Embed Size (px)
Citation preview
Challenges of Anti Money Laundering and Embargo Filtering
26th Jun 2012
Rohit Johri
Disclaimer: the contents of this presentation are personal
opinions of the speaker and do not represent the official stand
of his employer or associated entities; present or past.
3
Contents
Introduction to Money Laundering and Financing of Terrorism
– Concept and History
– Bodies and legislations
– Latest developments
Combating Financial Crime
– Know Your Customer
– Behaviour detection
– Compliance and followup
Challenges
– Regulatory
– Technology
– Data
– Staying one step ahead of the crooks
4
Financial Crime
"Money laundering may look like a polite form of white collar crime, but it is the companion of brutality,
deceit and corruption” – Lawrence Summers, US Secretary of Treasury, 1999
FATF figures for 2011 - USD 590 billion to USD 1.5 trillion of money is laundered every year
Narcoterrorism (word coined in 1983) to money laundering (word coined in 1976) to combating funding
of terrorism (concept proposed in 2001)
Meyer Lansky (1902-1983) – the Mob’s accountant – perfected the fine art of money laundering (1930s)
“Money Laundering” – coined by the Guardian, UK, during the Watergate investigations
Offshore companies, cash couriers, complex transactions, bogus loans, fraudulent write offs,
5
Some History
Proceeds to bootlegging laundered through Swiss Banks, restaurants, launderettes, etc.
Banking Secrecy Act, 1970 (US) and the need for CTR
Banks negligent about filing CTR – Miami – Operation Greenback – 1979
Operation Capstone – Life Insurance policies being used for money laundering
Enforcement of CTR => structuring. Bankers called upon to report “suspicious transactions”.
Cash collateralized loans => Probability of default = 100%
Speculation versus suspicion versus knowledge (knows, suspects, or has reason to suspect)
Money Laundering Control Act – 1986
Fly out cash to cooperative countries (Panama, Bahamas, Cayman Islands), bring back to US.
Swiss bankers restitute $600 M of Marcos money to an escrow account in Manila - 1986
FATF - 1989
Bank of New York scandal – exposed the role of shell banks and offshore financial centres – 1999
Riggs Bank scandal – Embassy accounts
6
Welcome to the Alphabet Soup
FATF – Financial Action Task Force
NCCT – Non cooperative countries and territories
USA PATRIOT ACT
UNSC resolution 1373 (29-Sep-2001)
SAR, STR, CTR, FIU, PEP
Egmont Group
Wolfsberg Group
CDD, EDD, SDD, KYC,…
BPME
BCBS
SIDNK/MIDNK
SPF, CAD, MAS, STRO
Terrorism (Suppression of Financing) Act (TSOFA)
Corruption, DrugTrafficking and other Serious Crimes (Confiscation of Benefits) Act (CDSA)
7
Meet some of the notable money launderers
8
Money Laundering – who suffers?
Not all sources of money to be laundered are dirty – moonlighting, unreported income, …
Unpaid taxes
Funds flow to jurisdictions where banking secrecy is high, rather than to jurisdictions where economic
activity is legitimate
Make predicate offenses more lucrative – corruption, drugs trade, making money on the side…
Disrupt economic growth – laundered money used for wasteful activities and further illegal actions
Famous Money Laundering Cases in Singapore?
– SIA $35 million fraud
– Asia Pacific Brewery fraud
– SLA procurement fraud
– Criminal Breach of Trust case in Ministry of Home Affairs
– Nick Leeson
9
More about FATF
Established 1989 to combat international financial crime. Mandate renewed periodically. Current
renewal until 2020.
Started with 16 members. Today there are 36 members. Also 8 Associate Members; Many Observers.
Proposed 40 recommendations in 1990, recommendations revised in 1996, 2003.
Another 8 “special recommendations” proposed in October 2001
Yet another “special recommendation” added in Oct 2004
49= 40 + 9 = 40 + 8+ 1
At the forefront of combating financial crime, aided by several regional bodies
Vast body of publication and typologies – dispel the notion that money laundering = cash deposits in
anonymous bank accounts.
Enforcement in the shape of “name and shame” and blacklists
10
NCCT and its variants
First report in June 2000; all countries off the NCCT list by 2006
Since 2007, a more analytical process instituted (shades of black and grey)
Country 14-Jun-2011 16-Feb-2012 Iran Pitch Black Pitch Black
North Korea Pitch Black Pitch Black
Bolivia Black Black
Cuba Black Black
Angola Grey Grey
Argentina Grey Grey
Nigeria Grey Black
Pakistan Grey Black
Greece Grey
Algeria Grey
11
KYC – What to know? What cannot be known?
KYC – starting point is some identification document. What identification document cannot be forged or
stolen?
Not only rogue states, failed states, new states have problems with passports. Belgium admits to have
thousands of blank passports stolen.
A customer may have both legitimate and illegitimate sources of income. The $1m deposit he is making
is tainted money or clean money?
Who produces credentials that are whiter than white? Criminals or regular folks?
Identify a bank staff who can be bribed or threatened. Or identify a bank staff who is overworked and
error prone?
Security by obscurity – is the account signatory or trust holder the beneficial owner?
12
Some notable penalties in recent times
Penalties can run into multi-million dollars
Noone is immune – not casinos, not banks, not hotels, not lawyers
“…material deficiencies in … anti-money laundering program…”
Rigg’s Bank – 2005 – USD 16 Million
Union Bank of California – 2007 – USD 10 Million
Wachovia Bank – 2010 – USD 50 Million
Quiz question – how many regulatory fines in Singapore?
Quiz question – can one buy insurance for regulatory fines?
13
What attracts regulatory fines? Consequences of fines
Multi-million dollar payments
Impact on regulatory capital
Reputation risk
Impact on business….
Poor testing of controls (R.15 - internal audit to test the controls and working of AML regime. Does this
include IT auditors as well?)
Robust compliance plan?
Evidence of a robust compliance plan? (internal policies and procedures, adherence to the policies and
procedures, chain of communication retained and investigated, audit trails)
Evidence that money has been laundered?
Action of loose cannons? Poor oversight? Inadequate training? Even GE has instituted AML training
program for its staff involved in sale of white goods and consumer durables!!!
14
Placement, Layering, Integration
“Crime doesn’t pay”. Why then do we witness so much corruption, illegal arms trade, drugs trade,…
Predicate offences may be outlawed but criminals still try to re-circulate ill begotten wealth.
Legislation attempts outlaw money laundering, regardless of predicate offense
Complex activities such as placement, layering, integration to obfuscate the origin and source of funds
15
Placement, Layering, Integration
The reality
Legitimate money may be siphoned off not only for financing of terrorism but also to create slush funds
for bribery and “off the record” expenses
Plenty of leakages, particularly in cash heavy economies
16
Activities that attract the attention of regulators
Private Banking; Correspondent Banking
Remittances and Money Service Businesses
Embassy accounts – acid test of risk based approach
Trade Finance Manipulations
Shell companies ("You have to supply more information to get a driver's license than you do to form one
of these nonpublicly traded corporations,“ Senator Levin.(D, MI))
DNFBP – Designated Non Financial Businesses and Professions
– Lawyers, Solicitors, Notaries, Accountants
– Casinos (real and online)
– Jewels, antiques
– Trust and Company Service Providers (TCSP)
– Real Estate Agents
Credit cards – repaid using tainted money in cash
Used vehicles dealerships, yatch, real estate
Prepaid cards and e-cash
Charities and “not for profit” organizations
17
Private Banking – attracting the regulators
Anonymous accounts – history now
Cater to High Net Worth Individuals – Often PEP or PEP controlled entities (think beneficial ownership)
Complex products – accounts, money market products, hedge funds, currency futures and options
Non-fund based activities – tax advisory, estate planning
Some products actually aid layering – loans against deposits, multiple jurisdictions, …
Competitive nature of business, lucrative customers, compartments within the organization – making
the job for audit and compliance tougher…
Ample incentive to disregard the source of funds, combined with “plausible deniability”
Personalized services may extend to storing data in jurisdictions of tight privacy laws
18
Beneficial Ownership – who benefits from it?
R.5, R.33 mandate identification of beneficial ownership of funds held in account
Distinguish from signing authority
Natural persons, legal entities, trusts, unincorporated associations, depositories
How to check – data quality, data gathering, cloaks of anonymity and confidentiality,…
Extra precautions in case of Private Banking
Who is responsible – Relationship Manager, Compliance, IT, …
What is an IT auditor to do? Source systems, data quality, integration with external systems,…
19
Due Diligence - Enhanced and Simplified
CDD, EDD, SDD
Employee Due Diligence – conflict of interest, outside directorship, bankruptcy,…
“One and done” exercise versus ongoing due diligence
Changes induced by passage of time (known/expected changes) – students become employees, NSF
become ORD,…
Changes induced by events (known/expected changes) – General Elections, leadership renewal,…
Changes to lookout for – employees losing/changing jobs, transfers leading to change in PEP status
EDD needed for PEP, known or suspected criminals, non face to face customers
SDD for government departments, statutory boards, etc.
20
Customer Profiling
Based on transaction behaviour
Anticipatory profiling until matters become settled – use of random numbers to arrive at renewal date
What to do in case no history with us – new customer, newly introduced profiling exercise, merger of
banks,…
Random dates to ensure that customer profiles age at different dates and thereby not overwhelm the
operations staff
Role of IT auditor – ensure the integrity and availability of information. Keep data current and clean.
Data retention requirements
21
Typical technological architecture
Transaction activity (Core
Banking and More)
Customer acquisition and due
diligence; watchlist filtering
Data Warehouse
External data sources
Transaction behaviour
Case Management
Silo systems, poor data governance, inconsistent standards, …
22
Technological weapons to combat money laundering
Name screening
– Soundex (developed for American names, counterparts exist for West European languages)
– Levenstein algorithm
Customer profiling and segmentation
– Risk based approach (CRAFT - Common Risk Assessment Framework and Techniques - in
Singapore)
– Customer Relationship Management
Transaction monitoring
– Cash, wire, instrument based transactions
– Nature of transaction to determine if monitoring is required (eg salary payment versus surrender of
insurance policy)
– Derived data such as standard deviations, lookback periods, growth projections
– Known suspicious behaviour using rules based detection
Case management
External databases
– Forex rates
– Commodity rates
23
Name screening
Name screening
– John Patrick Smith versus John P Smith (middle initials)
– THOMSON versus THOM5ON (typographical errors, particularly from legacy databases)
– Lynda Joseph versus Linda Josef (acceptable variations in spelling for the same name)
– Lee Hsien Loong versus Hsien Loong Lee (toggle the first name with the last name)
– Juan versus Ivan (cultural variation for the same name)
– Bill Clinton versus William Clinton (nicknames)
– William Clinton versus William Jefferson Clinton (with and without middle name)
– Alexandra versus Sandra (diminiutives)
– Qualifiers (Dr., Jr, III, Esq)
– Qualifiers that become part of name (Haji, Dato, …)
– Mas Selamat bin Kastari (patronym versus family names)
Talk about non Anglo Saxon Names
– André Pierre
– Vincent D’Mello
– Arab names and Chinese names
– Multiple transliteration schemes
Technology involved
24
Technology for name resolution
Levenstein distance between words (used in spell checks all the time)
Soundex (patented 1918) is included with most RDBMS systems.
Four Character code
Plenty of false positives, plenty of false negatives
“Linguist in a box”
25
Blacklist checks
Lists
– OFAC list
– PEP list (RDC, Factiva, World Search)
Challenges
– Mismatch arising from spelling and naming variations
– Rapid updating of lists (think Arab Spring, US senate elections, Singapore General Elections 2011)
Can a name be de-PEPed?
26
Identity Theft and Money Laundering
A customer receives a large number of “below the threshold” remittances. What is going on?
Important to note when money laundering can be combined with other crimes/actions
– Identity Theft
– Deceased Customer
– Stolen/cloned tokens (credit card or ATM card cloning)
War story – how closed accounts are reopened, used for money laundering, and reclosed.
How many times can an account be closed, reopened, and reclosed?
27
What an IT auditor needs to know
Name input problem is almost impossible to fix. What then?
Correct mistakes in databases? Or figure out how to work with these mistakes?
What happens to the source media if we correct the database?
Identity Resolution – self healing, self correcting technology
More the data at disposal, more is the possibility of making correct matches
Relationship Resolution – who is related to whom – are there any hidden relationships?
Real time watch-list filtering (aka OFAC blocking)
How frequently are we keeping our PEP list updated? How tolerant are our computers with PEP
matching?
Inadvertent leakages – customer denied account opening owing to KYC checks. How to inform?
28
What to lookout for
Customer – incomplete documentation, conflicting identity
Account – transaction behaviour, normal limits; Embassy Accounts
Correspondent Bank – shell banks in (former) NCCT list
Household – identify hidden relationships, effective ownerships
Business – some businesses are more money laundering prone than others (jewels, antiques versus
retail supermarkets)
Geography – remittances made to high risk territories
Typical classification – Prohibited, High-risk, Medium-risk, Low/Standard-risk, No-risk
Additive models for risk ranging from 0-10, making an aggregate score of 0-30. Scrutiny accorded
varies with score.
29
Typical behaviour to lookout for
Is the transaction amount more than historic maximum?
Is the transaction amount more than historic average?
Remittances to/from entities in blacklisted geographies, jurisdictions.
Sudden activity in dormant accounts
Smurfing/avoiding reporting limits
Sequentially Numbered Instruments (Money Orders, Cashier Orders, Cheques)
30
Suspicious activities – customer and transaction
Lack of references or identification, non-local address
Identification information provided that the bank cannot readily verify
Transactions requested by non-account holders (e.g. wires, FX, conversion)
Transactions which are not consistent with the customer’s business or income level
Early redemption of certificates of deposits or life insurance policies.
Many, even dollar amount transactions
Wire transfer to bank secrecy haven countries
Incoming and outgoing wires in similar dollar amounts
Numerous deposits or withdrawals under $10,000 over a short period of time
Significant increases in the number or amount of transactions or account balance
Large deposits and balances with little or no apparent justification (wash transactions)
Deposits and immediate requests for wire transfers or cash shipments
Accounts with a high volume of activity and low balances
31
FATF Recommendation 11 &13
Special attention to complex, unusual, large transactions, and unusual patterns of transactions.
Currency Transaction Report – simple to identify and create.
Unusual versus suspicious
Other behaviour – inherently difficult to detect. Mix of false positives and false negatives.
Build versus buy – more accurately, build versus (buy, configure, customize, enhance, fix, upgrade)
Buy from one source of multiple, data/system integration
Plenty of vendors, plenty of solutions
Behaviour Detection System goes down for 4 hours versus ATM goes down for 4 hours (Max Tolerable
Downtime, RPO, RTO)
Recommendation 11 with Recommendation 13 - report suspected transactions to the FIU. Can get
needlessly complex for an international entity.
32
σ σ
5 9 13 14 8 7 10 6 12 11
μ μ μ μ
σ σ
Profile of transaction behaviour
33
Caveats in transaction surveillance
How tight are our parameters? Are we getting too many alerts or too few?
Do we have the capacity to investigate too many alerts? What if we miss some alerts?
How can we get smarter about our monitoring? (Hint: find a way to tell low risk transactions from high
risk transactions)
How effective is our data capture mechanism?
34
Some statistics from Singapore
STRs filed - 11,004 in 2009 (down from 12,158 in 2008)
Convictions - <20/year. Emphasis on crime prevention rather than convictions. Count of predicate
offences also needs to be considered.
35
Fly in the ointment
How clean in the data – customer data, occupation, employer, income…
Junk in the data – default phone numbers, missing date of birth, …
Multicurrency and multinational details – comparing USD data with SGD data
Definitions – weekend (Sat/Sun, Fri/Sat, Thu/Fri, Thu/Sun)…
Data ported across applications – CRM data used for Customer Due Diligence
36
What Terrorist Financing Entails?
Deny the terrorists the source of funds and terrorist attacks vanish
Terrorist Financing – start with clean funds, end up financing terror activities. No re-circulation of funds.
Hide the purpose for which funds are meant to be used, rather than convert illegally obtained funds to
clean money.
Cost of pulling a terrorist attack – 911, London Bombings (2005), Madrid Bombings, …
Is it worthwhile countering funding of terrorism? Or should we counter terrorist activities?
One size fits all – not always
Different goals of Money Laundering and Terrorist Financing
Common methods – deceit, fragmented compliance, buying political influence, bribe corrupt officers, …
37
Terrorism – what is it?
Cyberterrorism?
Economic disruption?
Gang wars?
Civil wars or traditional wars?
Struggle for self determination? Excesses of law enforcers?
Actions of an impartial judiciary? Actions of a partial judiciary?
“use of violence for political purposes, perpetrated by an individual or a group, acting in favour of or in
opposition to the existing government, and meant to intimidate those beyond the immediate victims”
38
Who funds the terrorists?
Legitimate Commercial Enterprises – Osama bin Laden’s construction business….
Criminal Activities – Kidnapping and Piracy for Ransom, protection money, human trafficing
Social and Religious Donations - Since the early 1990s, terrorist groups have relied increasingly on
donations from social and religious organizations for financial support.
State Sponsors. Several rogue nations—Cuba, Iran, Iraq, Libya, North Korea, Sudan, and Syria—have
provided material assistance, financial support or other resources to terrorists.
39
Flying under the regulatory radar
Stored value cards – help circumvent the declaration/disclosure requirements
MSBs are regulated by money changing services within hotels are not. Structuring?
Cash couriers – how many persons visit Singapore everyday for work? From Indonesia? From
Malaysia?
40
Moving terrorist money around
Cash couriers – counter these using currency declaration.
Traditional Banks – transfer small amounts, stored value cards, prepaid cards,…
Money Changers - remittances
Underground Bankers – also known as Hawala, IVTS, ARM, Black Market Peso Exchange
41
Components for a robust AML/CFT programme
Customer identification
– Name screening and blacklist checks
– KYC
– CDD, EDD, SDD, PEP
– Customer profiling
Transaction behaviour
– Sophisticated databases
– Complicated algorithms
– Data management and quality control
Investigation and alerting the FIU
KYC war stories: http://www.hkma.gov.hk/eng/key-information/guidelines-and-
circulars/circulars/2004/20040702-1.shtml
42
Time for introspection
Do not spend $1000 to solve a $100 problem
Are we spending too much on combating funding of terrorism? Or too little? How much is just right?
Bank spending on countering Money Laundering – how much is too much?
Direct the spending on low hanging fruit or the hard-to-reach places?
Enthusiastic compliance does not equal effective enforcement
43
Thanks!!!
