8 Ways to Protect Your Firm From Money Laundering
New money-laundering rules continue to appear at an alarming rate. According to HM Treasury, serious and organised crime is costing the UK a staggering £24 billion a year.
Crackdown on money laundering continues
The regulations aim to reduce this figure by making it firstly harder for criminals to use the financial system to launder their ill-gotten gains, and secondly enable the authorities to recover any proceeds of crime and so taking the financial incentive out of crime.
The private and public sector need to work together; otherwise, it simply will not work. Even though this is a goal to be applauded, it still means that regulated businesses have to comply with laws and regulations that continue to evolve at a pace that requires constant vigilance and flexibility.
The pressure to know everything about customers is becoming greater and greater, with the inevitable outcome that data sets that require monitoring are becoming so large, that firms are forced to rethink and re-engineer the way they mitigate and manage financial crime risk all the time.
New EU anti-money laundering (AML) directives continue to pile on the pressure on member states to continuously fine-tune their laws and regulations. After 4MLD we now have 5MLD with 6MLD following soon. However, the basic underlying building blocks remain the same.
Top tips to protect your firm from money laundering
- Make sure your AML programme reflects your business – Too many firms rely on external consultants to help put together an almost off-the-shelf AML policy and procedural framework, that doesn’t reflect a firm’s day to day business activities.
- Make sure the flow makes sense – Too often there is misalignment within a financial crime risk management framework. The risk assessment should drive the policy, the policy drives the procedures, the procedures need to reflect actual business as usual, and the subsequent controls should monitor that the entire process is aligned and working.
- Have a clear technology plan – With the data sets that require scrutiny becoming larger and larger, it is almost impossible to have an effective financial crime risk mitigation strategy without technology components, whether within client identification, client and transaction monitoring or managing the outputs from all these processes in one clear view. The regulators are clear that they expect a clear technology plan. Even if you choose not to use technology for certain activities, you need to be able to articulate why you believe a manual process is better.
- Understand your tools – When using third party PEP and sanctions list, make sure you understand where the data come from, and who how they are maintained. When using analytics to monitor behaviour, trends and transactions, make sure you can explain the underlying rationale for the algorithms deployed.
- Be sure to conduct risk-based due diligence- This includes for all customers, associates, consultants and third parties. The higher the risk, the higher the level of due diligence is required. Emerging regulations are requiring firms to provide more and more detail about what they do in this respect, and why they believe that what they do is appropriate. Over the coming 12–18 months there will be increasing clarity about what constitutes standard and enhanced due diligence, so firms need to review their current practices against new emerging regulations.
- Make sure your training is focused– Everyone in a firm should be able to explain how their firm and its products and services are most at risk from financial crime. In the same vain everyone should be clear on how to respond to unusual activity, in order to determine whether this unusual activity gives rise to concern or possibly suspicion.
- Regular reviews – Regulations require regular internal control reviews and reassessments. These should be hardcoded into your financial crime compliance programme with a frequency that reflects the risks your business is exposed to because of the types of client it deals with, the products and services it sells and the jurisdictions it operates within. They should be essential, non-moveable processes in your AML compliance program.
- Ensure the financial crime team is adequately resourced– The risk assessment and associated risk mitigants will drive the decision about required resources. In the absence of sufficient resources, a firm cannot revisit the risk assessment. A financial crime team needs adequately competent staff and an efficient toolkit to manage financial crime risk. Not having that is a big red flag to any regulator.
There is a lot of detail behind each of these statements. But if you feel confident that everything is appropriately covered and documented within your firm, you are on track to have an effective financial crime risk strategy.
Want to know more about Financial Crime?
As well as 30+ free compliance training aids, we regularly publish informative Financial Crime blogs. And, if you're looking for a risk management training solution, why not visit our Risk Management course library.
If you've any further questions or concerns about Financial Crime, just leave us a comment below this blog. We are happy to help!