AML Research Summary
#AML #CFT #KYC #research
Written by Fabian Wolffabian.icon, AndGo Intern
fabian@andgo.co.jp
What is Anti-Money-Laundering (AML) and Countering the Financing of Terrorism (CFT)?
Set of regulations, procedures and laws to stop the practice of income through illegal activities.
Institutions issuing credit or allowing customers to open accounts need to check the customers’ backgrounds
Those laws target: Market manipulation, Trade of illegal goods, Corruption of public funds, Tax evasion
AML tasks:
Verify where large sums of money came from
Monitor suspicious activities
Report cash transactions over $10,000
First world-wide rules were created 1989 by the FATF (Financial Action Task Force)
Reasoning for AML rules
illegal money reduces the purchasing power of a country
therefore, more money needs to be printed because illegal money can’t be used in official markets
Money laundering investigations check financial transactions for inconsistencies and suspicious activities
Two governmental bodies are giving guidelines: FATF : 35 member countries and IMF: 189 member countries
FATF:
International Body of governments that sets standards for stopping money laundering
35 member countries: Japan, United States, China, Russia, Germany, France, United Kingdom, India, etc..
FATF promotes the measures to be taken but it is the responsibility of the countries to follow through
"In 2000, the FATF began using a name-and-shame system that publicly announced countries that failed to produce and enforce comprehensive AML laws and had minimal to zero participation in the international crusade against illegal moneymaking activities.” - Investopedia Quote
FATF examines countries on a regular basis on their AML laws and regulations: Japan Assessment October/November 2019
Possible plenary discussion June 2019
2012 Recommendations
"To manage and mitigate the risks emerging from virtual assets, countries should ensure that virtual asset service providers are regulated for AML/CFT purposes, and licensed or registered and subject to effective systems for monitoring and ensuring compliance with the relevant measures called for in the FATF Recommendations."
Virtual Asset Service Provider needs to be regulated
Definition of Virtual Asset Service Provider (Recommendations 12, p. 125)
exchange between virtual assets and fiat currencies
exchange between one or more forms of virtual assets
transfer of virtual assets
safekeeping and/or administration of virtual assets or instruments enabling control over virtual assets
participation in and provision of financial services related to an issuer’s offer and/or sale of a virtual asset.
What happens if there is no AML?
Public shaming list of countries that don’t abide by the rules and show no convincing interest in changing their rules
That would result in worse trading relations between other countries
How to implement appropriate measures and what is important?
An extensive document is the Guide to U.S. Anti-Money Laundering Requirements written by Protiviti. Protiviti is a global consulting firm which created this guide in 2003 and has since been updating it frequently. It covers various topics of AML and KYC (Know Your Customer) rules and regulations.
The following information is all extracted from their guideline.
Required points for KYC/AML
Customer Identification Program (Know-Your-Customer KYC)
program must include the information about which data will be collected from the customers to identify their identity
must include reasonable and practical risk-based procedures for verifying the identity of each customer
implement reasonable procedures to verify the identity of any person seeking to open an account, to the extent reasonable and practicable
maintain records of the information used to verify the person’s identity
determine whether the person appears on any lists of known or suspected terrorists or terrorist organizations provided to the financial institution by any government agency
Customer Due Diligence Requirements
develop customer risk profiles
update this information throughout the customer relationship, on a risk-based periodic and/or event-driven basis
Suspicious Activity Report (SAR)
rules-based:
flags transactions that are known money laundering red flags
known patterns of suspicious activity
profiling software:
combination of predictive profiles developed from a customer’s identification, CDD and EDD information, as well as historical transactions.
flag transactions that are out of profile by utilizing means, standard deviations and thresholds.
and artificial intelligence:
learn from previous investigations and various other sources to become more intelligent on deciding wether or not to flag a transaction
FATF recommendations
AML/CFT Policies and Coordination (Recommendations 1 and 2)
guidance on how to assess risks and apply a risk-based approach in developing an AML/CFT framework
Preventive Measures (Recommendations 9 and 23)
Risk assessments to identify vulnerabilities and appropriate controls to mitigate the risks associated with new customers
Risk-based due diligence due-diligence
Reporting of suspicious transactions to financial intelligence units (FIU), with measures to ensure confidentiality and to protect financial institutions from criminal and civil liability (i.e., Safe Harbor);
Recordkeeping to permit reconstruction of transaction(s)
Development of policies that outline the conditions under which a financial institution may rely upon a third party to perform due diligence on its behalf
Powers and Responsibilities of Competent Authorities and Other Institutional Measures (Recommendations 26-35)
Provides guidance on the development of an effective AML/CFT system
how to establish an FIU as the central agency to receive and analyze required reporting
To what percentage are cryptocurrencies used for money laundering?
analysis from 2016 on the 1.98 million reported Suspicious Activity Report (SARs)
https://gyazo.com/546629ffe59ffd7358a14a77170fb7b1
Cryptocurrencies only make up 3.2%
AML measures:
Freezing transactions and assets
Maintaining records and reporting high-risk transactions and suspicious activities
Self-disclosures of cross-border movement of high-risk products (e.g., currency, monetary instruments) and financial accounts held in foreign jurisdictions
Collection and verification of information of customers and beneficial owners
Sharing information with other financial institutions, regulatory authorities and law enforcement
"How can financial institutions develop risk-based compliance programs?"
Development of an AML/CFT strategy (e.g., discontinue or prohibit the provision of products and services of heightened ML/TF risks)
Allocation of resources (e.g., personnel, technology) to high-risk areas
Design and application of a Know Your Customer (KYC) program
Design and application of a suspicious activity monitoring program
Design and application of sanctions screening program
Development and provision of targeted training
"What types of customers pose a higher money laundering and terrorist financing risk?"
Business types and occupations
those that allow for the easy conversion of cash into other types of assets;
those that provide the opportunity to abuse authoritative powers and assist in disguising the illegal transfer of funds (PEPs)
those that lack transparency;
those that involve international transactions/customers;
and those that offer high-risk or high-value products.
Key elements of an effective AML Program for financial institutions as per the USA Patriot Act
Development of written internal policies, procedures and controls
Designation of an AML compliance officer
Ongoing AML employee-training program
Independent testing of the AML Program
Ongoing risk-based monitoring of customer activity and information with updates as necessary
What services exist to help complying AML/CFT rules and regulations ?
The regulations for AML/CFT compliance can be quite complex and need a well implemented system which is why there are several services helping in the compliance of AML/CFT.
Thomson Reuter’s World-Check database
provides an extensive database of Politically Exposed Persions (PEPs), known criminals, high-risk profile customers
Chainalysis
platform especially geared towards cryptocurrency projects
“Prevent, Detect and Investigate Cryptocurrency Money Laundering, Fraud and Compliance Violations"
Automate transaction monitoring and AML compliance
Investigate source and destination of suspicious transactions
Investigate illegal sale of customer data and ransom-ware attacks
Ciphertrace
similar platform to Chainalysis
traces past transactions and visualises it to understand easily
APWG eCrime Exchange (eCX)
Platform for sharing of knowledge in cybercrime space
Organizes panel discussions about security
funds research papers
Further articles specifically for crypto currencies:
Guidance for a Risk-Based Approach to Virtual Currencies (2015) by Financial Action Task Force (FATF)
https://gyazo.com/e0468ff7ba1cba6eec02a08489df5e4b
If there are any questions or if you find any mistakes, please contact me at:
fabian@andgo.co.jp