational reasons.
The profile of a money laundering ring
The vast majority of money laundering is committed by organised criminal gangs and involves a complex web of individuals, businesses, domestic payments, overseas wires and increasingly trades and settlements. These gangs will need many low-level individuals who deposit cash into the banking system, typically in low volumes to avoid detection. The gangs will then need to move the aggregated funds around in larger volumes and overseas. This is a complex structure and designed to avoid raising suspicion.
One size doesn’t fit all
All banks will have AML systems in place, but this doesn’t mean they are correctly suited. At first, financial institutions put in place systems to detect money laundering within their retail book, looking for simple patterns like large cash deposits in short time periods or transactions which are unexpectedly large for a standard domestic customer. This may flag some of the low-level criminals, but the modern organised criminal is choosing to hide the activity elsewhere, for example, cash-heavy businesses and financial markets where the transaction volumes are significantly bigger and where overseas transactions are the norm.
Banks and regulators realised that these non-retail products had money laundering risk, but no tailored AML systems existed for these complex products. As a result, many organisations have simply repurposed existing retail and market abuse systems that inevitably aren’t suited to the product line that they are trying to protect. A pre-configured AML system for retail banking will focus on finding individual high-risk transactions without the context of corporate structures, geographical money flows and the complex behaviour of that product type. Consequently, these systems are less able to identity suspicious behaviour and do not effectively prevent money laundering.
Time for a new approach
To address the more pressing money laundering risks, and greatly reduce their vulnerability, banks need to take a different approach that can interpret and risk assess these complex webs of activity and present them assembled and ready for investigation. Money launderers are not transactions, they are individuals, and they need to be modelled as such.
The contextual monitoring approach uses entity and network analysis techniques, in combination with advanced analytical methods to uncover the hidden web of criminal activity and highlight these holistically as an aggregated view of risk across multiple products and data sources.
This eliminates the vast number of alerts generated at the transactional level and focusses the attention on the high-risk people, businesses and networks that underpin these criminal gangs.
Money laundering remains a great issue for banks and financial institutions alike. As the criminals get smarter, current AML systems are falling behind. To beat the criminals at their own game, banks must adopt new compliance technologies to make constructive use of the infinite data accessible, join the dots in their customer network, and then become more efficient when acting against illegal money laundering activity.
Only 1 in 300 property purchases by overseas cash buyers are triggering red flags with the National Crime Agency (NCA) in a wakeup call for the UK property market, anti-money laundering (AML) specialists Fortytwo Data have warned.
In the US, a similar jurisdiction to the UK, 5% of home sales are to overseas buyers and 44% of them pay cash according to latest figures1.
Transposing this trend data onto the UK property market means 26,400 homes are sold each year to overseas cash buyers in Britain, where 1.2m property transactions were the subject of only 355 Suspicious Activity Reports (SARs) in the year to March 20162.
SARs are red flags sent by financial institutions, law firms and estate agents to the National Crime Agency (NCA) when they detect suspicious activity. It comes against a backdrop of widespread fears that foreign criminals have been using the UK property market to store their ill-gotten gains.
Fortytwo Data’s knowledge of the anti-money laundering sector suggests direct overseas transactions are responsible for around a quarter of SARs raised in the UK. This means only 0.33% of cash purchases by overseas buyers are triggering alerts - 1 in every 300 sales.
Estate agents’ reporting responsibilities have been strengthened by the latest EU money laundering directive (4AMLD).
The NCA’s director of the economic crime command, Donald Toon, has offered insights in the past on the scale of the problem, revealing how he believes “the London property market has been skewed by laundered money”3.
The number of SARs submitted by estate agents to the NCA climbed dramatically in 2015/16, rising 98.3% in only a year albeit from a very low base. It was the highest rise of any sector, which suggests lack of awareness and training in the past has been a problem.
The second highest rise came in the gaming industry which saw the number of SARs submitted climb 52.4% to account for 0.37% (1,431) of the 381,882 SARs received by the NCA that year.
Julian Dixon, CEO of Fortytwo Data, said: “There is no doubt that 355 SARs generated by all estate agents is a tiny number. That figure seems to be on the right trajectory but the industry still has a long way to go.
“The residential property market is a golden opportunity for criminals, who are able to take advantage of a sector that, in the past, has not been subject to such stringent money laundering requirements as financial institutions.
“Bricks and mortar is as attractive as ever to organised crime. It’s an ideal way to deposit large sums of cash in a single transaction, allowing them to blend in with the thousands of legitimate cash buyers who purchase property each year.”
The US is a comparable jurisdiction to the UK. The US property market, like Britain’s, is a safe haven for illicit funds because of the rule of law, relatively stable markets and high prices which make money laundering more efficient. Their regulatory regimes are based on identical enforcement frameworks.
(Source: Fortytwo Data)
