Although no universally agreed definition or approach to adverse media screening exists, it is widely taken to mean searching media sources to find any possible negative news about the individual or business entity being onboarded (or refreshed in the case of existing customers) that might pose a risk to financial institutions in terms of money laundering or terrorist financing.

There are a number of difficulties that quickly begin to emerge at a practical level. What risks are relevant? How do I find relevant risk information? How do I decide if the information found is significant? How much time and effort should I put into finding adverse media? What should I do if the information found is inconclusive?

Unlike sanctions or even politically exposed person (PEP) screening which are binary – the entity is either sanctioned or not and an individual is either a PEP or not – adverse media screening covers a varied range of potential risks related to predicated criminal offenses that result in the proceeds of criminal activity. This can range from all forms of trafficking, fraud, cybercrime, and terrorist financing to intellectual property theft. The closest guidance to defining what risks these are was provided by the Financial Action Task Force (FATF) which lists over 20 specific crimes that lead to money laundering.  The extent to which these categories of crime are reflected in the regulations and legislation of individual countries varies considerably, but there is increasing convergence in adopting this range of offenses in major financial jurisdictions such as the EU, USA, UK, and Singapore. 

Recognizing the need for standardization in the way banks approach adverse media screening in their due diligence operations, the Wolfsberg Group recently published an FAQ Guide in their series on negative news screening.

Yet a huge challenge remains for any regulated entity: How to synthesize the vast amounts of data available in the public domain from the array of data points across the entire internet including deep web, surface web, websites, blogs, and social media as well as broadcast and print media. How do firms find the proverbial ‘needle in the haystack’ – the actionable risk intelligence on an individual or business customer that could be indicative of a crime?

Quite apart from the time taken, the cost of acquiring, processing, and acting upon any information found, and then ensuring that information found can be trusted, compliance analysts need exceptional skills to interpret often conflicting information.

How can this problem be overcome? Traditionally, banks have relied on a combination of sources including structured and unstructured data sets which are curated by specialist firms but are costly. Google searches are still heavily relied on by many firms despite the obvious shortcomings of using search engines for financial crime compliance. They are low-cost but ineffective. 

New solutions are essential. For example, regulators in the United States have added sharper teeth to FATF guidelines by enforcing the customer due diligence (CDD) rule requiring covered financial institutions to maintain “appropriate risk-based procedures” to continuously monitor and update customer information.

Technology in adverse media solutions is leading a revolution in this area by enabling firms to acquire meaningful and relevant risk intelligence quickly and efficiently and without the mountains of media findings found by traditional methods needing to be read and interpreted by analysts. A combination of machine learning and natural language processing technology can be trained to find media articles of relevance including in local languages in the selected areas of predicated offenses that relate to money laundering and terrorist financing risks. 

This revolution in adverse media screening is delivering actionable intelligence, empowering organizations to manage higher levels of risk, and for compliance teams to spend their time analyzing, interpreting, and understanding real risk rather than reading endless articles.

In today’s complex environment, financial regulators are on high alert for money laundering risks. Financial institutions should look for better solutions to conduct adverse media screening and avoid manually carrying out screening with a simple one-time Google search. An adapted adverse media screening solution can successfully automate the timing of screening based on a financial institution’s designated parameters, access and validate a larger number of credible sources, scan a massive trove of information, and reduce the number of false positives potentially clogging up the investigation and escalation phase process.

Celent report: Maximizing the Value of Adverse Media Monitoring

For this report, leading research and advisory firm Celent interviewed global banks from across the world, providing practical tips on how adverse media can be integrated into an existing AML value chain.

Download now

To explore more about the practical benefits of adverse media for compliance teams, explore the pieces below:

• Delivering a risk-based approach with adverse media
• How can adverse media reduce reputational risk?
• The importance of adverse media for enterprise-wide risk assessments
• The business case for adverse media in banking

The post How to make adverse media searches actionable and useful for banking appeared first on ComplyAdvantage.

In other words, conducting an EWRA helps compliance teams define an anti-money laundering (AML) risk rating methodology/model for all obligated entities to comply with AML regulations. If done correctly, it brings a consistent approach and, importantly, the application of risk mitigation processes based on sound principles to every division or domain of the organization. 

Put simply, criminals test the weak spots in a bank’s AML defenses and look to exploit them. An EWRA is a tool to ensure that ‘gaps’ don’t exist. 

At the heart of the EWRA is the risk-based approach which involves a three-step process: 

1. Assess the risks
2. Understand them in detail
3. Put in place appropriate risk mitigation measures and plug gaps in defenses

Higher risks need to be mitigated with adverse media data designed to provide in-depth and specific information on any risk category pertinent to money laundering and terrorist financing. Historically, financial institutions have often overlooked adverse media as an essential risk indicator in combating financial crime, considered a low priority in customer due diligence (CDD) associated mainly with reputation risk. Even if its use is recognized, solutions often rely solely on search engines and are inadequate. In practice, adverse media screening is more significant than estimated, should form an integral part of risk profiling, and is intrinsic to any risk management framework.

One of the main weapons in the fight against financial crime is using adverse media to monitor financial crime risk. Regulators everywhere are beginning to realize its importance as they advocate implementing a risk-based approach by regulated entities. Adverse media can inform an enterprise-wide risk assessment of new and existing customers, providing risk intelligence that goes beyond PEPs and sanctions screening. Used correctly, it can provide a vital defense for banks, protecting them from ‘bad actors’ looking to launder the proceeds of crime.

However, until now, adverse media screening has been a costly and time-consuming process relying heavily upon manual checks of large quantities of articles obtained from unstructured media data sources or from search engines such as Google. As such, banks have only used adverse media screening in a small percentage of high-risk customer situations. Many still solely rely on search engines. Unfortunately, this can easily result in important information being missed. 

As banks and financial institutions grow in size and complexity, consistency and scale become key issues, and a bank needs to take a more strategic approach to adverse media screening. 

Monitoring customer risk and ensuring compliance processes are implemented consistently across the business becomes more complex, especially if the organization is multi-jurisdictional or multi-divisional.  Added to this pressure is the rise of digital financial services often pioneered by FinTechs, which has fuelled customers who increasingly demand a seamless, swift onboarding experience. 

AML controls can get left behind. Often put in place when the business was at a different or early stage of its development, IT systems become outdated, and there is a considerable reliance on manual processes. 

Fortunately, AI-driven adverse media tools are available to help. It is now possible to implement adverse media screening across all customers both at the onboarding stage and in the ongoing monitoring of existing customers. This is important in a dynamic and ever-changing risk landscape where the traditional approach of carrying out periodic KYC checks on a customer at a frequency based on the initially assigned risk category may mean risks remain hidden, in some cases, for several years.

AI-driven adverse media screening solutions are designed to support dynamic customer risk scores. This allows a bank to precisely define the categories of risk it wishes to see for a particular customer, only generating alerts when a risk profile changes significantly. 

As banks continue to grow, they need to ensure that adverse media checks can scale with their customer bases. In particular, they need to ensure their alerts avoid generating high numbers of false positives that have to be cleared manually and risk slowing down customer onboarding.

Effectiveness will remain a hot topic in banking AML compliance – but this has to be achieved cost-effectively. When operating at scale, effectiveness, efficiency, and onboarding times become critical success factors and will directly impact a bank’s competitiveness in the years to come.

Conducting an AML-focused enterprise-wide risk assessment is one of the cornerstones in fighting money laundering. Adverse media screening helps teams make more informed decisions toward risks and identify higher-risk situations where a bank’s response can be quicker because real-time screening takes place.

Celent report: Maximizing the Value of Adverse Media Monitoring

For this report, leading research and advisory firm Celent interviewed global banks from across the world, providing practical tips on how adverse media can be integrated into an existing AML value chain.

Download now

To explore more about the practical benefits of adverse media for compliance teams, explore the pieces below:

• How to make adverse media searches actionable and useful for banking
• Delivering a risk-based approach with adverse media
• How can adverse media reduce reputational risk?
• The business case for adverse media in banking

The post The importance of adverse media for enterprise-wide risk assessments appeared first on ComplyAdvantage.

The benefits of adverse media screening

Adverse media or negative news screening is searching for information relevant to a customer’s AML/CTF risk profile. It is one of the best ways of building an accurate and precise profile of the counterparty risk for a bank while anticipating potential future threats. Configuring a system that supports both a bank’s business goals and compliance obligations while synchronizing with existing internal tools also improves overall operational efficiency. 

A bank cannot manually check thousands of news stories every day in multiple languages. Compliance and AML professionals are painfully aware that manual checks can be time-consuming, costly, and ultimately frustrating. Using traditional unstructured adverse media databases and search engines means reading, digesting, and interpreting dozens of articles or more. Many will be duplicates or irrelevant and often unrelated to the subject. Ultimately, this leads to decisions being taken without the best available information. 

Regulations 

Regulatory bodies have emphasized the need to construct accurate risk profiles for banking clients despite differing AML regulations. They have made screening for negative media an essential legal requirement for know your customer (KYC) onboarding protocols, continued customer due diligence (CDD), and enhanced due diligence (EDD) on potentially high-risk customers. 

In the United States, the Financial Crimes Enforcement Network (FinCEN) requires financial institutions to comply with the Bank Secrecy Act (BSA). Adverse media screening is also instrumental in supporting SAR filing.

The EU’s 6th Anti Money Laundering Directive (6AMLD) mandates banks to perform enhanced due diligence for high-risk customers. At the same time, Financial Action Task Force (FATF) guidelines recommend using adverse media searches as part of an enhanced due diligence process. 

The pressure is on banks and all AML-regulated financial institutions to find more efficient and cost-effective ways to fulfill their regulatory obligations while alleviating pressure on budgets and maintaining customer satisfaction.

A risk-based approach

The FATF emphasizes the risk-based approach for mitigating money laundering risks, and under its guidelines, adverse media screening is an important way to help develop accurate customer risk profiles. Politically Exposed Persons (PEPs) and other higher-risk relations are better monitored and receive an extra layer of scrutiny. 

Adverse media and AI 

As a result, many firms are turning to innovative solutions to automate processes and reduce the manual and ineffective processes that still characterize many AML control frameworks in US banks and financial institutions. 

Last year, the FATF published a significant report in this area called ‘Opportunities and Challenges of New Technologies for AML/CFT,’ setting out the case for investing in new technology to improve the speed, quality, and efficiency of measures to combat money laundering and terrorist financing. It states that these technologies can help financial institutions and supervisors assess the risks they face more accurately and quickly. When implemented using a risk-based approach, new technologies can also improve financial inclusion, bringing more people into the regulated financial system and thereby reinforcing the effectiveness of AML/CFT measures. 

The business case and evidence for investing in new technology solutions have never been stronger, with new AI-based adverse media screening and ongoing monitoring solutions changing the onboarding landscape with real-time and dynamic customer profiling.

The new generation of adverse media screening solutions aims to provide a 360-degree view of customers across both individuals and legal entities. This creates a more rounded and informed view of potential risk during the assessment process with a more accurate risk score at the beginning of the customer relationship. It also ensures that ongoing monitoring is more focused on potentially riskier relationships, providing alerts in real-time should a risk profile change significantly.

Adverse media as an investment

Building a business case to support investment in AML systems has never been easy. Boards of directors tend to view AML compliance as a cost to the business as opposed to investing in anti-fraud solutions that can be more easily tied to the bottom line. However, there has been a marked increase in interest from boards and executives following several high-profile breaches, resulting in huge fines and considerable management time spent dealing with the fallout. Boards now accept that adverse media screening is essential to managing the spectrum of risks that a firm is exposed to. This is moving beyond the ‘established’ range of money laundering and terrorist financing risk into human trafficking, human rights abuses, modern slavery, and environmental crime. AI-based adverse media screening solutions can be trained to monitor all relevant risk areas in real-time if necessary.

Ease of integration and operational efficiency

The final puzzle to consider in the business case is the ease of integration and associated professional services costs. Integrating an adverse media solution into an existing workflow should maximize the operational efficiency of a bank’s risk mitigation program with minimal integration costs.

Using adverse media banks can radically improve their efficiency and effectiveness by viewing AML compliance not just as a regulatory requirement but as part of its core strategy to enhance competitiveness. 

Celent report: Maximizing the Value of Adverse Media Monitoring

For this report, leading research and advisory firm Celent interviewed global banks from across the world, providing practical tips on how adverse media can be integrated into an existing AML value chain.

Download now

To explore more about the practical benefits of adverse media for compliance teams, explore the pieces below:

• How to make adverse media searches actionable and useful for banking
• Delivering a risk-based approach with adverse media
• How can adverse media reduce reputational risk?
• The importance of adverse media for enterprise-wide risk assessments

Footnotes:

1. Cost of Compliance Report 2022: Officers face competing priorities & future planning – Thomson Reuters Institute 
2. https://www.fatf-gafi.org/publications/fatfrecommendations/documents/opportunities-challenges-new-technologies-for-aml-cft.html 
3. https://www.wolfsberg-principles.com/articles/publication-negative-news-screening-faqs 

The post The business case for adverse media screening in banking appeared first on ComplyAdvantage.

Yet, unexpected events and resulting bad news can quickly damage a bank’s reputation and stock value. 12.6% of sudden plunges in stock prices are attributable to reputational issues, according to research from business consultancy Oliver Wyman. So why are so few firms taking adequate steps to protect their reputations? Even large organizations can be caught off-guard and suddenly find themselves managing events reactively.

Managing reputational risk is a complex and ongoing discipline in the banking industry. Regulations, digital innovation, the internet, sanctions, cybersecurity, and data breaches converge with rising levels of financial crime and fraud to create a unique risk landscape that is difficult to manage. 

Financial crime risk is heavily regulated from a money laundering and terrorist financing perspective. US banks that are governed by the Bank Secrecy Act and regulated by FinCEN are obliged to implement a rigorous control framework to protect customers and other stakeholders from the instability caused by the misuse of the financial system by criminals and terrorists.

Yet, the history of fines in the USA imposed on banks for failure to implement adequate anti-money laundering (AML) controls over the past decade reveals a story of widespread failure to protect the organization and its reputation. Inadequate customer due diligence points to the need for greater use of adverse media screening than banks have used historically.

Few banks escape the attention of the regulator, and with tougher anti-money laundering regulations being introduced, the risks of getting it wrong increase even more. How can banks manage these reputational risks? In short, Know Your Customer (KYC) processes need to evolve rapidly to embrace AI technology and data analytics to implement a true risk-based approach. 

Adverse media screening has a central role in this in going beyond PEPs and sanctions checks to enable a bank to check if it has links to any customers, intermediaries, or correspondent banking relationships with possible connections to money laundering and terrorist financing. Drug trafficking, modern slavery, organized crime, illegal gambling, fraud, and much more – in every case, adverse media can be used to monitor such risks to protect the organization specifically.

FinCEN’s FAQ from January 2021 provides clear guidance that using adverse media alerts from screening can inform a risk concern and indicate that further investigation is needed to assess if suspicious activity is happening. 

However, the first priority for any bank or financial institution is to understand which areas of the business are most exposed to reputational risks. This is a challenging exercise and requires a team approach and expert help. In addition, there needs to be a detailed understanding of financial crime typologies to help better recognize threats pre-emptively. That means building a deep understanding of the specific types of risk that can threaten a firm’s reputation. From this analysis, detailed adverse media screening controls can be implemented, specifically monitoring the identified categories of risk.

Money laundering manifests in many forms and the increasing sophistication of criminals and the use of technology, the dark web, and digital currencies places a greater burden on compliance teams to protect their firms from reputational risk. 

The latest genre of adverse media solutions can extract data from multiple data sources across the entire web operating in real-time, bringing actionable risk intelligence into the customer’s world quickly and cost-effectively. Using pre-defined risk categories and keyword searches using natural language processing technology with in-built workflow tools has made what was hitherto impossible perfectly possible. 

Banks and other financial institutions can now confidently design solutions that provide an effective defense from reputational risks not just with specific higher-risk customers but across the entire customer portfolio. Implemented effectively, adverse media can be the equivalent of a radar system sweeping the horizon to identify incoming threats before they materialize, enabling pre-emptive action. 

As a result, organizations can now use adverse media cost-effectively as part of a rounded risk assessment across the business. Adverse media checks will routinely inform all customer risk assessments and improve the accuracy of resultant risk scores. This provides a much more comprehensive and informed view of potential risk at the onboarding stage.

There is no doubt that reputational risk exposure has become a strategic priority for all banking stakeholders, from the board of directors to employees, investors, and customers. 

Maintaining financial stability, early identification of financial crime risk, and protecting customers and shareholders from losses is paramount. Innovative adverse media solutions now exist to help combat these threats, avoid fines and preserve a bank’s reputation.

Celent report: Maximizing the Value of Adverse Media Monitoring

For this report, leading research and advisory firm Celent interviewed global banks from across the world, providing practical tips on how adverse media can be integrated into an existing AML value chain.

Download now

To explore more about the practical benefits of adverse media for compliance teams, explore the pieces below:

• How to make adverse media searches actionable and useful for banking
• Delivering a risk-based approach with adverse media
• The importance of adverse media for enterprise-wide risk assessments
• The business case for adverse media in banking

The post How can adverse media reduce reputational risk? appeared first on ComplyAdvantage.

In July 2022, the US Board of Governors of the Federal Reserve System stated that: ‘Banks must apply a risk-based approach to customer due diligence (CDD), including when developing the risk profiles of their customers.’ The statement goes on to develop this in more detail, making clear its expectation that banks will fully implement and adopt these principles in compliance with BSA/AML requirements. 

A similar picture is evident in other major financial centers. Regulators in Canada, the UK, EU, and other major financial centers around the world are implementing a risk-based approach to supervision and expect banks and other financial institutions to adopt the same approach.

In the EU, the latest directive for implementation – commonly known as 6AMLD – further strengthens anti-money laundering and terrorist financing requirements by providing a standardized definition of 22 predicated offenses that constitute money laundering. It also expands the penalties and criminal liabilities for failure to prevent money laundering.

Adverse media screening has become an essential element of a bank’s anti-money laundering defenses and is even more important in the implementation of a risk-based approach. 

In carrying out a risk assessment at client onboarding for both individuals and businesses, managing higher-risk relationships requires access to adverse media data to mitigate a wide range of criminal activities, particularly if this could lead to money laundering and terrorist financing.

Therefore, adverse media solutions must be designed to meet the full range of risk categories that may be encountered in AML/CFT customer due diligence checks. AML regulations specifically identify that enhanced due diligence measures be taken if there is political exposure, activity in higher-risk jurisdictions, any previous adverse risk history, or unusual circumstances. In these situations, adverse media screening must be carried out.

The risk-based approach also recognizes that risk is dynamic and the profile of a customer onboarded as ‘low risk’ can quickly change. Traditionally, banks have applied periodic reviews to all customers updating KYC at variable time periods depending on the initial risk assessment. However, the risk-based approach demands a system that can generate alerts as soon as there is a significant change in the risk profile to avoid potential future problems. Often referred to as perpetual KYC, real-time ongoing monitoring of existing customers means being alerted to new risk events with an existing customer to prompt an investigation. Regulators are placing greater emphasis on this aspect as the effectiveness of AML controls is under the spotlight.

Traditional methods of obtaining adverse media from either search engines or databases are unsuitable for real-time monitoring and increasingly banks in the US, Canada, and Europe are turning to solutions that are driven by AI, meaning they’re capable of accessing data from millions of data points on the internet and combining them into actionable risk intelligence in near real-time. 

Delivering improved outcomes with adverse media

Adverse media data that is specifically related to the wide range of predicate offenses defined by the FATF (and now included in the broadened scope of the new Anti-Money Laundering Act in the US) is critical in effectively managing higher levels of customer risk.

Managing risk doesn’t mean straying into de-risking, however. The Federal Reserve Governors statement goes on to say: ‘The Agencies continue to encourage banks to manage customer relationships, and mitigate risks based on customer relationships, rather than decline to provide banking services to entire categories of customers.’

Smart firms are capitalizing on this and gaining a commercial advantage by implementing a robust risk-based approach using technology-driven adverse media solutions to automate many of these processes. This frees up compliance teams’ time, enabling them to properly understand, analyze, and interpret risks for effective decision-making.

Adverse media screening remains an increasingly important aspect of a well-rounded AML program. Although guidance for screening against adverse media could seem less structured initially than other regulatory requirements related to CDD, sanctions, or PEPs, compliance professionals are encouraged to use state-of-the-art tools and automated solutions to reduce manual efforts and not just meet, but exceed, regulatory requirements.

Celent report: Maximizing the Value of Adverse Media Monitoring

For this report, leading research and advisory firm Celent interviewed global banks from across the world, providing practical tips on how adverse media can be integrated into an existing AML value chain.

Download now

To explore more about the practical benefits of adverse media for compliance teams, explore the pieces below:

• How to make adverse media searches actionable and useful for banking
• How can adverse media reduce reputational risk?
• The importance of adverse media for enterprise-wide risk assessments
• The business case for adverse media in banking

The post Delivering a risk-based approach with adverse media appeared first on ComplyAdvantage.

Led by the Treasury and developed by a working group consisting of the Council of Financial Regulators, AUSTRAC, the Australian Competition and Consumer Commission (ACCC), and the Attorney-General’s Department, the report outlines four policy recommendations, including:

• Collecting de-banking data
• Introducing transparency and fairness measures
• Advising the government on the risk tolerances of the four major banks
• Investing in improving banking capabilities provided to digital currency exchanges, FinTechs, and remittance providers

Policy recommendations

The report proposes collecting data from the “Big Four” banks on “the extent and nature of the debanking problem.” A two-phased approach is suggested, with the initial data collection exercise being voluntary before introducing a more formal and regular data collection process under the Financial Sector (Collection of Data) Act 2001. The staggered approach is to confirm the process provides valuable insights before implementing a permanent requirement.

The Treasury also recommends banks apply five measures “designed to increase transparency, consistency, and fairness to individual and small business customers regarding all debanking decisions.” These transparency measures include:

• Documenting reasons for de-banking a customer
• Providing de-banked customers with the bank’s reasoning
• Ensuring de-banked customers have access to Internal Dispute Resolution procedures
• Providing a minimum of 30 days’ notice before closing a customer’s existing core banking services
• Self-certifying adherence to the above measures

The report’s third recommendation suggests banks publish guidance on risk tolerance and compliance requirements for high-risk banking businesses. By outlining the banks’ expectations and standards for maintaining a banking relationship, existing and potential customers in the high-risk sectors will be granted greater clarity on how to meet the banks’ expectations.

Fourthly, the Treasury recommends that consideration be given by the government to fund targeted education, outreach, and guidance to the FinTech, digital currency exchange, and remittance sectors. The report highlights that such an investment would increase the capabilities of each high-risk sector and “enhance compliance outcomes and reduce compliance risk.” 

De-banking concerns 

De-banking is defined by the Financial Action Task Force (FATF) as situations where financial institutions restrict or terminate business relationships with clients, sectors, or even entire countries to avoid risk. 

In September 2021, the CEO of FinTech Australia told the Senate committee that approximately 150 of her organization’s members had been de-banked by financial institutions, with no reason provided or ability to appeal the decision. 

In November 2021, AUSTRAC issued guidance around de-banking, urging financial institutions to take a risk-based, case-by-case approach to managing anti-money laundering and combatting terrorism financing (AML/CTF) challenges rather than simply closing accounts. AUSTRAC’s chief executive, Nicole Rose, also raised concerns that such measures could increase the risk of money laundering by pushing criminals underground where regulators would have less visibility. 

The Treasury reemphasizes Rose’s concerns throughout the report, noting that de-banking could have a “devastating impact” on businesses, individuals, market competition, and innovation in emerging sectors. 

In a statement released on Monday, October 3, Australian Treasurer Jim Chalmers welcomed the report’s recommendations, noting that “the government is committed to promoting innovation and competition in the financial services sector and will continue to work with affected customers.”

Key takeaways

From regulatory sandboxes allowing license-free testing for up to two years to the Banking Royal Commission opening the door to innovation in 2019, Australia’s pro-competition and pro-innovation outlook tee up further legislative and regulatory support for the FinTech industry. 

To stay on top of Australia’s evolving regulatory landscape, compliance staff in high-risk sectors should ensure they are familiar with AUSTRAC’s current guidance: 

• Preventing the criminal abuse of digital currencies
• Detecting and stopping ransomware payments
• Digital currency exchange risk management methodology fact sheet
• Independent remittance dealers in Australia risk assessment 2022
• A guide to preparing and implementing an AML/CTF program for your digital currency exchange business
• SMR and digital currency exchange provider webinar recording

The post De-Banking Policy Advice: Australian Government Pledges Response appeared first on ComplyAdvantage.

The settlement comes after an investigation managed by AUSTRAC in June 2021, which brought concerns about NAB’s AML/CTF program, systems, and controls to the surface – including issues related to customer identification procedures and due diligence. 

NAB has avoided a major financial penalty for its non-compliance – unlike other Australian financial institutions, including Westpac and Commonwealth Bank of Australia (CBA) which received fines and penalties totaling $2 billion for failing to report customers’ suspicious transactions in 2020 and 2018 respectively. 

In 2021, AUSTRAC chief executive Nicole Rose indicated that work by NAB to fix its shortcomings may see it avoid the severe penalties imposed on Westpac and CBA. “Some of these legacy systems are taking a couple of years to fix which we get and are sympathetic to as long as we’re seeing the progress, and they’re sincere about it,” she said. 

Implementing a comprehensive remedial action plan

Under the terms of the EU, NAB has agreed to complete a remedial action plan (RAP) to uplift the following key areas of its AML program: applicable customer identification procedures; customer risk assessment, and enhanced customer due diligence; transaction monitoring; and governance and assurance. 

Rose has said the investigative work completed thus far has been collaborative and that AUSTRAC will continue to monitor NAB’s progress to ensure actions are taken within the defined timeframes and maintain regular, ongoing discussions throughout the remediation process.

According to the conditions of the EU, NAB is required to:

• Finalize a RAP approved by AUSTRAC by December 31 2024;
• See to any deficiencies or concerns identified by AUSTRAC regarding the activities in the RAP; and
• Assign an External Auditor to provide a final independent auditors report by March 31 2025.

Responding to the EU’s public announcement, NAB CEO Ross McEwan said, “We take our AML/CTF obligations very seriously. We acknowledge the concerns that led to AUSTRAC’s investigation. We will continue to work closely with AUSTRAC as we deliver the agreed further actions.”

Reviewing AUSTRAC guidance

In addition to reflecting on NAB’s compliance shortcomings and the large fines received by other Australian financial institutions for similar failings, compliance teams should pay particular attention to the wide-ranging guidance issued by AUSTRAC in the last 12 months. 

Some of the most recent AUSTRAC guidance include:

• Common reporting errors from compliance teams
• Detecting and stopping forced sexual servitude 
• Preventing misuse and criminal communication through payment text fields
• Source of funds and wealth guidance

The NAB announcement from AUSTRAC also demonstrates that while the regulator has said it is trying to focus more on high-risk industries – including crypto, casinos, and clubs – they are still monitoring the banking sector, and are placing a lot of emphasis on a culture of compliance, and self-disclosure of any deficiencies.

The post National Australia Bank enters into enforceable undertaking with AUSTRAC for AML failings appeared first on ComplyAdvantage.

The fine comes as the Cullen Commission nears the completion of its investigation into whether systemic regulatory failures are allowing money laundering to take root in the British Columbian real estate market, and in casinos. While the Laurentian Bank of Canada is headquartered in Quebec, the bank does extend its coverage to British Columbia. As of May 4 2022, all evidence has been presented to the Commission and an extension was granted until May 20 2022 for it to deliver its findings.

The Proceeds of Crime (Money Laundering) and Terrorist Financing Act

Introduced to regulate the prohibition of laundering the proceeds of crime and to combat terrorist financing activities, the PCMLTFA and its regulations were amended in June 2018, and subsequently again in June 2019 and June 2020, following Canada’s last mutual evaluation report (MER) from the Financial Action Task Force (FATF) in 2016. 

The 2016 assessment found that Canada had a strong regime to combat money laundering and the financing of terrorism that achieved good results in some areas, but required further improvements to be fully effective. As a result, the 2021 PCMLTFA substantially reduced the time for submitting an STR from “within 30 days” of determining that the activity is suspicious to “as soon as practicable”.

STR filing guidance

To avoid similar substantial penalties, compliance teams in the region should note the STR filing guidance issued by FINTRAC and assess whether their AML programs meet its requirements. The guidance includes what measures to take when establishing if there are reasonable grounds to suspect if a transaction is related to the commission of a money laundering offense or a terrorist activity financing offense. These include:

• Screening for and identifying suspicious transactions;
• Evaluating the context surrounding a suspicious transaction;
• Connecting ML/TF indicators to an assessment of the context; and
• Explaining the grounds for suspicion in an STR, where the reporting analyst must  articulate how the facts, context, and ML/TF indicators allowed them to reach their grounds for suspicion
  

The FINTRAC guidance also reminds compliance staff that reporting an STR to FINTRAC does not prevent firms from contacting law enforcement directly. However, if firms do notify law enforcement of a suspicious transaction, an STR still needs to be submitted. Additional actions firms can take are:

• Initiating enhanced transaction monitoring;
• Closing the account(s) in question or exiting the business relationship; and/or
• Canceling, reversing, or rejecting the transaction.

Strengthening AML/CTF measures 

In 2021 the Financial Action Task Force (FATF) published an update on Canada’s progress in tackling money laundering and terrorist financing since its 2016 assessment, noting that the country had made progress on STR reporting, moving from ‘partially compliant’ to ‘largely compliant’. 

The FATF notes: “Since the MER, Canada has made legislative amendments to require reporting entities to report STRs promptly to FINTRAC, after establishing reasonable grounds to suspect that the transaction or attempted transaction relates to the commission or attempted commission of an ML or TF offense. The deficiencies identified in the MER in relation to the scope of the PCMLTFA remain a minor deficiency”.

The FATF also stated that FINTRAC had improved its compliance on politically exposed person (PEP) screening, wire transfers, reliance on third parties, and DNFBP management. 

For the Laurentian Bank of Canada, the compliance exam conducted by FINTRAC covered the period from January 2018 to March 2019. The bank has paid its penalty and the case is now closed.

The post FINTRAC fines Laurentian Bank of Canada for STR submission failings appeared first on ComplyAdvantage.

Its review of challenger banks has revealed that while many used technology innovatively to identify and verify customers at speed, there were concerns about the level of due diligence and reporting to law enforcement.

A rise in the number of Suspicious Activity Reports (SARs) by challenger banks raised particular concerns about the adequacy of checks when taking on new customers. Weaknesses were also noted in customer due diligence (CDD) and enhanced due diligence (EDD) procedures, the FCA said. 

The Rise of the Challenger Banks

Challenger banks are a significant part of the UK’s fast-growing fintech ecosystem – and quicker onboarding times have often been an important part of their competitive appeal. However, the UK’s National Risk Assessment (NRA) of money laundering and terrorist financing warned in 2020 that criminals could be attracted to the fast onboarding process that challenger banks advertise, particularly when setting up money mule networks.

Sarah Pritchard, Executive Director, Markets at the FCA said: “Challenger banks are an important part of the UK’s retail banking offering. However, there cannot be a trade-off between quick and easy account opening and robust financial crime controls. Challenger banks should consider the findings of this review and continue enhancing their own financial crime systems to prevent harm.”

Although this review was aimed at challenger banks, its advice should be considered by all firms dealing with anti-money laundering (AML), as the shortcomings and recommendations could be pertinent to all. Key areas for improvements include: 

• Customer risk assessment (CRA). The CRA frameworks in some challenger banks were not well developed and lacked sufficient detail, with customer risk assessments not always in place. Most challenger banks did not obtain details about customer income and occupation.
• CDD and EDD. Some challenger banks failed to have the required CDD procedures at the customer onboarding stage, showing an overreliance on their transaction monitoring systems to identify higher risk customers.“No matter how good a transaction monitoring system is, firms must still comply with the relevant CDD requirements. Moreover, inadequate CDD will mean a less effective transaction monitoring system” the report warned. There is a need to consistently apply EDD and document it as a formal procedure in higher-risk circumstances, for example when managing politically exposed persons (PEPs).
• Financial crime change programs.  Weaknesses in the management of financial crime change programs included inadequate oversight and a lack of pace in implementation, meaning that control frameworks were not able to keep up with changes to business models.
• Ineffective transaction monitoring alert management. Inadequate handling of transaction monitoring alerts included an inconsistent and inadequate rationale for discounting alerts by alert handlers, a lack of basic information recorded in the investigation notes, and a lack of holistic reviews of the alerts.

Transaction monitoring alerts were also not reviewed in a timely manner due to inadequate resources. The FCA noted that “This affected the challenger banks’ ability to make SARs as soon as is practicable, as required under the Proceeds of Crime Act 2002.”

• SAR and DAML submissions. There has been a large increase in the number of SARs and Defense Against Money Laundering (DAML) reports that challenger banks have submitted. However, these are often for very low amounts, which are less likely to result in law enforcement action. Firms have sent a significant number of DAML reports to the UK Financial Intelligence Unit (UKFIU) when exiting customers that do not fit their risk appetite. These customers shouldn’t have been onboarded and better controls and risk assessment may have identified them sooner. In some challenger banks, once a DAML is submitted appropriate blocks are not being applied, enabling a subject to continue transacting. The FCA also highlighted the need for more detail on contextual information in SAR filings – including an explanation of an analyst’s suspicions alongside transaction data – and a warning about the incorrect use of SARs to report fraud and/or send information about predicate offenses.
• Principle 11 Notification. There have been significant financial crime control failures, in which challenger banks failed to notify the FCA. Firms have an obligation under Principle 11 of the FCA’s Handbook to disclose anything relating to the firm that the FCA should reasonably expect.

The FCA’s next steps guidance provides more helpful information for firms:

1. Review the FCA’s observations and recommendations in detail and enhance financial crime frameworks 
2. Apply a risk-based approach to AML controls and ensure financial crime controls remain fit for purpose as businesses develop and grow
3. Ensure customer risk assessment and EDD adapt to the heightened risk of sanctions evasion, including identification of ultimate beneficial ownership in higher-risk corporate structures
4. Review the Treasury’s NRA to ensure firms have appropriately considered ML/TF risks as part of their risk assessments
5. Review the FCA’s Dear CEO letter to retail banks on common control failings identified in AML frameworks – these common themes equally apply to challenger banks 
6. Refer to the guidance produced by the Joint Money Laundering Steering Group
7. Firms should be prepared to update the FCA on their financial crime frameworks 

Find out more about AML for digital banks with our handy guide.

The post FCA Warns of Financial Crime Control Weaknesses in UK Challenger Banks appeared first on ComplyAdvantage.

What is Customer Due Diligence?

Customer due diligence refers to the measures and controls that firms use to establish and verify the identities of their customers. For banks and other financial institutions, CDD measures and controls help firms ensure they are not doing business with criminals who intend to use their services to launder money or finance terrorist activities. CDD is particularly important for banks since money launderers may use sophisticated criminal methodologies to evade AML/CFT controls or exploit vulnerabilities in the financial system.

CDD in banking is also a foundational component of the risk-based approach to AML/CFT recommended by the Financial Action Task Force (FATF) – which requires banks to deploy a compliance response commensurate with the level of risk that they face. Accordingly, banks should use the information that they collect during the CDD process to perform risk assessments of individual costumes and to build risk profiles in order to judge those customers’ subsequent financial behavior.

CDD in Banking: Data Collection

With those factors in mind, customer due diligence in banking and other financial services should involve the following data collection requirements:

Personal identifying documents: Banks should establish the identities of individual customers by collecting their names, dates of birth, and residential addresses. In practice, this means customers should be required to submit personal identification documents (or copies of those documents) such as passports, driving licenses, birth certificates, and utility bills.

Ultimate beneficial ownership: Criminals often attempt to use corporate infrastructure or shell companies to disguise their identities, transacting anonymously with banks in order to evade AML/CFT controls. With that in mind, when dealing with corporate customer entities, banks should seek to establish ultimate beneficial ownership (UBO), by acquiring incorporation documents and other official company information that asserts the identities of the individuals behind the infrastructure.

Biometric data: Many banks offer financial products and services over the internet, where criminals may be able to take advantage of online anonymity to evade AML/CFT controls. In this context, the CDD process should include the collection of certain biometric identifying data points, such as face, voice, and fingerprint ID.

Compliance Penalties

Failures in CDD, or inadequate CDD measures and controls, may expose banks to significant criminal risks and lead to AML/CFT compliance violations. Penalties for violations vary by jurisdiction but data suggests that governments are increasing their focus on AML/CFT: since 2009, global regulators have issued around $32 billion in AML/CFT compliance fines, while in 2020, the US, regulators extracted $11.11 billion from banking institutions.

When Should CDD in Banking be Applied?

Banks should apply some level of customer due diligence to every customer that they serve. Under the risk-based approach, lower risk customers may be subject to standard levels of CDD scrutiny, while higher risk countries should be subject to enhanced due diligence (EDD). EDD requires banks to implement more intensive identification measures, including obtaining further documentation from customers, or establishing the source of funds and wealth.

A standard CDD in banking process may involve the following steps: 

• Submission of personal details: Customers enter personal details (name, address, etc.) into an online form – or on a physical document if engaging in person. 
• Official documentation: Customers provide official documentation to verify their personal details in the form of a passport, driver’s licence or similar. 
• Biometric verification: Banks may require customers to submit biometric data to support their personal details and then verify their identities to gain ongoing access to their accounts. Biometric data may include a ‘selfie’ photo, fingerprint, or voice print. 
• Screening: Information collected during the CDD process should be used to screen customers against relevant AML/CFT lists and databases, including sanctions lists, PEP lists, and other high risk customer watch lists. Screening processes should be ongoing throughout the business relationship. 
• Risk profile: Banks should use CDD data, and any relevant screening data, to build a risk profile for their customers. The risk profile will provide the standard by which to deploy AML/CFT compliance measures. Banks should deploy EDD for customers deemed to pose a higher risk.
• Monitoring: After onboarding, risk profiles may be used to judge subsequent financial behaviour. Banks should, for example, monitor customer transactions on an ongoing basis for signs of unusual or suspicious activity which does not correlate with a customer’s established profile.

AML/CFT Software Solutions for CDD in Banking

The customer due diligence process requires banks to collect and analyze large amounts of data, and then store that data for ongoing monitoring purposes. Since CDD takes place at onboarding, customer experiences are also a concern: CDD that is too onerous or invasive may create negative customer experiences, while inadequate CDD in banking may result in them missing AML/CFT risks.

With those factors in mind, banks should seek to automate their CDD process. CDD software not only delivers speed, accuracy, and capacity benefits, and reduces the potential for costly human error, but enables banks to create richer customer risk profiles in order to better detect AML/CFT risks. Further, with the benefit of machine learning systems, banks may be able to enhance their wider AML/CFT process, using CDD data to make predictions and decisions about financial behavior, and factoring in changes to regulation or emergent criminal methodologies.

Further Reading on CDD in Banking

• • Our AML Guide for Digital Banks explores how digital-first banks can build an effective AML compliance program
  • Or, explore how our transaction risk management and customer screening solutions are helping banks around the world today

The post CDD in Banking: What You Need To Know appeared first on ComplyAdvantage.