Emerging trends in global financial crime prevention and anti money laundering
Four key takeaways from the recent ACAMS conference in London
The 13th Annual ACAMS European conference was held last week in London and counted roughly 550 participants. ACAMS itself is the largest international membership organization dedicated to enhancing the knowledge and expertise of financial crime detection and prevention professionals and the attendees were influential global anti-financial crime experts, policy makers, regulators and government officials.
To be up to date for our clients, we from passcon were part of the conference to gain further valuable knowledge on emerging anti money laundering (AML) and counter terrorism finance (CTF) trends, analysis of the latest prevention techniques and a practical understanding of new regulatory requirements.
The agenda of the conference was manifold and included the investigation of the global decline in correspondent banking relationships, understanding of the impact of new products to existing controls, exploring the misuses of international finance centers, the balance between data protection and AML transparency requirements, regulatory shifts in the European payment services industry, planning and implementation of the 4. AMLD as well as tackling cyber-enabled crime.
1. FinTechs and RegTechs are employing innovative analytical approaches and a genuinely risk-based approach to customer due diligence (CDD)
Even though the term FinTech is differently defined, professionals usually mean firms that use technology-based systems either to provide financial services and products directly, or to try to make the financial system more efficiently. RegTech are a subsection of FinTechs and help regulated firms to support components of compliance processes in a cost-effective, flexible, and timely manner. Where FinTech is the glitzy, glamorous consumer facing application of technology to financial services, RegTech is the business like application of technology to the back office and compliance functions.
By doing so, RegTechs aim to encounter the increasing regulatory costs. The six largest US banks spent USD 70.2 billion on compliance in 2013, which is twice the amount they spent in 2007. In 2015, the Financial Times estimated that some of the world‟s largest banks each spent an additional USD 4 billion a year on compliance since the financial crisis.
FinTechs and RegRechs are leveraging numerous data points and employing innovative genuinely risk-based approaches to CDD to increase efficiency and drive down regulatory costs. But while FinTech seeks to avoid or minimise friction in the user experience, RegTech starts with a compliance first approach, often creating unavoidable friction in it. This can be a challenge, because technology must meet the requirements – both in its operational implementation and technical capability. In the end, firms need to look outside their current processes and explore possibilities of an extended risk-based approach, which can be augmented by the wealth of largely untapped data that already exists and employed to CDD processes.
3. Data protection becomes increasingly important and thus programs are more efficient and effective where they are designed in alignment with AML
Nowadays and even in the field of anti financial crime, the protection of personal information is considered to be a human right in Europe and there are limits in the way that data can be collected, retained and used. The interpretation of data protection requirements has led to uncertainty about when and how data can be used for anti financial crime programs and intelligence-sharing.
This is especially the case in the light of the 4. AMLD and the General Data Protection Regulation (GDPR) which will come into force on 25th May 2018. The GDPR will automatically apply to all member states of the European Union and is an attempt to create greater consistency. Transferring data protection into the context of AML basically implies measures of data minimization, quality and proportionality in a digital age, data retention limitations and also considers human intervention in automated alert systems.
Inevitably, this leads to interplay between AML-related projects and data protection rules. In this sense banks will have to upgrade their screening tools, might be led to introduce RegTechs to KYC and CDD process and develop a setup for the data mining of customer data in order to detect suspicious activity. Moreover, bringing FinTechs and other automated solutions in place, is obviously related to outsourcing of AML-related activities involving personal information and banks must keep in mind that one can outsource functions, but not liability.
Some key regulatory requirements include privacy impact assessments (Article 29 GDPR) as well as business risk assessments and privacy by design (Article 25 GDPR). This underlines the necessity of a data strategy, including dedicated steps and research processes. In detail, the privacy by design requirement is very much relevant to KYC processes, as they involve several different processing activities that must each be taken into consideration, including undertaking of CDD on new customers, conducting ongoing updates of existing CDD and the completion and submission of suspicious activity reports.
Additionally, the 5. AMLD limits personal data processing, which then requires a specified, explicit and legitimate purpose. Such purposes are the prevention of money laundering and terrorist financing as well as the prevention and enforcement of tax evasion, but that’s about it.
In future and with regards to data protection rules, one is well-advised to never make assumptions about these rules that must be followed by one’s organization, but instead always determine the rightfulness. As for the upcoming project planning, privacy considerations and risks should be identified and assessed early on and AML and data protection programs are more efficient and effective where they are designed in alignment to one another.
2. Traditional correspondent banking continues to decline due to concerns about money laundering and terrorism financing risks
Over the years global correspondent banking relationships have declined by 25% while total bank locations increased by 20% between 2009 and 2016. Especially the USA have seen significant declines in both correspondent banking relationships and number of banks, while the EU and Africa have been hit hard by the withdrawal of relationships only, keeping the total number of bank locations steady. However, the impact has been significant, with unintended economic and social consequences. First and foremost, the rise of alternative payment systems that may not be well regulated and the increasing attractiveness to terrorist recruits.
Among international banks the drivers for withdrawal from correspondent banking are various, but they are including concerns about money laundering and terrorism financing risks, the imposition of international sanctions on jurisdiction or respondent and concerns about insufficient information about respondents’ CDD procedures.
On the other hand, local banks oftentimes withdraw due to changes to legal, regulatory or supervisory requirements, the imposition of domestic enforcement actions and the lack of profitability of certain foreign correspondent banking relationship services and products.
But banks can benefit from the de-risking trend in a way that when they implement efficient KYC due diligence programs with clear policy and processes to determine counterparty risk, they are enabled to scale back higher risk correspondent banking relationships (ie. nested correspondent banking, payable through accounts) and keep profitable relationships. Thus, banks that are capable of efficiently handling their higher risk correspondent banking relationships will recognize, that there are profitable opportunities even in high risk regions due to rising transaction volumes and cross selling of other financial solutions. In an exemplary approach this can be achieved by introducing technology that improves efficiencies in screening financial crime risks such as artificial intelligence, machine learning, data analytics and rule matching engines.
4. The field of money laundering prevention stretches beyond the established markets and industries
The prevention of money laundering dates back to – at least – the 1980s when the UN introduced the United Nations Convention Against Illicit Traffic in Narcotic Drugs and Psychotropic Substances and the FATF was founded on the initiative of the G7 to develop policies to combat money laundering. Some may even say that the first attempts to encounter money laundering are related to the emergence of the Basel Committee on Banking Supervision in 1974 or the Single Convention on Narcotic Drugs in 1961.
Within the industry scope of various AML initiatives are exemplary industries such as healthcare, property management, retail & consumer, telecommunications, thrifts, utilities, professional services, but predominately financial institutions and banks. According to the speakers at the ACAMS conference the AML initiatives are nowadays also focusing on crafting processes to combat emerging forms of wildlife, artefact and fine art trafficking. Certainly, trafficking of antiquities in conflict and crisis areas carries the risk of financing organized crime, terrorism and the conflict themselves as well as the risk of laundering proceeds from the human trafficking, drugs and wildlife. Thus, the market needs to observe the complete supply chain due diligence and corresponding serious crime needs serious policing.
Most notable is the Responsible Art Market Initiative (RAM) in the field of fine art trafficking, which is a recently founded cross industry initiative. RAM’s members span the entire spectrum of the art market from galleries, dealers, auction houses, advisors and service providers, to lawyers, academics and public prosecutors specializing in art related matters. Considering the market volume with annual sales of USD 56.6 billion in 2016 it is a reasonable market size for money laundering attempts. Surprisingly, the sales priced for more than USD 1 million was account for only 1% of total sales, while the majority of sales was priced below USD 50,000 and the majority of buyers were private individuals. This sounds like heaven for money launderers and the art market is highly at risk to be abused. Observing the regulatory trends in other industries, the RAM is a self-regulating initiative which tries to be step ahead of possible forced regulation. This is advantageous in terms of greater efficiencies, lower compliance costs and mitigation of conflicts of interest. The RAM has developed practical guidelines and tools that are tailored to art transactions and in the process they were learning from established AML procedures, applying a risk-based approach, red flag lists and country guides.
Personal reflection and conclusion
Each and every ACAMS conference is a great platform to gain beneficial practical insights into the changing regulatory landscape for anti-financial crime across Europe and internationally.
The ACAMS conference offered a broad and cross-industry view on the important matters of the time and includes a lot of holistic learnings. Banks must remain diligent regarding detection and monitoring but offer solutions to affected accountholders. Law enforcement must be more vocal on their investigative needs. Finally, regulators must fully understand the need for balance and why financial crime laws exist. In the end, ACAMS certainly is a platform that continues the mission of improving the global environment in the long run and an attendance is definitely recommendable.