Sanction evasions, regulatory updates and cryptocurrency conundrums

14/04/2022

Naturally, recent financial crime news has been dominated by the shocking invasion of Ukraine by Russia.

Compliance teams in all sectors are now wading through the highly complex task of implementing extensive new sanctions measures imposed by the UK, EU, USA and others since the start of the conflict, but this is only a part of the challenge. Firms must not only address the vastly higher volumes of global sanctions being imposed on individuals and organisations which vary by regime, but they must also account for the rising practise of evasion tactics being employed by those moving to protect their assets, if they wish to avoid fines. We explore this in more detail below.

Elsewhere in this edition we look at the ever-evolving role of the compliance officer and cover some of the latest updates in our Regulatory review. We look at the latest trends in cryptocurrency regulation and consider what digitisation might look like for KYC. Finally, we report on the latest edition of ‘SARs in Action’ and the links between wildlife trafficking and drugs cartels.

Russian Sanctions: managing the evolving risks

The array and comprehensiveness of sanctions imposed by western governments in response to Russia’s aggression has made sanctions risk screening immeasurably more complex and tougher.

Sanctions screening analysts are all too aware that the real challenge lies in uncovering hidden risk – who are the companies and individuals behind the green curtain? Implementing the ‘50% in aggregate rule’ introduced during the first wave of Russian sanctions in 2014, added an additional layer of complexity to sanctions screening.

Several news reports have emerged of how wealthy Russians have sought to move their money out of range of western sanctions, snapping up property in Turkey and the UAE, as well as gold and other luxury assets.

‘Fronts’ – a range of tactics, from signing over assets to relatives, appointing nominee shareholders or using offshore and shell companies, to obfuscate true ownership – are in widespread use. With help from sympathetic lawyers and accountants, wealthy individuals are exploiting every trick in the book to conceal their money and other assets, as Forbes illustrates in detail.

For its part, the Russian government is coming to the aid of the wealthy elite by restricting company information in its corporate registry data to hide ownership and creating ‘special economic zones’ where Russian companies can redomicile out of range of sanctions.

Cryptocurrency has also seen a renaissance over this period as a quick and convenient way for individuals to move funds without attracting the attention of the global banking fraternity, as president of the European Central Bank, Christine Lagarde, observed recently. However, the virtual currency is also playing a positive role in the conflict, providing a means for those fleeing the conflict to move assets securely and providing an alternative for those unable to access cash from the country’s beleaguered banking system. New Scientist magazine reports on this in detail.

In another example of evasion tactics, Russian shipping vessels carrying oil and chemical products – having been turned away from several UK ports over recent weeks – are avoiding detection by ‘going dark’; turning off location transponders to make it difficult to follow their movement around the world.

This is just a snapshot of the many possible ways in which sanctions may be being circumvented, so what does it mean for sanctions screening teams?

In short, there’s no easy answer. Analysts simply must do their homework and stay on top of the evolving tactics, follow geopolitical trends and ensure their screening compass is pointing in the right directions. Enhanced due diligence measures and a thorough risk-based approach anywhere that evasion tactics are likely being employed, is really all anyone can do to avoid a breach.

A recent amendment to the Sanctions and Money Laundering Act (more details below) adds further pressure for UK firms to get their screening activities right first time, every time and puts firms relying on data directly from source, or obtained via manual search, at higher risk of fines.

As always, the key is high quality, well-researched, extensive data that’s up-to-date and enriched with visual networks showing all known and connected entities – without it, you’re effectively operating blind.

Regulatory update

The crisis in Ukraine has prompted the UK Government to bring forward legislation in the Economic Crime Bill (passed through Parliament on the 15th March) designed to improve transparency of ownership of the wealth pouring into the UK from overseas. One of the key measures targeting this well-known money laundering channel is the creation of a new Register of Overseas Entities, designed to record the true beneficial owners (natural persons) of companies set up to purchase land and property registered in the UK, where the persons hold 25% or more of the share capital or voting rights of the holding company. The timetable for the Register to go-live is continuing at pace, according to the UK Government’s own fact sheet. Also, important to note that in England and Wales the register will require overseas firms owning land and property in the UK to register retrospectively to 1999. For financial Institutions this will eventually mean that in addition to identifying beneficial owners on newly onboarded companies, firms will need to carry out retrospective UBO checks on their entire existing book of customers in this category – a somewhat formidable task for many firms, and one that calls for access to the most up to date and reliable sources of UBO data.

As we’ve already mentioned, a recent amendment was made to the Sanctions and Money Laundering Act. The change introduces a strict liability clause that significantly raises the possibility of firms being fined following a sanctions breach. The new rules mean that a firm can be fined ‘whether or not they knew or suspected they had breached sanctions law’, which effectively removes ignorance as a legal defence against a penalty. The implication for companies is once again the need for tighter than ever due diligence and screening procedures to avoid penalties.

Corporate transparency is a universal challenge for financial crime compliance professionals. In support of global efforts to improve it, FATF recently consulted on Recommendation 24 (of the 40 recommendations) that deals with this area, resulting in a commitment to strengthen requirements on member countries to collect beneficial owner information and create a public register of corporate entities. The changes include stronger controls to prevent the misuse of bearer shares and nominee arrangements, both common tools used to hide true beneficial ownership. Still, with only around 30 countries having created a public register to date, there is a long way to go. Meanwhile, the burden remains on financial institutions to verify beneficial owners, which requires access to high quality, expertly-researched data and search tools.

Another ongoing area of change in the UK is the reform of Companies House, designed to significantly strengthen the UK’s corporate registration framework and prevent its role in facilitating financial crime and money laundering. The UK Government recently published its white paper on how it intends to progress with the reform, which includes powers to allow Companies House to evolve from a passive recipient to an active gatekeeper of information and custodian of more reliable data. This includes the mandate to verify the identity of directors and shareholders, thereby significantly reducing the capacity for companies to be formed as legal instruments for the laundering the proceeds of crime. The whitepaper is available to read here and we’ll cover more on this exciting reform in forthcoming editions of this blog.

Cryptocurrency conundrums

The deadline for virtual asset service providers (VASPs) to register with the FCA in the UK, or cease trading, passed recently, on 31st March after an extension to the original deadline in 2021.

Since being brought into regulatory scope through the 5th EU Money Laundering Directive two years ago, cryptoasset firms are now required to implement AML Controls and fall into line with others in the mainstream financial services sector.

Registration has been slow, with just five crypto companies remaining on the Financial Conduct Authority’s (FCA) temporary registration (TRR) list and 33 firms applying for registration by the deadline. The UK is currently home to 249 high-growth companies developing blockchain-driven software and blockchain services and this leaves uncertainty as to how many will remain in the UK. For small, innovative firms implementing AML controls is a rigorous process requiring considerable resources and complying with FCA requirements frustrating, yet the growing concerns about the extent to which cryptocurrencies are being used for money laundering purposes have led to international pressure for regulation.

Regulatory pressure on VASPs is apparent in other jurisdictions too, with the Financial Action Task Force (FATF) recently setting out its guidance for member countries and in doing so, making it crystal clear how important it is to bring this fast-moving sector in line with mainstream financial services.

And the reasons for doing so are well illustrated in another recent and in-depth report published by Chainanalysis which paints a comprehensive picture with compelling statistics, showing the close relationship between cyber-related crime and digital currencies. The report intriguingly points to the fact that the majority of crypto-related laundering is facilitated by a relatively small band of bad organisations, two examples being the OFAC-sanctioned Suex and Chatex, dubbed ‘two of the worst-offending money laundering services’ for their role in accepting funds from ransomware operators, scammers, and other cybercriminals.

It goes without saying that any firms with exposure in this sector should double-check their customer portfolios for any similar organisations providing such services and conduct thorough KYC checks on these businesses taking the Risk-based Approach to ensure their activity is closely monitored and risk assessed.

The future of financial services with data and technology

Understanding how technology, data and data analytics can transform KYC and bring it into the digital world, seamlessly connected to the customer, is essential.

With the costs of AML compliance for firms growing exponentially and major process inefficiencies leading to effectiveness of AML controls suffering as a result, financial services organisations are having to urgently consider fast-tracking the digitalisation of their KYC/AML processes to meet their future AML challenges.

Digital disrupters and fintech’s seamless delivery of services across digital-only channels sets consumer expectations of what service can be like and as people access an increasing variety of services online, including managing their financial services, those companies that fail to innovate across their customer journey will miss out.

Yet many organisations are still working with clunky, disparate KYC solutions that lack any direct connection with the customer – systems designed for a different era and now unfit for purpose. Consultants McKinsey & Company make a compelling business case for all firms to take their futures in their hands and commit to building a next-gen KYC capability as this excellent article explains.

It would be remiss to talk about next-gen KYC capability without mentioning orchestration. This intelligent workflow combines the seamless management of the customer lifecycle with strong financial crime and fraud management tools, bringing together KYC, KYB, AML screening, identity verification, transaction monitoring and more into a simple, single customer view of risk. Perhaps more compellingly it does this while taking away the headache of firms having to integrate multiple point solutions and manage individual vendors, with a single vendor contract and simple no code API. Little wonder that its market Guide for Identity Proofing and Affirmation, analyst firm, Gartner said: “by 2023, 75% of organizations will be using a single vendor with strong identity orchestration capabilities and connections to many other third parties for identity proofing and affirmation.

If you want to know more about the art of the possible with data, technology and orchestration in AML, as always LexisNexis Risk Solutions can help.

Finally…

The National Crime Agency (NCA) just published the latest edition of ‘SARs in Action’ its magazine covering a diverse range of topics relating to the SARs regime. This edition includes an article on the latest government initiative, Combating Kleptocracy Cell, aimed at tackling, among other things, criminal sanctions evasion and high-end money laundering.

Wildlife and drugs trafficking are sadly never far from the headlines and much more needs to be done to understand the money flows and typologies associated with these activities. This podcast from Brookings, the not-for-profit researchers into global issues, gives deep insight into the links between drugs cartels and wildlife trafficking and the global nature of the criminal gangs and networks involved.

Our thoughts are of course are with the Ukrainian people at this time and we hope for a swift end to the conflict. Thanks for reading.