Having attended the ACAMS International Conference in Las Vegas, I thought I would share some of my notes from different workshops and roundtables I attended.
Panel Discussion: Keeping Current with Regulatory and Oversight Trends to Ensure Your Institution Remains Compliant
(Jamal El-Hindi – FinCEN)
- Recently posted SAR confidentiality rules (not yet in effect)
- Working on foreign-based MSB rules
(Sheila Haney – FINRA)
- Continuing examinations as before. However, in last 12-18 months, many broker-dealers are now part of bank holding companies
- Foreign accounts are still an issue
- Internal examinations are often non-existent or insufficient
- Also continue to be issues with PEPs, 2nd owners on accounts, and internal training (including function specific)
- FINRA.org has a Broker Check function
(Debra Novak – FDIC)
- Currently, there are 5,001 banks they are responsible for, with about 4,000 of them with assets of less than $1B
- Mergers require viability study of surviving AML/BSA program/staff – should be ONE program and boss remaining – DON’T continue independently (other merger issues: systems compatibility, records retention/storage, internal training)
(Jonathan Polk – Federal Reserve of NY)
- Have not seen gaps develop as they feared when they knew firms would be cutting back – at least in their environment
(Indira Crum – OCC)
- Also concerned about BSA compliance in these tough times – they ARE starting to see slippage (ie, BSA officers given additional tasks that negatively impacts their BSA work, short falls/failures of independent reviews, alert backlogs)
In response to audience questions, the panel expressed the following:
- They expressed trepidation regarding the outsourcing of the BSA officer position. You can outsource the work, but you can’t outsource the responsibility. It will not work for broker-dealers as the officer must be an associate of the firm
- Regarding mortgage brokers, Mr El-Hindi said that the comment period recently closed and he is expecting a write-up soon
- Regarding the new FFIEC manual, there are updates on CTR exemptions and bulk cash smuggling
Roundtable: Effectively Determining the Beneficial Owners of Corporate Accounts
- It has been put back on US corporations that they are responsible for complying with OFAC. They then need to vet their signers, officers, employees, etc, making sure none of them are any sanctions list.
- Remember: “Who’s money is it really?” and “Who controls what happens to it now?”
- At the 1st level, get official records, ask representatives, develop an organizational chart of the companies (not of people, but entities and their interrelationships)
- If it is cost effective, put “feet on the ground”
- Is subsequent activity in line with information obtained at account opening? Does the activity show that the stated beneficial owner couldn’t possibly be the real owner?
- Regular articles of incorporation are just boilerplate. They don’t provide beneficial owners, etc. They don’t even prove that they were ever filed with the state.
- If activity is suspicious, is 314(b) available?
- Is the account / risk is large enough, there is nothing better than “feet on the ground”
Panel Discussion: Optimizing AML Controls Despite Cost Constraints
(Daniel Soto, CAMS – GMAC)
- Centralization vs Decentralization
- What is the culture?
- What are the skill sets within the organization?
- Financial Crimes Intelligence Units – comprised of AML, Fraud and IT Security
- “Do we have good backup plans?”
- “Are we working to build our staff, or are we just buying it?”
- “Am I teaching my team to be proactive rather than reactive?”
(Rainer Hoerning, CAMS – Credit Suisse)
- Optimizing AML Compliance Practices
- Harmonization and Standardization
- Management Information
- Reviews (onsite visits)
- Risk Assessment
- Management and Staff
- Tools and Vendors
- Stay flexible
- Don’t be afraid of change
Panel Discussion: Optimizing Compliance through the Integration of AML & Fraud Prevention
(Peter Hazelwood – DBS Group)
- Starting with a common place for input (hotline – phone or web-based) can be a safe step
- DBS has decreased staff by about 20% by combining all functions through their common detection platform (Actimize)
- Phase II – a single case management platform
- Staffing is based upon pre-defined metrics
- Most metrics show their system effectiveness ratio at 3-5%. The best known is about 10%. System effectiveness ratio is defined as:# of SARs / # of alerts generated(Katherine Sikora Nelson – Bank of New York)
- Foreign Corrupt Practices Act (FCPA) should also be integrated
- Are credit rankings and AML/Fraud rankings consistent? If not, why?
- Are products used / applied for consistent with the customer profile?
- Are you able to see the entire customer relationship within the entire organization? (Not necessarily the details, but at least the products)
Roundtable: Optimizing Your Money Laundering Controls to Detect Tax Evasion
- You SHOULD file a SAR on your MSB customer if the investigator sees suspicious activity by the customers of the MSB (otherwise, you risk being considered complicit of the MSB did not file)
- If the customer is also a loan product user, check to see if there is a tax return on file. This may give you a framework to decide what a reasonable level of living expenses are for the customer.
- The IRS has 81 SAR review teams. They will come out – at no cost – and review SARs with you. Put them on your training agenda. They may also be able to tell you what’s hot in your area.
- The IRS provides Facts, Figures and Closed Case (summaries) for the automotive sales industry, the construction industry, the health care industry, medical professions, real-estate/mortgage fraud investigations, and restaurant industry tax fraud. Go to:http://www.irs.gov/compliance/enforcement
Roundtable: Complying with the Unlawful Internet Gambling Enforcement Act (UIGEA)
(Joseph Kelly – Catania & Associates LLC)
- NIGC.gov – in their reading room, their opinion of the UIGEA
- Trade Organizations for Internet Gaming: E Cogra, I Gaming, Interactive Gaming Council, Remote Gaming Association
- GAO 2002 report on Money Laundering through Gaming Institutions
Roundtable: Conducting Effective Internal Audits and Independent Reviews
- What is the knowledge and skill set of your auditor?
- Your independent reviewer needs to understand the expectations of your regulator
- Must take risk-based approach (Product level, Departmental, Industry trends, Governance)
- Talk with common banks (region, size): “What are your regulators looking at?”
- Look at the regulator’s exam manual
- Are you aware of deficiencies found in other audits of others?
- Communication – Communication – Communication
Panel Discussion: Improving the Detection and Reporting of Suspicious Trade-Based Transactions
- Black Market Peso Exchange – responsible for moving about $5B per year in and out of the US
(Dan Wager – NY HIFCA)
- Red flag: Transactions / countries dealt with do not tend to match information obtained at account opening
- Major case: Konsojaya Trading Co; Kuala Lumpur, Malaysia; import / export; dealt in palm oil; only to Pakistan; considered pure terrorist financing
(Susan Galli, CAMS)
- Watch for consumer accounts that have business activity running though them
- Is the purported good actually produced or consumed in the other country?
- Does the quantity of goods equate to its container/tanker/etc?
- Would quantity of goods times weight make sense for the container?
- Your policy should have an escalation provision in it. How do you elevate the issues you are concerned with?
Roundtable: Re-Designing Your AML Program after a Merger or Acquisition
- Pre-deal due diligence
- Section 327 of the PATRIOT ACT
- Read Board minutes
Panel Discussion: Keeping Current on the Latest Criminal Schemes
(Dan Wager – NY HIFCA; Meryl Lutsky – NYS AG)
- Some smaller bill pay arrangements are being corrupted and transformed into money transmitters. Tip: deposits in established region / withdrawals in distant regions
- If the bank is receiving a social engineering call, try to capture the phone number and report it on the SAR. Law enforcement can link organized criminal activity through phone numbers
- Similarly, with Internet / computer access, capture the IP address and report it on the SAR
- In these cases, even small losses can be very important
- Subpoenas can be used as a tip from law enforcement that a SAR was important
- You are going to start seeing Bank Officer prosecutions
- Be aware of the consistent high performer – be it a person or a branch
- Common phone numbers are incredibly important
- With J & F visas (temporary), persons with these visas need to have their accounts watched. Are the accounts being taken over? Are the accounts staying open far beyond the visa window?
- Mortgage Fraud is now morphing into Mortgage Modification Fraud
- Make sure you check previous loan docs on a modification. Do you see a similar pattern? Did the first pass just reach the “seasoned point?”