View
390
Download
3
Category
Preview:
DESCRIPTION
Slides from the CFCS Prep webinar series held on August 18th
Citation preview
Part 1: Financial Crime Commonalities
Money LaunderingCompliance Programs
Ethics
CFCS Examination Preparation SeriesAugust 18, 2014
Brian KindleExecutive Director
Association of Certified Financial Crime SpecialistsMiami, FL
Certification | News Guidance | Training | Networking
Global Private and Public Sector Community
The Mark of Knowledge and Skill The Designation the Times Demand
CFCS Certification
• Provide overview of material on CFCS exam
• Highlight key areas, subjects that appear on exam and suggestions of what to focus
• Offer exposure to practice questions that show structure of exam
Goals of CFCS Prep
About the Exam• 145 scenario based, four choice, multiple
choice questions
• Four hour exam session with no breaks, at one of over 730 testing centers or online proctored
• Passing rate is 68%
• Results given immediately
Preparation Suggestions• Recommended three weeks of study, if you commit 6
– 8 hours a week• Review manual in detail, including referenced
materials in appendix• Prepare based on your own strengths and
weaknesses • Exam based on best practices, not what particular
organizations do
Financial Crime Commonalities
CFCS Examination Preparation SeriesAugust 18, 2014
Defining Financial Crime and its Permutations
• Crimes that have money or economic advantage as goal
• Non-violent action resulting in unlawful taking, moving or disguising of money or other value by artifice, corruption or deception for benefit of perpetrator or another
• ACFCS does not include profit-motivated crimes, like drug and human trafficking at their source
• But, nearly all criminals become ‘financial criminal’ when they possess or control the criminal proceeds
The Financial Crime Spectrum• Money laundering• Fraud• Corruption • Tax evasion • Terrorist financing• International standards• Data security • Asset recovery • Sanctions • Compliance programs• Ethics• Money and commodities flows• Investigations
Globalization of Financial Crime
• FCPA, UK Bribery Act, GAC crackdown
• FATCA, IGAs, multinational tax enforcement
• OECD automatic financial account data exchange
• Global push against secrecy havens
• G20 call for greater financial transparency, cooperation
• FATF’s changing standards pointing to convergence
Technology and Financial Crime
• Cybercrime is increasing exponentially
• Interplay between cybercrime and other financial crimes – data breaches and fraud schemes, money laundering through virtual currencies, etc.
• Compliance and enforcement technology-driven
• Data analytics in transaction monitoring, investigations, customer due diligence
• Data security grows in importance for public, private sectors
Commonalities of All Financial Crimes• Require money laundering• Require a financial institution• Result in tax evasion • Have interface with a government agency• Create necessity to recover assets• Often involve multiple countries• Often involve public or private corruption
14
Benefits of Convergence
Regulatory expectations, emerging best practice Government agencies doing it Leveraging data, systems, tools to access and study data Common case management system Helps manage stakeholder interests, expectations Can produce better SARs All financial crime cases have AML component Many cases involve complicit employees; security, HR Broader career choices for staffs of converged units
15
Practical Considerations on Convergence
A single financial crime job family Sharing best practices Merge organizations or just work together? History and culture clash Skills – some units have skills others lack Managing internal stakeholders’ expectations Managing external stakeholders’ expectations
Money Laundering
CFCS Examination Preparation SeriesAugust 18, 2014
17
Overview and Definition
• Actions or conduct designed to conceal source, movement, control or ownership of money illegally derived
• Movement of money derived through legitimate means, but which is intended or destined to further a crime
• Common element of all financial crimes
18
Stages of Money Laundering• Placement• First step in the process• Infusion of criminal proceeds into traditional or non-
traditional financial institutions• Typically most vulnerable to detection at this point• Moving assets away from their source• Structured deposits• Changing currency into other financial instruments• Using non-bank institutions, like casinos• Complicity of banks, brokers or other institutions
19
Stages of Money Laundering• Layering• Separates criminal proceeds from source through layers of
transactions• Often involves multiple participants and entities, like shell
corporations, cross-border transactions• More layers, more difficult it is to trace funds to perpetrator• Wire transfers• Asset movement among entities perpetrator controls• Purchasing multiple financial instruments
20
Stages of Money Laundering• Integration• Puts laundered proceeds into legitimate economy to appear
legitimately derived, allowing funds to return to financial criminal
• Makes it difficult to distinguish legitimate, illegitimate funds• Detecting integration often requires informant, undercover
agent, forensic accounting. Examples:• Real estate investments• Trade-based money laundering• Loans, business arrangements among complicit entities
21
AML Compliance Programs
• Obviously better to prevent illicit funds from entering financial system than chasing them after the fact
• Key is robust anti-money laundering programs: • Customer due diligence measures, including ongoing due
diligence• Customer profiling and risk assessment• Automated transaction monitoring systems• Customer screening• Investigation of suspicious or atypical customer transactions
and behavior• Enhanced due diligence procedures for higher-risk customers
• Will be described in more detail in later section
22
Characteristics and Indicators of Money Laundering
• Key concept for CFCS exam - Many red flags are situation-specific, depend on type of organization, customer and scenario
• Key is to understand customer’s behavior, source of funds to establish “normal” behavior
• Create customer profile, compare activity, transactions against expectations and peer group
• Good KYC and customer due diligence programs, monitoring essential for detecting laundering
23
Characteristics and Indicators of Money Laundering
Potential red flags
• Account activity inconsistent with customer profile• Account operated by third party• Funds transfers from/to tax
haven• Funds transfers to offshore
jurisdictions with no rationale• Large cash transactions over
short period• Multiple deposits to account by
different people
• Multiple transactions on same day from different geographic locations• Many large deposits by ATM• Same home address for funds
transfers by different people• Structuring of transactions• Variations in spelling of names,
addresses• Withdrawing all or most funds in
short period
24
Money Laundering Methods and Vehicles
Financial Institutions, Intermediaries and Other Entities
• Correspondent Accounts• Private Banking• Securities Brokers• Insurance• Real Estate Agents• Precious Metal Dealers• Casinos• Gatekeepers: Lawyers, Accountants, Auditors, Notaries,
Others
25
Money Laundering Methods and Vehicles
Financial Vehicles and Value Transfer Systems
• International Trade Price Manipulation• Prepaid Cards• Mobile Money• Credit Facilities and Lending• Black Market Peso Exchange• Hawala
26
Money Laundering Methods and Vehicles
Structures to Conceal Beneficial Ownership
• Key concept for CFCS exam
• Goal of financial criminal is to control and use assets without being attached to them in identifiable way
• Understand a range of structures and how they can be used
Structures to Conceal Beneficial Ownership
Create layers between assets
and owner
TrustsThird party holds
assets on behalf of beneficiary
Shell CompanyNo physical
presence, no operations
Shelf Company
“Aged” version of shelf company,
provides legitimacy
Private Investment
Corporation or ”Offshore Company”
Nonprofits, charities and foundations
Fronts and Nominees
Bearer Bonds and Securities
28
Money Laundering and Beneficial Ownership
• Determining “ultimate beneficial ownership” is persistent issue in AML field
• Corporate registries are one key source
• Business data providers, open source intelligence can also be useful
• Increasing regulatory scrutiny, attention being focused on the issue
29
Money Laundering Trends and Technologies
• Money laundering risks in new technologies• Mobile payments• Digital currencies • Virtual worlds• Online banking and securities trading
• Money laundering schemes becoming more complex
• Facilitated by many institutions and intermediaries, including “gatekeepers”
30
Key Lessons
• Understand when money laundering takes place in a series of transactions
• Unraveling complex corporate structures, determining beneficial ownership is key to due diligence, investigations
• AML compliance relies heavily on customer profile, risk assessment, expected transactions and activity
• “Three stages” are useful way to frame, analyze suspicious activity
31
Practice Question
A compliance officer at a major insurance company has recently noticed a pattern of potentially suspicious transactions from a long-time customer. The customer is employed in a consulting position that requires her to travel internationally on an unpredictable schedule and she often resides overseas for extended periods.
The customer has several properties insured with the company for large amounts. In the past three years, she has overpaid her premiums numerous times and then requested a refund be issued.
Concerned that the customer may be laundering funds through the overpayment of premiums, the officer is investigating the transactions.
Which fact would BEST indicate money laundering may be taking place?
32
Practice Question
A. The customer often requests that refunds be made by wire transfer to banks outside of the country.
B. The customer makes the overpayments at different times of the year and in varying amounts.
C. The customer has recently taken out a sizeable new insurance policy on a commercial property with your company.
D. The customer has requested that refunds on excess premiums be made to an offshore corporation
33
Review Question
You are an AML officer at a local bank, which holds accounts for a variety of businesses in your region. Most businesses are tied to the tourism and hospitality industry, as the region is a major vacation destination during the summer months. Many accountholders are small businesses that deal primarily in cash.
You are investigating an alert produced by your transaction monitoring system on an account held by a local, family-owned restaurant located near one of the largest tourist resorts in the area. After reviewing KYC information on the account, you determine the family lives in a neighboring country.
Upon reviewing the account’s activity, you learn the following information. Which fact best supports the possibility that the restaurant account may be used for money laundering?
34
Practice Question
A. The restaurant makes large cash deposits into its account biweekly from June until early September.
B. The account shows a pattern of funds transfers each month to an account held at a bank in a neighboring country.
C. The restaurant’s account shows consistent deposit activity throughout the calendar year.
D. The restaurant’s cash deposits were made through a combination of counter and ATM deposits.
35
Review Question
You are investigating a Vietnamese clothing manufacturer that is allegedly laundering money for a human trafficking organization. Deposits to the manufacturer’s bank account totaled $4.5 million (USD) for the year 2012. All deposits originated from a single source, a shipping corporation in Panama that makes payments through a bank account in Riga, Latvia. Payments are received through wire transfers. They are always in varying amounts of dollars and cents and the SWIFT messaging always states that the payments are for a line of men’s suits. Which is LEAST likely to be a red flag for money laundering?
36
Review Question
A. The shipping company is located in Panama, but payments originate from a Latvian bank in Riga.
B. The payments are in varying amounts and their purpose is always the same in the SWIFT messaging.
C. Payments to the manufacturer are only received from a single customer in another industry.
D. The owner of the business who is the sole signatory of the bank account resides in another country.
Compliance Programs
CFCS Examination Preparation SeriesAugust 18, 2014
• Processes and controls to comply with laws, regulations, other requirements
• Regulatory structure becoming more complex, global
• Convergence moving toward unified “financial crimes risk management”
Overview of Compliance
Programs Within Compliance
• Governance– Analytics– Investigations– Intelligence– Customer Due Diligence– Compliance Audit/Quality Control
Governance
• Enterprise Risk Assessment• Gap Analyses• Creating/Reviewing/Delivering Training• Liaison to Regulators/Examiners and Internal
Audit• Liaison to External Consultants and Auditors
Investigations & Intelligence
• Investigations– Investigate unusual activity– Report on unusual activity• Investigate possible terrorist financing
• Intelligence– Analyze country risk– Analyze enterprise-wide financial crimes risk• Support foreign correspondent banking business
Analytics
• Tools for transaction monitoring• Analytics for enterprise-wide risk assessment• Analytics for customer risk rating• Tools for sanctions monitoring
Customer Onboarding/KYC
• Customer Due Diligence - “Know Your Customer”
• Customer Identification Program• Customer Monitoring/Periodic Review• Enhanced Due Diligence (High Risk)
• Size, structure, complexity and risks of organization are basis of compliance program
• Compliance program should include policies, procedures and controls
• Controls can be broadly divided into “preventive” and “detective”
Organizational Overview of Financial Crime Program
• Preventive controls include: • CIP and CDD programs• Appropriate training• Risk assessments, gap analysis• Providing line of business reporting, issue remediation• Senior management and board reporting• Liaison with audit, coordination of examinations
Organizational Overview of Financial Crime Program
• Detective controls include:
• Identifying suspicious activity through employee referrals or automated transaction monitoring, customer surveillance• Investigating identified unusual activities • Activity monitoring, predictive analytics• Monitoring employees, third parties• Screening, blocking, rejecting transactions and customers• Reporting • Exiting customer relationships • Compliance testing
Organizational overview of financial crime controls
Risk Assessment• Assessing risks allows understanding of vulnerability,
better resource allocation
• Company-wide assessment should consider
• Types of distribution channels used by business unit• Complexity of unit’s business model• Degree of change in business• Size and type of growth in the business
Risk Assessment
Key elements include• Methodology to quantify level of risk
• Methodology to quantify adequacy of controls
• Assessment of risk of each line of business
• Enterprise-wide assessment to identify systemic risk not apparent in a line of business
Sanctions Compliance• Laws or regulations of certain nations prohibit
conducting transactions or trade with certain national governments, entities and persons
• Sanctions are imposed by variety of enforcement agencies, international bodies• US Office of Foreign Assets Control• UN Security Council – “Consolidated List”• European Union• Other international bodies
Sanctions Compliance• Some sanctions compliance best practices include:
• Policies, procedures and processes to ensure full compliance with all sanctions prohibitions
• Awareness of different sanctions lists or orders organization is subject to
• Sanctions compliance risk assessment
Sanctions Compliance
• Leveraging screening, transaction monitoring to detect and prevent payments in violation of sanctions
• Training programs to all affected employees
• Testing and ongoing updating of lists, policies and procedures – sanctions regimes change constantly
Sanctions Compliance• Sanctions regimes related to accounts and financial
transactions vary based on jurisdiction, but most include provisions requiring institution to:• Freeze accounts and assets for individuals or entities
that match entry on sanctions list• Block transactions to/from sanctioned persons• Submit reports to authority responsible for
supervising sanctions regime• Do not notify sanctioned person
53
AML Cycle
Organizational Risk Assessment
Identify and rate risks across the organization
and within lines of business
Customer Identification
Program Collect and verify information on a
customer to confirm their identity and
nature of relationship
Customer Profile and Risk Assessment
Establish expected activity and
transactions; create an initial customer risk
rating
Automated Transaction MonitoringEstablish alert
thresholds, rules and scenarios based on
customer profile and risk assessment
Customer ScreeningScreen customer against
sanctions and watch lists; establish criteria
for ongoing screening of transactions
Investigation of Alerts and Incidents
Review any alerts generated on customer,
file SARs or modify customer relationship if
necessary
Update and AuditCollect sampling on
alert and transaction data, reassess customer
risk, renew KYC information
High-Risk Customers
• Risk depends on product, geographic region. Examples:• Politically Exposed Persons (PEPs) and their associates• Casinos, securities brokers, dealers in precious metals, stones• Domestic, offshore shell companies• Casas de cambio, currency exchanges, money transmitters• Private investment companies (PIC) • International companies• Deposit brokers• Cash-intensive businesses• Foreign, domestic NGOS, charities• Gatekeepers - attorneys, accountants, etc.
High-Risk Products
• Examples:• Prepaid, payroll cards• “Payable upon proper identification” (PUPID)
transactions• Money remittances• Online banking• Private banking• Trust and asset management services• Monetary instruments
High-Risk Products• Other examples :• Foreign correspondent accounts: bulk currency shipments,
pouch activity, and payable through accounts (PTA) • Trade finance • Services to third party payment processors or senders• Foreign exchange• Special use or concentration accounts • Loans secured by cash collateral and marketable securities • Non-deposit account services, such as non-deposit
investment products and insurance
High-Risk Jurisdictions, Geographic Areas
• Understanding specific money laundering, terrorist financing, corruption, fraud risks of jurisdictions is essential for compliance
• Organization should establish methodology that may include
• Sanctions, terrorist financing lists – OFAC, EU, UN• Jurisdiction's overall reputation – Corruption Perceptions
Index, reports by state departments• Jurisdiction’s adoption of FATF, other international
standards• Regional risk inside a particular jurisdiction
Customer Onboarding and Monitoring
Account opening procedures
Best practices include: • Gathering, verifying, authenticating customer ID materials
through paper documents, electronic verification• Clarifying services customer requests• Screening against sanctions lists, watch lists, PEP lists• Documenting normal, expected activity, including occupation
and business • Documenting relationship with institution or organization,
including all lines of business, subsidiaries
Customer Identification Program (CIP)
• Usually required by jurisdiction’s laws, regulators
• ID information must be collected at account opening, verified within reasonable time after opening
• Verify identity prior to large currency transactions, purchasing certain financial instruments, or ordering wire transfers
• May require identification of beneficial owners in some jurisdictions, particularly legal entities
Enhanced Due Diligence
• For high-risk services, customers, jurisdictions
• Examples include: • Identifying and verifying beneficial owners • Additional investigation of source of funds• Verification of customer, business information through
third-party sources • Augmented transaction monitoring• Thresholds on transactions• Senior management approval of customer relationships,
certain transactions
Employee Onboarding and Monitoring
Best practices for effective “know your employee,” onboarding:
• Assessment begins during interview process• Background screening, especially for criminal history• References and employment history
• Gathering and verifying employee identification materials • Screening employee against sanctions, watch, PEP lists
Employee Onboarding and Monitoring
Best practices for effective “know your employee,” onboarding:
• Providing new employees with organization's written ethics policy, code of conduct
• Appropriate training for position, including regulations and web-based or classroom training with appropriate scenarios
• “Hotline“ for anonymous reporting, direct reporting to compliance that does not go through business lines
Employee Onboarding and Monitoring
Best practices for ongoing employee monitoring:
• Regularly scheduled background screening• Automated exception reports, review of log files• Regular reviews and updates on the company’s ethics
policies and ethical compliance culture• Regular communication reinforcing standards• Ongoing employee training • Selective review of email, electronic communications
for high-risk employees
Transaction Monitoring
• Automated system, either proprietary application or vendor-provided, for ongoing transaction, customer and entity data
• Detection typically accomplished through implementation of financial crime scenarios in two broad categories:
• Rules-based scenarios - identify patterns of behavior related to known financial crime typologies or red flags• Statistical profiling scenarios - identify unusual activity by
modeling typical or expected activity profiles for a specific customer or type of customer and identifying outliers
Transaction Monitoring
• More advanced systems incorporate hybrid of rules-based, statistical approaches
• Transaction monitoring can also incorporate third-party data sources
• As transaction and data volumes grow, analytics becoming increasingly important
• Automatic monitoring no substitute for experienced human supervision, direction
Transaction Monitoring
• False positive – Transaction or behavior that is not suspicious incorrectly flagged as suspicious by monitoring system
• False negative – Transaction or behavior that is actually suspicious or indicative of financial crime that is NOT flagged by transaction monitoring system
• Goal of auditing or “tuning” monitoring system should be to reduce both, but false negatives are priority
Key Lessons
• Customer due diligence, profiling and risk assessment are vital to effective compliance programs
• Essential to establish expected customer behavior, transactions to detect suspicious activity
• Transaction monitoring systems are key compliance control – understand basics of how they work
• Understand factors that should be included in risk assessments, key parts of the methodology
• Compliance programs are cyclical and ongoing – each step feeds into the next
Practice Question
• A small regional bank recently started using a new transaction monitoring tool that utilizes custom scenarios to identify activity defined by the Financial Crimes Compliance team. There are five scenarios that are live in production. The Analytics team in Financial Crime Compliance Unit researched scenarios and is ready to recommend possible changes to the scenarios to management. Which scenario(s) should the Analytics team recommend making changes to first?
Practice Question
A. Scenario A that generated 100 alerts in the past 3 months and 50% of those were deemed suspicious and suspicious transaction reports were filed.
B. Scenario B that generated 180 alerts with a 95% false positive rate.
C. Scenario C that generated no alerts and there appears to be a problem with the data mapping.
D. Scenarios D and E that were put into production in the last 30 days to address a matter requiring attention from a regulator.
Practice Question
Answer A is incorrect and appears to be a well performing scenario. It is generating alerts and the percentage deemed suspicious is reasonable.
Answer B is incorrect because while false positive rate is far too high, it is generating alerts and some are deemed suspicious. The false positive rate is an issue that must be addressed, but this scenario is not the one that needs to be addressed first. There will often be scenarios on the live exam that require picking the best answer. In this case, this is not the best answer.
Practice Question
Answer C is correct as it is clearly a broken scenario since no alert was generated. That there appears to be a problem with the data mapping reinforces the conclusion that this scenario must be addressed first.
Answer D is incorrect as there is no evidence the scenarios are not performing as expected.
Practice Question
A financial services company in the European Union (EU) discovers that one of its customers is a confirmed match to a name on a designated entity list from a European Commission sanctions regime. Which step should the financial services company take?
Practice Question
A. Place a block on account transactions and notify the customer to satisfy the EU's Personal Privacy Protection Regulations.
B. Immediately freeze all accounts of the matching customer.
C. Freeze the accounts of the matching customer and any of their associates.
D. Immediately block any outgoing transfers from the matching customer accounts and notify the EU Committee on Sanctions
Practice Question
Answer A is incorrect, as under the EU and other sanctions regimes, sanctioned customers should not be notified in the event of a frozen account or blocked transaction.
Answer B is correct, as this is a required step to take for an account that match sanctions list entries under the EU sanctions regime
Answer C is incorrect. Only accounts that match individuals or entities on the sanctions list should be frozen. The institution should not extend the freeze to any affiliates unless they match entries on the sanctions list.
Answer D is incorrect as it is an incomplete response by the financial institution. The institution should freeze the account, not just block outgoing transactions. Also, the EU Committee on Sanctions does not exist.
Ethics
CFCS Examination Preparation SeriesAugust 18, 2014
76
Overview
• There is no one accepted international standard
• Ethical standards for different professions and organizations – compliance, regulation, enforcement, law, investigation, etc.
• Financial crime professionals confront numerous ethical risks
• “If you have to ask about it, it’s probably wrong.”
77
Duties to Client
• Financial crime specialist owes highest duty of honesty, transparency and professionalism to constituents, client, organization, colleagues
• Identifying who is your client in broad terms, acting in their best interests is key to ethical behavior
• Does not permit unethical or illegal behavior to further “best interests” of client
78
Conflicts of Interest
• Take variety of forms – personal interests, current and past clients, multiple clients
• Maintaining ethical standards relies on finding fair and equitable resolution to conflicts
• In most cases, one client’s interests should not be privileged over another
79
Conflicts of Interest
• Organizations should screen for conflicts of interest at the start of relationships:
• Assess services, activities, types of employees to identify areas where conflicts of interest may arise
• Implement written disclosure policies• Designate conflict of interest officer or committee• Create “conflicts of interest database”• Training programs for employees on conflicts of
interest and their ethical resolution
80
Conflicts of Interest • Conflicts should be recognized early in relationship
• If not, timely response is required, which can include:
• Promptly disclosing to past or present colleagues, clients or organizations the nature of a potential conflict of interest
• Asking these persons and organizations to waive conflicts of interest that may exist, if it is appropriate
• Creating an information wall or other safeguards to assure that persons who were involved with a prior matter will not see or have access to files from the new matter, and will not participate in the new matter
• Declining to accept the prospective matter or case
81
Data and Privacy Concerns
• Financial sector professionals often have access to sensitive financial, personal information
• Organizations need policies and procedures to ensure information of customers, clients, and other parties is managed ethically
• “Information barriers” to separate sensitive data and reduce potential for conflicts of interest
• Multi-tiered access systems to limit information to essential staff• Processes to end relationships and purge or delete information
82
Ethics Policies and Procedures
• Code of ethics
• Employee training, ethics policies
• Confidential reporting, escalation policies
• Commitment, communication from top leadership
83
Key Lessons
• Acting in client’s best interests guides ethical behavior
• Information barriers are essential safeguard at financial institutions, other organizations
• Conflicts of interest are common ethical dilemma; understand how they can arise and how to resolve them
84
Review QuestionYou are part of a committee helping to review your organization’s ethics policies and procedures. As part of the review, you have been asked to make recommendations.
What is one recommended policy you should include?
A. Senior management approval for all new customer relationshipsB. Suspension or dismissal of any employees with conflicts of
interest C. Reporting of ethical violations that is escalated through business
linesD. Monthly messages on ethical policies and issues from senior
management
Your Questions
Thank you for attending
Next Session is Wednesday, August 20, 12:30 PM ET
Recommended