Author: Laurie L. Gentz, CAMS, Head of Compliance, BAE Systems Applied Intelligence
Record fines in the banking world recently – some for billion-dollar figures – have brought the issue of money laundering and terrorist financing into sharper focus than ever before. The combination of tighter regulations and the continued efforts of criminal and terrorist organisations to channel funds through the legitimate finance system means that today’s financial institutions need to have the most robust systems and policies in place to manage these risks.
There can be no doubt that money laundering is big business, enabling criminal groups to disguise the illegal source of their wealth and fund further illegal activity, and fuelling corruption and organised crime around the globe. Due to its clandestine nature, it is difficult to say exactly how large the illegal market for money laundering is but, according to the United Nations Office on Drugs and Crime (UNODC), the estimated amount of money laundered globally each year is between 2% and 5% of global GDP, or between $800 billion and $2 trillion in current US dollars1.
Serious tax evasion was categorised as a money laundering risk by the Financial Actions Tax Force (FATF) many years ago, and this has also impacted on the regulatory and compliance obligations that financial institutions around the world face.
In order to combat money laundering and terrorist financing and avoid the risk of large fines, financial institutions need to remain vigilant and focus on the following key areas:
Knowing your customer
Knowing who you are dealing with – and getting to know them in the first place – should be a simple process. However, with the ease of setting up shell companies in many parts of the world, which can be established by ‘not so friendly individuals and businesses’, you may not know who you are really dealing with. In addition, the geographical area you do business in is globalised and increasing volumes of payment transactions can rapidly turn a very personal interaction into an anonymous, arm’s length process with someone you don’t know and should not be doing business with. To ensure the integrity of the financial services relationship, the obligation upon a financial institution is to Know Your Customer and carry out proper due diligence on that customer in order to have a full understanding of the financial activity going through your bank, hence the term Customer Due Diligence.
Understanding the risks different types of customers can pose and how they use different bank products and services, which themselves carry an element of risk for the bank, is a complex task. But, by taking a methodical approach to risk scoring all of the elements of the customer relationship, and assigning a risk level to each customer, it is possible for financial institutions to understand the risk profile their customer base represents. In addition, dynamic assessments need to occur to ensure that, as a customer adds new products or conducts payment transactions in higher risk geographies, so risk levels are adjusted accordingly and, if needed, can lead to more enhanced due diligence investigations.
Understanding Sanctions and PEP screening
Sanctions, sanctions, sanctions – we are all hearing about sanctions on a daily basis, especially in relation to current geopolitical issues such as tensions between Russia and Ukraine. Depending on the sanction(s) directive, an individual or business cannot perform the interaction prohibited by the sanction. In the case of financial payment sanctions, an individual or business cannot send or receive payment transactions from a sanctioned country, entity or individual. It is therefore extremely important for a financial institution to monitor all sanctions issued and to have a dynamic list matching system to ensure a rapid response to new sanctions.
Politically Exposed Persons (PEP) are individuals who hold public and private roles and could use those roles to influence many different issues in the world, both for the good as well as the bad. Running your customer list against a list provider’s PEP list, which grows by 30-40% year over year, will help your organisation understand the risk level a potential PEP or related PEP poses to your organisation.
How you pay for goods and services is an ever changing process and new vehicles to pay for goods and services are always emerging, including virtual currencies such as Bitcoin. As a financial institution, you have the obligation to ensure that ‘dirty money’ does not make it into financial payment systems. Your financial institution may have fundamental detection systems in place to monitor payment transactions. However, it is increasingly likely that self-learning and predictive analytics are needed to understand when activity is not normal for the customer or account. The use of analytics and refinement of detection scenarios will help in the reduction of false positives and also uncover unusual activity and money laundering schemes.
Serious tax evasion is a predicate offense
We are now seeing a global shift toward world-wide cooperation in dealing with tax evasion, especially following the creation of Foreign Account Tax Compliance Act (FATCA) and the Organisation of Economic Cooperation and Development’s Common Reporting Standard (OECD CRS). FATCA came into effect in July this year, and requires foreign financial institutions to classify the financial accounts held outside the US. Later this year, foreign financial institutions will start reporting accounts held by US citizens with them to the Internal Revenue Service (IRS). On the international front, the OECD’s CRS carries with it heavy account classification, due diligence and reporting requirements. Veiled secrecy of account ownership at financial institutions is quickly becoming an issue of the past. Global governments now understand that they can collect additional tax revenues if global account holdings and income are transparent.
Preparation, not confusion
Identification of money laundering, terrorist financing and tax evasion is vital. This requires understanding how recent enforcement actions affect how your institution does business and reviewing the regulatory policies and procedures that your organisation is exposed to and responsible for. A pragmatic and effective approach avoids falling prey to criminals in the first instance and the possibility of severe fines in the second. Understanding the risks involved in doing business is a matter of organisational survival but, by having the right systems in place, it should not be a source of drama in the process.
About the Author:
Laurie Gentz currently heads the North American Compliance group for BAE Systems Applied Intelligence. Laurie is responsible for supporting the product development of the compliance solution suite, providing subject matter expertise and managing effective implementations for a range of financial services customers. Previously, Laurie’s career included risk and compliance management including acting as subject matter expert for a range of regulations including Customer Due Diligence and OFAC/AML/BSA.