Industry Insight

How often is AML training required?

The recommended frequency of AML training organised by an MLRO (Money Laundering Report Officer) is dependent upon several factors that we will cover below – but it is recommended by the Academy that training takes part at least annually.

The objective of AML Training

The objective of AML training is to engage, inform and inspire employees to obtain a robust knowledge and understanding of the following:
  • The common methods and trends of Money Laundering (“ML”) and Terrorism Financing (“TF”) relevant to the organisation.
  • The organisation’s AML/CFT policies, procedures, systems and controls.
  • The ability to identify potential suspicious behaviours or activities, and how to report these events to the MLRO.
  • The individual roles and responsibilities distributed across the organisation in order to combat ML and TF.
One Size Does Not Fit All It is important to highlight that not all employees across an organisation carry out the same job description - as a result, the AML training designed for each department should reflect the diversity in roles and responsibilities. MLROs have the responsibility to ensure that employees receive relevant and appropriate training programmes in line with their roles and responsibilities. Employees should understand the extent of their exposure to ML/TF and have the ability to distinguish the red flags and suspicions while conducting their duties. The Frequency of AML Training According to Financial Action Task Force (“FATF”) 2012 Recommendations, organisations should conduct AML/CFT training on an ongoing basis. MLROs should arrange  the following training:
  • New Starter Training: For new employees who have recently joined the organisation.
  • Refresher Training: Ongoing training for existing employees.
  • Special Purpose Training: Training on new regulation/internal policy or the organisation’s new product, service or technology.
New Starter Training New starters should receive AML training as soon as possible. The Academy recommends conducting the training within 7 - 10 working days of an employee’s start date. Refresher Training In order to determine how often AML/CFT training should be given to existing employees within each department, MLROs should apply a risk-based approach in order to manage the resources versus the ML/TF risk that each department is exposed to. The higher the risk of ML/TF, the more frequent the training should be. For instance, the first line of defence (i.e. the relationship managers) should receive more AML/CFT training than the second (i.e. Compliance and AML team) or third line of defence (i.e. internal audit team). Based on international best practices, it is recommended that an organisation should train its employees once on an annual basis as a minimum. Special Purpose Training  The frequency of Special Purpose Training varies depending on the updates received from regulators, law enforcement agencies, authorities, intergovernmental bodies, etc. as well as the  organisations’ expansion plans. MLROs have to keep the relevant employees informed on any regulatory updates related to AML/CFT as well as the level of ML/TF risk associated with a new product, service or technology that the organisation introduces. Special Purpose AML Training should take place as soon as it is practical to do so.


The requirements and expectations with regards to AML that regulators around the world promote are to ensure that all the employees have the required awareness and knowledge of ML/TF risks. To conclude, MLROs are responsible for assessing the frequency of AML training within their specific organisation . Ultimately, training frequency depends on several factors such as an employee’s roles and responsibilities, regulatory expectations, relevant rule changes, and any new organisational developments. As a minimum,  MLROs should ensure that the AML training is conducted once a year for all the staff.   Why Great Chatwell  

Article written by Souzan Esmaili

Associate Director, MENA

Great Chatwell Academy of Learning

What is tax evasion?

Tax evasion, tax avoidance, tax efficiency, tax arbitrage, tax rationalisation, tax management – these are all terms used to describe the various methods of reducing the tax bill of a legal or natural person. But how do you distinguish between them?  What is allowed and what is not allowed?  What happens if you get it wrong? The most simplistic way to think about this is that tax evasion is illegal whereas the others terms refer to activity that is not illegal. It is, therefore, not allowed. So how do you know what is tax evasion or what falls into the not impermissible category? You are not a tax expert.  You are not omniscient.  You do not have a crystal ball.  And tax evaders are not renowned for their honesty and integrity! AND tax evasion covers all types of tax including corporate tax, personal employment tax, inheritance tax, excise duty and value added tax. Tax evasion is a sticky subject with increasingly onerous obligations put on the regulated sector to play their part in its deterrence and detection and failure to have in place reasonable procedures to mitigate the risk of a firm becoming involved can result in the commission of the offence of ‘failure to prevent the facilitation of’ in relation to domestic and foreign tax evasion (Criminal Finances Act 2017). Spotting tax evasion can be difficult enough, but increasingly the powers that be are using the terms tax evasion and tax avoidance interchangeably in an example of regulatory creep - with more and more expected of the regulated sector to form the first line of defence for UK PLC because whilst not actually illegal, tax avoidance involves bending the rules of the tax system to gain a tax advantage that Parliament never intended. It often involves contrived, artificial transactions that serve little or no purpose other than to produce this advantage. It involves operating within the letter, but not the spirit, of the law and is very much on the regulatory radar. So what does that mean for firms? Firms need to take a number of steps to protect themselves from exposure to, and risk of being involved in, tax evasion:
  • Understand the legal and regulatory framework in which you operate. g. do you have reporting requirements under FATCA or the CRS;
  • Identify, understand and assess the tax evasion risks you are exposed to as a firm and areas of vulnerability (clients, employees, products and services, jurisdiction, operating environment, internal governance framework);
  • Understand typologies and risk indicators for tax evasion such as complexity in a corporate structure or choice of jurisdiction known for tax advantage and secrecy laws;
  • Put in place policies and procedures – both preventative and detective; and
  • Educate employees on their obligations and what they must/must not do.
As more emphasis is placed on challenging the legitimacy of avoidance schemes firms must also be constantly horizon scanning for changes to legislation – the upcoming DAC 6 being a prime example of legislation that will expand the remit of regulated firms to report avoidance schemes so that tax authorities can focus their efforts and clamp down on those. Tax evasion, and avoidance are subject to intense legal and regulatory scrutiny with the onus on firm to show that they had in place reasonable procedures to mitigate the risk – reversing the burden of proof. It is therefore imperative that employees understand where they might be at risk and are able to take the necessary action.

What is money laundering?

Much has been written about money laundering and what it actually is – in terms of the concept itself and the offences of money laundering. It seems simple – it has been drilled into employees, in financial services particularly, that money laundering is placement, layering and integration, a three-stage process that seeks to ‘clean’ ‘dirty’ cash – cash typically generated by the drugs trade. Cash is ‘placed’ into the system by ‘smurfs’ acting on behalf of the criminal gangs using a series of ‘structured deposits’ where multiple small deposits are made into various, connected, bank accounts or where different branches of the same banking institution are used to avoid detection. This cash then passes through a number of transactions, property, such as art, might be purchased to add ‘layers’ to the money trail to confuse law enforcement and the ill-gains are ‘integrated’ by being used for legitimate enterprise such as the purchase of a business, which generates legitimate income, having ‘washed’ the original drugs money. Unfortunately, this basic rendition of money laundering is far from the truth.  Even the term ‘money’ laundering is a misnomer. Why? The concept The concept of laundering differs by jurisdiction.  Some jurisdictions will attribute laundering to proceeds of specifically identified ‘serious’ crimes (such as drugs smuggling or corruption), others (like the UK) have an ‘all crimes’ approach and refer to the concept of ‘criminal property’.  Any criminally derived benefit can then, technically, also be subject to UK anti money laundering provisions under the Proceeds of Crime Act 2002. It is therefore not just ‘money’ that can be laundered. The process The three-stage process has its place in explaining laundering but as a model is too simplistic to really deal with the reality of laundering:
  1. Laundering is not restricted to cash generation.  Some acquisitive crimes generate proceeds or benefits that are already ‘in the system’.  Think of tax evasion. You retain the benefit of the tax you didn’t pay. The value of that benefit is subject to laundering laws.  Crimes that generate a benefit already ‘in the system’ obviate the need for placement activity.
  2. It is not necessary to ‘place’, ‘layer’ or ‘integrate’ criminally derived funds to commit a laundering offence.  A laundering offence can be committed by the simple possession of criminal property. If you rob a bank and steal £3,000 and hide it under your mattress you haven’t placed it into the system and you haven’t layered it through multiple transactions.  The funds have not been integrated in any way as they were kept under the mattress. But you have criminally derived property in your possession. You have self-laundered the proceeds of your own crime.
  3. Even if the three-stage process was adopted e.g. by a drugs cartel, it would be almost impossible to identify all stages of the process as different actors play different parts.  What some might see as layering, others might see as integration. It is not a nice, clean process
Summary There really is no ‘one size fits all’ approach to money laundering Money laundering can be simple, or it can be incredibly complex.  It can involve the proceeds of serious criminal activity or what one might consider ‘nuisance’ crimes. The key to understanding money laundering is to dispense with preconceptions about what it entails and to dispel the most common myths that money laundering must:
  • Include cash
  • Take part as a set process
  • Include an actual movement of funds

What is trade based money laundering

Trade, the global economy of import/export, has been described as a ‘readymade vehicle for laundering’. So what is it and how does trade based laundering work? Trade based laundering aims to move value through the use of the financial sector.  It requires collusion by the parties to the transaction and relies of the volumes of global trade being so great that it is difficult to spot.  Difficult but not impossible! There are various ways by which trade can facilitate laundering, and other financial crimes, with documentary trade finance used as a mechanism to lend legitimacy to transactions and value transfer. Scenario 1 Company A and Company B are both parts of a larger organised criminal enterprise.  Company A owes $100, 000 to Company B from the proceeds of criminal activity in London.  They do not want to draw attention to the transaction. Company A operates as a legitimate seller of tribal art and cultural artefacts sourced from Africa.  Company B operates as a supplier of these items. Company A is also involved in the sale of cocaine across London and other major UK cities. How does Company A move the $100, 000 undetected? Company A places an order for new supplies.  The order is worth $50, 000 but the invoice states $100, 000.  Company A pays Company B $100, 000.  An over payment of $50, 000 against the value of the goods. This can be repeated until the full amount owed has been transferred.  This is a typology of trade based laundering known as over invoicing. Scenario 2 Company A places an order for new supplies.  The order is 3000 painted pebbles at a cost of $3, 000. Company A pays Company B $3, 000 but only receives 1, 500 painted pebbles.  An over payment of $1, 500 against the quantity goods supplied. This can be repeated as required. This is a typology of trade based laundering known as variable volumes. These are only two of the ways in which value can be transferred globally using trade.  Other common typologies include:
  • Under invoicing
  • Ghost or phantom shipments
  • Variable goods
Trade can also be misused to breach sanctions, provide funding and resourcing to terrorist organisations, to evade tax or move the proceeds of corruption.  Trade can also be used to perpetuate fraud. Everyday banking facilities such as documentary letters of credit are used by organised criminals to provide a veneer of legitimacy to trade based laundering and financial crime and create a sustainable mechanism for transferring value as required. To be able to deter and detect trade based laundering, financial crime practitioners and front office staff need to understand how the various typologies work and the key risk indicators that there may be laundering occurring. Relevant staff need to understand the importance of knowing not only the customer in order to detect potential criminal activity, but the other actors in a trade transaction and the key points of vulnerability throughout the transaction lifecycle. On going due diligence and transaction monitoring is key to the detection of trade based laundering and an understanding of the specific vulnerabilities of the various documentary trade finance products is vital – much is written about the documentary letter of credit but that is only one of a number of products that can be utilised by launderers.

What is Bribery and Corruption

Often spoken about as partners in crime (pun intended), bribery and corruption are not the same.   Corruption is the umbrella term for various activities conducted by those in positions of power, quite often those with political power, by abuse of those powers entrusted to them.  Bribery is, perhaps, the most commonly cited form of corruption but the concept of corruption is much wider and is not restricted to the politerati. Fundamental to identifying and mitigating corruption risk is an understanding of corruption in its various guises. A particularly hot corruption topic is that of graft – where those in political authority use that authority for personal gain.  This might take the form of diverting state assets for personal use, awarding state contracts to cronies and family-owned business or by activities such as rezoning development land from commercial to residential to benefit from the higher returns on residential development.   The UK is currently under a great deal of scrutiny by anti-corruption bodies such as Transparency International for its role in laundering the proceeds of graft by foreign politicians leading to significant changes in UK law to help identify property with illicit origins (see Unexplained Wealth Orders and the Criminal Finances Act 2017) Corruption may be termed as ‘petty corruption’ such as the waiving of a speeding ticket for a small payment – although this could lead to bigger issues should an accident happen as a result of excessive speed; or corruption may be termed as ‘grand (political) corruption’ whereby the effects are significant e.g. changing or implementing laws to benefit from that change, e.g. passing a law to grant immunity from prosecution for MPs under investigation for corruption Corruption also occurs in the procurement process, where kickbacks might be offered or provided to secure contracts e.g. for the provision of services or might be requested in return for favourable treatment. As probably the most recognised form of corruption, bribery can take many forms and is not restricted to cash payments in brown paper envelops.  A bribe is anything that might ‘induce’ improper performance and can take the form of, for example, gifts and hospitality, providing employment for a family member or making introductions to (other) influential people. In some instances, jurisdictions take a different view on what constitutes ‘corruption’ with ‘facilitation payments’ causing divergence between UK and US law with the US Foreign Corrupt Practices Act seeing them as ‘grease’ payments to expedite a process and permissible as long as they are recorded in a firm’s books and records; and the UK taking a much harder stance and deeming them impermissible as a form of corruption.  Understanding differences in jurisdictional law is essential to avoid the commission of a corruption offence, as is understanding the reach of jurisdictional law which, in respect of the UK and the US, is extraterritorial in reach. Most forms of corruption have the common themes of secrecy, collusion and personal gain which can provide those in the regulated a thread to pick at in terms of detecting the proceeds of corruption – if they are empowered to recognise them.  Firms therefore must understand and be able to identify the risk indicators for dealing with the proceeds of corruption and have in place adequate procedures to deter the commission or perpetuation of corrupt activity internally.

What is Terrorist Financing?

What is terrorist financing? Terrorist financing, as a concept, is concerned with the provision of funding or resources to proscribed terrorist organisations.  The devil, however, is in the detail, e.g.:
  • There is no internationally agreed upon definition of terrorism with different jurisdictions disagreeing with which organisations are deemed to be terrorist in nature.
  • Terrorist financing does not just refer to money.  Resources such as equipment, shelter or identification documents can also be captured within the terrorist financing umbrella.
  • The funding or resources do not have to be allocated to a specific act or terrorism e.g. the organisation could use them to provide health care for dependents of terrorist fighters.
As with other types of financial crime, terrorist financing continues to evolve.  Once described as ‘money laundering’ in reverse with a staged process (generation, aggregation, transfer, end use) ascribed to it; as with money laundering, terrorist financing is not that simplistic. To complicate matters further, terrorist financing can often look and smell like money laundering as financiers use many of the same methods and mechanisms to move value and hide its origin or ultimate destination (such as shell companies, complex structure, nominees or proxies) or, conversely, terrorist financing, and specifically resourcing, might not be detectable at all. Raising funds Funds can be raised from legitimate or criminal enterprise.  Historically, funds have been raised via charitable donations – either overtly from donations made by the donor who knows that the funding is going to support terrorist activity or covertly where the trust and generosity of donors is abused, and funds are funnelled away from legitimate charity work. Increasingly, terrorist groups have been identified as engaging in criminal enterprises such as the sale of weapons or narcotics to provide a steady source of illicit income, alongside looting, extortion, kidnap for ransom and the sale of stolen artefacts or commandeered commodities. Lone actors, also known as ‘lone wolfs’, and smaller groups and cells of disaffected individuals have also been known to raise funds by taking out loans or credit cards or by fraudulently claiming state social benefits. When it comes to raising funds, terrorist organisations, or lone actors representing them, are limited only by their imagination in what is an ever-evolving digital world. This new age of technology and social connectivity has provided a new pool of funding from methods that include crowd funding and simple appeals to sympathisers to pay using prepaid cards, international payment systems and more recently using cryptocurrencies. The challenge for compliance practitioners and front office staff is to learn more about these typologies and keep abreast of new and as yet unreported newer sources of finance. Value Transfer A key concept to consider when addressing the question of ‘what is terrorist financing’ is that ‘value’ can be made available to using financial and non-financial means.  There are many mechanisms by which ‘money’ can be collected and sent, e.g.:
  • Wire transfers
  • Prepaid cards
  • Physical cash
  • Cryptocurrencies
Equally however, value can be provided in the form of goods and services which can be sold to generate funding. Some of this value can be transferred through the unregulated sector, sometimes referred to as the ‘Hawaladars’, whilst there is increasing evidence to prove that value is also moving across international borders through the abuse of international trade and documentary trade finance. Case examples include designated terrorist groups ‘taxing’ exports of charcoal from Somalia, or through the importation of goods in to West Africa. Of course, the most simple and effective way of moving value to a terrorist is to purchase commodities in one jurisdiction and send these in a container for sale in another jurisdiction, with no invoice being submitted by the exporter to the importer. No paperwork, no payments between banks and limited scrutiny by any third parties! The challenge Often the poor partner and subject of training behind money laundering, there is an opportunity for compliance practitioners and relevant front office staff to enhance their personal performance and contribution to detecting and disrupting terrorist financing by:
  1. Taking steps to understand more about what we mean by terrorist financing and terrorist resourcing (
  2. Developing personal skills and awareness of the risk indicators that may indicate terrorist financing and resourcing,
  3. Analysing terrorist financing in a more modern way, recognising that the sources include many different criminal and non-criminal sources, and challenging pre-conceived ideas
  4. Including commodities, international trade and goods that have a dual-use ad purpose in the risk assessment of what terrorists require to commit their crimes and atrocities.
Summary What is generically referred to as ‘terrorist financing’ is not simply money laundering in reverse and it does not occur in nice, neat stages of a set process.

Happy Birthday to Bitcoin, but what will we see in the next ten years?

| ,

“Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model. What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party. Transactions that are computationally impractical to reverse would protect sellers from fraud, and routine escrow mechanisms could easily be implemented to protect buyers. In this paper, we propose a solution to the double-spending problem using a peer-to-peer distributed timestamp server to generate computational proof of the chronological order of transactions.”

Taken from ‘Bitcoin: A Peer-to-Peer Electronic Cash System’, by Satoshi Nakamoto

Bitcoin ("BTC") was issued ten years ago and is still polarising risk and compliance professionals. Whether you believe that it is a force for good, or that it is simply a disruption that we could have lived without, there is no doubt that it is here to stay.

So, what can we expect in the next ten years?

I predict a very different future, with global standards and regulation adopted, even in those jurisdictions that are currently prohibiting its use. Why? To prevent regulatory arbitrage and to enable new challenger firms to harness the opportunities that are presented by blockchain.

We will have a regulated and unregulated sector, rather like we have today with banks and 'Hawaladers', and we will continue to have to manage the risks in havens of secrecy that are offered by Altcoins, rather like we do today when payments and value passes or is held in jurisdictions with higher levels of data security. According to the risk based approach, there will be adoption of global standards in how to identify and detect 'shell banking' risks that will be applied, just as we apply these today to manage correspondent banking risks and third party reliance. In short, the risks of managing value transfer will be the same, but look different, because the nature and aims of criminals will largely remain unchanged. 'Old crime, new technology'! We will be required to find a way forward.

In my crystal ball I also see coins published by major financial institutions, jurisdiction coins such as 'ruble coin' and new players from hitherto undisclosed new entrants. The name of BTC has become synonymous with 'crime' simply because criminals have acted faster than regulators to utilise its features, but would you be more inclined to trust BTC if it was actually released under another name by for example Microsoft or Apple to support financial inclusion and was supported by Bill Gates for good causes? We trust their devices and use them to convey messages and critical personal data, so why not value?

Whatever the future holds, it is going to be interesting, and I very much hope to be part of history, and to have the opportunity to witness the changes and evolution of this fascinating and exciting technology over the next ten years!

Thank you Satoshi Nakamoto!

A perfect regulatory storm is brewing

| ,
The British are obsessed with the weather, it dominates our conversation, our lives and recently the news headlines. Apocalyptic weather has been reported in Central America, the Caribbean Islands and across the state of Florida, whilst in Asia devastating rains and flooding have killed and displaced thousands of impoverished people from India, Pakistan, Nepal and Bangladesh. These are truly tragic events with huge human impact, but whilst these events have been characterised as ‘once in a lifetime events’, they are to some extent predictable but unavoidable as it seems nature asserts its authority over human development. Predicting a storm in financial services is rather more certain as most of the regulatory events are planned and therefore you might expect that the risks are therefore avoidable. But my eye and attention has been drawn to what I can foresee could be a series of events over the next six to nine months that presents a perfect regulatory storm, with serious financial and regulatory consequences for those who are not watching the regulatory ‘charts’. Tropical Disturbance leading to Depression. A period when dark regulatory clouds form. On 1st September 2017, the UK government provided guidance on how to meet the requirements of the UK Financial Crime Act that will take effect on 30th September.1 In brief, this powerful new law brings significant additional legal, criminal and therefore reputational risks to firm’s due to the strict liability and extra-territoriality of the legislation. Whilst bearing a resemblance to the Bribery Act from 2010, this law deals with a different predicate offence, the facilitation of criminal tax evasion by employees and ‘associated persons’, and places an emphasis on firms to ensure that they have in place procedures to prevent these persons from facilitating the evasion of UK and foreign taxes and duty. Lining up behind new powers of enforcement that can be used even when the firm has no knowledge of the offence and where no criminal prosecution for the tax evasion is required, are the SFO, NCA and HMRC. Having heard a presentation from Simon Airey this week at the London MLRO’ conference, it appears that those businesses that have previously been party to allegations of facilitating tax evasion, but which could not be prosecuted, are firmly in the cross hairs and we can expect some early action. And this is where things start to get interesting, because it is entirely foreseeable that the authorities will be aware of these tax crimes, well before the banks and firms who manage the affairs of these offending companies. Increasing coordination and sharing of information between law enforcement agencies and local regulatory supervisors is to be welcomed and encouraged if there is to be any improvement in law enforcement attempts to deny access to criminal proceeds. However, it is not inconceivable that a regulated firm may now receive and be required to manage both a criminal enquiry and a regulatory inspection relating to the management of tax evasion risks. Let’s hope some common sense prevails in the most part. Thunderstorms, lightening and heavy rains leading to a hurricane status. The mood darkens. Given that there is a presumption of guilt under the UK FCA 2017 that the firm must then defend with demonstrable ‘reasonable procedures’, I can foresee some choppy water building here that will increase to form a ‘depression’ when tax information between jurisdictions under new information exchange agreements is added to the mix. The high winds being provided by the Criminal Finance Act 2017 are going to be intensified by the first tranche of reporting by the early adopters under the Common Reporting Standards. After the G20 meeting in London in 2009, there has been a great deal of movement to combat tax evasion, at least outside of the states of Delaware and Wyoming et al in the USA. In May 2014, the Standard for Automatic Exchange of Financial Account Information, commonly referred to as the Common Reporting Standards (‘CRS’), was entered in to by 47 countries. Today more than 140 countries have agreed to share ‘reportable’ details that include:
  1. Name, address, Taxpayer Identification Number;
  2. Date and place of birth of each Reportable Person;
  3. Account number;
  4. Name and identifying number of the reporting financial institution; and
  5. Account balance or value as at the end of the relevant calendar or closure if earlier
From September 2017, that’s right, at exactly the same time the UK FCA 2017 is implemented, more than fifty early adopters will be sharing highly private and confidential information as part of the biggest international data exchange the world has ever witnessed. Quite aside from the likely impact that this current information will have to support greater scrutiny from HMRC, and therefore the level of investigative and operational resource that will be required to be employed within regulated firms to meet this level of scrutiny, the sheer size and scale of such a data exchange is truly staggering and brings unprecedented cybercrime risks at a time when we have just been appraised of yet another significant reported theft of data in the USA by Equifax. Consider for a moment what the impact could be if any of this new CRS data, much of which is being sent from emerging market jurisdictions with potentially less robust systems and infrastructure, falls in to the wrong hands, courtesy of an aggrieved employee, dissatisfied government official, hacker or through simple negligence. Whilst we should applaud attempts to shine a light in some of the darkest and most secret tax havens of the world, the risks that accompany this trade in personal data comes with a significant threat of someone catching a cold. If the limit of the current reported disclosure of Equifax client information is contained and ONLY affects 140 million customers in the USA, just how will identity verification be performed for these customers when the details of their school, mother’s maiden and the fact that their first dog was called ‘Bounce’ are already available on the dark web. What then? Heaven forbid we then have new data protection laws introduced in May of 2018 that stiffen the maximum fines and strengthen the enforcement action that may be taken against data controllers and processors who fail to secure their client details and assets! Stay inside, batten down the hatches and be prepared! Most of us will not have the privilege and good fortune to ride out this regulatory hurricane in our wine cellars. Regrettably, I fear that some of us in the regulated sector, and I do genuinely fear for some of the accountable persons under the SM &C regime, will not only get wet, but may be displaced far sooner than was anticipated unless some considerable time, effort and resource is put in to performing robust risk assessments to guide and mitigate these risks. Whilst this vision for the coming year may appear a little morose for some, a good look at the facts and the momentum that is being built around transparency, accountability and consequence management, should I hope, incentivise boardroom management to provide the resource that is going to be required to prioritise and manage these very real risks. 1

The fight against crime is too important to leave the status quo as it stands.

The elephant in the room! I have observed with increasing unease and frustration for some time now how despite the very honest and diligent efforts of the band of brothers and sisters in the financial crime compliance profession around the world we appear to be losing the war on illicit finance, and how in our desire to explain why this is the case we appear to be overlooking two crucial factors that I believe may explain our suggested inadequacies. The first is that we continue to under estimate the intelligence, drive and guile of professional enablers and illicit actors to protect and preserve their wealth. I do not respect or in any way wish to trumpet the competence of criminals, but the simple truth is that they continue to lead the way in how to structure new, but often wonderfully simple ways, to move value using new technologies and products in a way that the product designers and developers simply did not anticipate. Whether laundering value by selling ‘authored’ books through Amazon, or by utilising this ‘new’ technology called cryptocurrency (including Bitcoin that has now been with us for almost a decade) or the more obvious use of traditional international trade and finance, we continue to miss the substantial part of this global and transnational criminal enterprise. At times I believe that we appear too honest, almost unwilling to think like a criminal. More often than not in training workshops, I meet with right-minded compliance professionals who simply cannot construct even the most basic criminal money laundering case studies. My long-held belief is that you need to think like a poacher to be a better game-keeper and until that happens we will continue to be on the back foot, responding to reports of historical criminal conduct, rather than actively seeking to anticipate and disrupt this threat. My second and more substantive concern, and one that I feel has not yet been addressed by the wider financial crime compliance community with sufficient enthusiasm due to prejudicial thinking is what I characterise as an ‘uncomfortable truth’. This is the continuing failure to shine a light on those OECD jurisdictions that warrant closer and more forensic examination relating to the failure to apply enhanced rigour around customer due diligence and beneficial ownership rules. Just how many OECD countries are listed as ‘high risk’ on firm’s country risk assessments? When was the last occasion that FATF listed a ‘primary’ member as higher risk due a persistent failure to comply with the FATF Recommendations that have been with us since 1989? Let’s call one of these jurisdictions ‘XXX’, for no other reason that I watched a Vin Diesel movie last week and it has star appeal. This is the report card for jurisdiction XXX that has been taken (rather selectively I concede, but nonetheless honestly) from a series of authoritative papers and journals that have been published between 2009 and 2018: 1999 – ‘Private Banking and Money Laundering: A Case Study of Opportunities and Vulnerabilities'2 a report to the Committee on Governmental Affairs: “Despite increasing international attention and stronger anti-money laundering controls, some current estimates are that $500 billion to $1 trillion in criminal proceeds are laundered through banks worldwide each year, with about half of that amount moved through XXX banks.” 2014 - ‘Global Shell Games’ - a look at the misuse of incorporation services to disguise illicit activities and the results of an approach made to 4,000 services in over 180 countries to discover just how easy it is to form an untraceable company using corporate service providers: “Against the conventional policy wisdom, those selling shell companies from tax havens were significantly more likely to comply with the rules than providers in OECD countries like XXX” 2015 – National Risk Assessment for XXX, the following financial crime risks were reported: ‘About $300 billion is generated annually in illicit proceeds. Fraud and drug trafficking offenses generate most of those proceeds” 2016 - Financial Action Task Force Mutual Evaluation Report: “...the lack of comprehensive AML/CFT supervision for other designated non-financial businesses and professions is a significant supervisory gap. The authorities have a good understanding of the risks of complex structures of legal persons and arrangements being used to hide ownership and launder money. However, serious gaps in the legal framework prevent access to accurate beneficial ownership information in a timely manner. Fundamental improvements are needed in these areas.” 2018 February 6 Acting Deputy Assistant Attorney General M. Kendall Day of the Department of Justice, Criminal Division, testifyingbefore the Senate Committee on the Judiciary stated that: “[t]he pervasive use of front companies, shell companies, nominees, or other means to conceal the true beneficial owners of assets is one of the greatest loopholes in this country’s AML regime.” On 11th May 2018 ‘new and enhanced’ customer due diligence measures (CDD Rule 17) were introduced in country XXX that require that all NEW account applications must be supported by the identification of 25% plus beneficial owners, and one other ‘significant person’. There is no requirement to seek to identify the ownership of any other existing account holder unless the firm is suspicious. (Note, this was announced at least 18 months previously, thereby giving notice not only to the regulated sector but also to our risk-averse and bright criminals, who will have no doubt have taken the opportunity to manage their transaction flows to ensure that there is no change or unusual activity post May 2018 that might prompt a fresh investigation on who owns the business.) 11th June, ‘Counter Terror and Illicit Finance Act’ - In the very latest attempt to close these loopholes, new legislation has been presented at a Federal level that originally included measures to enhance beneficial ownership transparency, however it appears that after some very effective lobbying by some key affected parties, these measures have been diluted to the following: “SEC. 10. STUDIES AND REPORTS. 11 (a) BENEFICIAL OWNERSHIP —Not later than 2 years after the date of enactment of this Act, the Comptroller General of the United States shall conduct a study and submit to the Congress a report— evaluating the effectiveness of the collection of beneficial ownership information under the CDD 17 rule.” So, there we have it. Eighteen years after the risk was first brought to the attention of the world and the government of XXX, we shall have to wait another two years for a ‘study’ to be performed, no doubt subject to extensive review and ‘refinement’, that may see the light of day in the 2020’s. Who continues to benefit from this unsatisfactory position? To say that this faltering performance is disappointing might be considered to be a carefully guarded understatement at a time when there has never been a more important time to apply global standards. Jurisdiction XXX has size, scale and a clearly documented persistent higher risk of handling the proceeds of crime, yet I have observed little or no commentary at a supranational level, much less at FATF, that would indicate that there is any appetite to move jurisdiction XXX to the so-called grey-list, or to a higher risk status. Why is this the case in the face of significant and meaningful data that would support such a move? The simple and honest assessment is that jurisdiction XXX has financial size and scale, and there is no appetite to compromise commercial opportunity and established relationships by addressing some of the most fundamental challenges that we face in the financial crime compliance industry. If jurisdiction XXX was anything other than the most powerful OECD jurisdiction, then this jurisdiction would have been swiftly placed on to the Patriot Act Section 311 ‘Primary Money Laundering List’, but it can’t be because jurisdiction XXX is the very same jurisdiction that lists these threats! We continue to witness much smaller ‘offshore’ jurisdictions being lambasted and made pariah states, because of the inference that their under-performance is the key to unlocking the glaring inadequacies of the current global regime. The current list of ‘non-co-operative’ tax jurisdictions that has been put-together with a level of thought and analysis that does not stand up to any close scrutiny, and that reads like a teacher conveniently picking on the ‘rather portly chap in the playground’ on school sports day, is yet another example of how it appears that the fight against criminal conduct has regrettably been reduced to political posturing. The factors that drive jurisdiction risk continue to be driven by factors such as; sanctions; crime; terrorism and almost inevitably to those states that are listed at the ‘red-end’ of the Transparency International Corruptions Perceptions Index, where war, famine, chronic economic instability and weak judiciary lead public officials to continue to be susceptible to an offer of a bribe. The fight against crime is too important to leave the status quo as it stands. We need to challenge ourselves, our people and our leaders to think more actively and to address the elephant in the room. We need to think like a criminal, and to truly address the risks that will have the greatest impact on the detection and seizure of illicit activity. There is a wonderful phrase that I observed being used previously, also by GFI. It reads simply ‘hiding in plain sight’! (Please note that my view of my dear old United Kingdom, and to that matter several of the other OECD nations is the same as for XXX. There is no prejudice in my views on this point!) [1] [2]

Develop a practical understanding on how to manage financial crime risks

Great Chatwell Academy of Learning is running a public workshop on the 2nd August - An Introduction to AML and CFT. Enrol today for £199. Alternatively, view all of the Academy's financial crime compliance workshops here. 

The Realistic Challenges of PEP Determination – Is It Time for a Change?

At the moment, people in perceived positions of power and hence potentially vulnerable to corruption must be flagged as a PEP including their spouses, close associates and family members.  Okay, I get that.  Because you can have a public figure who abuses their power and co-opts friends and family members to help them stash the funds siphoned from the public purse. Here’s the problem.  Since the release of international guidance on PEPs and its application, we have come to realize that its application and ongoing maintenance is starting to cause a challenge in certain cases. The PEP list just keeps getting bigger and longer.  People get added as PEPs, but no one is ever deleted. Ever.  Kind of reminiscent of Hotel California – “You can check out any time you like but you can never leave.”  In other words, a PEP may leave public office but they must remain on the PEP list and be treated as a high risk customer – for life! Have you heard “Once a PEP; always a PEP”?  Yes, me too.  But the big question is:  how does a PEP ever get off this list? Now that we have several years under our compliance belts of trying to deter and detect corruption to make our world a more transparent and legitimate economy, we are feeling some pain.  Many of us have come across individual cases where we feel they should be able to come off the PEP list.   It may be that someone has retired from the PEP position many moons ago, is aging and in poor health or is no longer connected or moving in those types of political circles. Let’s step back.  Why do we have to determine who is a PEP? Some say it is thanks to Sani Abacha.  Remember him?  Yeah, that’s right. The former military dictator of Nigeria who in 5 years – yes, just 5 short years from 1993 to 1998 – managed to stash away a reputed £5 billion from the public purse into foreign bank accounts. Wait! Do the math on what that equals daily. Pretty crazy stuff.  Given what his military salary surely should have been, it was easy to realize that he had his fingers in the cookie jar. He is known as the 4th most corrupt leader in recent history. So now we screen for PEPs.  Thanks Sani! Sani Abacha managed to stash away a reputed £5 billion from the public purse into foreign bank accounts.   Now that we have seen how corrupt some can be, why am I arguing for taking people off the PEP list? Because here is a simple, albeit a cheeky reality that some may be able to relate to.  Let’s say you were married many years ago to a PEP and as such you were also tagged as a PEP because you were their spouse.  Over time you have felt the joy, I mean challenges of the increased scrutiny and enhanced due diligence in your ongoing financial dealings.  But the kicker is that you have been divorced from that PEP for several years.  As a matter of fact, things are so acrimonious that you have not had any desire to have contact with or even lay eyes on the ex (for good reason) for a long time.  Yet… you are still flagged as a PEP.
  • Is that fair?
  • Is that realistic?
  • Is it truly necessary?
Given the current nature of your relationship, you surely are not going to help them stash bribery money.  Nor would you be high on their list of people to turn to for assistance in stuffing the family coffers. So yes, it feels to me like it is high time to see an amendment to all international and domestic regulatory guidance. Allow us to be able to apply common sense and treat certain special cases differently by removing their PEP status if you have a documented, valid reason to do so. In the UK there was a bit of movement in 2017 whereby clarity was released regarding the treatment of PEPs, how long they should be flagged as PEPs once they leave office, and that families are to be removed immediately after they leave office (see FCA guidance FG17/6).   Will other countries follow suit and will we see these allowances broaden even further? Article Written by Glenna Smith Managing Director of Smith Compliance Consulting (SCC) Inc. Bio: Glenna Smith is Managing Director of Smith Compliance Consulting (SCC) Inc., a Certified Anti-Money Laundering Specialist (CAMS), holds an Advanced Certificate in Managing Virtual Currency and Financial Crime Risks, and the President of the Barbados Association of Compliance Professionals. Glenna worked as a Compliance Officer facing regulators and managing inspections. She has gained wide and in-depth knowledge in compliance, operational risk, corporate governance and legislative matters over 30 years in the financial services sector.

“Land Ahoy!”

| ,
The unchartered and unregulated seas of virtual currencies have until now provided rich pickings for those peddling illicit goods, sanctions and tax evaders and money launderers. With the notable exception of the rulings provided by FinCEN and the ‘Bit Licensing’ of the NY DFS and a few other states in the US, the response and narrative that has been provided by international regulators to the use of virtual currencies (“VC”) could be characterised as being reluctant, and in many cases still absent. And so, the criminals in the form of pirates have prospered from unfettered intervention. To regulate or not to regulate, that has been the question for international government and financial service regulators, but finally in 2017 we have seen a sea change, and the reluctant acceptance and acknowledgement that the status quo could not continue unchecked. During the tail-end of 2017 we saw the regulation of VC exchanges in Japan from 1st October (in the form of amendments to the Act on Prevention of Transfer of Criminal Proceeds (Act No. 22 of 2007)) and not long after on 13th December we learned that the AML and CFT Amendment Act had received Royal Assent in Australia, recognising digital exchange activities and bringing these activities under the supervision of AUSTRAC. Seven days later, and not wishing to miss the boat, we received notification that an agreement had been reached between the European Parliament and the Council on the text of the amendments that have been proposed to the Fourth EU Anti-Money Laundering Directive (the so-called AMLD 5) that was proposed by the European Commission back in July 2016. And so, in twelve short weeks we have witnessed not one, but three significant milestones in regulatory developments that cast a net around the VC pool of activity that touches upon fiat currencies, and that signals a new phase of regulation for VC operators. And there will be more from South Korea, maybe one day even in the UK. It signifies the emergence of common standards for regulating virtual currencies that was first muted by the Financial Action Task Force back in June 2015.

What does this all mean though?

Well, the semaphore has been hoisted and appears to signal to all except those who wish to continue to exercise ‘Nelsonian wilful blindness’ that VC is here to stay. That notwithstanding the sporadic and unwelcome raids by ‘Dread Pirate Roberts’ and his shipmates, VC has achieved a degree of recognition and grudging acceptance by the establishment. It also signals a welcome start to the process in the adoption and implementation of global standards for AML/CFT regulations that will be applicable internationally to VC exchange activity and providers of custodian wallet services, in the same way that they have been applied previously to sectors such as gambling services and the money value transfer sectors of the economy. Critically, this means that those persons and entities who are actively engaged in the exchange of VC with the fiat currencies, and who wish to continue to swim in these waters, must decide whether they wish to plan and prepare to meet the challenge of being authorised, and operate within the formal regulated sector, or else migrate and lurk within the unregulated sector and run the gauntlet of being identified and criminally prosecuted later on. For those who choose to operate lawfully there is likely to be some considerable commercial opportunity, as most ‘marginal’ players in the current market will either gather their tackle, and stop operating or else ‘go deep’. The obvious difficulty for governments is that those who choose not to comply with regulations, and who intend to use Bitcoin for example for illegal purposes, are likely to; operate on a peer to peer basis that avoids the use of exchanges altogether; or will utilise other well-documented means of disguising their identity and location. It is likely however that those who do choose to avoid the costs, intrusion and disclosure that is required in order to seek authorisation, are likely to face a significant risk of personal and corporate prosecution as regulators and representatives of law enforcement ‘hunt-down’ illicit operators.

Just how realistic is this threat?

In July 2017 FinCEN assessed a $110 million fine against BTC-e, a non-US Internet-based money transmitter that exchanged fiat currency as well as the convertible virtual currencies Bitcoin, Litecoin, Namecoin, Novacoin, Peercoin, Ethereum, and Dash.  FinCEN also assessed a fine against Russian national Alexander Vinnik, one of the operators of BTC-e, for his role in the violations. This does not appear to have been a one-off event. This is what the US Under Secretary for Terrorism and Financial Intelligence, Sigal Mandelker, recently stated about VC operators who choose not to comply with regulatory requirements: “The effectiveness of this (AML/CFT) structure depends on compliance by the regulated entities, and so we aggressively pursue virtual currency exchangers and others who do not take these obligations seriously.” If that was not enough to dissuade errant behaviour, it was disclosed that FinCEN has prioritized engagement with, and is examining, more than 100 VC entities who have registered with FinCEN as money transmitters as required, as well as those that have not. The message is clear for firms who wish to continue to prosper in the VC markets. They should prepare now for authorisation, and take steps to implement the policies and procedures that are required to guide firms to be compliant, and that keep them out of harms way! Any decision not to do so would appear to be both commercially disadvantageous, and dangerous. Just ask ‘Dread Pirate Roberts’ of Silk Road fame, and Alexander Vinnik! The one issue that I believe will require careful consideration, and which will be interesting to monitor, is whether the regulated sector and in particular the banks, are actually willing and able to accept their newfound bed-partners. What will the response be from banks when these operators seek to bank the proceeds from their lawful regulated business? Up until now the banks have been able to deflect this responsibility on the grounds that the activity is not recognised, but what will the rationale be thereafter. There is already evidence from Australia that regulated VC operators are finding it difficult to open accounts. The FATF and the FCA for example are alert and sensitive to the issue of -de-risking, and noted that banks should not decline to provide services to VC businesses who offer blockchain related technology, rather than fiat exchange services. A glimpse in to the future for those seeking the safety of dry land should look no further than to Japan, where I have been able to witness first-hand how the regulated sector and the VC sector appear to have reached a degree of accord and understanding that means that the aims of all stakeholders are being satisfied. It is going to be an interesting year of change and opportunity, and that must be monitored, and one in which I for one look forward to keeping my feet dry. Lee Byrne is the Global Head of Financial Crime Compliance for Coinfirm Limited

Pointing a finger of suspicion?

| ,
When a piece of art sells for a world record fee of $430 million, and your first thought is that this represents a perfect case study for money laundering, you start to think that you may have been in the financial crime compliance profession for too long. When, having looked in to the matter in more detail you identify that the artwork rose in value from $10,000 in 2005 to $430 million in 2017, you start to doubt your cynicism. And when the seller just happens to be a Russian billionaire who has previously been charged and arrested for a contract killing of a business associate, but was acquitted when the only living witness recanted their story, well (without inferring that anyone is a criminal) you just know that this is a great case story. The over-invoicing of artwork to move value is a well-known ‘money’ laundering typology. It is highly successful in that the value of the art is determined between the buyer and seller, and the higher the price, the higher the agent fee! So, all parties are deliriously happy. And of course, sometimes, just sometimes, they hang it on the wall in their homes. You rather hope that those connected with this sale have completed the enhanced due diligence that one might expect to be performed under the Money Laundering Regulations. They might even file a defence against money laundering, but judging from the latest UK National SAR report for 2017 I doubt it because out of a total of 419,451 SARS that were filed across the regulated sector, 10 (yes, I mean TEN) were filed by auction houses! What this sale has done is to set the benchmark and raise the financial threshold for the onward sale of all other artwork in the future, thereby raising the ceiling for all future over-invoicing. And so, it goes on. So, whilst the world looks on with awe and wonder, and those in the room cheer excitedly as they witness this fine achievement, you’ll have to forgive me if I save my applause for another day. I may make one concession however, and make an art purchase of my own. A simple and inexpensive wall-mounted plaque whittled from wood with the words ‘hiding in plain sight’ chiselled upon it would seem appropriate. Who knows what that could be worth tomorrow!

Newsletter Sign Up

Learning awarded in association with the
University of Gloucestershire

Privacy Policy | Terms & Conditions | Legal | © Copyright 2020 Great Chatwell Academy of Learning | All rights reserved

Website crafted and maintained by NDM Creative part of the NDM Hub group.

All About Me - Login