The initiative follows the council’s announcement in September 2022, which highlighted the beginning of the local authority’s dirty money campaign. According to Adam Hug, leader of Westminster Council, “It took the war in Ukraine to refocus attention on oligarch investments and what London has become in terms of a European laundromat for dirty money.”

In the press release, it was noted that Westminster had seen a 1,200 percent rise in the number of properties registered to owners in Russia since 2010. 

Westminster Against Money Laundering Charter

In 2022, Transparency International reported that £1.5bn of UK property – mainly in London – was bought by Russians who had been sanctioned and/or accused of corruption. Nearly 30 percent of these properties – the highest percentage – were in the City of Westminster. The nonprofit also found that over 2000 companies registered in the UK and its overseas territories were involved in 48 Russian money laundering and corruption cases. 

To illuminate illegal practices that obfuscate the real overseas owners of properties and businesses, the Westminster Against Dirty Money Charter outlines the following commitments:

• Develop a list of properties where the ultimate beneficial owner (UBO) is unclear or appears inconsistent with other records. These properties will then be mapped across London and shared with relevant enforcement bodies. 
• Be upfront about all beneficial ownership structures by understanding who tenants and leaseholders are and encouraging them to be as transparent as possible.
• Continue to disrupt businesses with a track record of selling unsafe goods and other practices commonly associated with suspicious financial activity. 
• Continue to invest in encouraging positive growth in Westminster.
• Collaborating with other governmental bodies to promote reform of the business rates system to ensure that high streets across London remain vibrant and competitive.

Candy Stores in London’s West End

Highlighted as a case study in the charter, American-style sweet and souvenir shops have been subject to ongoing scrutiny over the past several years due to suspected money laundering activity and unpaid business rates. On Oxford Street alone, there are currently 29 US candy stores, most of which owe Westminster City Council a collective £9m in outstanding business rates. 

A typical behavior seen in these types of businesses is described in the charter as ‘phoenixing’ – where the company dissolves as soon as the council tries to take action to recover arrears. Since the company owner is often listed as a shell company, the council has no assets to pursue. 

Through a combination of enforcement and court action, the local authority said it “has led the national charge” on tackling these types of enterprises that commonly use opaque shell company structures to obscure beneficial ownership. Since the beginning of 2023, the council has recovered £250,000 in unpaid business rates and confirmed the impounding of over £1m in unsafe or illegal goods from the stores due to multiple raids.

Key Takeaways

Westminster Council’s new charter highlights the importance of implementing a robust corporate onboarding and screening solution to map out company ownership and control and uncover hidden threats. Since the know your business (KYB) process requires firms to collect, analyze, and manage vast amounts of data on the businesses they have relationships with, compliance teams should consider implementing an automated KYB solution to reduce time and labor costs. This may involve integrating smart technology tools into an existing anti-money laundering (AML) infrastructure to perform the necessary checks and processes faster and more efficiently than a human compliance employee ever could.

The post Westminster Council Launches New Initiative to Clamp Down on Properties with Unclear Ownership Structures appeared first on ComplyAdvantage.

These amendments come in light of the BSP’s wider financial inclusion agenda, which seeks to address the lack of identity documents that have historically left many individuals unbanked. According to BSP Governor Felipe M. Medella, “eKYC is one of the key enablers to promote innovation and digital transformation” to help increase account ownership throughout the region. 

Amended CDD Requirements 

The new CDD requirements are reflected in section 921/921Q of the Manual of Regulations for Banks (MORB). The updated wording provides minimum requirements for FIs conducting eKYC and expands on how the process must utilize “appropriate systems” to collect and record information. Specifically, the conditions now provide for information and communication technology to be used to capture and record customers’ biometric and other personal information. ln cases where PhilSys is presented, only the front portion, or face, needs to be scanned. FIs are also advised that the PhilSys Number (PSN) on the digital ID’s back portion must remain confidential due to applicable laws and regulations.

Additionally, firms implementing eKYC through a digital ID system must:

• Understand the basic components of the digital lD system, particularly how they apply to the CDD requirements
• Apply an informed risk-based approach to a reliance on digital lD systems for CDD
• Utilize anti-fraud and cyber-security processes to support digital identity authentication
• Ensure all eKYC practices comply with relevant data sharing and protection privacy laws and rules about data processing, storage, and management

eKYC in APAC

The Philippines is one of the latest jurisdictions in Asia Pacific to update its policy guidelines to help FIs comply with anti-money laundering and combatting the financing of terrorism (AML/CFT) rules on knowing their customers. 

In 2019, Hong Kong’s Securities and Futures Commission updated its Code of Conduct to introduce new onboarding rules in non-face-to-face contexts. The update enabled regulated FIs to perform digital client identity verification to open a bank account remotely. Also in 2019, the Hong Kong Monetary Authority (HKMA) issued a circular on the “remote onboarding of individual customers.” Since then, the HKMA has advised firms on implementing remote onboarding initiatives. Published in June 2020, these best practices include:

• Adequately assessing money laundering and terrorist financing (ML/TF) risks associated with a remote onboarding initiative prior to its launch.
• Applying a risk-based approach in the design and implementation of AML/CFT control measures.
• Monitoring and managing the ability of the technology adopted to meet AML/CFT requirements on an ongoing basis.
• Ensuring that ongoing monitoring takes into account vulnerabilities associated with the product and delivery channel.

In June 2021, Malaysia’s central bank also issued policy guidelines on eKYC measures. These include multi-factor authentication of identities, specifically concerning “something the customer possesses (e.g., identity card, registered mobile number), something the customer knows (e.g., PIN, personal information), and something the customer is (e.g., biometric characteristics).” Malaysia also requires FIs to ensure that automated eKYC tools have a false acceptance rate (FAR) of no more than 5 percent. Firms must audit these tools at least once every quarter.

Key Takeaways 

With robust eKYC processes and high-accuracy tools, FIs can:

• Determine which customers have a higher risk of being involved in money laundering, fraud, terrorist financing, and other financial crime. 
• Conduct perpetual/continuous KYC rather than periodic-based reviews.
• Use analytics to facilitate regulation-compliant and accurate evaluations.

To ensure a smooth transition, the circular notes that FIs with existing eKYC systems have one year to comply with the updated requirements. However, firms that intend to shift to an eKYC system will need to comply with the new rules before implementing any new processes.

The post Philippines Central Bank Approves New e-KYC Rules appeared first on ComplyAdvantage.

Published on the same day as Canada’s 2023 Federal Budget, which proposed changes to Canada’s anti-money laundering and anti-terrorist financing (AML/ATF) laws, the government plans to use the assessment to further “enhance the country’s AML/ATF regime.” Additionally, the report notes that the evaluation should be used by financial institutions (FIs) and other reporting entities to increase their understanding of how and where they may be most vulnerable and exposed to ML/TF risks. 

Money Laundering Threats

The following crime types were categorized in light of their sophistication, capability, scope, and proceeds of crime. None of the 23 profit-oriented crimes were rated as a ‘low threat.’ 

This threat analysis corroborates the findings from our 2023 State of Financial Crime report, which surveyed 800 C-suite and senior compliance professionals worldwide – 200 of whom were located in the US and Canada. When asked which typologies were of the greatest concern when submitting suspicious activity reports (SARs), 30 percent said illegal gambling (rated a ‘very high threat’), 28 percent said human trafficking (rated a ‘high threat’), and 22 percent said wildlife trafficking (rated a ‘medium threat’). 

Sectors and Financial Products with Inherent ML/TF Vulnerabilities

The report also analyzes the inherent vulnerabilities of 33 economic sectors and financial products. When conducting this analysis, several factors were considered, including:

• Inherent characteristics – such as the sector’s economic significance and operational complexity
• Nature of products and services – specifically looking at the volume and frequency of transactions
• Nature of business relationships – analyzing the sector’s exposure to high-risk clients and businesses
• Geographic reach – considering the sector’s/product’s exposure to high-risk jurisdictions 
• Nature of the delivery channels – reviewing whether the delivery of products and services can be conducted with anonymity

Only life insurance intermediary entities and agencies were rated as  ‘low vulnerability’. The remaining areas were rated on a medium to very high vulnerability scale. 

Terrorist Financing Threats

In chapter four of the report, Canada’s terrorist financing threats are assessed. While the report notes that several terrorist financing methods have been used in the country, ideologically motivated violent extremism (IMVE) is specifically highlighted as an emerging risk that “the Government of Canada is seeking to address.” 

In 2022, approximately 50 percent of the Canadian Security Intelligence Service’s resources were dedicated to investigating IMVE. The report notes that recent attacks consisted of low-sophistication, high-impact tactics that did not involve or require a broader network of resources. 

According to the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), IMVE-related transaction reporting has shown that organized IMVE groups in Canada use both personal and business accounts to conduct their financial activities. Compliance staff should also take note of the behavioral patterns identified by FINTRAC and stay up-to-date with the country’s ‘listed entities’ as an understanding of IMVE organizations grow. 

Indicators of Terrorist Financing Activity

In December 2022, FINTRAC published an Operational Alert listing terrorist activity financing indicators related to domestic and international terrorist groups. Aimed explicitly at firms subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), FINTRAC issued the indicators to help compliance staff identify and report suspicious transactions and terrorist property. These include:

• Adverse media or law enforcement information that link individuals to violent extremist group(s), sentiments, or violent extremist activity.
• Transactions that involve certain high-risk jurisdictions.
• Excessive email money transfers followed by the depletion of funds through third parties or cash withdrawals.
• Transactions that involve persons or entities identified by media and/or sanctions lists as being linked to a terrorist group or terrorist activities.
• The use of crowdfunding, fintech platforms, and/or cryptocurrencies to finance individuals or groups associated with violent extremism.

Key Takeaways

Compliance staff should review the commentary provided about each high ML/TF threat in detail, especially those working in a sector deemed vulnerable and exposed to certain risks. Firms should review FINTRAC’s guidance and resources for reporting entities for sector-specific guidance.

Additionally, while the report notes that, in many cases, the threat levels remained constant, new trends that involved the leveraging of new technologies were noted. These include internet scams, prepaid card fraud, and the use of virtual currencies to launder illicit funds. To combat the rise of these financial crime types, compliance teams should ensure their AML and fraud solutions provide a holistic view of transactions. This can be done cost-effectively and efficiently by implementing an AI overlay to existing tools. In addition to not requiring a total system overhaul, AI overlays allow organizations to customize their rule sets and identify anomalous behavior in real-time. 

For more risk management best practices for Canadian fintechs, download our infographic.

The post Canada Publishes Updated National Risk Assessment for Money Laundering and Terrorist Financing appeared first on ComplyAdvantage.

The 2022 Federal Bureau of Investigation (FBI) Internet Crime Report listed BEC scams among US networks’ top four major cybercrime threats. With total losses amounting to $2.7 billion, real estate wire fraud was listed as one of the most targeted sectors for the second year in a row. 

Security vendor Abnormal Security further highlighted the increasing severity of BEC scams in its H1 2023 threat analysis. According to the report, recorded BEC attacks grew by more than 81 percent in 2022.  

RE-BEC Money Laundering Typologies 

As these scams continue to rise, compliance staff should familiarize themselves with the following RE-BEC money laundering typologies highlighted by FinCEN:

• Money mules used to hide the movement of funds following a RE-BEC attack.

• Romance scams and elder abuse used to recruit unwitting money mules through social media sites and dating apps. 

• Multiple fraud types conducted in convergence with RE-BEC scams, such as identity theft, economic injury disaster loans fraud, and stimulus payment fraud.

• Alternative payment methods used to convert illicit proceeds, including online payment platforms and convertible virtual currency (CVC).

Impersonated Parties 

With industry standards that include a lot of remote communication and the ability to transact large amounts online, the real estate sector is a particularly attractive target for BEC attacks. In one May 2020 incident i, a victim was waiting to close on a property in Texas when they were scammed into wiring $123,500 after receiving a request from what appeared to be the title agent’s email. The message said that due to COVID-19 restrictions, the banks were processing funds at a slower rate. To ensure there were no delays, the fraudster requested the victim wire the funds and asked them to verify their account number, mimicking standard procedure. It wasn’t until the victim received a phone call from their actual title agent requesting the down payment check that they realized they had been scammed. 

According to FinCEN’s report, title and closing entities were the most commonly impersonated in RE-BEC incidents throughout the review period, representing almost 40 percent of recorded attacks. Other impersonated parties included realtors (23 percent) and investors (16 percent).

Title Fraud on the Rise

Another vertical of real estate fraud making headlines is title fraud, where homeowners themselves are impersonated to the point of their property being sold without their knowledge. This type of scam has become particularly rife in the Greater Toronto Area, where at least 30 homes have been fraudulently sold since late 2021. 

Red flags relating to title fraud include:

• Differing signatures
• The owner/seller lives abroad
• Recently issued identification documents
• A lack of knowledge about the property
• The seller lives at a different address from the property and has no evidence, such as bills or buildings insurance, linking them to the property
• The property is vacant, of high value, and/or has no mortgage
• The seller wants a quick sale

Guidance for Compliance Staff

To effectively and efficiently detect, prevent, report, and mitigate the risk of RE-BEC attacks, FinCEN compiled the following guidance for compliance staff:

• Assess the vulnerability of business processes and systems and consider taking action to increase resiliency
• Adopt a multi-faceted transaction verification process
• Provide training and awareness building to identify and evade spear phishing attempts
• Report BEC-unauthorized and fraudulently induced wire transfers to law enforcement within 72 hours of the transaction
• When filing a suspicious activity report (SAR) related to RE-BEC, provide transactional details and cyber-related information surrounding the incident
• Communicate and share information with other financial institutions

To report BEC scams, compliance staff must contact the FBI’s IC3 or the nearest United States Secret Service (USSS) field office. FinCEN also reminds firms to contact OFAC if there is any reason to suspect a cyber actor may be sanctioned or have a sanctions nexus. 

The post FinCEN Highlights Money Laundering Patterns Related to Real Estate BEC Scams appeared first on ComplyAdvantage.

In March 2023, “a cache of documents” were released under freedom of information laws, revealing that the Treasury’s timetable for consulting Australian crypto firms and designing new legislation currently stretches into 2024. Responding to this, Bragg said the legislative process was not moving forward at an appropriate pace, noting, “businesses aren’t just going to wait around.” The proposed bill aims to expedite the process and provide greater regulatory certainty and clarity for Australian crypto companies.

The Digital Assets (Market Regulation) Bill 2023

In addition to empowering the Australian Securities & Investments Commission (ASIC) with the necessary monitoring and investigation powers to enforce the requirements, the bill provides for civil and criminal penalties to deter misconduct. 

Regarding digital asset exchanges, the bill ensures: 

• Minimum capital requirements to provide a buffer in downturn scenarios
• Participant conduct regulation
• Appropriate governance of activity monitoring and procedures
• Segregation of customer funds
• Cybersecurity requirements
• Disclosure obligations for participants and government agencies
• Record-keeping and reporting requirements

Concerning digital asset custody, the bill would also necessitate:

• Requirements for key personnel to be based in Australia
• Minimum capital requirements
• Segregation of customer funds
• Auditing, assurance, and disclosure requirements

Senate Select Committee on Financial Technology and Regulatory Technology

In October 2021, the Senate Select Committee on Financial Technology and Regulatory Technology issued its final report about regulating cryptoassets. The report outlined 12 recommendations, including reviewing the viability of a retail central bank digital currency (CBDC) in Australia and clarifying the country’s anti-money laundering and counter-terrorist financing (AML/CTF) regulations to ensure they do not undermine innovation.

The proposed Digital Assets (Market Regulation) Bill 2023 would implement the first two recommendations for the Australian Government, which focus on:

• The establishment of a market licensing regime for Digital Currency Exchanges that include capital adequacy, auditing, and responsible person tests under the Treasury portfolio.
• The creation of a custody or depository regime for digital assets with minimum standards under the Treasury portfolio.

Token Mapping

In August 2022, following a major consultation period announced by Bragg, a joint statement was released that announced crypto reforms were underway. Following this, the Australian government published a February 2023 consultation paper exploring which elements of the cryptocurrency ecosystem require additional regulation. The paper set out the basis of a “token mapping framework” to help explain how various cryptoassets might fit into existing regulatory frameworks. While the consultation period for this paper has now closed, compliance staff should stay alert for any further developments relating to the token mapping framework. 

According to the Australian government, the framework will be used to define the development of a custody and licensing framework, which the government will propose for public comment by mid-2023. 

Our 2023 State of Financial Crime report, indicates these regulatory reforms are crucial for Australian firms. When asked what crypto-based services they would offer in the future, 70 percent said a trading or exchange service, 54 percent said crypto as a payment method or rail, and 51 percent a custodian or wallet service. 

Key Takeaways

While private bills only have a 2 percent success rate of passage and can take months or years to become effective, firms may choose to consider the possible impact Bragg’s proposal could have on operations. For example, new regulations may require adding a technology layer or developing a strategy to exit a pool of clients who are suddenly deemed to be breaking the law. 

Further, firms that want to submit to this inquiry are encouraged to do so by May 19, 2023. Following this date, the Economics Legislation Committee will report back by August 2, 2023. Compliance staff can “track” the bill through their My Parliament account to stay up-to-date with its proceedings. 

The post Australian Senator Submits New Crypto Regulation Bill to Parliament appeared first on ComplyAdvantage.

While concern has been raised about no additional funding being allocated to underpin the plan – the total amount of investment remaining at £400 million – Home Secretary Suella Braverman and Chancellor of the Exchequer Jeremy Hunt said the plan “reflects the Budget’s commitments to strong and sustained economic growth”. 

Overview of the Economic Crime Plan 2

Below is an overview of the 2023-2026 strategy, highlighting its main objectives and the actions the government has committed to take to achieve them.

Reduce Money Laundering and Recover More Criminal Assets

The report notes that “it is a realistic possibility” that over £100 billion is laundered through and within the UK annually using “high-end money laundering methods”. To combat this, the government has committed to developing an improved “end-to-end” plan that includes: 

• Limiting the abuse of corporate structures: Action will be taken through the Economic Crime and Corporate Transparency Bill, reforming the role of Companies House and creating a more reliable Companies Register to underpin business activity.
• Increasing the effectiveness of the UK’s anti-money laundering and combatting the financing of terrorism (AML/CFT) regulatory and supervisory regime: While the long-term reform model has not yet been decided, the government plans to work with supervisors to achieve short-term improvements to the regime’s effectiveness. Supervisory reform is also ongoing.
• Combating criminal abuse of cryptoassets: Law enforcement capacity and capability will be enhanced to pursue and prosecute the use of crypto/virtual assets to launder illicit funds. 
• Improving intelligence, feedback, and analysis through suspicious activity report (SARs) reform: Continued action will be taken to complete the delivery of the SARs reform program that began in 2019.
• Recovering more criminal assets: A performance framework will be developed for asset recovery agencies, with the addition of a new social research team to review the impact and share best practices. 

Combat Kleptocracy and Drive Down Sanctions Evasion

Since the UK’s last Economic Crime Plan, the global geopolitical landscape has changed significantly. Following Russia’s invasion of Ukraine in February 2022, the most comprehensive sanctions were imposed against a major power since the end of the Second World War, with the US, European Union (EU), and others coordinating their actions in new ways. Responding to a range of new and growing threats identified in the government’s Integrated Review Refresh 2023, the report outlines the following commitments: 

• Continuously improve the design, implementation, and enforcement of financial sanctions: Cooperation with the US, EU, and other jurisdictions will be enhanced to increase the effectiveness of economic sanctions. An assessment of sector-specific threats and vulnerabilities relating to financial sanctions will also be published. 
• Strengthen operational and international response to kleptocracy: Support will be given to the ongoing work of the NCA’s Combatting Kleptocracy Cell, and international coalitions will be strengthened to tackle long-term enablers of kleptocracy and enhance operational cooperation. 

Cut Fraud

In February 2023, the government announced that fraud would be reclassified as a national security threat, giving it the same status as terrorism. Estimated to account for 40 percent of all crimes committed nationwide, fraud is the most commonly experienced crime in the UK. According to the 2022 cross-government fraud landscape report, public sector fraud and error loss is estimated at £33 billion annually.

According to the Economic Crime Plan 2, the new strategy to cut fraud will:

• Pursue fraudsters
• Block fraud at the source
• Empower people to recognize, avoid, and report fraud 

One of the main actions outlined in the plan revolves around modernizing the response to fraud through the use of leading practices, tools, and technology. Additionally, the government plans to work with ministerial departments and public bodies to improve their understanding of the risks and threats they face.

Compliance staff should also take note of the government’s “forthcoming” strategy for cracking down on fraud. While the strategy was initially due to be published in July 2022, it will “establish a coordinated response from the government, law enforcement, and the private sector to better protect the public and increase the disruption and prosecution of fraudsters,” according to the Home Office. 

Reduce the Threat of International Illicit Finance

The government’s commitments to minimize the threat international illicit finance poses to the UK its interests build on the actions laid out in the first plan. As such, the government intends to:

• Lead efforts to strengthen international standards to improve cross-border asset recovery outcomes
• Work with partners to ensure the effective implementation of international standards
• Strengthen partnerships with other financial centers, particularly the US, United Arab Emirates (UAE), and the UK’s crown dependencies (CDs) and overseas territories (OTs)
• Champion and support increased transparency of beneficial ownership registers in CDs and OTs

Cross-Cutting System Reforms and Capabilities

The report notes that while the above commitments focus on tackling specific threats, numerous “cross-cutting reforms” are required for the actions to succeed. These include:

• Strengthening the role of the National Economic Crime Centre (NECC) as the system leader responsible for informing priorities for the economic crime system and defining a single view of financial crime threats
• Producing and implementing a new public-private economic crime data strategy to better prevent, detect, and pursue economic crime 
• Reviewing and improving data sharing to support the response to public sector fraud
• Introducing 475 new financial crime investigators to boost the country’s response to economic crime 
• Launching City of London Law Court

Key Takeaways

When reviewing the Economic Crime Plan 2, compliance staff should take note of the seven case studies scattered featured the document in yellow and blue boxes. These studies provide context to some of the government’s existing actions and highlight best practices for firms relating to reporting standards and general compliance best practices.

Compliance teams should also take note of delivery dates assigned to each action point and the milestones that have occurred thus far. For example, the SAR’s reform program is due to be completed by Q3 2024. Reporting staff should keep up-to-date with the program’s developments over the coming year. 

The post UK Unveils New Economic Crime Plan to Tackle Money Laundering, Kleptocracy, and Sanctions Evasion appeared first on ComplyAdvantage.

The guidance follows a fact sheet on the so-called “reporting rule” that FinCEN published in September 2022. In this publication, the agency outlined the following key elements of the rule:

• Reporting companies: The reporting rule establishes two types of reporting companies – domestic and foreign. Under the rule, twenty-three types of entities are exempt from the definition of “reporting company.”
• Beneficial owners: The rule identifies a beneficial owner as any individual who exercises substantial control over a reporting company or owns/controls at least 25 percent of the ownership interests. 
• Company applicants: The rule defines a company applicant as the individual who files the document that creates the entity or those who control the document’s filing through another.
• BOI reports: A reporting company must identify itself and report four pieces of information about each of its beneficial owners, including name, date of birth, address, and a unique identifying number.
• Timing: Reporting companies created or registered before January 1, 2024, will have until January 1, 2025, to file their initial reports. Reporting companies created or registered after January 1, 2024, will have 30 days after receiving notice of their creation to file their initial reports.

The reporting rule is the first of three rules designed by FinCEN to set up the beneficial ownership registry, as required by the Corporate Transparency Act (CTA). The second rule relates to those who can access the registry, and the third is connected to updating the existing customer due diligence (CDD) rule. As such, further guidance on the additional rules can be expected from the agency in due course. 

The Summit for Democracy

Following the publication of FinCEN’s guidance, Secretary Janet L. Yellen spoke at the Biden-Harris administration’s second Summit for Democracy, where she announced the launch of a commitment by the US to enhance beneficial ownership transparency. The pledge was also made by more than twenty foreign governments and authorities participating in the Summit on March 28.  

In line with the revised standards issued by the Financial Action Task Force (FATF), the US’ commitment includes:

• Updating legal and/or regulatory frameworks as needed to ensure law enforcement and other competent authorities have efficient access to beneficial ownership information
• Establishing and maintaining a beneficial ownership registry, ensuring the information is adequate, accurate, up-to-date, and consistent with domestic legal or regulatory requirements
• Developing appropriate verification measures
• Ensuring the robust protection of personal data
• Prioritizing the financial, personnel, and technical resources necessary for the implementation of these measures as a core element of an effective anti-money laundering and countering the financing of terrorism (AML/CFT) framework
• Working with foreign partners to share beneficial ownership information and enhance international cooperation

The commitment also aligns with the “first-ever whole-of-government” strategy to counter corruption that the US announced in December 2021. Under the strategy’s second pillar of Curbing Illicit Finance, beneficial ownership transparency is listed as the first way in which the government plans to address deficiencies in the country’s AML regime.  

Canada’s Beneficial Ownership Register

North of the border, the Canadian government is also working towards clamping down on the lack of corporate transparency and accountability. On March 22, 2023, the government announced a new bill had been proposed to create a public beneficial ownership registry. The new legislation follows a series of updates to the Canada Business Corporations Act (CBCA) implemented in 2022. In light of these amendments, most federally incorporated businesses must now proactively submit BOI annually or whenever there is a change in control. The registry’s design has thus far been informed by public consultations held in 2020 and subsequent stakeholder outreach throughout 2022. 

In the 2021 federal budget, it was announced that the beneficial ownership registry would be launched by 2025. However, the “Freedom Convoy” in 2022 brought the issue of corporate transparency into the spotlight as concerns grew over not being able to ascertain where some crowdfunding donations were coming from. Following this, the 2022 budget accelerated Canada’s commitment to implement a public beneficial ownership registry, making it accessible before the end of 2023.

Key Takeaways

As these beneficial ownership registries continue to be developed and implemented, firms operating in or with a nexus to North America should keep up-to-date with guidance and regulatory updates as they emerge. The FATF’s updated beneficial ownership guidance should also be reviewed in detail, particularly the advice given to firms on how to implement the recently revised Recommendation 24. 

The post FinCEN Issues Beneficial Ownership Reporting Guidance appeared first on ComplyAdvantage.

While the Personal Data Protection Act (PDPA) is Singapore’s primary data protection regulation, the PDPA provides a legislative route for “other written law” to prevail over the act’s requirements. In light of this, MAS’ proposed legislative amendments to the FSMB are set to accommodate the sharing of risk information for anti-money laundering, combatting the financing of terrorism, and counter-proliferation financing (AML/CFT/CPF) purposes. 

The Financial Services and Markets (Amendment) Bill 2023

According to MAS, the FSM(A)B lays the groundwork for only the first phase of COSMIC’s launch. During this time, all information sharing will be voluntary among the six major commercial banks that are co-developing the platform – DBS, OCBC, UOB, Standard Chartered Bank, Citibank, and HSBC. 

In light of MAS’ explanatory brief, compliance staff should be particularly aware of the following proposed amendments:

• Information-sharing among financial institutions will only be permitted to mitigate ML, TF, and PF risks. The bill’s amendment means firms can share relevant information despite any restrictions imposed by any written law or contract.
• To ensure the information shared via COSMIC remains confidential, the bill’s amendment requires firms to implement tight cybersecurity controls to guard against unauthorized use.
• The FSM(A)B will provide statutory protection against civil liabilities for disclosures on COSMIC, provided the disclosures are made in good faith, with reasonable care, and following the disclosure thresholds.
• The amendment will also allow MAS and the Suspicious Transaction Reporting Office to access and use COSMIC information for AML/CFT purposes.

Initial Focus Areas

In a briefing document sent to The Straits Times, MAS noted that COSMIC will initially focus on three critical financial crime threats in commercial banking: 

• The abuse of shell companies
• The misuse of trade finance for illicit purposes
• Financing that supports the proliferation of weapons of mass destruction

However, the authority said that despite working with and supervising firms to strengthen the country’s defenses against these three threats, a remaining weakness is the inability of financial institutions to alert each other to inconsistent or unusual activity in their customers’ accounts. According to MAS, criminals often exploit the disparate nature of these information silos, moving from one financial institution to another through a web of accounts to avoid detection. The regulator hopes that COSMIC will eliminate these information gaps and enable firms to “conduct sharper analysis of customer behaviors and activities.” 

In subsequent phases of the platform’s launch, MAS plans to extend COSMIC’s coverage to include additional focus areas.

Key Takeaways

Compliance teams looking to enhance their information exchange procedures should consider the additional resources the Financial Action Task Force (FATF) provides. These include:

• Information about Opportunities and Challenges of New Technologies for AML/CFT
• An advisory on Data Pooling, Collaborative Analytics, and Data Protection
• Guidance on Digital Identity 

As the launch date for COSMIC draws nearer, firms should ensure they understand how the platform will be used and keep up-to-date with the FSM(A) Bill as it makes its way through parliament.

For more information on how to comply with Singapore’s AML regime, compliance teams should review our 7 Tips To Help Fintechs Comply With Anti-Money Laundering In Singapore.

The post Singapore Progresses the Regulatory Framework for its Information-Sharing Platform appeared first on ComplyAdvantage.

According to the NCA’s annual SAR report, 21 percent more SARs were filed and processed in 2022 compared to the previous financial year. As a result of Defence Against Money Laundering (DAML) requests, £305.7 million was denied to suspected criminals – representing a 120 percent increase on the £138.6 million denied from 2020 to 2021.  

SAR Case Studies

The case studies in the booklet are organized into three subcategories: money laundering, vulnerable persons, and fraud and drugs. Law enforcement agencies and other relevant government bodies provided each account, focusing on how SARs continue to be instrumental in instigating and supporting financial crime investigations. 

Money Laundering

In one instance, a DAML SAR was submitted by a reporting entity after suspicions were raised that a customer’s student account displayed activity indicative of money muling. One of the main red flags pointing to this money laundering typology was that large funds were being deposited via money service businesses and immediate deposit machines. The same activity was also detected in other customer accounts, with over £45,000 in cash being deposited into the customer’s student account over six months. As a result of the DAML SAR, over £30,000 has been frozen and inquiries are ongoing.

According to Cifas, the UK fraud prevention service, the number of people under 21 bearing the hallmarks of money mule activity is increasing by 78% year-on-year. In 2021, INTERPOL, Europol, and the European Banking Federation identified over 18,000 money mules, leading to the arrest of 1,803 people involved in criminal activities valued at a collective £59.3 million.

Vulnerable Persons

The UKFIU highlights six case studies related to scams targeting vulnerable persons. Across each account, various fraud types often known to exploit elderly and vulnerable persons are noted. These include:

• Romance scams
• Investment fraud
• Courier fraud
• Bank and police impersonation fraud

According to figures released by Action Fraud, £1.7 billion has been lost to elder fraud in the UK since 2019. The statistics reveal that elder fraud is rising, increasing from around 36,000 recorded cases in 2019 to over 57,00 cases in 2022. Financial losses were also at an all-time high in 2022 – with pensioners losing a total of £460 million, up 10 percent from 2021.

In many of the case studies discussed in the booklet, the UKFIU was able to fast-track the SARs to the relevant law enforcement agencies, which led to the arrest and charging of multiple suspects and the return of funds to victims. 

Compliance staff with reporting responsibilities should ensure they know the SAR glossary codes in the booklet relating to incidents that pose a potential risk to vulnerable adults (XXV2XX) and children (XXV3XX).

Fraud and Drugs

In another instance, a DAML SAR was submitted in light of suspicions about money movement in a customer’s business account. The reporting anti-money laundering (AML) officer noted that the transactions were inconsistent with the nature of the business, and they could not determine the source of funds (SoF). After the UKFIU fast-tracked the SAR to the relevant law enforcement agency, it was determined that the account holder had connections to an associate with a history of drug supply and organized crime group activity.

In addition to identifying drug traffickers and organized crime group members, the Head of the UKFIU, Vince O’Brien, said SARs “have been instrumental in identifying sex offenders, fraud victims, murder suspects, missing persons, people traffickers, fugitives, and terrorist financing.”

Key Takeaways

For more information on reporting processes and best practices, compliance staff can review part four of our Compliance Team’s Guide to Customer Onboarding.

Compliance professionals should also review the categorized list of SAR glossary codes at the booklet’s end. More detail regarding reporting routes can be found in the NCA’s June 2022 publication, where firms are reminded that the relevant glossary code should be included in the Reason for Suspicion text space. Particular categories and codes to take note of include: 

• Money laundering:
  • Linked to sanctioned entities: XXSNEXX
  • Through real estate: XXPROPXX
  • Virtual assets (VAs): XXVAXX
  • Trade-based money laundering (TBML): XXTBMLXX 

• Predicate offenses:
  • Tax evasion offshore: XXTEOSXX 
  • Tax evasion UK-based: XXTEUKXX 
  • Proceeds from benefit fraud: XXF1XX
  • Bribery and corruption: XXD9XX 
  • Modern slavery and human trafficking: XXMSHTXX

• Politically exposed persons (PEPs):
  • International PEPs: XXD7XX 
  • Domestic PEPs: XXD8XX

The post Latest SARs Intelligence Released in New UKFIU Publication for Reporting Entities appeared first on ComplyAdvantage.

A core focus of the February plenary was the increasing scale of ransomware attacks, particularly highlighting the misuse of virtual assets (VAs) allowing criminals to escape undetected with large amounts of money. According to the IBM X-Force Threat Intelligence Index, in 2022 Asia-Pacific saw the highest number of cyberattacks for the second year in a row. 

The FATF’s new reports are the result of research carried out by the global watchdog to better understand the challenges at large. 

Common Methods and Trends

When presenting its 2022-2024 objectives in July 2022, the FATF noted that many countries are struggling to stop or contain cyber-enabled schemes. Our 2022 and 2023 global compliance surveys echo this challenge, with cybercrime emerging as the top predicate offense of concern for compliance teams two years in a row.

And it’s clear to see why. According to the FATF, recent estimates report a fourfold increase in ransomware payments in 2020 and 2021, compared to 2019, owing to new tactics and techniques being utilized by criminals. 

Common ransomware methods and related trends identified in the report include:

• Mixers or tumblers – used to obfuscate the connection between the wallet address sending VAs and the addresses receiving VAs
• “CoinJoin” transactions – where multiple senders and recipients of funds combine their payments in a single transaction
• Anonymity-enhanced cryptocurrencies – used in conjunction with privacy-enhancing technologies such as mixers, ring signatures, stealth addresses, and ring confidential transactions
• Monero – this VA is increasingly being requested by cybercriminals, despite Bitcoin remaining the most commonly used VA in ransomware
• Chain-hopping – used to convert ransom payments from one VA (usually Bitcoin) to another (increasingly stablecoins), before exchanging funds into fiat currency
• Money mules – used to convert ransom payments back into fiat currency by using off-ramps
• Over-the-counter traders – these centralized VASPs are often used to cash out illicit proceeds
• High-risk jurisdictions – cybercriminals send the VAs to high-risk countries with weak or non-existent anti-money laundering and counter-terrorist financing (AML/CTF) controls to convert them into fiat currency.

Compliance staff should note that many of the above methods and trends can be categorized as general crypto money laundering typologies. In this context, concealing ransom payments is the cybercriminal’s goal.

Proposed Actions

In light of the methods used by cybercriminals to carry out ransomware attacks, the FATF provided a list of practical actions countries should take to enhance their ability to disrupt financial flows related to the rising cybercrime type. Good practices include:

• Implementing relevant FATF Standards, including on VASPs, and enhancing detection
• Promoting financial investigations and asset recovery efforts
• Adopting a multi-disciplinary approach to tackle ransomware
• Supporting partnerships with the private sector
• Improving international co-operation

Potential Risk Indicators

The list of risk indicators outlined by the FATF complements those provided in previous guidance on virtual assets red flag indicators published in September 2020. To provide maximum clarity and help public and private sector entities identify suspicious activities related to ransomware, the second report separates the risk indicators by perspective. First, the report lists indicators to help firms identify ransoms paid by victims:

• Outgoing wire transfers to cybersecurity consulting firms that specialize in ransomware remediation
• Unusual incoming wire transfers from insurance companies that specialize in ransomware remediation
• A customer seems anxious or impatient with the amount of time taking for a payment 
• Purchases of or transfers involving anonymity-enhancing cryptocurrencies
• A new customer purchases VAs and transmits the entire balance of their account to a single address

Second, the FATF highlights indicators to help firms detect a criminal account that has received (or is receiving) a ransom payment: 

• Transactions involving anonymity-enhancing cryptocurrencies
• Transferring VAs to mixing service 
• The use of an encrypted network
• Immediate withdrawal after converting funds to VAs 
• Customer information shows that the customer holds an email account known for high levels of privacy such as proton mail or Tutanota
• A high volume of transactions from the same bank account to multiple accounts at a VASP

The FATF notes that a single risk indicator may not warrant suspicion of a ransomware payment on its own. Nor will a single indicator necessarily provide a clear indication of such activity. However, should compliance staff identify any of the indicators highlighted above, teams should undertake further monitoring and examination as appropriate.

Key Takeaways

Managing the risk of ransomware is becoming increasingly complex. To better protect their customers and their firm’s reputation, compliance teams should consider enhancing their cyber defenses and practice increased levels of cyber hygiene. The new ransomware methods and trends identified by the FATF should also be reviewed against firms’ AML/CTF controls, ensuring any gaps are addressed in accordance with the firm’s risk appetite. 

To learn more about the key takeaways from February’s plenary session, read our coverage here.

The post FATF Highlights Ransomware Risk Indicators as Ransom Payments Increase Fourfold appeared first on ComplyAdvantage.