AML Research Summary

fabian@andgo.co.jp

What is Anti-Money-Laundering (AML) and Countering the Financing of Terrorism (CFT)?

Set of regulations, procedures and laws to stop the practice of income through illegal activities.

Institutions issuing credit or allowing customers to open accounts need to check the customers’ backgrounds

Those laws target: Market manipulation, Trade of illegal goods, Corruption of public funds, Tax evasion

AML tasks:

Verify where large sums of money came from

Monitor suspicious activities

Report cash transactions over $10,000

First world-wide rules were created 1989 by the FATF (Financial Action Task Force)

Reasoning for AML rules

illegal money reduces the purchasing power of a country

therefore, more money needs to be printed because illegal money can’t be used in official markets

Money laundering investigations check financial transactions for inconsistencies and suspicious activities

Two governmental bodies are giving guidelines: FATF : 35 member countries and IMF: 189 member countries

FATF:

International Body of governments that sets standards for stopping money laundering

35 member countries: Japan, United States, China, Russia, Germany, France, United Kingdom, India, etc..

FATF promotes the measures to be taken but it is the responsibility of the countries to follow through

"In 2000, the FATF began using a name-and-shame system that publicly announced countries that failed to produce and enforce comprehensive AML laws and had minimal to zero participation in the international crusade against illegal moneymaking activities.” - Investopedia Quote

FATF examines countries on a regular basis on their AML laws and regulations: Japan Assessment October/November 2019

Possible plenary discussion June 2019

"To manage and mitigate the risks emerging from virtual assets, countries should ensure that virtual asset service providers are regulated for AML/CFT purposes, and licensed or registered and subject to effective systems for monitoring and ensuring compliance with the relevant measures called for in the FATF Recommendations."

Virtual Asset Service Provider needs to be regulated

Definition of Virtual Asset Service Provider (Recommendations 12, p. 125)

exchange between virtual assets and fiat currencies

exchange between one or more forms of virtual assets

transfer of virtual assets

safekeeping and/or administration of virtual assets or instruments enabling control over virtual assets

participation in and provision of financial services related to an issuer’s offer and/or sale of a virtual asset.

What happens if there is no AML?

Public shaming list of countries that don’t abide by the rules and show no convincing interest in changing their rules

That would result in worse trading relations between other countries

How to implement appropriate measures and what is important?

The following information is all extracted from their guideline.

Required points for KYC/AML

Customer Identification Program (Know-Your-Customer KYC)

program must include the information about which data will be collected from the customers to identify their identity

must include reasonable and practical risk-based procedures for verifying the identity of each customer

implement reasonable procedures to verify the identity of any person seeking to open an account, to the extent reasonable and practicable

maintain records of the information used to verify the person’s identity

determine whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency

Customer Due Diligence Requirements

develop customer risk profiles

update this information throughout the customer relationship, on a risk-based periodic and/or event-driven basis

Suspicious Activity Report (SAR)

rules-based:

flags transactions that are known money laundering red flags

known patterns of suspicious activity

profiling software:

combination of predictive profiles developed from a customer’s identification, CDD and EDD information, as well as historical transactions.

flag transactions that are out of profile by utilizing means, standard deviations and thresholds.

and artificial intelligence:

learn from previous investigations and various other sources to become more intelligent on deciding wether or not to flag a transaction

FATF recommendations

AML/CFT Policies and Coordination (Recommendations 1 and 2)

guidance on how to assess risks and apply a risk-based approach in developing an AML/CFT framework

Preventive Measures (Recommendations 9 and 23)

Risk assessments to identify vulnerabilities and appropriate controls to mitigate the risks associated with new customers

Risk-based due diligence due-diligence

Reporting of suspicious transactions to financial intelligence units (FIU), with measures to ensure confidentiality and to protect financial institutions from criminal and civil liability (i.e., Safe Harbor);

Recordkeeping to permit reconstruction of transaction(s)

Development of policies that outline the conditions under which a financial institution may rely upon a third party to perform due diligence on its behalf

Powers and Responsibilities of Competent Authorities and Other Institutional Measures (Recommendations 26-35)

Provides guidance on the development of an effective AML/CFT system

how to establish an FIU as the central agency to receive and analyze required reporting

To what percentage are cryptocurrencies used for money laundering?

analysis from 2016 on the 1.98 million reported Suspicious Activity Report (SARs)

https://gyazo.com/546629ffe59ffd7358a14a77170fb7b1

Cryptocurrencies only make up 3.2%

AML measures:

Freezing transactions and assets

Maintaining records and reporting high-risk transactions and suspicious activities

Self-disclosures of cross-border movement of high-risk products (e.g., currency, monetary instruments) and financial accounts held in foreign jurisdictions

Collection and verification of information of customers and beneficial owners

Sharing information with other financial institutions, regulatory authorities and law enforcement

"How can financial institutions develop risk-based compliance programs?"

Development of an AML/CFT strategy (e.g., discontinue or prohibit the provision of products and services of heightened ML/TF risks)

Allocation of resources (e.g., personnel, technology) to high-risk areas

Design and application of a Know Your Customer (KYC) program

Design and application of a suspicious activity monitoring program

Design and application of sanctions screening program

Development and provision of targeted training

"What types of customers pose a higher money laundering and terrorist financing risk?"

Business types and occupations

those that allow for the easy conversion of cash into other types of assets;

those that provide the opportunity to abuse authoritative powers and assist in disguising the illegal transfer of funds (PEPs)

those that lack transparency;

those that involve international transactions/customers;

and those that offer high-risk or high-value products.

Key elements of an effective AML Program for financial institutions as per the USA Patriot Act

Development of written internal policies, procedures and controls

Designation of an AML compliance officer

Ongoing AML employee-training program

Independent testing of the AML Program

Ongoing risk-based monitoring of customer activity and information with updates as necessary

What services exist to help complying AML/CFT rules and regulations ?

The regulations for AML/CFT compliance can be quite complex and need a well implemented system which is why there are several services helping in the compliance of AML/CFT.

Thomson Reuter’s World-Check database

provides an extensive database of Politically Exposed Persions (PEPs), known criminals, high-risk profile customers

Chainalysis

platform especially geared towards cryptocurrency projects

“Prevent, Detect and Investigate Cryptocurrency Money Laundering, Fraud and Compliance Violations"

Automate transaction monitoring and AML compliance

Investigate source and destination of suspicious transactions

Investigate illegal sale of customer data and ransom-ware attacks

Ciphertrace

similar platform to Chainalysis

traces past transactions and visualises it to understand easily

APWG eCrime Exchange (eCX)

Platform for sharing of knowledge in cybercrime space

Organizes panel discussions about security

funds research papers

Further articles specifically for crypto currencies:

Guidance for a Risk-Based Approach to Virtual Currencies (2015) by Financial Action Task Force (FATF)

https://gyazo.com/e0468ff7ba1cba6eec02a08489df5e4b

If there are any questions or if you find any mistakes, please contact me at:

fabian@andgo.co.jp