Money laundering is defined as the illegal process of making large amounts of money generated by a criminal activity — such as drug trafficking or terrorist funding — appear to have come from a legitimate source.
The United Nations Office on Drugs and Crime says that global money laundering transactions account for roughly $800bn to $2trn annually,
or some 2% to 5% of global GDP. The impacts on business and society are significant, from the destabilisation of legitimate commerce to the reduction of income for governments.
Cases in 2020 involved a wide range of money laundering breaches, including failure to meet compliance requirements to retain records and conduct customer due diligence checks on high-risk overseas correspondent banks; and failure to report suspicious transactions in a timely manner.
One primary focus in 2021 for regulated firms in the EU is planning for compliance in line with the EU’s 6th Anti-Money Laundering Directive (6AMLD), hard on the heels of 5AMLD. 6AMLD clarifies the definition of money laundering offences and establishes minimum rules on criminal liability for money laundering. 6AMLD uses the broad definition of money laundering from the 4AMLD, which states:
- the conversion or transfer of property, knowing that such property is derived from criminal activity or from an act of participation in such activity, for the purpose of concealing or disguising the illicit origin of the property or of assisting any person who is involved in the commission of such an activity to evade the legal consequences of that person’s action.
- the concealment or disguise of the true nature, source, location, disposition, movement, rights with respect to, or ownership of, property, knowing that such property is derived from criminal activity or from an act of participation in such an activity.
- the acquisition, possession or use of property, knowing, at the time of receipt, that such property was derived from criminal activity or from an act of participation in such an activity.
- participation in, association to commit, attempts to commit and aiding, abetting, facilitating and counselling the commission of any of the actions referred to in points 1), 2) and 3).
6AMLD more specifically defines 22 types of criminal activities that constitute predicate offences, or crimes that are considered components of money laundering. They are grouped under six key headings: tax crime (both direct and indirect taxes), human trafficking and migrant smuggling, murder and grievous bodily harm, environmental crime, cybercrime, and insider trading and market manipulation.
The directive also extends the criminal liability of money laundering offences to ‘legal persons’, or companies and incorporated partnerships and persons holding key positions within them. This places more responsibility on senior management of larger firms as well as any employees that are directly involved in committing money laundering offences.
Consequently, money laundering crimes are expected to be punishable by harsher penalties, including larger fines and stricter sanctions with a “maximum term of imprisonment of at least four years” for any moneylaundering offence.
KYC is the mandatory process of identifying and verifying the identity of a corporate client when opening an account, as well as on an ongoing basis. A key element of the openness and transparency agenda introduced after the 2008 financial crash, KYC regulation is overseen on a national basis and implemented in line with organisations’ own risk and governance frameworks.
Again, it is the responsibility of banks to make sure that their clients are genuinely who they claim to be, and they should refuse to open an account and end business relationships if prospective clients fail to meet minimum KYC requirements or are found to be providing false information. PwC outlines the five key steps of the KYC onboarding process as follows:
- Identification: collection of customer data, representation rules and ownership structure using confidential sources and the transparency register.
- Verification: comparison and verification of the identification documents submitted.
- Screening: checking the client for Politically Exposed Persons (PEPs), embargoes, sanctions and reputation risks for the bank.
- Risk rating: risk classification of the client and determination of the required due diligence by the bank.
- Onboarding decision: based on the information collected in previous steps.
KYC is not confined to onboarding, and should be refreshed on a regular basis under a process called KYC remediation and ongoing monitoring, defined
as the process of cleaning and updating corporate customer data to ensure compliance with the latest information and regulations.
Regulated firms that employ agile technology solutions to assist in money laundering prevention and detection stand the best chance at seamlessly adapting to regulatory change.
MAXIMISING THE BENEFITS OF TECHNOLOGY
Companies should ensure that risk management programs have access to legally authoritative and primary source data, along with comprehensive record-keeping and reporting processes to demonstrate compliance within the organisation and to regulators.
It has never been more critical for firms to maintain adequate systems to appropriately assess customer risk, especially during the onboarding stage and as part of ongoing due diligence. Obtaining comprehensive and accurate company registry data and ultimate beneficial ownership information have been challenging for many firms.