[author: JP Brennan]

The material in this interview was researched, compiled, and written by J.S. Held. It was originally published by Financier Worldwide in January 2024. The full interviw article can be viewed here.

Could you provide an insight into recent trends shaping financial crime in your country of focus? How great a risk does money laundering in particular now pose to companies?

One would likely never imagine compliance as being a sort after role but like everything else, times are changing. However, the culture of compliance isn’t simply changing because it is the latest fad to hit the job market, rather it is due to some extreme situations that continue to take its toll on the world.

While Russia and the Ukraine seem like a world away from the United States, we see the effects that this conflict is having on the everyday lives of those sitting within working in compliance departments. As such, we are seeing a concentrated effort by compliance teams to ensure that any potential touch points within Crimea are vetted and then vetted some more.

In addition to the geopolitical aspects of potential money laundering mentioned above, the type of fraud we are experiencing in the United States, are related to those activities involving investment scams, romance scams, phishing, and identity theft.

Companies need to not only mitigate the risks that they are directly facing but they also need to be aware of those indirect risks that their customers present. Advances in technology have made it easier for bad actors to generate seemingly legitimate documentation and information that compliance functions will need to continually address.

In your experience, what are the main types of money laundering methods that organisations are encountering? What are the typical sources of such risks?

As each company differs so do the types of risks they will face, ultimately opening each to different types of money laundering methods. Therefore, the type of business as well as the customers of the business will influence the risks that are faced by that company.

Many of the traditional forms of money laundering methodologies such as structuring, trade-based, real estate, shell companies, and digital laundering remain at the top, although they evolved ever so slightly in an attempt to stay out of law enforcement crosshairs.

Most money laundering risks that companies face are due to the business as well as the customers. Companies need to be honest and conduct risk assessments and be honest about the type of risk that their company might face. It is important that company management understands what risks are acceptable and more importantly how they can mitigate those risks. In many cases these risks are born outside of the company and presented through customers. Therefore, the importance and reliance is even more heavily weighted during the onboarding of customers and the performance of customer due diligence as aligned with the company risk profile.

What legal and regulatory initiatives are set to have a significant bearing on financial crime in your country of focus? How would you describe the nature and extent of the demands being placed on companies to help reduce money laundering?

2023 was a solid indication of what the Office of Foreign Asset Controls (OFAC) had on its agenda. It recorded a record $1.5 billion in penalties in 2023.

Where OFAC left off in 2022, we saw continued targeting toward Russia, as well as a focus on sanction evasion; with a fine of over $968 million to resolve civil liability stemming from apparent violations of multiple sanctions programs on a cryptocurrency exchange, and implementation of new countermeasures related to Iran circumventing US sanctions and expert controls. While Iran guidance is nothing new, these red flags that OFAC has identified are ones that OFAC expects all companies to recognize and address.

In a year where we have seen a large number of bank failures and consent orders, among other things, regulators are drawing what some would call a line in the sand with much of the guidance that has been released over the past two years. Regulators have stressed the importance of performing due diligence, understanding third-party risk, being accountable for their business, and proactively communicating with regulators.

In the wake of enforcement action, do companies need to proactively review and revise their anti-money laundering (AML) practices?

At a minimum, companies should be proactively reviewing their AML practices on an annual basis. This sort review can coincide with the recommended annual AML review and risk assessments.

Additionally, if there are other events that occur throughout the year that might trigger a review, there would not be a need to wait until the annual review and risk assessment process.

How important has technology become in the fight against financial crime? How are innovative AML solutions being used to enhance systems and processes?

As companies grow and evolve, some simply in size and others who have adopted technology and have become disruptive within their respective industries, the volume of transactions is becoming increasingly difficult for traditional compliance teams to handle effectively. For companies to keep up with customers, as well as the sheer volume of these customer’s transactions, they have to implement technology innovations in two key areas -- onboarding of customers, more commonly known as know your customer (KYC), and transaction monitoring. Traditionally, compliance teams would manually run potential new customers through various databases and sanctions lists, which sometimes will take time where customers will be unable to transact as well as opening up the company to potential human errors.

Today, there are numerous platforms that allow a customer to go through the KYC vetting process within minutes or even seconds. These technological efficiencies not only allow the customers to transact almost immediately, but it also takes out the element of human error in the simplest of cases.

In the transaction monitoring workflows, traditional workflows work typically monitor the transactions and transactions alone. Also, during this time, the number of transactions that we are talking about was exponentially smaller than what they have grown into today. By using technology, transaction monitoring can ingest and interpret information about a customer as well as apply these interpretations to the activity.

Once a company suspects or confirms it has fallen victim to money laundering, what initial action should it take?

If a company suspects or confirms that it became wrapped up in or fallen victim to a money laundering scheme, the initial action the company should take is to investigate the activity as well as ensure that they have accounted for all of the transactions that are involved.

The aim is to be 100% certain that it is in fact money laundering, and to have all of the relevant facts and circumstances for the other steps that are further down the line. Additionally, companies may want to ensure that the fraudulent activity isn’t more widespread that initially thought. That is why a thorough investigation is the first step. This initial step will prevent further financial and reputational harm.

What essential advice would you offer to companies looking to improve the way they manage financial crime risk? How much of a challenge is it to tailor new innovations to a company’s operational realities?

When companies are looking to improve the way they manage financial crime risk, the first step is to ensure that the right ‘tone at the top’ has been established and that it will support the improvement, both from a financial and a culture perspective.

Once management buy-in is secure, the next important step is to have honest conversations about the risks that the company faces and determine what its risk profile should look like. This will allow advisors to tailor the appropriate policies and procedures, as well as implement innovations to help mitigate the accepted risks. However, it is important for an adviser to ensure that innovations are simply implemented for the sake of being the latest technology. Any innovations should be ones that the company will be able to understand and utilize as well as be effective.