160 likes | 355 Views
Anti-Money Laundering Business Requirements. The basic AML business requirement is compliance with the USA Patriot Act and the underlying Bank Secrecy Act. These Acts lay out three basic categories of anti-money laundering requirements: Know Your Customer (KYC)
E N D
The basic AML business requirement is compliance with the USA Patriot Act and the underlying Bank Secrecy Act . These Acts lay out three basic categories of anti-money laundering requirements: • Know Your Customer (KYC) • Currency Transaction Reporting (CTRs) • Suspicious Activity Reporting (SARs) To maintain these capabilities, certain steps are specifically required • Designate an AML compliance officer • Develop internal policies, procedures, and controls • Conduct on-going employee training programs • Perform independent audit functions to test program Failure to comply can lead to serious regulatory consequences and damage to reputation.
“Know your customer” has several dimensions: • Taken literally, the bank must know who its customers are. What businesses are corporate customers in? What are the normal business transactions the bank should expect the customer to be using? • If the bank has no ID standards (or enforcement) they may be in violation. • If the bank does not even know the SIC code for corporate customers, how well do they “know” those customers? • Customers must be screened against the OFAC list. Typically this is done with software and an OFAC database. International customers may present special risks. • What is the history of the account’s activities in dollar amount and volume of various transaction types? Is the customer’s current activity now different, (and therefore, potentially suspicious)? Analytical engines are typically used to address this requirement.
Currency Transaction Reporting typically is supported by a specific system designed for CTRs. • The bank’s CTR system produces and files reports of transactions involving $10k of cash or more for customers (except some which are exempt). • The CTR system may or may not have the capability of identifying instances of multiple transactions adding to more than $10K in a day (a practice known as “structuring”). • Filing a CTR does not relieve the bank from responsibility to determine if a Suspicious Activity Report (SAR) needs to be filed as a result of the same transaction. If the transaction involves structuring, an SAR must be filed. • We have observed that there is opportunity for to improve monitoring of the consistency of CTR reporting by • Using analytic engines as a cross-check on CTR reportsto catch structured deposits • Tracking branch net cash flows and comparing them to CTR totals
SARs require more judgment than CTRs to determine when they need to be filed. To quote the Bank Secrecy Act (BSA): The SAR should be filed if the bank knows, suspects, or has reason to suspect that: • The transaction involves funds derived from illegal activities or is intended or conducted in order to hide or disguise funds or assets derived from illegal activities (including, without limitation, the ownership, nature, source, location, or control of such funds or assets) as part of a plan to violate or evade any federal law or regulation or to avoid any transaction reporting requirement under federal law; 2. The transaction is designed to evade any regulations promulgated under the Bank Secrecy Act; or 3. The transaction has no business or apparent lawful purpose or is not the sort of transaction in which the particular customer would normally be expected to engage, and the bank knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction."
In practice these are not easy judgments to make. • The first line of compliance the account officer, who has the primary duty to know the customer. • With millions of retail accounts in a large bank, this is not very practical. • For commercial accounts, however, having accurate knowledge at this level and calling accounts to the attention of compliance personnel is a vital step in AML compliance. • The second line of defense in the banker assisting in a transaction. This may be on the teller line, in the wire room, in a call center, or anywhere else a banker helps a customer perform a transaction. They must determine if the transaction might meet one of the BSA requirements and, if so, report it to the AML compliance group. • Finally, there are analytic engine capabilities: • To identify patterns of prior account, customer and peer group activity and compare current activities against these. • To identity activity failing to pass pre-specified hurdles expressed in the form of Boolean logic • To identify activity in hot-listed accounts • To track the disposition of alerts being investigated through workflow capabilities.
The basic principle of most analytic engines:All “suspicious” activities are somehow unusual. But not all unusual activities are suspicious. To find the suspicious, analyze the unusual. All Transactions Unusual Transactions Suspicious Transactions
Analytic engines key function:Activities noted as “unusual”, hot-listed, or in violation of business rule logic are ranked and sent for human review. • The unusual activity, hot-listed activity, and business rules violations should be designed, weighted, and tuned to sort out for human attention the activities most likely to require filing of SARs. • “Unusualness” weightings are used to rank the degree to which, for any account or customer or correspondent bank… • is the volume or dollar amount of transaction activity… • for the day or month… • significantly different from historic patterns for the entity or its peer group? • The better the system can correlate its rankings with the regulators’ sense of what the bank should deem “suspicious”, the more effective and efficient the banks AML compliance program will be.
To understand what types to patterns to look for it is useful to understand what techniques are used to launder money and how a bank might spot such activity: Techniques, page 1 of 5 • Structured Transactions Also known as Smurfing, this is the use of many small deposits into multiple accounts through multiple branches and (usually) multiple banks. There is usually one or more consolidation account into which the funds are transferred for disbursement or access. Systems can be used to spot unusual volumes of cash deposits or cash deposits of over $10,000 a day to a single customer (if properly linked to accounts). The concentration accounts will typically be making international wires or large checks outgoing. They may be spotted due to the size, frequency, or destination of wire transactions being odd versus a useful peer group. • Hawalas Also known as Hindis, this is an international network of small businesses which do money transfer on the side or in the back room as their real primary source of income. A store owner in the US takes cash, then calls a friend in Pakistan and tells him to give rupees to a specific individual there. The US cash gets mixed into the daily till deposit for the retailer. In the other direction, Al Quad may fund operatives in the US. by the reverse route. Periodically the storekeepers settle with the network of friends on a net basis via a few occasional wires. The best way to spot Hawala activity is flagging their occasional net settlement via wire. While both the volume and amount may be small, no such wires would be “normal” for similar small businesses.
Laundering techniques, continued. 2 of 5 • Corporate fronts Any business might be used as a laundry. Companies dealing with cash sales or expenditures might be involved or may have employees doing substituting cash for checks received then using legitimate customer checks to deposit in their own accounts. There are many variations of use of corporate fronts to gain the appearance of legitimacy. Unusual activity in cash or wires is the most likely way to identify corporate money laundering. Accurate and useful peer grouping is required for this to be effective. Industry code is probably the best peer group for comparison. • Black Market Peso Exchange A sophisticated matching of the needs and assets of multiple players: • US or foreign exporting or importing companies • Wealthy foreign individuals wanting to hold US dollars as a hedge against local currency risks • Drug dealers have dirty $ and want clean funds in any currency. Unusual activity in cash or wires in corporate or private banking accounts is the most likely way to identify this activity. Again, accurate and useful peer grouping is required for this to be effective.
Laundering techniques, continued. 3 of 4 • Loans Give someone cash, get a “loan” which is never paid off. Alternatively, get a loan then pay it off in cash. This is likely to involve a bank employee in the scheme. Look at all accounts which might be used to apply cash against a loan. These might be internal DDAs. If they are GL accounts then the bank may want to change procedures to utilize DDAs instead. • Anonymous asset plays Assets might be used (gold, diamonds, real-estate, stocks, coffee beans, etc.). The assets might be bought for cash and sold for clean looking funds. They might be moved or repackaged in some way. Or they may be used as loan collateral to get funds then forfeited. This activity may show up in unusual cash and/or wire transactions. Again, accurate and useful peer grouping is required for this to be effective. • Gambling Bet in cash, take winnings by check or international wire. Work with a casino employee or own a casino or Internet gambling site. Look for erratic deposit patterns in individuals (vs. history and peers). Internet sites are usually offshore so international wires or collection items might be signs of this activity.
Laundering techniques, continued. 4 of 5 • Own a bank A number of banks exist for little other reason. Internet banks based offshore are a growing element. Money Service Businesses, check cashiers, currency exchanges and similar “pseudo-banks” pose similar risks. “Pay-through” accounts may be utilized. Look for unusual wire transfer patterns with specific banks and for unusual cash transactions levels for “pseudo-banks”. • Insurance scams There are several approaches: Purchase an annuity using cash then cash it in, purchase a policy on an asset then make a claim, various forms of insurance fraud on policies paid for in cash, and there have even been instances life policies issued to people later found murdered. • Terrorist Financing (Reverse laundering) This involves setting up a charity or business that takes in clean funds then sends them to terrorist's networks. Usually they will use multiple apparently legit intermediaries (lawyers, consultants, CPAs, corporates, other charities). Look for unusual patterns of deposits, especially ACH credits and incoming wires.
Laundering techniques, continued. 5 of 5 Tactics: Within each of these strategies, any number of specific tactics may be employed. Common tactics include… • Layering - Moving funds between bank accounts in order to make investigation of the flow of funds more difficult. • Refining - Changing small bills into large to facilitate movement • Reverse Flip - Buying goods or properties for well below the true price and making up the difference in cash to the seller • Loan-back - Giving a company cash and then having them loan it back to you. Typically no payments are made on the loan • Trade Price Manipulation - Over-pricing or under-pricing of an international trade deal, then making up the gap to the true value of the goods by delivering cash in either the exporting or importing country
Presented by: Jim G. George Jim@JimGGeorge.com www.JimGGeorge.com 360.798.9202