(This is a guest post by Mojca Ivezic)
Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) efforts include a hidden world that few people outside the banking industry know. It’s the world of Know Your Customer (KYC) and Customer Due Diligence (CDD) compliance, and most who know about it consider it dreadfully boring. Even some of my colleagues.
For all those friends and colleagues who listened, either in disbelief, or while falling asleep, to my enthusiastic explanations about why I like KYC and AML, here is why.
I find it very exciting to have a small, but important role in the war against crime, fraud, corruption and terrorism. Fighting against those illegal efforts does not always entail the epic gun battles presented in movies. Many times, those criminals are frustrated, identified and/or captured in their efforts to use financial institutions for illicit purposes – frustrated by people like me, whose work most others would find boring rather than dangerous, who use documents and online searches rather than bullets.
I have a broader financial crime education but I recently focused on banking KYC/CDD. Working in KYC/CDD, my colleagues and I make our contributions at criminals’ most vulnerable point in the money laundering or terrorist funding process. We do this by carrying out the extensive personal and business entity checks designed to prevent criminals from using or transferring funds connected with crimes.
Keys to compliance
As I discussed in my previous post, money laundering and terrorist funding have severe adverse effects that reach well beyond the immediate impact of the crimes. They increase tax burdens to make up for the massive amount of money taken out of the economy and they push tax burdens even higher as governments fund increased law enforcement to combat the crimes. They also increase government corruption, violent crime and healthcare costs. Finally, they increase customers’ cost of banking, lead to job losses and can destabilize companies, industries and even developing nations.
Thus, combatting criminal activity at its most vulnerable point – where criminals or terrorist organizations seek to convert their illicit funds into funds that cannot be traced to their crimes or to the attacks they seek to fund – is essential. Criminals constantly test bank compliance systems to find which institutions and which strategies enable them to launder money or fund terrorism without detection.
Successful financial crime compliance systems start with finding the answer to a multitude of questions.
Is the identification information (for either an individual or an entity) that was provided legitimate? Can it be confirmed that the identification information accurately identifies the applicant, or has it been stolen or faked?
If identification is accurate, does the applicant appear on any lists for money laundering or terrorist activity? Can any connection be found between the applicant and any known criminals? Do any suspicious activities, suspicious relationships or contact with countries that are under sanction surface in a rigorous background check?
Is the applicant the beneficial owner (the one who owns and benefits directly from the account), or is the applicant acting on behalf of someone else? If so, does the beneficial owner pass all the previous tests?
If the applicant is moving money from another institution, is that institution free from suspicion of irregular activity, or does its reputation require additional investigation?
If the applicant is approved for a relationship with the bank, KYC/CDD moves on to ongoing monitoring of the account. Based on the results of the investigation, the customer is assigned a risk rating and a profile for the type of activity that the bank can expect from the customer.
The higher the risk rating, the more often the account will be reviewed and updated. Whenever the customer’s expected activity strays outside what is expected, or whenever a pattern appears that is not consistent with what is expected, the account is also reviewed.
These steps only scratch the surface of what goes into practicing KYC and CDD. Even these practices from nearly 20 years ago (practices have grown even more stringent since then) are far more extensive. But only by maintaining robust compliance practices can banks stay ahead of the criminal elements that try to defeat them.
Consequences for noncompliance
Noncompliance can lead to devastating impacts ranging from reputational damage to massive fines to outright bank failure.
For example, some Latvian banks welcomed money launderers in the past as a source of additional profits, but this business decision backfired. As soon as rumors developed about these banks involvement in money laundering, the banks’ legitimate customers began to withdraw their funds. Major international banks cut ties with implicated banks, leaving them increasingly isolated and vulnerable to failure.
Noncompliance has also brought massive fines on offending banks. The Agricultural Bank of China recently agreed to a USD 215 million penalty for its complicity in money laundering. HBSC was hit even harder, with a massive USD 1.9 billion penalty.
Even such penalties are mild compared to the ultimate penalty for involvement in money laundering and terrorist funding: bank closure. In separate actions during 2016, the Monetary Authority of Singapore shut down two Swiss banks in Singapore, BSI Singapore and Falcon Private Bank over gross misconduct in handling suspicious transactions and relationships.
Reasons that institutions might choose to cut corners on compliance
With such possible consequences, why would institutions take a lax approach to compliance?
Lax approach can come from corruption within the bank, as apparently was with the cases in Latvia and Singapore. When bank officials are corrupt, they can easily weaken the KYC/CDD system to facilitate the flow of illicit funds into the bank.
Bad economic conditions also can lead desperate banks to accept questionable transactions when funds from legitimate sources dry up. Such a situation was widespread during the global monetary crisis, when the head of the UN Office on Drugs and Crime reported that USD 352 billion of illicit funds had entered the worldwide banking system as failing banks struggled to stay afloat.
Another reason that banks get lax on compliance is from fear of offending legitimate customers. New customers generally hesitate to provide the information required in a KYC/CDD review, and bankers often prefer not to press customers for so much information. So, in the misplaced interest of positive customer experiences, compliance is compromised and illicit money finds its way to banks where scrutiny is relaxed.
Sadly, some KYC/CDD teams are at fault, as well. Bank management sometimes presses to have new accounts processed more quickly than thorough scrutiny affords. And if compliance staff finds the process tedious and difficult, they may be all too willing to cut corners to please management.
The rewards of working in compliance
I find it sad that even some working in KYC/CDD find the work tiresome. I find it extremely exciting. Why? I find it rewarding to know I am potentially contributing to identifying, apprehending and frustrating criminals and terrorists. If I do my job correctly, I can frustrate criminals, corrupt officials, tax evaders, fraudsters and others who put innocent people in danger and impose huge costs on everyone. In my small way, I make crime, corruption and terrorism harder for the perpetrators. That’s what excites me the most.
Second, I feel satisfaction in protecting my firm’s integrity. By rooting out transactions connected to illicit activities, I help my bank avoid putting itself in a vulnerable position, receiving penalties and having its reputation damaged.
Finally, I get a feeling of satisfaction from helping legitimate customers establish and maintain a relationship with my bank. Customers, either through the initial onboarding KYC process or through periodic CDD reviews, are impacted by the AML/CTF compliance efforts. If I do my job well, I can validate and clear customers’ relationships with my bank quickly and with a minimal impact to them. This gives customers a positive experience that helps them develop a positive relationship with my bank.
The work of KYC/CDD is not glamorous, but it is essential to maintaining the integrity of financial institutions and – beyond that – a healthy economy and a society less impacted by organized crime.
Thorough KYC/CDD compliance may not always please new customers or front-line bankers, but it has a valuable purpose. It can frustrate criminals and terrorists in their attempts to hide and make use of their illicit money – well before the movie gun fights would come into play.