Upload
rusk
View
125
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Anti-Money Laundering (“AML”). What is Money Laundering?. The concealing or disguising the existence, illegal source, movement, destination or illegal application of illicitly derived property or funds to make them appear legitimate. The three stages of Money Laundering: - PowerPoint PPT Presentation
Citation preview
Anti-Money Laundering (“AML”)
What is Money Laundering?
The concealing or disguising the existence, illegal source, movement, destination or illegal application of illicitly derived property or funds to make them appear legitimate.
The three stages of Money Laundering:• Placement: The introduction of the funds into the
financial system;
• Layering: Movement of the funds to distance them from the original source;
• Integration: Funds re-enter the legitimate economy and are used to purchase goods or services,
finance other illegal activity or are otherwise spent.
AML has transcended from a compliance requirement to a national security issue.
Increased Scrutiny by Regulatory Authorities•Deferred prosecution agreements •Aggressive regulatory enforcement actions •AML compliance is a leading enforcement priority of federal and state
agencies
Congressional Inquiries•FRB – UBS•OCC – Riggs, Arab Bank, and Banco de Chile
AML’s Impact on Financial Institutions
Escalation of Fines•$10 million fine against U.S. Trust in 2001•$80 million fine against ABN Amro in 2005. •Cumulative penalties for the years 2000-2004 have been calculated
to be approximately $120 million.
Clearly, the regulatory authorities are intolerant of non-compliance and place a greater emphasis on penalties and
regulatory actions.
AML’s Impact on Financial Institutions (cont’d)
The Scale of the Problem
The International Monetary Fund, for example, has stated that the aggregate size of money laundering in the world could be somewhere between two and five percent of the world’s gross domestic product.
Using 1996 statistics, these percentages would indicate that money laundering ranged between US Dollar (USD) 590 billion and USD 1.5 trillion. The lower figure is roughly equivalent to the value of the total output of an economy the size of Spain.
In the US, the estimated earning of criminal activity (2000 statistics) is 779 billion or about 8% of the GDP.
The figures stated above are speculative at best.
Anti-Money Laundering Compliance
An Anti-Money Laundering Compliance Program• Designed to assist institutions and businesses in their fight
against money laundering and terrorist financing
• Required since 1987 (roots extend back to the Bank Secrecy Act of 1970)
• Requirement has been recently (October, 2001) extended to all financial institutions, including securities dealers, money services businesses and many other businesses including jewelers and precious gem dealers.
AML Regulations
• Bank Secrecy Act (1970) - legal principle under which banks are allowed to protect personal information about their customers. The Bank Secrecy Act sets out the four minimum requirements for an AML compliance program:
• Written internal policies, procedures and controls• A duly-designated AML Compliance Officer• On-going employee training program• Independent audit function to test the AML programs
• USA Patriot Act (2001) – combined the BSA AML requirements with the trade sanctions imposed by OFAC (Office of Foreign Assets Control). The USA Patriot Act delivers four primary directives to financial institutions:
• Identify clients and account holders, both private and commercial• Block transactions with entities identified on the OFAC and other interdiction lists• Determine and report suspicious activities with out blocking them• Share information with other Financial Service Providers (FSPs) to aid in determining
suspicious activity
AML Regulations
The United States became the first country to criminalize money laundering through a 1986 law that is considered the most powerful in the world. The law, Title 18, USC Sec. 1956, applies to the proceeds of more than 200 crimes. The most powerful of the three laws, Sec. 1956, imposes heavy penalties – up to 20 years in prison – and it has broad reach. It also includes a unique provision that permits undercover stings with funds “represented to be the proceeds of specified unlawful activity.”
• The Laundering of Monetary Instruments - Title 18, USC Sec. 1956 • Monetary Transactions in Property Derived from Specified Unlawful Activity La
w- Title 18, USC Sec. 1957
• Prohibition of Unlicensed Money Transmitting Businesses Law - Title 18, USC Sec. 1960
AML RegulationsUSA Patriot Act – Title III
Section 311 Secretary of the Treasury (Secretary) the authority to designate a foreign jurisdiction, institution(s), class(es) of transactions, or type(s) of account(s) as a “primary money laundering concern” and to impose certain “special measures”
Section 312 Special Due Diligence Programs for certain foreign correspondent and private banking accounts
Section 313 Prohibition on US Correspondent Accounts with Shell Banks
Section 319 (b) Availability of Records – •Correspondent Bank Certifications• 120 hour rule
Section 314 (a) Cooperation Among Financial Institutions, Their Regulatory Authorities and Law Enforcement Authorities
Section 314 (b) Voluntary Information Sharing Among Financial Institutions
Section 326 Customer Identification Program (CIP)
Section 327 Consideration of an Anti-Money Laundering Record
Key AML Regulators
Office of Foreign Assets Control (OFAC)An office of the U.S. Department of the Treasury.Administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals against targeted foreign countries, terrorists, international narcotics traffickers, and those engaged in activities related to the unapproved proliferation of weapons of mass destruction
Financial Crimes Enforcement Network (FinCEN) Created in 1990 to administrator the Bank Secrecy Act. FinCEN role is issue regulations and to impose civil penalties for violations. FinCEN has delegated examination authority to each Federal Banking Agencies. Originally a department of the U.S. Department of Treasury it was elevated to bureau status in of the U.S. Department of the Treasury to combat money laundering
Key AML Regulators (cont’d)Federal Banking Agencies (FBAs)
Office of the Comptroller of the Currency (OCC)
Federal Reserve
Office of Thrift Supervision (OTS)
Federal Deposit Insurance Corporation (FDIC)
Securities and Exchange Commission (SEC)
Internal Revenue Service (IRS)
OFAC’s Focus:• Identifies persons for designation; • Assists U.S. persons in complying with the sanctions prohibitions
through its compliance and licensing efforts• Penalizes U.S. persons violating the prohibitions • Works with other U.S. Government agencies• Coordinates and works with other nations to implement similar
strategies
Compliance with OFAC:A bank’s main compliance responsibility is to ensure that suspect items are interdicted. In developing OFAC compliance program, focus should be on providing enough information to key staff in all areas of operations to enable them to recognize and stop suspect transactions.
A Little More on OFAC
Any bank organized or located in the United States is responsible by law to block virtually all property that comes within the bank’s possession or control in which there is an interest of a blocked individual or entity.
Over the past several years, OFAC has had to impose millions of dollars in civil penalties involving U.S. Banks. The majority of the fines resulted from bank’s failure to block illicit
transfers when there was a reference to a targeted country
Main difference between OFAC and BSA compliance is OFAC tends to “freeze” rather than “seize” assets. OFAC will often block transactions in an attempt to apply political pressure on hostile governments.
Who is Liable Under OFAC?
Regulations require the following:• Block accounts and other property of specified countries, entities,
and individuals.• Prohibit or reject unlicensed trade and financial transactions with
specified countries, entities and individuals.
Unlike the BSA, the laws and OFAC-issued regulations apply not only to the U.S. banks, their domestic branches, agencies, and international banking facilities, but also their foreign branches, and often overseas offices and subsidiaries.
The Specially Designated Nationals (SDNs) list is comprised of thousands of individuals and entities that are primarily located outside of the blocked countries. Blocked countries currently include Cuba, Iran, Libya, North Korea, Sudan, and Syria.
Compliance with OFAC
Blocked TransactionsU.S. law requires that assets and accounts be blocked when such property is located in the United States, is held by U. S. individuals or entities, or comes into the possession or control of U.S. individuals or entities. Transactions with anyone on the SDN list are required to by law to be blocked and reported to OFAC.
Banks must block transactions that:• Are by or on behalf of a blocked individual or entity• Are to or through a blocked entity• Are in connection with a transaction in which a blocked individual or entity as an interest
Prohibited TransactionsIn some cases, and underlying transaction may be prohibited but there is no blockable interest in the transaction. In these cases, the transaction is simply rejected and not processed.
Compliance with OFAC
•OFAC has the authority, through a licensing process, to permit certain transactions that would otherwise be prohibited under it regulations.
•Specific licenses are issued on a case-by-case basis and require an application to OFAC.
•If the transactions conforms with U.S. foreign policy under a particular program, the license will be issued.
•When a customer claims to hold a specific license, the bank should still verify the transactions conforms to the terms of the license and retain a copy.
OFAC Licenses
•Banks must report all blocking to OFAC within ten days of the occurrence and annually on September 30th concerning assets blocked as of June 30th. Prohibited transactions that are rejected must also be reported with in ten days of occurrence.
•Banks must keep a full and accurate record of each blocked or rejected transaction for at least five years after the date of the transaction.
OFAC Reporting
Fundamental Elements of a sound OFAC program include assessment of:
•Specific product lines•Customer Base•Nature of Transactions•Identification of high-risk areas for OFAC transactions•Account and Transaction Parties
Based on the bank’s risk profile, they should establish policies, procedures and processes for reviewing transactions and transactions parties.
OFAC Risk Assessment
An effective OFAC program should include internal controls for identifying suspect accounts and transactions and reporting to OFAC. Internal controls should include the following elements:
•Flag and review suspect transactions – manually, interdiction software, or both.
•Updating OFAC lists – timely updating as the list as OFAC updates the list frequently.
•Reporting – OFAC should be notified as soon as possible in the case of narcotics or terrorism. However, most other items should be reported within ten day of occurrence.
•Maintaining License Information – OFAC recommends that banks consider maintaining copies of customers’ OFAC licenses on file for at least five years.
OFAC Internal Controls
Independent TestingEvery bank should conduct an independent test of it’s OFAC program that is performed by internal audit, outside auditors or other independent parties. An in-depth audit should be conducted at least once a year. For larger banks, frequency and are of testing should be based on the perceived risk of a specific area of business.
Responsible IndividualEvery bank should designate a qualified individual to monitor day-to-day compliance of the OFAC program.
TrainingThe bank should provide adequate training for all appropriate employees. This training should be consistent with the bank’s risk and employee responsibility.
OFAC Internal Controls
Internal Audit Considerations
Evaluating AML Risks and Compliance with U.S.
AML Regulations
Risk ConsiderationsThe ability to assess BSA/AML risk on a consolidated basis across all activities, business lines, and legal entities allows the holding company to view its risks and worldwide exposure inside a larger risk management framework.
Audit ObjectiveEvaluate the adequacy of the enterprise-wide BSA/AML compliance program. Determine reporting lines and how effectively the program manages risk in an integrated fashion across affiliates, business lines, and risk types.
Enterprise Wide BSA/AML Compliance Program
Risk ConsiderationsThe bank’s BSA/AML compliance program is not tailored to its
specific risks
The bank does not have a consolidated understanding of its risk exposure across all activities, business units and legal entities
Entity risks related to products, services, customers and geographic locations are not properly identified, updated and incorporated into the BSA/AML compliance program.
Audit ObjectiveAssess the adequacy of the Entity Risk Profile development and
updating process
Entity Risk Profile
Entity Risk Profile (cont’d)
AML Programs must be implemented on a risk-based approach. This means that the following factors need to be taken in into consideration with policies and procedures to support the AML program are implemented. Risk rate the following:
Clients Examples: High net worth individualsFinancial InstitutionsNon-traditional banking businessesMoney Services BusinessCharitable Organizations/Not for ProfitsAny type of business identified by Government Authorities
as high risk for Money Laundering
Products & Services Examples: Correspondent Banking Private BankingPayable ThroughWire TransfersOfficial Items
Geographic Regions Examples: Areas listed by the Financial Action Task Force (FATF)Middle East
Latin America
Risk ConsiderationsThe level of sophistication of the internal controls should be
commensurate with the size, structure, risks and complexity of the financial institution.
If internal controls are inadequate, the financial institution may not be able to detect, report and monitor suspicious activity in compliance with the BSA.
Audit ObjectiveTo determine whether internal controls ensure compliance
with the BSA and provide sufficient risk management, especially for high-risk operations (products, services, customers, and geographic locations).
Internal Controls
Risk ConsiderationsThe board, acting through senior management, is ultimately
responsible for ensuring that the financial institution maintains an effective BSA/AML internal control structure, including suspicious activity monitoring and reporting. Their oversight is a crucial element of a sound risk management and control environment.
Audit ObjectiveTo determine whether the board and senior management’s
oversight of the bank’s BSA /AML Compliance program is sufficient to effectively monitor and address identified risks.
The board and senior management should create a culture of compliance to ensure staff adherence to the Bank’s BSA/AML policies, procedures, and processes.
Governance and Oversight
Risk ConsiderationsA failure to sufficiently train such personnel in applicable
aspects of the BSA may result in the bank’s failure to prevent, detect and/or monitor suspicious activity.
The board of directors must also receive adequate training in BSA. Without a general understanding of the BSA, the board of directors cannot adequately provide BSA/AML oversight; approve BSA/AML policies, procedures, and processes; or provide sufficient BSA/AML resources.
Audit ObjectiveEvaluate the adequacy of the entity’s training program.
Assess the currentness, completeness, accuracy and presentation effectiveness of the training program.
Training
Risk ConsiderationsAccounts are opened without verification of owner identity
Identification documentation is not reliable or adequately safeguarded
Customer identification is relaxed because of certain external or certain internal referrals, including new accounts opened for existing relationships
Audit ObjectiveAssess the entity’s compliance with the statutory and
regulatory requirements for the CIP
Customer Identification Program (“CIP”)
Risk ConsiderationsAccounts are opened without review of customer background
Due diligence is:• ineffective or lacks appropriate checks and balances• not robust enough for high risk accounts• relaxed because of certain internal or certain external
referrals
Audit ObjectiveAssess the appropriateness and comprehensiveness of the
entity’s CDD policies, procedures, and processes for obtaining customer information and assess the value of this information in monitoring, detecting and reporting suspicious activity.
Customer Due Diligence (“CDD”)
Suspicious Activity Reports (“SARs”)
In April 1996, a Suspicious Activity Report (SAR) was developed to be used by all banking organizations in the United States.
A banking organization is required to file a SAR whenever it detects a known or suspected criminal violation of federal law or a suspicious transaction related to money laundering activity or a violation of the BSA.
Suspicious activity reporting forms the cornerstone of the BSA reporting system.
When Must A SAR Be Filed?
A national bank shall file a SAR with the appropriate Federal law enforcement agencies and the Department of the Treasury in accordance with the following circumstances:
1. Insider abuse involving any amount
2. Violations aggregating $5,000 or more where a suspect can be identified
3. Violations aggregating $25,000or more regardless of potential suspects
4. Transactions aggregating $5,000 or more that involve potential money laundering or violate the Bank Secrecy Act.
The Importance of Filing a SAR
1. Identifies potential and actual illegal activity:• Money Laundering• Terrorist financing• Other financial fraud and abuse
2. Detects and prevents flow of illicit funds
3. Establishes emerging threats through analysis of patterns and trends
4. It’s the law.
Financial Institutions Required to file SARs
• Banks
• Savings Association
• Savings Association Service Corporations
• Credit Unions
• Bank Holding Companies
• Non-bank subsidiaries of bank holding companies
• Edge & Agreement Corporations
• U.S. branches & agencies of foreign banks
SAR Reporting Deadlines
A financial institution is required to file a SAR:
No later than 30 calendar days after the date of initial detection of facts that may constitute a basis for the filing
No later than 60 calendar days if no suspect was identified on the date of detection of the incident requiring the filing
Risk ConsiderationsSuspicious activity is not properly defined or communicated
SARs are incomplete or not filed timely
SARs activity is not monitored for trends or those trends are not investigated
Decisions not to file SARs are not appropriate or adequately supported
Audit ObjectiveAssess the entity’s policies, procedures, and processes, and overall
compliance with statutory and regulatory requirements for monitoring, detecting, and reporting suspicious activities
SARs from an Audit Perspective
Currency Transaction ReportingInformation SharingPurchase and Sale of Monetary InstrumentsFunds TransfersForeign Correspondent Account Recordkeeping and Due Diligence Private Banking Due Diligence Program Special MeasuresForeign Bank and Financial Accounts Reporting International Transportation of Currency or Monetary Instruments Reporting
Other Risk Areas
Office of Foreign Assets Control Correspondent AccountsU.S. Dollar Drafts Payable Through Accounts Pouch ActivitiesForeign Branches and Offices of U.S. Banks Parallel Banking Electronic Banking Electronic Cash
Other Risk Areas
Third-Party Payment Processors Brokered Deposit Referral Agents Privately-Owned Automated Teller Machine Non-deposit Investment Products Insurance Concentration Accounts Lending Activities Trade Finance Activities
Other Risk Areas
Trust and Asset Management Services Nonresident Aliens and Foreign Individuals Politically Exposed Persons Embassy and Foreign Consulate Accounts Non-Bank Financial Institutions Professional Services Providers Non-Governmental Organizations and Charities Corporate Entities Cash-Intensive Businesses
Other Risk Areas
Appendices
APPENDIX A: Key Terms
BSA Bank Secrecy ActCIP Customer Identification ProgramCTR Currency Transaction ReportDCN Document Control NumberEFT Electronic Funds TransferFBO Foreign Bank OrganizationFinCEN Financial Crimes Enforcement Network
APPENDIX A: Key Terms
MLSA Money Laundering Suppression Act of 1994OCC Office of the Comptroller of the CurrencyOFAC Office of Foreign Assets ControlROE Report of ExaminationSAR Suspicious Activity ReportSEC Securities and Exchange CommissionSDN Specially Designated Nationals (or Blocked Persons)TDF Treasury Department Form