1 / 16

Risk Management & Internal Controls – KYC for banks Michael J Lesser, Managing Director, Supervision Qatar Financia

Risk Management & Internal Controls – KYC for banks Michael J Lesser, Managing Director, Supervision Qatar Financial Centre Regulatory Authority. 1 st Annual Compliance & AML Seminar – Riyadh 24-25 th March 2009. RISK MANAGEMENT - IDENTIFYING AND DOCUMENTING YOUR AML RISK PROFILE.

hila
Download Presentation

Risk Management & Internal Controls – KYC for banks Michael J Lesser, Managing Director, Supervision Qatar Financia

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Risk Management & Internal Controls – KYC for banksMichael J Lesser, Managing Director, SupervisionQatar Financial Centre Regulatory Authority 1st Annual Compliance & AML Seminar – Riyadh 24-25th March 2009

  2. RISK MANAGEMENT - IDENTIFYING AND DOCUMENTING YOUR AML RISK PROFILE • Assess and identify the AML/CFT vulnerabilities posed by your organisations: • Products, services and delivery channels • Customers • Geographic area of operation • Establish and implement effective policies, procedures, systems and controls to mitigate the risks identified. • Embed the controls into day to day operating procedures. • Continue to monitor, review and update AML risk profile. • Document the risk profile, the mitigating controls. • Obtain senior management approval of the AML Risk Profile. Qatar Financial Centre Regulatory Authority

  3. RISK MANAGEMENT - IDENTIFYING AND DOCUMENTING YOUR AML RISK PROFILE • Products, services and delivery channels • Document your product range and services against the perceived attraction for them to be used by ML/TF • Consider new and developing technologies (m banking etc), be involved in product development • Riskier products and services (wire transfers, correspondent banking, e-banking) Qatar Financial Centre Regulatory Authority

  4. RISK MANAGEMENT - IDENTIFYING AND DOCUMENTING YOUR AML RISK PROFILE • Customers • Consider the risk that different types of customers pose in relation to the threat that they will launder proceeds or crime, fund terrorist activity or be involved in other types of illicit activities. • Riskier types of customer could include: PEPS, those will complex legal or trust structures, use of intermediaries, those from particular jurisdictions Qatar Financial Centre Regulatory Authority

  5. RISK MANAGEMENT - IDENTIFYING AND DOCUMENTING YOUR AML RISK PROFILE • Geographic area of operation • Risks posed by different countries and territories. • Consider in relation to where customers are resident or incorporated and where they are trading or doing business. • Consider whether the jurisdiction has a stringent or equivalent AML/CFT framework and whether it seen as a jurisdiction of high corruption, terrorist activities, drug trafficking or crime. Qatar Financial Centre Regulatory Authority

  6. RISK MANAGEMENT - IDENTIFYING AND DOCUMENTING YOUR AML RISK PROFILE • Mitigating the risks / implementing controls • Robust and documented AML policies, produces and controls including: • Risk based KYC policies and procedures; • Establish customer profiles: • Identification and verification of identity and location; • allocate AML risk rating; • Identify nature of business, source of wealth and funds; • ‘transaction profile’ - expected types, levels of business. • Risk based monitoring over customer accounts and activity’ • Level of due diligence based upon level of risk identified. Increased KYC and monitoring for higher risk customers. Qatar Financial Centre Regulatory Authority

  7. RISK MANAGEMENT - IDENTIFYING AND DOCUMENTING YOUR AML RISK PROFILE • Mitigating the risks / implementing controls • Effective identification of suspicious activity, analysis and reporting. • Regular management reporting on AML matters. • Staff training and awareness. • Remain vigilant and aware of changes to your organisation: be involved in product development, the firm’s business plan and strategy to identify the AML/CFT risks and update the risk profile and implement appropriate controls. . Qatar Financial Centre Regulatory Authority

  8. A CASE STUDY - ABN AMRO • The ABN AMRO case study illustrates an example of how actions taken in one jurisdiction can create problems in another. • Relevant to any financial institution, even those that only operate in a single jurisdiction, • Need to understand the requirements of your correspondents in other jurisdictions Qatar Financial Centre Regulatory Authority

  9. ABN AMRO Case Study: Overview • In December 2005 ABN AMRO agreed to a Cease and Desist Order covering a variety of Anti-Money Laundering weaknesses and violations of OFAC sanctions. • The use of “special procedures” to obfuscate source and/or beneficiary information on payment instructions and thereby facilitate payments relating to Iran and Libya through the NY branch’s US dollar clearing was the most serious matter • ABN AMRO paid an $80 million penalty • The order involved an unprecedented level of cooperation between US federal, state and international bank supervisors, as well as numerous US law enforcement agencies

  10. Chronology • Previous Supervisory Action at another bank in NY relating to US dollar clearing, led to • Examiners following the money trail of US dollar transactions for some of the same names • Examiners noted that similar transactions were being cleared through the ABN AMRO NY branch • Exams conducted in 2003 and 2004 at ABN AMRO NY branch included transaction reviews of the US dollar clearing activity of these and similar accounts, noting suspicious patterns of activity

  11. Chronology (cont’d) • In July 2004 a Written Agreement (“WA”) was entered into with ABN AMRO covering “deficiencies relating to compliance … relating to anti-money laundering policies and procedures … (and) … the suspicious activity reporting requirements” • Among other requirements, the bank had to “engage an qualified independent firm” to do a two year look-back of account and transaction activity to determine whether suspicious activity was being “properly identified and reported”

  12. Chronology (cont’d) • As a result of the “look-back” “requirements “ABN AMRO discovered … a pattern of previously undisclosed unsafe and unsound practices warranting further enforcement action” • ABN AMRO had implemented “special procedures” designed to “circumvent the (US) Branches’ compliance with “ OFAC regulations • Failed to follow-up on negative audit findings and provide them to US supervisors • Failed to follow-up on inquires on US law from non-US offices

  13. Chronology (cont’d) • Misrepresented the extent of due-diligence efforts undertaken by non-US branches • In December 2005 ABN AMRO agreed to an “Order to Cease and Desist” • Penalties in the amount of $80 million were paid by the bank to the US federal and state governments • The cost of legal fees and investigation expenses relating to the two actions was much more • The C&D Order was lifted in September 2008

  14. Agencies Involved: 2004 Written Agreement • Parties to the Written Agreement: • New York State Banking Department • Federal Reserve Bank of New York • Federal Reserve Bank of Chicago • State of Illinois Department of Financial and Professional Regulation • Other parties involved: • FinCEN • The US Department of Justice • Manhattan District Attorney’s Office

  15. Agencies Involved: 2005 Cease and Desist • Parties to the Order: • De Nederlandsche Bank NV • New York State Banking Department • Federal Reserve Board, also on behalf of: • Federal Reserve Bank of New York • Federal Reserve Bank of Chicago • State of Illinois Department of Financial and Professional Regulation • Additional parties to Order of Assessment of Penalty: • OFAC • FinCEN • Other parties involved, but not on the Orders • The US Department of Justice

  16. A CASE STUDY - ABN AMRO July 2004 Written Agreement http://www.banking.state.ny.us/ea040726.pdf December 2005 Order to Cease and Desist http://www.banking.state.ny.us/ea051219b.pdf December 2005 Order of Assessment of a Civil Money http://www.treas.gov/offices/enforcement/ofac/civpen/penalties/amrocmp.pdf Qatar Financial Centre Regulatory Authority

More Related