290 likes | 493 Views
FORENSIC. The impact of the Third Money Laundering Directive – Practical considerations. Mark Daws – Director, UK Head of AML Services 8 May 2008. ADVISORY. Disclaimer.
E N D
FORENSIC The impact of the Third Money Laundering Directive – Practical considerations Mark Daws – Director, UK Head of AML Services 8 May 2008 ADVISORY
Disclaimer • The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation.
Agenda • Overview and key changes • Issues and challenges • The way forward
Introduction • The Third Directive widens and significantly updates the terms of the Second Directive adopted in 2001, and provides a comprehensive response to the AML issues highlighted by the FATF in 2003. • The Third Directive was implemented into UK domestic law by: • The Money Laundering Regulations 2007 - came into effect in the UK on 15 December 2007
The UK context • The most serious forms of organised crime generate: • an illicit turnover of some £15 billion per year; • money laundering through the regulated sector of about £10 billion per year; and • criminal ‘capital formation’ – that is, invested assets, of about £5 billion per year, of which £3 billion is exported overseas. • Source: HM Treasury – The financial challenge to crime and terrorism (February 2007)
Overview - Internal framework Risk Based Approach • EEA credit institution • EEA listed corporate • UK public authority SDD • ID and verification • Beneficial owners • Nature of business relationship • On going monitoring • Scrutiny of transactions CDD • Non face to face • PEPs • Correspondent banking • Identified high risk EDD Sanctions • Sanction screening Reporting • SARs / FIU • HM Treasury Policy and Procedures Governance Training • Coverage • Effectiveness of training Compliance monitoring • Effectiveness of procedures • Feedback loops Record keeping • Adequacy and duration • Accessibility
The risk-based approach • First EU Directive to apply a risk-based approach • Benefits: • Flexibility • Permits tailored, cost effective solutions • Institutions must be able to demonstrate and document that: • They are systematically identifying and managing their money laundering and terrorist financing risks • There has been strong senior management engagement in the design and application of the risk based approach • Appropriate AML and CTF tools have been used
The risk based approach • “For firms, the risk-based approach means a focus on outputs rather than inputs. • Systems and controls such as customer identification, monitoring, reporting and training are important inputs but …. • ultimately we are concerned with the impact of our regime on crimes that cause real social harm, crimes like theft, people trafficking, drug trafficking and terrorism.” • (Callum McCarthy, Chairman – FSA)
Development and implementation of a 3/4* dimensional risk model The overall objective of a ‘AML Risk Model’ is to provide an organisation with an indicative risk rating for a potential customer for anti money laundering purposes. An ‘AML Risk Model’ classifies customers, products, geographies, and countries according to their inherent risk and applies a cumulative residual risk calculation where appropriate. This rating forms the basis for decisions and processes in respect to know your customer, enhanced due diligence, denied transactions, transaction monitoring and other AML/Terrorist Financing processes. The risk based approach *Some organisations incorporate delivery channel into the product dimension of risk model, while others define it as separate, fourth, dimension *Some organisations incorporate delivery channel into the product dimension of risk model, while others define it as separate, fourth, dimension
The risk based approach High impact – low probability events • “But in all my experience, I have never been in any accident …. of any sort worth speaking about. I have seen but one vessel in distress in all my years at sea. I never saw a wreck and never have been wrecked nor was I ever in any predicament that threatened to end in disaster of any sort.” Captain E. J. Smith in 1907 …. In 1912 his ship sank.
Customer due diligence - CDD • ID and verification • Beneficial owners • Nature of business • relationship • On going monitoring What is CDD? • When establishing a business relationship: • A relationship that is expected to have an “element of duration” (Reg 2(1)); • When carrying out an occasional transaction: • Greater than €15,000 (Regulations 2007); • When there is a suspicion of AML / CTF; • When there is a doubt over the quality of prior ID and verification; • When the risk based approach dictates. When should it be applied? • Before establishing the relationship (Reg 9(1)); • Or, during the establishment How? - Risk Based Approach CDD SDD EDD Timing?
SDD and EDD – setting the context CDD • ID and verification • Beneficial owners • Nature of business relationship • On going monitoring (Reg 8) • Scrutiny of transactions • Keeping records up to date SDD Reg. 13 EDD Reg. 14 Balanced • Not physically present • PEPs • Correspondent banking • Identified high risk • EEA credit institution • EEA listed corporate • UK public authority
Enhanced due diligence – non face-to-face • To avoid the risk of impersonation fraud businesses should apply EDD on a risk sensitive basis: • Obtain additional documents, data or information, to the verify the identity; • Apply supplementary measures to verify or certify the documents supplied; • Require the first transaction to be carried out through an account in the customers name with a UK or EU regulated bank, or a comparable jurisdiction; • Obtain telephone contact with the customer at a home or business number that has already been verified; • Communicating with the customer at an address that has already been verified; • Internet sign-on: • Use security codes, tokens, passwords that have been set up during the application process, and provided by mail to the named individual at an independently verified address.
Cross border correspondent banking • The Third Directive requires that the enhanced due diligence procedures include (Reg 14 (3)): • Gathering sufficient information about a respondent institution to understand fully the nature of the respondent’s business • Assessing the respondent institution’s AML and CTF controls • Obtaining approval from senior management before establishing new correspondent banking relationships Who is your customers’ customer?
Reliance? • A relevant person may rely on a person …. to apply any customer due diligence measures provided that – • the other person consents to being relied on; and • …. the person remains liable for any failure to apply such measures. (Reg 17 (1))
The challenge of PEPs - Context • Everything ( …. is never quite enough) Wasis Diop – from the soundtrack of The Thomas Crown Affair
Head of Government Mohamed Suharto, Indonesia, 1967 – 1998 Ferdinand Marcos, Philippines, 1972 – 1986 Mobutu Sese Seko, Zaire, 1965 – 1997 Sani Abacha, Nigeria, 1993 – 1998 Slobodan Milosevic, Yugoslavia, 1989 – 2000 Jean-Claude Duvalier, Haiti, 1971 – 1986 Alberto Fujimori, Peru, 1990 – 2000 Pavlo Lazarenko, Ukraine, 1967 – 1997 Arnoldo Aleman, Nicaragua, 1997 – 2002 Joseph Estrada, Philippines, 1998 – 2001 Estimate of funds allegedly embezzled $15 to $35 billion $5 to $10 billion $5 billion $2 to $5 billion $1 billion $300 to $800 million $600 million $114 to $200 million $100 million $78 to $80 million The challenge of PEPs - Context Source: Transparency International, Global Corruption Report, 2004 – taken from Raymond W. Baker: Capitalism's Achilles Heel
Challenge of PEPs …. definitions • MLR 2007 Reg. 14(5) - A PEP is a person who: • Is or has, at any time in the preceding year, been entrusted with a prominent public function by – • A state other than the UK • A Community institution (e.g. the European Parliament) or • An international body (e.g. the UN) or • Is an immediate family member or a “known close associate” of such a person
Prominent public function …. definitions • Prominent public functions include: • Heads of state or government, ministers and deputy or assistant ministers; • Members of parliaments; • Members of supreme or constitutional courts; • Members of courts of auditors or the board of central banks; • Ambassadors, charges d’affaires and high-ranking officers in the armed forces; and • Members of the administrative, management or supervisory bodies of State-owned enterprises.
Immediate family member - definitions • An immediate family member includes: • A spouse; • A partner; • Children and their spouses or partners; and • Parents
Known close associate …. definitions • A known close associate includes: • Any individual who is known to have a joint ownership of a legal entity, or any other close business relations with a PEP (as defined above); and • Any individual who has sole beneficial ownership of a legal entity or legal arrangement which is known to have been set up for the benefit of a PEP (as defined above).
The challenge of PEPs • Third Directive • Article 13 (4) – In respect of PEPs residing in another Member State or third country, institutions are required to: • Have appropriate risk based systems to determine whether the customer is a PEP; • Have senior management approval for establishing a business relationship with a PEP; • Take adequate measures to establish the source of wealth and the source of funds; and • Conduct enhanced ongoing monitoring of the business relationship.
The challenge of PEPs ….Logic class 101 • All corrupt prominent politicians are PEPs • therefore • All PEPs are corrupt
Beneficial Owners Requirement - MLR 2007 Reg. 5(b): Requires businesses to identify any “beneficial owner” of the customer and take risk based and adequate measures to verify his identity. Definition: The individual behind the customer who ultimately own or control the customer or on whose behalf a transaction or activity is being conducted.
Beneficial Owners • Corporate bodies: • Own or control more than 25% of the shares or voting rights. • Partnerships: • Individuals who control more than 25% of the capital or profits of the partnership. Trusts: • Any individual who has control over the trust; • Any individual who is entitled to a specified vested interest in at least 25% of the capital of the trust.
Questions • Name Mark Daws • Position • Director, UK Head of AML Services • Telephone Phone: +44 (0) 20 7694 5137 • Email Email: mark.daws@kpmg.co.uk