Punishment

The FT – and many other media following – report the record $ 56bn in fines for the banking industry over 2014. To put it in perspective, the author mentions that this amount is “the equivalent of the gross domestic product of Croatia”. That sounds like a lot although Croatia makes up only 0.05% of the world population, so maybe $56bn is not that much.

At the same time fines are handed to a few big banks only – BNP was fined a substantial portion of this amount on its own. Banks from India, China, Japan or smaller banks have sofar hardly been fined, so does that mean that everything is in perfect shape?

In Malaysia earlier in the year in his opening address to a financial crime conference we could hear Roger Wilkins, the President of the FATF quote Machiavelli, stating that nothing draws attention as a dead body in the town square at lunch time…

Fines are handed (long) after the fact and they focus the attention of decision makers in financial institutions on money. Both aspects don’t help to prevent financial crime, to change the culture in organisations or increase awareness of staff and management alike.  

Maybe more fines are unavoidable but the industry would benefit from punishment in other than just monetary form – think of community service for offending bankers - and other measures to prevent finanical crime from recurring.

I wish everyone a good start of 2015.

Rolf

Plumbing

Some thoughts after reading an article in The Economist last week, about the pros and cons of using SWIFT in enforcing international sanctions (http://www.economist.com/news/international/21633830-blocking-rogue-states-access-worlds-financial-messaging-network-potent-measure).  An interesting article, basically highlighting the dangers in ‘cutting off’ whole states or nations from international payment infrastructures, under political pressure.

The article describes that polital pressure is exactly that: political. And what is politically correct for the US (isolating Russia for its intervention in the Ukraine) is not for others. The other way around: what’s politically correct for China (excluding Taiwan from SWIFT access) would not be for other countries. Targeting individual banks or financial institutions which have committed crimes is of course different, that’s directly related to terrorism prevention. Although even in that field there are differences of opinion, to just name 1 example: what is terrorism to Israel is a freedomfight for Hamas….

It points out as well that shutting out nations by using SWIFT in that way could lead to the creation of a rival. What the article doesn’t touch on is the fact a rival already exists…… it’s called bitcoin.

If bitcoin is here to stay, is left to be seen, but fact is that it has found a place in the international payments industry. Bitcoin is still used as an instrument of speculation by many, but focusing on that alone is ignoring the fact that actual transactions take place in bitcoin. Half of which are linked to China. No doubt that there will be legitimate transactions in bitcoin but it would have been worthwhile to understand more about the nature, beneficiaries etc. of (certain) bitcoin transactions.

Unfortunately, unlike SWIFT which can give legislators and enforcement agencies access to transaction details, bitcoin cannot. Creating that access would greatly help the standing and acceptability of bitcoin as a transaction currency.

My view: infrastructure is neutral and should stay that way. Don’t shut down the highway for all white cars just because OJ Simpson drove one…

AML/CFT Puzzle or Mystery

Reading the article “Open Secrets” by Malcolm Gladwell (published in 2007, but reprinted in his bestseller “What the dog saw”) about puzzles and mysteries makes me wonder if there are any analogies with the field of AML/CFT.

His basic line of thinking is that “a puzzle grows simpler with the addition of each new piece of information”. He uses a few historic cases like the Watergate scandal and the search for Osama bin Laden as classical examples of a puzzle. And he uses the Enron disaster as an example of a mystery. Enron used – amongst others – Special Purpose Vehicles to inflate revenues; they used thousands of them. But all information about these SPV’s was disclosed; the journalists starting the investigations had access to all data. The problem was not a lack of information, the problem was an overflow of information. Information that was not only overwhelming in quantity but also in complexity.

Relating this to CFT we’re often dealing with partial hits if we’re filtering transactions. In that case we need to solve a puzzle; we need more information to determine if we’re dealing with e.g. a black listed beneficiary.

In AML processes however we’re more often than not dealing with mysteries… We have lots of transaction information at our disposal but we cannot detect a pattern that indicates we’re dealing with a money launderer. We have all information about a PEP we can possibly think of, but we cannot properly assess the risk that this poses for our organization. We have risk information and corruption indices of all countries our clients operate in and yet we have difficulty to use that information to allocate an adequate risk rating to our client.

The key learning point is that dealing with a puzzle differs from dealing with mysteries. The approach needs to be different and the mindset of people needs to be different. A puzzle requires a black-or-white approach; hit or no-hit; the transaction is blocked or not. A mystery needs a risk based approach, an assessment of different bits and pieces of information and an investigative mind that can connect-the-dots and can think out of the box.

In our design of processes, allocation of tasks, segregation of duties and training approach we should remember the characteristics of the tasks at hand.

Regulatory risk at BNP

We all talk about regulatory risk often and regard it as something important. And it is. However, the following excerpt from an article from the Bloomberg Review on July 1, 2014 illustrates what happens if you limit your focus to regulatory risk. 

“But obviously BNP Paribas did not care about obeying U.S. sanctions against Sudan. It cared about not getting caught violating those sanctions, of course, and it is sad -- or whatever the bank equivalent of "sad" is, "less well capitalized" I guess -- that it did get caught. But the sanctions just had no moral bite with BNP Paribas. It did not occur to anyone there -- even in the compliance department -- that Cuban companies shouldn't be allowed to transfer money from one French bank to another French bank, because of U.S. law. That struck BNP's bankers as a dumb rule, to be avoided with dumb methods.”

Not getting caught is clearly aimed at reducing the regulatory risk, but the real issues are in an organisations' reputational risk and the core AML/CFT risks. In the case of BNP a violation of US law.

It is about – what Bloomberg calls – “moral bite”. Staff throughout the organisation need to understand why sanctions exist and why AML/CFT regulations are in place. All staff need to have an innate drive to strive for integrity and doing the right thing. 

Only then will a company be truly compliant. 

ROlf

e: rolf@i-kyc.com
w: www.i-kyc.com

AML/CFT Challenge or Opportunity

If you Google a bit you’ll find plenty of articles with the terms “AML/CFT” and “challenge” used together. But is it just that? Or is there more to it? Of course the field of AML/CFT is at times challenging but so are many other areas of running a bank. If a financial institution does it well it offers opportunities as well.

We often classify AML/CFT under regulatory risk, but that’s only the tip of the iceberg. Other reputational risks exist in connotation with AML/CFT and the actual risk of AML/CFT is of course, that a bank or financial institution actually helps to finance the drugs trade, human trafficking or terrorist activities. More and more institutions try to ‘do the right thing’ – see our own i-KYC slogan “Integrity Means Business” (www.i-kyc.com) or the motto  of a recently founded  Singaporean compliance platform: “G.R.A.C.E. : doing right” (www.gracedoingright.com) and many more.

Doing business in an ethical and sustainable way is of more and more importance. To attract staff, investors and customers alike. The wider stakeholder arena is more and more interested in integrity, and institutions that take risks seriously. Financial institutions that try to balance risk and reward can use that as a competitive advantage.

Funnels

Another one on TBML

Trade Based Money Laundering is at the basis of the recently published advice on ‘funnel accounts’ – accounts in which illicit money is coming in from many sources, is used to buy and ship goods, which are then subsequently sold.

An article about this mentions that “ the main challenge is discerning between legitimate and illegitimate trade activity “. There is no rule book to describe what is allowed and what not. More than ever a risk based approach combined with adequate training of all staff involved in the operations of processing trade and payments transactions is required.

As the article indicates “ organisations are encouraged to make use of guidance, advisory notes, case studies and typologies as the basis of training “. And that’s exactly what we do in our TBML training.

Rolf

See also
http://www.fincen.gov/statutes_regs/guidance/pdf/FIN-2014-A005.pdf

The end of a monopoly - what now?

Another warm weekend in Singapore and time to catch up on reading. Reading this article (http://www.economist.com/news/special-report/21601624-and-no-end-new-ways-pay-your-bills-end-monopoly ) on the growing percentage of payments done via mobile networks, flashcards, internet payment gateways, I think about the impact on the world of AML/CFT.

Yes: banks are losing their monopoly on the execution of payments, although I don’t believe that banks will ever be completely out of the picture. The payments infrastructure that banks have built is not something that can easily be replaced. And interbank and cross border infrastructure (SWIFT, SEPA, domestic clearing networks etc.) only add to that.

No doubt the alternatives to traditional modes of payment will increase and likely banks will play a smaller (relative) role in the overall payments world.

So what does that mean for AML/CFT? Assuming the AML/CFT risks are identical in these new forms of payment compared to payments via the regular payment channels, the danger sits more in (a lack of detection) than in anything else.

Banks have – voluntarily but more often forced by regulators - invested heavily in monitoring and screening solutions. If the payments landscape changes drastically and players that are potentially not even under supervision from the banking regulators execute an ever increasing portion of payments, what does that mean for the risk profile of a country or industry segment?

An interesting problem without immediate answers. Views are welcome…

Sugar at $240 per pound

We found the following articlehttp://www.economist.com/news/international/21601537-trade-weakest-link-fight-against-dirty-money-uncontained?frsc=dg%7C  of particular interest, so we thought we’d share our views… . Trade Based Money Laundering (TBML) is defined as “the misuse of commerce to get money across borders”. The most common method is to misrepresent the value of goods exported or imported. The article mentions some examples: plastic buckets from the Czech Republic that supposedly cost $970 and sugar from Iran in one transaction was priced at $240 per pound. If the price is ‘almost right’ these sort of transactions will of course be difficult to detect. Just as the use of legitimate ‘re-invoicers’  makes it harder to find out if the underlying transaction is misused to transfer illicit funds from one country to another.

Since TBML uses legitimate transactions to hide illicit proceeds, financial institutions will have to guide staff involved in handling these transaction. Client facing bankers, branch staff and trade finance operations departments all need to be made aware of the potential practices employed by money launderers. The need for ongoing training cannot be overestimated!

iKYC has launched a TBML training last year and we’ve built up a bit of a reputation in the field. If you’d like to know more, don’t hesitate to contact us. 

ROlf

Know Your Country

After a busy week - for those of you who don’t know yet: building a business is fun but also a lot of hard work ;) - time to do some background reading. I spent a bit of time on this site http://www.knowyourcountry.com/ . 

Looks interesting and pretty comprehensive. Anybody any ideas or comments?

ROlf

AML - the fastest growing risk and compliance segment

Saturday morning in sunny Singapore and reading up on some recent publications. See for instance this Burton-Taylor report on trends in the risk and compliance industry ( http://www.burton-taylor.com/samples/B-T_Global_Risk-Compliance_Competitor-Segment_Analysis_2014-Information_Kit.pdf ) which states “…The Fraud Prevention segment, at USD1.99b and Anti-Money Laundering (AML)/Know-Your-Customer (KYC), at USD271.7m, are the fastest growing, with five-year CAGR of 16.67% and 19.91% respectively…….”

This reflects what we at i-KYC see in our daily practice. The companies we work with usually have their more traditional risk areas – like credit risk, market risk and fraud prevention – well under control. Although AML/CFT is a well-known phenomenon in global financial institutions, many regional and local players still have a long way to go.

The AML/CFT industry as a whole – and maybe we should add FATCA and Anti Bribery and Corruption to that – have developed fast over the last 10 years, but both in awareness, training, organization and tooling there is yet substantial work to be done. To reach the level of professionalism, quality and efficiency of other risk and compliance functions perhaps we can learn more from our colleagues?!

ROlf