1 / 42

Anti-Money Laundering (“AML”)

Anti-Money Laundering (“AML”). What is Money Laundering?. The concealing or disguising the existence, illegal source, movement, destination or illegal application of illicitly derived property or funds to make them appear legitimate. The three stages of Money Laundering:

rusk
Download Presentation

Anti-Money Laundering (“AML”)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Anti-Money Laundering (“AML”)

  2. What is Money Laundering? • The concealing or disguising the existence, illegal source, movement, destination or illegal application of illicitly derived property or funds to make them appear legitimate. • The three stages of Money Laundering: • Placement: The introduction of the funds into the financial system; • Layering: Movement of the funds to distance them from the original source; • Integration: Funds re-enter the legitimate economy and are used to purchase goods or services, finance other illegal activity or are otherwise spent.

  3. AML’s Impact on Financial Institutions • AML has transcended from a compliance requirement to a national security issue. • Increased Scrutiny by Regulatory Authorities • Deferred prosecution agreements • Aggressive regulatory enforcement actions • AML compliance is a leading enforcement priority of federal and state agencies • Congressional Inquiries • FRB – UBS • OCC – Riggs, Arab Bank, and Banco de Chile

  4. AML’s Impact on Financial Institutions (cont’d) • Escalation of Fines • $10 million fine against U.S. Trust in 2001 • $80 million fine against ABN Amro in 2005. • Cumulative penalties for the years 2000-2004 have been calculated to be approximately $120 million. • Clearly, the regulatory authorities are intolerant of non-compliance and place a greater emphasis on penalties and regulatory actions.

  5. The Scale of the Problem • The International Monetary Fund, for example, has stated that the aggregate size of money laundering in the world could be somewhere between two and five percent of the world’s gross domestic product. • Using 1996 statistics, these percentages would indicate that money laundering ranged between US Dollar (USD) 590 billion and USD 1.5 trillion. The lower figure is roughly equivalent to the value of the total output of an economy the size of Spain. • In the US, the estimated earning of criminal activity (2000 statistics) is 779 billion or about 8% of the GDP. • The figures stated above are speculative at best.

  6. Anti-Money Laundering Compliance • An Anti-Money Laundering Compliance Program • Designed to assist institutions and businesses in their fight against money laundering and terrorist financing • Required since 1987 (roots extend back to the Bank Secrecy Act of 1970) • Requirement has been recently (October, 2001) extended to all financial institutions, including securities dealers, money services businesses and many other businesses including jewelers and precious gem dealers.

  7. AML Regulations • Bank Secrecy Act (1970) - legal principle under which banks are allowed to protect personal information about their customers. The Bank Secrecy Act sets out the four minimum requirements for an AML compliance program: • Written internal policies, procedures and controls • A duly-designated AML Compliance Officer • On-going employee training program • Independent audit function to test the AML programs • USA Patriot Act (2001) – combined the BSA AML requirements with the trade sanctions imposed by OFAC (Office of Foreign Assets Control). The USA Patriot Act delivers four primary directives to financial institutions: • Identify clients and account holders, both private and commercial • Block transactions with entities identified on the OFAC and other interdiction lists • Determine and report suspicious activities with out blocking them • Share information with other Financial Service Providers (FSPs) to aid in determining suspicious activity

  8. AML Regulations • The United States became the first country to criminalize money laundering through a 1986 law that is considered the most powerful in the world. The law, Title 18, USC Sec. 1956, applies to the proceeds of more than 200 crimes. The most powerful of the three laws, Sec. 1956, imposes heavy penalties – up to 20 years in prison – and it has broad reach. It also includes a unique provision that permits undercover stings with funds “represented to be the proceeds of specified unlawful activity.” • The Laundering of Monetary Instruments - Title 18, USC Sec. 1956 • Monetary Transactions in Property Derived from Specified Unlawful Activity Law- Title 18, USC Sec. 1957 • Prohibition of Unlicensed Money Transmitting Businesses Law - Title 18, USC Sec. 1960

  9. AML RegulationsUSA Patriot Act – Title III

  10. Office of Foreign Assets Control (OFAC) An office of the U.S. Department of the Treasury. Administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals against targeted foreign countries, terrorists, international narcotics traffickers, and those engaged in activities related to the unapproved proliferation of weapons of mass destruction Financial Crimes Enforcement Network (FinCEN) Created in 1990 to administrator the Bank Secrecy Act. FinCEN role is issue regulations and to impose civil penalties for violations. FinCEN has delegated examination authority to each Federal Banking Agencies. Originally a department of the U.S. Department of Treasury it was elevated to bureau status in of the U.S. Department of the Treasury to combat money laundering Key AML Regulators

  11. Office of the Comptroller of the Currency (OCC) Federal Reserve Office of Thrift Supervision (OTS) Federal Deposit Insurance Corporation (FDIC) Securities and Exchange Commission (SEC) Internal Revenue Service (IRS) Key AML Regulators (cont’d)Federal Banking Agencies (FBAs)

  12. A Little More on OFAC • OFAC’s Focus: • Identifies persons for designation; • Assists U.S. persons in complying with the sanctions prohibitions through its compliance and licensing efforts • Penalizes U.S. persons violating the prohibitions • Works with other U.S. Government agencies • Coordinates and works with other nations to implement similar strategies • Compliance with OFAC: A bank’s main compliance responsibility is to ensure that suspect items are interdicted. In developing OFAC compliance program, focus should be on providing enough information to key staff in all areas of operations to enable them to recognize and stop suspect transactions.

  13. Who is Liable Under OFAC? • Any bank organized or located in the United States is responsible by law to block virtually all property that comes within the bank’s possession or control in which there is an interest of a blocked individual or entity. • Over the past several years, OFAC has had to impose millions of dollars in civil penalties involving U.S. Banks. The majority of the fines resulted from bank’s failure to block illicit transfers when there was a reference to a targeted country • Main difference between OFAC and BSA compliance is OFAC tends to “freeze” rather than “seize” assets. OFAC will often block transactions in an attempt to apply political pressure on hostile governments.

  14. Compliance with OFAC • Regulations require the following: • Block accounts and other property of specified countries, entities, and individuals. • Prohibit or reject unlicensed trade and financial transactions with specified countries, entities and individuals. • Unlike the BSA, the laws and OFAC-issued regulations apply not only to the U.S. banks, their domestic branches, agencies, and international banking facilities, but also their foreign branches, and often overseas offices and subsidiaries. • The Specially Designated Nationals (SDNs) list is comprised of thousands of individuals and entities that are primarily located outside of the blocked countries. Blocked countries currently include Cuba, Iran, Libya, North Korea, Sudan, and Syria.

  15. Compliance with OFAC • Blocked Transactions • U.S. law requires that assets and accounts be blocked when such property is located in the United States, is held by U. S. individuals or entities, or comes into the possession or control of U.S. individuals or entities. Transactions with anyone on the SDN list are required to by law to be blocked and reported to OFAC. • Banks must block transactions that: • Are by or on behalf of a blocked individual or entity • Are to or through a blocked entity • Are in connection with a transaction in which a blocked individual or entity as an interest • Prohibited Transactions • In some cases, and underlying transaction may be prohibited but there is no blockable interest in the transaction. In these cases, the transaction is simply rejected and not processed.

  16. OFAC Licenses • OFAC has the authority, through a licensing process, to permit certain transactions that would otherwise be prohibited under it regulations. • Specific licenses are issued on a case-by-case basis and require an application to OFAC. • If the transactions conforms with U.S. foreign policy under a particular program, the license will be issued. • When a customer claims to hold a specific license, the bank should still verify the transactions conforms to the terms of the license and retain a copy.

  17. OFAC Reporting • Banks must report all blocking to OFAC within ten days of the occurrence and annually on September 30th concerning assets blocked as of June 30th. Prohibited transactions that are rejected must also be reported with in ten days of occurrence. • Banks must keep a full and accurate record of each blocked or rejected transaction for at least five years after the date of the transaction.

  18. OFAC Risk Assessment • Fundamental Elements of a sound OFAC program include assessment of: • Specific product lines • Customer Base • Nature of Transactions • Identification of high-risk areas for OFAC transactions • Account and Transaction Parties Based on the bank’s risk profile, they should establish policies, procedures and processes for reviewing transactions and transactions parties.

  19. OFAC Internal Controls • An effective OFAC program should include internal controls for identifying suspect accounts and transactions and reporting to OFAC. Internal controls should include the following elements: • Flag and review suspect transactions – manually, interdiction software, or both. • Updating OFAC lists – timely updating as the list as OFAC updates the list frequently. • Reporting – OFAC should be notified as soon as possible in the case of narcotics or terrorism. However, most other items should be reported within ten day of occurrence. • Maintaining License Information – OFAC recommends that banks consider maintaining copies of customers’ OFAC licenses on file for at least five years.

  20. OFAC Internal Controls • Independent Testing • Every bank should conduct an independent test of it’s OFAC program that is performed by internal audit, outside auditors or other independent parties. An in-depth audit should be conducted at least once a year. For larger banks, frequency and are of testing should be based on the perceived risk of a specific area of business. • Responsible Individual • Every bank should designate a qualified individual to monitor day-to-day compliance of the OFAC program. • Training • The bank should provide adequate training for all appropriate employees. This training should be consistent with the bank’s risk and employee responsibility.

  21. Internal Audit Considerations Evaluating AML Risks and Compliance with U.S. AML Regulations

  22. Enterprise Wide BSA/AML Compliance Program • Risk Considerations • The ability to assess BSA/AML risk on a consolidated basis across all activities, business lines, and legal entities allows the holding company to view its risks and worldwide exposure inside a larger risk management framework. • Audit Objective • Evaluate the adequacy of the enterprise-wide BSA/AML compliance program. Determine reporting lines and how effectively the program manages risk in an integrated fashion across affiliates, business lines, and risk types.

  23. Entity Risk Profile • Risk Considerations The bank’s BSA/AML compliance program is not tailored to its specific risks The bank does not have a consolidated understanding of its risk exposure across all activities, business units and legal entities Entity risks related to products, services, customers and geographic locations are not properly identified, updated and incorporated into the BSA/AML compliance program. • Audit Objective • Assess the adequacy of the Entity Risk Profile development and updating process

  24. Entity Risk Profile (cont’d) • AML Programs must be implemented on a risk-based approach. This means that the following factors need to be taken in into consideration with policies and procedures to support the AML program are implemented. Risk rate the following: • Clients Examples: High net worth individuals • Financial Institutions • Non-traditional banking businesses • Money Services Business • Charitable Organizations/Not for Profits • Any type of business identified by Government Authorities as high risk for Money Laundering • Products & Services Examples: Correspondent Banking • Private Banking • Payable Through • Wire Transfers • Official Items • Geographic Regions Examples: Areas listed by the Financial Action Task Force (FATF) Middle East • Latin America

  25. Internal Controls • Risk Considerations • The level of sophistication of the internal controls should be commensurate with the size, structure, risks and complexity of the financial institution. • If internal controls are inadequate, the financial institution may not be able to detect, report and monitor suspicious activity in compliance with the BSA. • Audit Objective • To determine whether internal controls ensure compliance with the BSA and provide sufficient risk management, especially for high-risk operations (products, services, customers, and geographic locations).

  26. Governance and Oversight • Risk Considerations • The board, acting through senior management, is ultimately responsible for ensuring that the financial institution maintains an effective BSA/AML internal control structure, including suspicious activity monitoring and reporting. Their oversight is a crucial element of a sound risk management and control environment. • Audit Objective • To determine whether the board and senior management’s oversight of the bank’s BSA /AML Compliance program is sufficient to effectively monitor and address identified risks. • The board and senior management should create a culture of compliance to ensure staff adherence to the Bank’s BSA/AML policies, procedures, and processes.

  27. Training • Risk Considerations • A failure to sufficiently train such personnel in applicable aspects of the BSA may result in the bank’s failure to prevent, detect and/or monitor suspicious activity. • The board of directors must also receive adequate training in BSA. Without a general understanding of the BSA, the board of directors cannot adequately provide BSA/AML oversight; approve BSA/AML policies, procedures, and processes; or provide sufficient BSA/AML resources. • Audit Objective • Evaluate the adequacy of the entity’s training program. Assess the currentness, completeness, accuracy and presentation effectiveness of the training program.

  28. Customer Identification Program (“CIP”) • Risk Considerations • Accounts are opened without verification of owner identity • Identification documentation is not reliable or adequately safeguarded • Customer identification is relaxed because of certain external or certain internal referrals, including new accounts opened for existing relationships • Audit Objective • Assess the entity’s compliance with the statutory and regulatory requirements for the CIP

  29. Customer Due Diligence (“CDD”) • Risk Considerations • Accounts are opened without review of customer background • Due diligence is: • ineffective or lacks appropriate checks and balances • not robust enough for high risk accounts • relaxed because of certain internal or certain external referrals • Audit Objective • Assess the appropriateness and comprehensiveness of the entity’s CDD policies, procedures, and processes for obtaining customer information and assess the value of this information in monitoring, detecting and reporting suspicious activity.

  30. Suspicious Activity Reports (“SARs”) • In April 1996, a Suspicious Activity Report (SAR) was developed to be used by all banking organizations in the United States. • A banking organization is required to file a SAR whenever it detects a known or suspected criminal violation of federal law or a suspicious transaction related to money laundering activity or a violation of the BSA. • Suspicious activity reporting forms the cornerstone of the BSA reporting system.

  31. When Must A SAR Be Filed? • A national bank shall file a SAR with the appropriate Federal law enforcement agencies and the Department of the Treasury in accordance with the following circumstances: • Insider abuse involving any amount • Violations aggregating $5,000 or more where a suspect can be identified • Violations aggregating $25,000or more regardless of potential suspects • Transactions aggregating $5,000 or more that involve potential money laundering or violate the Bank Secrecy Act.

  32. The Importance of Filing a SAR 1. Identifies potential and actual illegal activity: • Money Laundering • Terrorist financing • Other financial fraud and abuse 2. Detects and prevents flow of illicit funds 3. Establishes emerging threats through analysis of patterns and trends 4. It’s the law.

  33. Banks Savings Association Savings Association Service Corporations Credit Unions Bank Holding Companies Non-bank subsidiaries of bank holding companies Edge & Agreement Corporations U.S. branches & agencies of foreign banks Financial Institutions Required to file SARs

  34. SAR Reporting Deadlines • A financial institution is required to file a SAR: • No later than 30 calendar days after the date of initial detection of facts that may constitute a basis for the filing • No later than 60 calendar days if no suspect was identified on the date of detection of the incident requiring the filing

  35. SARs from an Audit Perspective • Risk Considerations • Suspicious activity is not properly defined or communicated • SARs are incomplete or not filed timely • SARs activity is not monitored for trends or those trends are not investigated • Decisions not to file SARs are not appropriate or adequately supported • Audit Objective • Assess the entity’s policies, procedures, and processes, and overall compliance with statutory and regulatory requirements for monitoring, detecting, and reporting suspicious activities

  36. Other Risk Areas • Currency Transaction Reporting • Information Sharing • Purchase and Sale of Monetary Instruments • Funds Transfers • Foreign Correspondent Account Recordkeeping and Due Diligence • Private Banking Due Diligence Program • Special Measures • Foreign Bank and Financial Accounts Reporting • International Transportation of Currency or Monetary Instruments Reporting

  37. Other Risk Areas • Office of Foreign Assets Control • Correspondent Accounts • U.S. Dollar Drafts • Payable Through Accounts • Pouch Activities • Foreign Branches and Offices of U.S. Banks • Parallel Banking • Electronic Banking • Electronic Cash

  38. Other Risk Areas • Third-Party Payment Processors • Brokered Deposit • Referral Agents • Privately-Owned Automated Teller Machine • Non-deposit Investment Products • Insurance • Concentration Accounts • Lending Activities • Trade Finance Activities

  39. Other Risk Areas • Trust and Asset Management Services • Nonresident Aliens and Foreign Individuals • Politically Exposed Persons • Embassy and Foreign Consulate Accounts • Non-Bank Financial Institutions • Professional Services Providers • Non-Governmental Organizations and Charities • Corporate Entities • Cash-Intensive Businesses

  40. Appendices

  41. APPENDIX A: Key Terms • BSA Bank Secrecy Act • CIP Customer Identification Program • CTR Currency Transaction Report • DCN Document Control Number • EFT Electronic Funds Transfer • FBO Foreign Bank Organization • FinCEN Financial Crimes Enforcement Network

  42. APPENDIX A: Key Terms • MLSA Money Laundering Suppression Act of 1994 • OCC Office of the Comptroller of the Currency • OFAC Office of Foreign Assets Control • ROE Report of Examination • SAR Suspicious Activity Report • SEC Securities and Exchange Commission • SDN Specially Designated Nationals (or Blocked Persons) • TDF Treasury Department Form

More Related