2022 has brought with it significant challenges for financial institutions regarding anti-money laundering, from the fluctuating economic landscape on the back of the COVID pandemic to war in Eastern Europe and the ensuing sanctions. The war in Ukraine has focused UK lawmakers on the use of the financial system to move illicit money, and the Economic Crime Act was expedited through parliament in March 2022. This package of legislation will support quicker sanctions implementation, a register of overseas entities requiring identification of beneficial owners of foreign companies which own UK property, and reforms to Unexplained Wealth Orders to remove barriers to their current use.
Current AML environment
Sanctions are not new to financial institutions and are used by governments to support foreign policy and national security objectives including terrorism prevention. In the first half of 2022, following Russia’s invasion of Ukraine, several sanctions packages have been implemented targeting Russia and individuals supporting the Russian state.
The Financial Conduct Authority’s (FCA) 2022/23 business plan has a clear focus on increasing the supervision of financial institutions to prevent money laundering activity. A key element of this strategy is shutting down firms which don’t meet basic regulatory standards, and the FCA is expanding its team to work on this initiative. Following on from their Dear CEO letter in May 2021, the FCA thematic review on digital and challenger banks in April 2022 is an extension of this focus to keep firms under review and highlight deficiencies. There has also been a spotlight on firms with turnover in money laundering reporting officers, which may be indicative of deeper cultural issues.
1. Money laundering is a professional business, which normally appears legitimate
Money laundering has increasingly professionalised; with the objective to hide in plain sight under the guise of a legitimate business and to conceive ways to legitimise the source of funds. Relationship teams and operations analysts play a key role to gain an initial understanding of the customer’s business, and on an ongoing basis should reflect how the actual activity relates to the business purpose or circumstances, using a range of monitoring tools and by conducting periodic reviews.
2. Good core KYC is essential for ongoing monitoring and investigative work
Without underestimating the importance of adapting policies and procedures to new regulations, the essence of effective anti-money laundering is a good Know Your Customer (KYC) process. Firms should conduct regular internal reviews of processes to ensure they are robust and streamlined.
Any subsequent monitoring, sanctions alerts, transaction monitoring rule alerts, adverse media alerts or a law enforcement request will need to reference the current KYC information to reconcile the new information and determine an outcome.
3. Intelligence and data-driven monitoring
The use of technology and data within compliance is growing constantly; leveraging machine learning and scenario analysis to detect patterns of layering, placement and anomalous behaviour to focus investigation teams on the highest risk areas. Importantly, good quality Suspicious Activity Reports to law enforcement are essential so that law enforcement can more ably investigate the suspicions raised. At the strategic level, involvement in public private partnerships to share information on developing typologies and criminal behaviours and patterns is critical.
A pragmatic approach to AML
High-level institutional challenges present themselves in different ways; banks can ensure they are adhering to regulations by following guidance as closely as necessary. This guidance needs to be operationalised and practically implemented which requires calibration within and between teams to regularly review that the outcomes match the firm’s policies and regulatory requirements.
Risk-based approach to KYC
Where a risk-based approach is applied, it is key that the risks and rationale for the approach are well-documented and passed through governance. A clear audit trail of the analysis supports any future investigation into why certain decisions were made at the strategic and client level.
Risks and environments change on a regular basis, and therefore should be subject to regular review, as evidenced by the recent sanctions implemented against Russia.
Maintaining a programme of core KYC where both front office teams and operational analysts are focused on a substantive review rather than a check box review is fundamental to ongoing automated and manual monitoring of the customer.