Anti-Money Laundering (AML) & Combating Financing Terrorism (CFT) Auditing the complex, unclear, and changing regulatory requirements and expectations
Basics of Money Laundering Money laundering is the criminal practice of processing ill-gotten gains, or dirty money, through a series of transactions; in this way the funds are cleaned so that they appear to be proceeds from legal activities Motivation: Profit-seeking Stages of Money Laundering Placement: Dirty money introduced to financial system Layering: Funds are moved to obscure true source Integration: Funds fully integrated and appear legitimate
Basics of Terrorist Financing Terrorist financing is the transfer of funds from any source (unlawful or legitimate) to terrorist organizations in order to obtain material and other logistical items needed to commit terrorist acts Motivation: Ideological Comparison to money laundering Generally same system of internal controls required to prevent, detect, report, and deter the crime Distinctly separate crimes and motives Difference in origin of funds Transaction amounts Money trail: circular vs linear
Money Laundering Typologies Trade-based money laundering is a method of transferring value across international borders through the trade of goods instead of cash Black Market Peso Exchange (BMPE) refers to activity that involves the effort to receive Colombian pesos in Colombia in exchange for U.S. dollars in the United States Similar black market exchange systems are found in Venezuela and in the tri-border region of Argentina, Brazil, and Paraguay These are similar to BMPE; however, BMPE refers only to the Colombian system
Money Laundering Typologies
Money Laundering Typologies Funnel Account: An individual or business account in one geographic area that receives multiple cash deposits, often in amounts below the cash reporting threshold, and from which the funds are withdrawn in a different geographic area with little time elapsing between the deposits and withdrawals
Money Laundering Typologies
Case Study: Terrorist Financing United States September 11, 2001 19 hijackers opened 24 domestic bank accounts at four different banks with the following profiles: Accounts opened with cash (equivalents) average amount of $3,000 to $5,000 ID used to open the accounts were visas issued through foreign governments All accounts were normal checking accounts with debit cards The hijackers often used the same address/telephone numbers on the accounts The hijackers opened their accounts at branches of large, well-known banks Wire transfers of small amounts from/to foreign countries A high percentage of withdrawals were from debit cards A low percentage of checks were written After a deposit was made, withdrawals occurred immediately No discernible pattern with regard to the timing of deposits/disbursements Series of transactions at ATMs involving several hijackers at the same ATM
Key Regulatory Enforcement Actions in Past Year BNP Paribas May 1, 2015, Sentenced to a 5-year term of probation, and ordered to forfeit nearly $9B The first time a financial institution has been convicted and sentenced for violations of U.S. economic sanctions, and the total financial penalty including the forfeiture and criminal fine is the largest financial penalty ever imposed in a criminal case. http://www.justice.gov/opa/pr/bnp-paribas-sentenced-conspiring-violate-international-emergencyeconomic-powers-act-and Commerzbank March 12, 2015, combined settlement of $1.45B Sanctions violations, AML Program, and Olympus accounting fraud Bank Leumi December 29, 2014, fined $400M Allegations that it helped U.S. taxpayers hide assets and income in unreported accounts in Israel and around the world Standard Chartered August 19, 2014, $300M in penalties Independent Monitor in place from 2012 detected the transaction monitoring system failed to detect a significant number of potentially high-risk transactions for further review
International AML/CFT Regulatory Landscape Country AML/CFT Regulatory Regime* Laws & Regulations* Canada United States United Kingdom Hong Kong Office of the Superintendent of Financial Institutions (OSFI) Financial Transactions and Reports Analysis Centre of Canada The Office of the Comptroller of the Currency (OCC) Financial Crimes Enforcement Network (FinCEN) Financial Conduct Authority (FCA) Prudential Regulation Authority (PRA) National Crime Agency (NCA) Hong Kong Monetary Authority (HKMA) Joint Financial Intelligence Unit (JFIU) Proceeds of Crime (Money Laundering) and Terrorist Financing Act (the Act) Bank Secrecy Act (BSA) USA PATRIOT Act Proceeds of Crime Act 2002 Serious Organised Crime and Police Act 2005 Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO) *This listing is for illustrative purposes only and is not all inclusive
AML/CFT Program Components AML/CFT Compliance Officer Training & Awareness System of Internal Controls Policies & Procedures Risk Assessment Governance & Oversight Customer Risk Rating Tone at the Top & Culture Know your Customer Self-Testing Transaction Monitoring Board Reporting Reporting Economic Sanctions Information Sharing Independent Auditor Assessments
Auditing AML/CFT - Challenges Controls to ensure risks are appropriately identified and managed is the foundation Not always tangible to auditors Possibly subjective Direct versus indirect controls assessment Strong training & awareness programs are critical Tone at the top Culture of compliance How to test whether a Financial Institution knows its customers Key decision points rather than secondary/tertiary reviews To file or not to file Even a well-controlled Financial Institution is susceptible to a mistake or poor decision, and therefore susceptible to regulator scrutiny, fines, and reputational damage Audit risk Conflict of laws between jurisdictions Information sharing versus data privacy Risk-based versus prescriptive Regulators are not always control-focused