Upload
tnguyenaci
View
1.443
Download
1
Embed Size (px)
DESCRIPTION
Citation preview
Streamlining Your AML, OFAC & FCPA Compliance ProgramsLeveraging Existing Resources to Increase
Efficiency and Reduce Costs While Ensuring Compliance
Brian C. Loutrel, Vice President, Chief Privacy Officer, New York Life Insurance Co.Cari N. Stinebower. Crowell & Moring, LLPNoreen M. Fierro. Vice President, Corporate Counsel, Prudential Financial
2
Agenda
Alphabet Soup AML, OFAC & FCPA- Offense of one could be
offense of all Leveraging the similarities/acknowledging the
differences The value (or not) of Benchmarking
When structural differences make all the difference When to consider “outsourcing”
Appropriateness of function Ability to actively oversee outsourced work “Internal” vs. “External” “outsourcing”
3
Agenda Leverage, Leverage, Leverage
How to rely on information from other departments to streamline your own processes
International Privacy laws- their impact on multi-nationals and how they influence outsourcing decisions
Specific FCPA Risks for insurers and reinsurers
4
Offense of One could be Offense of All
Basic controls may not be sufficient Benefits to sharing information/developing
complimentary processes Consider this:
Your company is attempting to expand its insurance business in Mexico
Many government approvals are required before a license to sell insurance is granted
Your company has hired a local law firm to assist in procuring the necessary approvals - an engagement letter is executed outlining the law firm’s fees
The Senior Vice President in charge of opening the Mexico operations approves a payment to the law firm that includes not only billable attorney time but some “miscellaneous” charges
Your company wires the fees to the identified bank account in the name of the law firm
5
Offense of one Could be offense of all
You find out after the fact that some of the “miscellaneous fees” included in the law firm’s invoice were to cover “payments” made to local government officials in an effort to procure the necessary licenses to sell insurance
You also determine that one of the local government officials receiving the payments is on the SDN for alleged ties to drug trafficking
PLACEMENT OF FUNDS
LAYERING OF FUNDS
INTEGRATION
Payment sent to Law Firm
Payment placed in Law Firm’s bank account
Funds distributed from Law firm’s bank account to government official for deposit or use elsewhere, integrating them into the financial system
6
MONEY LAUNDERING CONCERNS- Beyond PATRIOT Act applicability18 USC § 1956, et al
7
OFAC ISSUES- Money is sent to SDN
Could have/should have known?
FCPA ISSUES-
Bribe?Books and Records Violations?
Where were the controls?
8
Consider Overlapping Touchpoints-Leverage Existing Processes
Law Department Terms of law firm engagement
▪ Backup documentation for expenses
Lawyer review of invoice Identification of red flags
Internal Approval Processes Are managers being trained to ask the right questions before approving
invoices? More than monetary approval authority
Accounts Payable Necessary documentary backup Copy of law firm engagement or access to ask questions regarding
appropriateness of fees General AML/OFAC/FCPA Compliance program may not
have identified these issues Payment to law firm not likely to hit AML surveillance reports OFAC issue not transparent FCPA issue not immediately transparent
9
To Benchmark or Not?
Generalities can sometimes be misleading
Risk assess differences Resource differences Operational differences Jurisdictional Exposure differences Speak to people who are in charge of process Do not rely on information learned through
basic business channels When it really can be helpful
Learning from others experiences
10
When to Consider “Outsourcing”
Confirm executive support Critical for success of process and your
ability to insure appropriate oversight Consider current processes
Are there functions that naturally lend themselves to outsourcing?▪ OFAC screening▪ Initial CIP vetting
Internal vs. External- Does “outsourcing” have to automatically imply hiring an unrelated third party?
11
When to Consider “Outsourcing”
Build business case Conduct cost-benefit analysis Proper utilization of current resources
Outsourcing does not have to mean “downsizing”
Consider regulatory risk/expectations FINRA 3190 requirements
Value of Benchmarking- Leverage lessons learned from colleagues
12
Leverage, Leverage, Leverage Look for redundancies
Review processes ▪ Are there multiple touch points reviewing the same
data?▪ Could one touch point review the data for multiple purposes?
Sometimes less is more Insure consistency in approach Integrity of data/consistent view of issue or
vendor Maintaining active oversight
Third party vs. other internal departments or divisions
13
Effective Controls vs. Audits
Acknowledge the difference Purposes are usually very distinct Consider what those differences are and/or
look for overlap with general compliance controls
If overlap is identified, consider ways to redirect control or audit resources to enhance overall control/testing environment
Look to develop a complimentary overall program Context is key
14
Privacy-Navigating the ins and outs of different laws when attempting to streamline your compliance program Considerations when outsourcing
Location of data storage Cross-border sharing of information Local law implications/limitations
Security of Data Encryption Vendor commitment Inside/outside firewall solutions
15
Looking for Efficiencies- How to Get Started
Review the basic elements of each program Policy/Procedures
Risk Assessments Frequency/focus
▪ FCPA/OFAC/AML risk profiles while similar are not always equally weighted
Macro level and micro level▪ Business Unit process ▪ Hiring – employees, vendors▪ Use of third parties▪ Role of third parties▪ Payment/Approval processes
FOLLOW THE MONEY
16
Looking for Efficiencies- How to Get Started
Current Screening Processes(OFAC/PEP/Sanctioned Countries/Sanctioned Governments) What information is screened?
▪ Customer/Vendor/Accounts Payable Do you get enough information to adequately
screen?▪ Screening for those owned or controlled by the above
Compliance Testing Training
Avoid the siloed approach Audit Function/Periodic Review
17
Specific Risks for Insurers and Reinsurers
Foreign Agents: Must perform thorough background checks and examine qualifications; be cautious of an agent’s efforts to use front companies to make improper payments
Guarantees: An agent’s refusal to sign a contract confirming that no improper payments were or will be made should prompt close scrutiny
Middlemen: Be wary of any situation where multiple middlemen seem to be performing the same task
Government Relationships: Carefully examine agents who have held government positions or have an ongoing relationship with a government official. Employing an agent solely because of his/her connection to the government risks running afoul of the FCPA
Third Parties: The payment of an agent’s fees to a foreign bank account or to an entity other than the agent is a warning sign of possible FCPA problems
18
Specific Risks for Insurers and Reinsurers
High Risk Country: Take extra care in countries where the standard costs of doing business are perceived to include bribes, pay-offs, and “gifts” to officials
Business: Certain industries present historically higher risks of FCPA violations; note, however, that the DOJ and SEC have increasingly targeted a variety of industries
Commissions: Unreasonably high commissions increase the probability that money will be diverted to pay government officials
Cash Payments: One of the most obvious FCPA warning signs is the transfer of large amounts of cash
Bonuses, Reimbursements, and other Payments: Large bonus payments or reimbursements for unusually high entertainment, advertising, or other administrative expenses may be used as a device to mask illegal payments
19
Specific Risks for Insurers and Reinsurers
Payroll Fraud: The presence on a company’s payroll of persons who are relatives or associates of foreign government officials raises serious FCPA compliance concerns
Secrecy: Be wary of any situation in which a potential agent seems reluctant to fully explain the nature of the proposed activity or to provide clear answers to routine questions
Research: Publicly reported cases of bribery and public corruption should prompt careful review of the company’s operations in that country
Competitor Violations: If the company learns of competitor violations, it should conduct a careful investigation of its operations; in a difficult competitive environment, employees may learn of a competitor’s tactics and be tempted to follow suit