A sensible approach or a missed opportunity? As we go to press, the UK Government has just published three key reports. One is a detailed response to the consultation launched last year seeking industry views as to how the UK’s Money Laundering Regulatory framework could be made more effective. Alongside that are two post implementation reviews (PIRs) covering OPBAS, the umbrella body for professional services supervision and a review of the current (2017) regulations themselves, looking at just how well we are doing so far in both areas.
All of this activity was in response to objectives set out in the UK’s Economic Crime Plan 2019-2022. The big question of course is all of this making a real difference? It’s probably too early to judge, but there’s more analysis on this from Financial Crime Compliance consultant, Mike Harris in the vlog below.
We’ve had 10+ years of regulation and tightening up with some progress to report in certain areas, but what will it take to actually make a real difference in this world? £26bn (the annual cost of compliance is a huge sum of money but what value is the industry really getting? Arguably long overdue, we are finally seeing the focus change from technical rules lead compliance – the ‘tick box approach’ – to one of effectiveness and impact.
Of course, focussing on effectiveness is a much more rigorous challenge and requires measurement of outcomes, i.e. impact rather than activity and that’s much harder to do. In the absence of scientific measures, we can only award ourselves a subjective effectiveness score, but how do you know what percentage of all money laundering has been stopped when everything you miss is effectively invisible? If you prescribe to the FATF approach to effectiveness, the focus should simply on keeping bad actors firmly out and protecting the financial system for everyone. To do this, compliance officers must make it their life’s work to be the proverbial thorn in the side of financial criminals, like some fictional detective leaving no stone unturned screening for risk across customers, third parties and counterparties.
HM Treasury publish far-reaching responses to 2021 consultations
We’ve had not one, but two responses to consultations published by HM Treasury recently following consults about UK Money Laundering Regulations last year.
In the first response, HM Treasury has proposed a number of amendments to the UK’s 2017 Money Laundering Regulations, including:
- Granted the regulator rights of access to Suspicious Activity reports, which it believes will put greater emphasis on improvement in the quality of SARs submitted.
- Adoption of FATF Recommendation 1, including adding a clear definition of ‘proliferation financing’ into the regulations.
- Extending FATF’s Recommendation 16 – the so-called ‘Travel Rule’ – to Virtual Asset Service Providers (VASPs), requiring transfers to include originator and beneficiary information, which will be an interesting technical challenge for vendors.
- Quite a lot of other detail covering public registers, changes to who is in regulatory scope, forms of business arrangement and more.
LNRS Comment: There is a lot of detail in this report which all AML regulated firms will need to take time to digest. Extending the ‘travel rule’ for crypto currency transactions will be seen as controversial. The rule has long been best practice for managing money laundering risk in wire transfers of conventional currencies and FATF recommended it be adopted in crypto transactions as long ago as 2019 – but finding a common approach, agreeing data standards and workable technical solutions has been a challenge ever since. Any firm involved in crypto transactions will need to get to grips with this requirement very soon!
Very recently, (30 June), FATF published a progress update on implementation of their standards on virtual assets and VASPs, highlighting that only limited progress has been made in the past year on the so-called Travel Rule and that more urgency is needed by jurisdictions to accelerate their implementation efforts towards full compliance. They also highlighted the abundance of technological solutions available in market to facilitate Travel Rule compliance, indicating that they (and possibly other regulators / supervisors) are becoming increasingly willing to proactively encourage the adoption of technology to support compliance programs!
Further reading: The detailed readout can be found on gov.uk here: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1083351/MLRs_SI_2022_-_Consultation_Response_final.pdf
FATF’s comments can be found here: https://www.fatf-gafi.org/publications/fatfrecommendations/documents/targeted-update-virtual-assets-vasps.html
The second response is a more far-reaching and long-overdue root and branch review of what needs to be done to improve the effectiveness of the UK’s Money Laundering regulations and as such we’re still digesting it in full. The post implementation reports (PIRs) published in parallel should also be read in conjunction. There’s lots to weed through in this report, but here’s an initial response by AML compliance consultant, Mike Harris.
One significant thing that stands out however is that statement that many smaller and newer regulated firms have “neither the knowledge or the resources to apply the risk-based approach” – clearly a significant issues with the ability for industry to effectively apply the RBA across the field.
There’s lots to weed through in this report, but here’s an initial reaction from AML compliance consultant, Mike Harris.
Further reading: If you have time to read the full response documents, they can be found here: https://www.gov.uk/government/publications/review-of-the-uks-amlcft-regulatory-and-supervisory-regime
Just in – FATF reveals strategic focus for coming year
The Financial Action Task Force (FATF) has published the minutes of its latest plenary session held in June, revealing a few strategic initiatives were discussed. Given these plenaries are always a good indicator of what’s on the group’s horizon and make for essential reading for all practitioners.
Notable points from the discussion include:
- Proposals for a risk-based approach for Real Estate
- Implementation guidance on FATF recommendations for UBO information including Trusts and other legal entity arrangements
- President elect, Raja Kumar (Singapore) outlined his early priorities, covering strengthening of asset recovery and better cross-border collaboration to tackle cybercrime fraud/scams and ransomware.
LNRS Comment: One of the biggest challenges for real estate firms is dealing with clients who purchase a property through an overseas entity such as a shell company, a trust, or an offshore company. Discovering the UBOs in these types of organisations is very difficult even with access to the very best data sets, often the information simply doesn’t exist in a public domain. To fulfil their AML obligations the property sector is going to need detailed guidance to help them understand the steps they should take to access the records they need. The proposed FATF guidance must step up in that regard and give sufficient guidance,
Further reading: The full report on the June Plenary can be found here: https://www.fatf-gafi.org/publications/fatfgeneral/documents/outcomes-fatf-plenary-june-2022.html
FATF latest progress report – industry “must try harder”
The Financial Action Task Force (FATF) mutual evaluation report (MER) on the UK’s defences against money laundering and the financing of terrorism raised quite a few eyebrows when it was published in 2018, painting a somewhat sugar-coated picture of how well the UK is performing against FATF’s 40 Recommendations.
Fast forward nearly four years and the financial services industry held its collective breath before reading FATF’s latest follow up report.
Two years of pandemic and accelerated digital transformation, combined with a rapidly evolved and sophisticated criminal community taking full advantage, has radically changed KYC for most regulated firms.
That didn’t stop FATF puling the punches however, reading like the quintessential end of term school report feared universally by parents – some progress made, but must try harder!
Progress was recognised in a number of areas, including correspondent bank due diligence covered in ‘R13’, and maintained compliance in ‘R2’, which covers money laundering offences.
On the other hand, two critical areas that have long been recognised as needing improvement were also called out, being:
- SARs: process shortcomings continue, relating to a substantial lack of resource compared to the mountain of reports, the size and importance of the UK’s financial services sector and an ongoing lack of IT capability in some key areas (‘R29’).
LNRS Comment: The continued volume of SARs being generated means the National Crime Agency can only scratch the surface of what should be being investigated. Until we see a meaningful adoption of technology, supported by trained analysts and risk experts, so much financial crime will continue to go undetected.
- Cryptocurrencies (‘R15’): The UK has continued to take steps to ensure virtual asset service providers (VASPs) – digital wallet providers, virtual currency exchanges and IT infrastructure providers – are subject to AML regulation. The interim report made clear that the UK falls short in implementing the ‘travel rule’, designed to govern both ends of a virtual currency transaction. It also acknowledges that it’s too soon to assess if the UKs regulatory approach is truly risk-based.
LNRS Comment: The association between cryptocurrencies and both money laundering and sanctions evasion is widely documented. Major concerns remain about the transparency of virtual transactions and the corresponding lack of jurisdictional control. VASPs tend to be innovative, tech-oriented, entrepreneurial organisations with which clunky AML compliance does not usually comfortably sit. Much more needs to be done to help integrate such companies into the regulated sector, using the right balance of ‘carrot and stick’. Without it, the UK will not become a natural habitat for this embryonic industry.
A final thought – even if the UK achieved full compliance with all 40+ Recommendations areas, would we see a massive improvement in tackling the UK’s money laundering problem? My honest assessment is, probably not. Not until the efficiency problem is well and truly cracked.
Further reading: The 2018 mutual evaluation report (MER) can be found here: https://www.fatf-gafi.org/media/fatf/documents/reports/mer4/MER-United-Kingdom-2018.pdf
Sanctions Compliance just became way more complex
Since February, over 6000 entities and individuals have been designated as sanctioned in response to Russian aggression in Ukraine, with the USA, EU, UK, Australia, Japan and Switzerland leading the charge.
It goes without saying that this has presented firms with a minefield of screening responsibilities, and the prospect of financial penalties, potential criminal charges, and reputational damage, if they slip up – no pressure then! Not only that, but they must account for indirect risk exposure via suppliers or third parties, too – a far more complex undertaking.
Added to which, Russian sanctioned individuals are becoming well-versed in hiding their wealth, having been subject to increasing measures since the annexation of Crimea in 2014.
The truth is that for any organisation managing a sanctions screening programme it is fraught with difficulty. Published lists are essential, but increasingly firms need to keep a vigilant eye on the wider sanctions landscape beyond the individual or entity’s inner circle, monitoring counterparties and other associates.
Intelligence gathering is essential. If there’s a higher than average risk of your customer, third party or counterparty being a sanctioned entity (due to the sector in which they operate), be extra vigilant for red flags like front companies, complex ownership structures, nominee management, and proxy networks.
One easy way to give yourself the upper hand is ensure that you are working with the very best, expertly researched sanctions and watchlists data, such as World Compliance data.
LNRS Comment: When it comes to sanctions, knowledge is power, so I strongly recommend as much further reading as you can find. There’s lots of freely available information from OFSI, and useful video content from LexisNexis Risk Solutions that can shed some light on the issues:
OFSI Sanctions FAQs: https://www.gov.uk/government/publications/financial-sanctions-faqs
The Sanctions Pulse – a twice-yearly infographic and video series by LexisNexis Risk solutions providing a valuable analysis of the shifting state of global sanctions: https://risk.lexisnexis.com/global/en/insights-resources/infographic/sanctions-pulse
Further reading: Forbes ‘Evading Sanctions: A How-To Guide for Russian Billionaires’ brilliantly illustrates the tactics being used to subvert sanctions measures: https://www.forbes.com/sites/giacomotognini/2022/03/09/evading-sanctions-a-how-to-guide-for-russian-billionaires/
Just launched: LexisNexis Sanctions Pulse Special Edition evaluates sanctions impact of war in Ukraine
LexisNexis Sanctions Pulse Special Edition evaluates sanctions impact of war in Ukraine
This latest infographic outlines the speed and scale of recent watchlist updates. More than 2,300 designations relating to Russia were added to EU, OFSI (UK) and OFAC lists between February 23 and March 31, 2022 – this compares to 150 net designations for all sanctions programs for the same period last year. Download the free infographic to get the full view on how the sanctions landscape has changed as a result of the conflict.
FCA fires warning shot at the Challenger Banks
As you will undoubtedly have seen that FCA took Challenger Banks to task recently for failing to implement robust AML controls in line with Money-Laundering regulations – hot on the heels of a 2021 ‘Dear CEO’ reprimand.
The FCA’s report raised particular concerns that as Challenger Banks scale, their AML controls will simply continue to fall below standards.
It’s not just the FCA that hold concerns about these newer institutions. The latest National Risk Assessment of money laundering and terrorist financing (2020) put the entire retail banking sector at ‘high risk’ and called out particular weaknesses in Challenger Banks.
All this points to the Challenger Banks needing to do far more to strengthen processes, even if that means sacrificing the faster onboarding for which they’re known.
But what does ‘do more’ boil down to? Here’s my three-point plan:
- Take a risk-based approach: implement a proper risk assessment that assesses the full spectrum of financial crime risks, rather than doing only ‘what’s required’. That means looking at business operations, industries, geographies and services required. There’s no shortcuts in proper due diligence. A free RBA guide is available here, for more help: https://lexisnexis.turtl.co/story/taking-a-risk-based-approach/page/1
- Learn to spot heightened risk: Not all risk is equal. EDD is undoubtedly resource intensive, and complex but it must be done if there’s any risk associated with doing business with an individual. In the long run, reputational damage is far harder to rectify
- Sort out your transaction monitoring processes: alerts can quickly become mountains of work and backlogs and absorbing valuable analyst resource. Machine learning algorithms can deal with a high percentage of the alerts routinely, freeing up human resource to focus on the intelligent work.
The right controls – whilst initially requiring heavy lifting to achieve – will pay dividends in time for Challengers, helping avoid the risk of enforcement action and heavy fines, but more importantly ensuring compliance teams work as effectively as possible, as the bank grows. For a growing business, reputation is everything. It’s not worth risking.
Check out this really useful blog: 7 Ways Challenger Banks can ensure their AML controls are effective: https://blogs.lexisnexis.com/financial-crime-in-focus/7-ways-challenger-banks-can-rise-to-fcas-call-for-more-effective-aml-controls/
LexisNexis Risk Solutions has produced a handy, free to access RBA guide, for more help.
If you haven’t already it’s worth reviewing the full FCA report: https://www.fca.org.uk/publications/multi-firm-reviews/financial-crime-controls-at-challenger-banks
The Rise of ESG Compliance around the world
When the Modern Slavery Act came into force in 2015 in the UK it was the first time that the pernicious nature of human trafficking, modern slavery and child abuse in global supply chains was truly and formally recognised. It said that all firms with annual sales of over £36m are required to: Take action to identify, prevent and mitigate modern slavery in business operations and supply chains.
And publish an annual statement to report on these actions – within six months of the company’s financial year-end.
Since the Act however, progress has been somewhat muted. In 2018, it was reported nearly 7000 people had been identified as potential victims of modern slavery, four times more than in 2013.
That drove the UK Government in 2021 to announce a review, including making compliance mandatory and penalties for non-compliance more severe. The new Bill (currently still in Parliament) will make it a criminal offence to falsify statements, or to continue to use suppliers who fail to demonstrate minimum standards of transparency.
In parallel, the £33.5m Modern Slavery Fund aims to support projects designed to tackle issues of trafficking and slavery on a practical level, consisting of 5 Pillars, each with specific goals.
The UK is by no means the only jurisdiction busy introducing new legislation to tackle modern slavery, human trafficking, human rights abuse, child labour and related criminal activities:
- The new German Supply Chain Due Diligence Act becomes law in 2023.
- The EU introduced the Corporate Sustainability Due Diligence Directive this year, with a focus on sustainability and responsibility in the global supply chain.
- The USA is passing its own version – The Slave Free Business Certification Act, requiring businesses with annual revenue greater than $500 million to audit their supply chains.
- Similar legislation is also appearing in Finland, Romania, Netherlands, Belgium and Hong Kong on top of the existing legislation in UK, Australia and Switzerland.
The key issues for all firms globally will be what to do about it? In my view firms need to make a number of adjustments to their processes:
- Organisations that meet the thresholds will need to do a root and branch risk review of their entire end-to-end supply chain and counterparties such as correspondent banks and other third parties, including screening against adverse media and where there’s exposure to ESG risks, deeper due diligence may be needed.
- Firms with corporate clients who are subject to the various new ESG related laws will need to build this into both their initial risk assessment and ongoing monitoring and try to better understand what are the money flows and red flags to look out for.
- All businesses are going to have to up their game to understand where the potential modern slavery related risks might be in their supply chain. It’s not something that just happens in far-away places, it’s on our doorsteps in the car washes, nail bars, fast food outlets and takeaways we use. It’s on farms, in food processing plants and in sweatshops in the garment industry. Businesses exposed to these sectors must be especially alert and conduct thorough customer-facing staff training to recognise the risks.
- Self-declaration from the supplier won’t be enough – firms cannot rely on the word of others and must undertake their own checks – after all with the penalties so high, is it a risk worth taking? Again, the clothing, sports goods, IT and telecoms, food and agriculture sectors are particularly high risk and firms with exposure to them should take particular care.
This area of due diligence is clearly gaining global traction and now is a good time to horizon scan and prepare your compliance functions with the data, technology and people skills you need.
Read the Modern Slavery Fund’s 5 Pillars: https://www.gov.uk/government/publications/modern-slavery-fund-review/modern-slavery-fund-review-2019-to-2021-findings-lessons-and-recommendations-accessible
Don’t miss, The Smoking Gun and Drown out the Noise, two excellent new short video interviews on Adverse Information Screening best practice, with Nina Kerkez and guests. There’ll be more episodes coming soon – essential watching for anyone involved in this difficult screening discipline. Available on our Financial Crime in Focus Blog page: https://blogs.lexisnexis.com/financial-crime-in-focus/uk/
Accountants are deeply concerned about money laundering
Accountancy Today research reveals that 70% of Accountancy firms have deep concerns that their firm may be the target of money launderers. Over 50% reported at least one instance of suspected money laundering in the past 3 years. Importantly, 87% report they are reviewing and implementing more robust AML controls as a result.
Read the full article, here: 70% of accountants have money laundering fears, report finds | Accountancy Today
Can Crypto shake its shaky reputation?
According to an article in Coindesk, it is becoming increasingly difficult for criminals to cash out the proceeds of crime via crypto exchanges, as global controls improve. The key, the article states, is to ensure the crypto industry adopts a compliance focussed culture if perceptions are to be changed.
The article goes on to provide a number of practical ways this can be achieved and is a worthwhile read: https://www.coindesk.com/layer2/2022/06/06/crypto-can-overcome-its-reputation-as-a-weak-link-in-financial-crime-heres-how/
The most recent agreement reached on European crypto-assets regulation (MiCA), aims to brings crypto into closer convergence with the fiat currency world and make it a relatively safer place. To avoid overlaps with updated EU AML legislation, MiCA says it will not duplicate current AML provisions. However, further legislation may be required given recent proposals to extend the Travel Rule to cover transfers of all crypto assets. It also states there should be no minimum thresholds nor exceptions for low value transfers and recommended setting up of a public register for noncompliant crypto assets service providers which are prohibited from engaging in transactions with EU entities.
Before you go…
We’re delighted to report that this blog celebrates its 5th anniversary this year. Throughout that time the financial crime risk landscape – much like this blogs authors – has morphed and adapted to ever-changing global situations, but has never diminished. Happy Birthday Financial Crime In Focus!!!
As ever, if you need assistance in any of the areas covered in this blog then LexisNexis Risk Solutions provides a suite of data, data analytics and technology solutions to design and create a robust framework that will combat money laundering efficiently and effectively thus protecting the business, its customers and all stakeholders from the impact and damaging effects of financial crime.
Subscribe today to Financial Crime in Focus to receive regular email updates.