Pakistan is not the only country where this can happen

This article published in ‘Dawn’ last year not only describes the K&K case clearly but at that highlights some of the underlying issues in Pakistan. A large informal economy, a tradition of sending money abroad and widespread use of hawala networks are the 3 basic factors. Then there’s a widespread use of over- and under-invoicing and the use of other Trade Based Money Laundering techniques involved. Add to that the difficulty to actually prove the money transferred is related to crime and you have a recipe for the disaster described.

A question that comes to mind though is: would a proper country risk assessments have revealed these issues? And: wouldn’t it make sense to do a risk assessment at country level in other counties were similar situations are expected? Just to prevent cases like this. 

The impact of MyInfo in Singapore on the cost of compliance

The MAS had already announced it a while ago but newspapers are picking up on the news of an ‘account opening utility’ now as well (StraitsTimes). The idea is not new of course but it is an achievement and definitely good news for the (individual) customer. Instead of having to fill out forms and bring along different original documents to open an account, an individual Singaporean customer will in future just have to do that once with MyInfo. Thereafter banks can use that information combined with the already available public information for their internal account opening process knowing that all regulatory requirements on documentation have been met.

Is this solving ‘all’ problems with account opening and client onboarding though? Let’s analyze the impact.

For individuals, opening a bank account will become easier, but likely a prospective client will still have to provide information to the bank and will have to sign forms, signature cards, consent forms etc. Not all information that a bank needs to meet regulatory requirement will be in MyInfo

For banks it means a more streamlined onboarding process and the ability to offer a better customer experience.

The harmonization of account opening requirements is a major achievement and creating a common repository for account opening documentation will reduce the burden for individuals to open an account. Further integration with the banks’ Apps and extending the service to more products will even make life more convenient.

If this helps banks in their overall CDD and KYC efforts is yet to be seen. For most banks the bulk of the ‘cost of compliance’ sits in periodic reviews of commercial clients. MyInfo will not provide much relief for that issue. 

Lack of confidence in your AML/CFT program? Why?

A substantial number of compliance officers (about 44 per cent) lack confidence in the anti-money laundering (AML) programs of their organizations, according to a new report

That’s an interesting finding since compliance officers are ultimately responsible for compliance of the whole organization in their role as MLRO. The pace and complexity of changes are mentioned as causes as well as insufficient clarity of regulations. Investments in AML programs have gone up and are expected to increase also because of ongoing technological innovations.

The article quotes: Nadim Najjar, managing director, Middle East and North Africa, Thomson Reuters: “The business of compliance, which in the past was seen by many as a mere tick box exercise, has become incredibly dynamic. It has evolved into a critical, demanding role that challenges executives to stay up-to-date and conversant with regional and global regulatory change and information.”

All the reasons make sense and we see many of our clients working hard to improve their AML/CFT policies, processes and procedures. What is not mentioned – and is often still not sufficiently recognized – is that interpreting regulations into policies is only the beginning of the implementation of an AML/CFT Program.

Implementing policies in all operational areas of a financial institution would need to cover branches, trade finance departments, customer service teams, relationship managers and transaction processing units. Where the compliance function sits in the 2^nd line of defense, a lot of heavy lifting in daily operation sits in the 1^st line of defense.

That’s exactly what we focus on. 

The bank’s responsibility or not?

The Financial Times last weekend reported on the MAS banning a banker from operating in the Singapore market for 10 years due to wrongdoings found in the 1MD investigation in this article . “Mr Leissner was found by the MAS to have issued an unauthorized reference letter, using Goldman Sachs letterhead, to a financial institution based in Luxembourg in June 2015.”

Two things are remarkable about this:

1.       Maybe 10 years is a long time but it’s ‘just’ a prohibition to work in Singapore. If you know how difficult it is to get a work permit in Singapore this can hardly be seen as a punishment. There are millions of people who want to work in Singapore and cannot. It doesn’t appear to be a harsh or severe treatment. Certainly not if you take into account that Goldman received 300 million in fees for the transaction of which mr Leissner without doubt got a handsome share.

2.       Secondly it’s puzzling that a person can be banned for doing something while his employer goes completely free. If a person is doing something that is not allowed he or she should be held accountable but if the person is doing that as an employee also the employer should be held accountable I’d say

Interesting..

4 crucial points to make AML/CFT work in any bank

The questions in this article this article are indeed often asked by our clients. The answers provided make sense but I’m not so sure that we can call these true innovations… AML requires a financial institution to interpret regulations and embed these in internal policies. That’s the easy part. The next step is to get the rest of the organization to read and understand the policies and to amend all SOPs to ensure the first line of defense, functions in accordance with the policies. That’s not rocket science either but it’s a lot of work, has wide spread implications throughout the organization and touches on the day-to-day activities of many employees.

As the author rightfully states: taking this challenge seriously can be done within existing budget and in our opinion and experience (!) can actually save money. Four key points need to be taken into account:

-          Define a proper Target Operating Model so that it’s clear who is supposed to do what across the 1^st LoD;

-          Ensure there is one (!) central owner for all operational execution of AML/CFT processes; even if AML/CFT operations is not centralized you still need single ownership over all AML/CFT work;

-          Focus on numbers and make sure your management information measures progress, turnaround time and effort just as well as quality and meeting the compliance requirements;

-          Automate wherever possible.

And a final overall piece of advice; take this whole exercise seriously and execute the change program to reach the target model rigorously. We have proven it with various clients: you can meet AML/CFT requirements and still operate at a cost efficient level and still be customer friendly.

RegTech – top 3 trends

An interesting evening hosted by Datarama yesterday. It’s always good to meet peers and we enjoyed an interesting talk by Nathan SooHoo from Trulioo.

Technology can and will change the way organizations handle regulatory challenges. The bulk of the work though for most FIs is not to get policies issued and rolled out; it’s about all staff to understand what the policy means for their day-to-day jobs and actually adhere to it. Without bringing the organization to a standstill. Many AML/CFT processes are still very manual, so there’s a lot to be gained, both in terms of customer experience and in terms of the cost of compliance.

So apart from block chain and sharing of CDD data across organizations what would be top trend number 3?

How positive is the FATF really about the AML/CFT environment in Singapore

Anti-money laundering and counter-terrorist financing measures in Singapore – 2016

Many have already commented on the report FATF mututal evaluation Singapore, we took some time to read and reread the report. In this article we’ve summed up our comments and take-aways.

It took a while to release the report apparently, the FATF onsite visit was almost a year ago (Nov/Dec 2015), perhaps because the findings are of a mixed nature. Most comments are quite positive but without being too pessimistic: many comments that indicate some substantial improvements are possible and needed.

Let’s start with the good news. Singapore is found to have “a highly sophisticated coordination on AML/CFT and FIs demonstrate a reasonably good understanding of ML risks”. The National Risk Assessment has provided a sound basis for private and public sector to understand ML/TF risks and specifically domestic measures in FIs are considered adequate.

Looking at the effectiveness ratings 4 areas score ‘substantial’, 6 ‘moderate’ and 1 ‘low’. The technical compliance ratings 18 areas score ‘compliant’, 16 ‘largely compliant’ and 6 ‘partially compliant’. We leave it up to the reader to decide if that’s good or bad.

Let me cite also some less positive statements from the report. “No adequate risk assessment was done on all forms of legal persons and arrangements.”  “Challenges were faced in executing MLA requests in a timely manner.”  “The national risk understanding reflects a disproportionate focus on domestic predicate ML and domestic FIs demonstrated a less sophisticated understanding of ML and TF risks facing them.” “Given the inconsistencies in both the NRA and the individual assessment of risk in FIs, targeting on the basis of ML/TF risks is not optimal.”

Skipping to the prioritized recommendations we can see a few trends:

1.       More focus on non-FIs.

2.       More measures targeted at specific risks – properly reflecting amongst others risks inherent to the nature of Singapore’s financial services industry in which 77% of the funds managed has a foreign origin.

3.       An approach which is less ‘just ticking the box’ and more focused on actual risks.

4.       More focus on complex and foreign predicate money laundering.

Combating financial crime is not easy – we all know that – Singapore has come a long way and as the report concludes the regulatory framework is sophisticated. Reading between the lines though, the report is not altogether that positive. Having a world class regulatory framework is by no means enough; FIs and other players in the financial markets will need to do more than just ‘tick the box’ and truly understand risks and implement programs to mitigate those risks; there’s more work to be done.

Much more.

Comments are welcomed at info@i-kyc.com