21 Dec 2018
As the year comes to a close and the holiday season gets into full swing, anti-money laundering (AML) professionals may well be left dumbstruck, very worried or somewhat giddy after a year that has thrown up some striking developments in enforcement and regulation, a stunning AML catch (drumroll please!) and some appalling AML incidents.
In this opinion piece, written by a self-identifying AML bore, I will attempt to highlight a number of occurrences during 2018 that marked the compliance landscape and which I believe may have an impact on how AML develops in 2019.
For the British Government, 2018 has been something of a mixed year for fighting financial crime
- Comparatively new legislation was been put to good use. Unexplained wealth orders stole the show with headline news of the wife of a former central banker having assets seized and the £16 million she spent at Harrods. Also key was the measures’ first arrest of a PEP, his wife and an £8 million property portfolio revealed.
- The UK received a ‘very good review’ from the Financial Action Task Force (FATF) in regards to the system of AML regulation. But … not everyone was impressed, it seems.
- The government announced a ‘crackdown’ on Scottish limited partnerships (LPs), admitting that they were being used as vehicles to launder dirty cash. In one scheme, over 100 SLPs were used to shift up to $80 billion out of Russia, the government said. Under the proposals, new LPs will need to be registered through a company formation agent and Companies House will be required to strike off dissolved LPs.
- Bank regulators the Financial Conduct Authority and the Prudential Regulation Authority announced the first scalp – well, first case really – of their new senior managers regime, saying they had penalised Barclays boss Jes Staley about £640,000 for trying to unmask a whistleblower. The move drew widespread criticism, with many saying the regulators had actually been lenient on Staley, bearing in mind the seriousness of the misconduct. But that wasn’t to be the end though, as Barclays was later dealt a sobbering blow by the Americans, who hit it with a $15 million fine.
But then … “The most terrifying words in the English language are: I’m from the government and I’m here to help,” – Ronald Reagan
- The Golden Visa fiasco. The admission earlier this year that Her Majesty’s Governments, of all stripes, had been issuing “golden visas” with insufficient (no?) AML due diligence. Apparently, they thought the banks had been doing it (and vice versa). So, on 6 December 2018, the Home Office announced the suspension of the Tier 1 scheme, linking the decision to money laundering concerns. Only for the announcement to be “clarified” in less than week, to say the scheme would not be suspended but due diligence would be significantly improved. By the way, have you reviewed your clients who benefitted from this scheme?
- Allegations that the NCA dropped an investigation into Russian money laundering activity in the UK at the request of the Foreign Office. This seems to confirm anti-corruption campaigner Bill Browder’s observation that UK law enforcement is “aggressively inadequate” on money laundering.
- Credit to the House of Commons, the Moscow’s Gold report highlighting the failure of the FCA to stop an initial public offering (IPO) that lead to the circumnavigation of sanctions on a named Russian bank. Yes FCA, in my view, your AML activity needs to be toughened up sharpish.
- The Salisbury nerve agent attack highlighted the enormous holes in the UK’s anti-terrorist capabilities. Namely that that the Nuclear, Biological and Chemical regiment was disbanded after the 2011 defence review which classified it as a “relic of the cold war”.
The Banks. Oh dear, the banks in 2018!
To name but a few, Deutsche appears to be struggling with managing its DPA, Socgen $1.3 billion for sanctions violations (2004-2010), ING $900 million for failing to spot money laundering, Nordea and Handelsbanken for lax AML controls. And then trouble-hit Pilatus Bank had its European banking licence withdrawn over facilitating corrupt payments.
Rabobank’s $368 million fine and the role of an EX-OCC Chief Compliance Officer highlighted the unaddressed issue of gamekeepers turning poachers. Does the prospect of future highly paid employment prevent regulators from being sufficiently tough on their firms?
The problem here is I could go on listing a dozen or so other banks for AML failures that were highlighted in 2018.
And that’s the issue.
To an independent outsider, these failures at these many banks would appear to be prime facia of a lax approach to AML.
Which brings us to the spectacular AML failures and hot money of just about everything at Danske Bank. Systems, controls, people and (my bugbear) the Board, completely failed to effectively manage the AML risks of €200 billion of money flooding through its books.
It is a stunning example of “never mind the risks, feel the profit”. The impact on the EU regulators has already been felt but the social harm and the tracing of the money may take years to resolve. Some AML professionals will be very busy with the consequences of this failure in 2019 and beyond.
On top of this, retail customers are most likely to encounter AML in its most irritating form, i.e. through poorly executed CDD remediation programmes or derisking exercises.
Which, when linked to the 2008 crash and the public perception perception that the financial institutions “got away with it,” will continue to eat away at all bank’s reputations.
Thus 2019 may well see product sales coming under pressure and speeding up defections to the best of the FinTech competitors.
An honourable mention
One bank, however, did actually produce an excellent AML result (that became public) which more institutions should be aspiring too.
I’m talking, of course, of HSBC’s $500 million Angola fraud catch. It demonstrated that the AML system, as designed in the UK can work and work spectacularly well.
Other key issues: More rules, anyone?
There were also other important developments on the regulatory front for which 2018 will be remembered, especially by compliance officers struggling to keep up with realms of regulations, and tasked with keeping up with even more. Key rules include the much-awaited arrival of the General Data Protection Rules(GDPR) and the EU’s adoption of the Fifth Anti-Money Laundering Directive, dubbed EU 5AMLD .
Also to be remembered was the moment when British lawmakers agreed to order the UK’s Overseas Territories to implement public registers of beneficial ownership, a long-awaited move that delighted some but got the Cayman Islands really hot under the collar.
Ok, how about 2019?
I was in a dealing room in 2001 when I saw the attacks on the World Trade Towers in New York. 2,996 people died.
Overnight AML and counter terrorist funding (CTF) became major Board issues. But by 2018 it seems that some Boards have completely taken their eye off the ball.
So, for the record, my view is that Danske’s failings appear to be so serious the whole Board should go.
Going forward into 2019, the Board’s of banks must be policed much more effectively.
I believe that this number of AML failings that we have seen in 2018 shows that effective AML systems implementation still has a long, long way to go.
The failure of both regulators and banks to get a consistent grip on AML means that we will see more of the same in 2019.
I fear that governments globally will fall into the trap of believing that more regulation and laws will address the problem whilst failing to police for effect.
Regulators will continue the new trend of examining individuals with compliance responsibility and steadfastly refuse to hold Bank Board’s to account.
Banks’ will turn to AI to try and reduce the burgeoning cost of compliance without fully comprehensive or accurate CDD for all their clients and with only a hazy picture of how organised crime and terrorist financiers work.
Sharing data could be a great advance, that’s if the data is correct, and if its implemented correctly.
If the subjects of the data know what it is, and how to, then they can simply correct any errors that may have crept into the system. That’s if they know how it will be used.
If I labelled this ‘Facebook risk.’ would you understand what sort of risk firm’s might be running?
So on that note, may I wish you all a Merry Christmas and a Happy New Year!
With best wishes for your 2019 and the hope that it does not turn out like the Chinese curse where you “live in interesting times!”
About the author: Based in the UK, Mark R Outhwaite is a consultant specialising in risk based anti-money laundering / regulation, banking and financial services corporate governance. Mark also delivers high impact Financial Crime Risk training internationally. You can find more about him on LinkedIn or email him email@example.com .
Advance your CPD minutes for reading this article, by signing up and using the CPD WalletFREE CPD Wallet