Novo Documento do Microsoft Office Word.docx

Full Transcript

In 2014, the Financial Crimes Enforcement Network (FinCEN) of the US
Department of the Treasury and the US financial intelligence unit (FIU)
issued an advisory to financial organizations, reminding them to
maintain a strong culture of compliance and specifying that the entire
staff is responsible for AML/CFT compliance. This advisory was followed
in 2015 by a memorandum on "Individual Accountability for Corporate
Wrongdoing" from the US Department of Justice's Deputy Attorney General,
Sally Quillian Yates. The Yates Memo, as it is often referred to,
reminds prosecutors that criminal and civil investigations into
corporate misconduct should also focus on individuals who perpetrated
the wrongdoing. Further, it notes that the resolution of a corporate
case does not provide protection to individuals from criminal or civil
liability.

In the United Kingdom, the Financial Conduct Authority (FCA) published
final rules for the Senior Managers and Certification Regime (SM&CR),
which are designed to improve individual accountability within the
banking sector.

In relation to financial crime, the SM&CR requires a financial
organization to give explicit responsibility to a senior manager, such
as an executive-level money laundering reporting officer (MLRO), for
ensuring that its efforts to combat financial crime are effectively
designed and implemented. The senior manager is personally accountable
for any misconduct within the organization's AML/CFT regime.

The New York State Department of Financial Services (DFS) issued a Final
Rule requiring regulated organizations to maintain "transaction
monitoring and filtering programs" reasonably designed to monitor
transactions after their execution for compliance with the Bank Secrecy
Act (BSA) and AML laws and regulations, including suspicious activity
reporting requirements, and prevent unlawful transactions with targets
of economic sanctions administered by OFAC. This Final Rule, which went
into effect on January 1, 2017, includes very specific requirements
concerning the implementation of transaction monitoring systems,
including:

Risk-Based Models: Models should be risk-based and commensurate with
the organization's own risk assessment and profile.

Model Performance Calibration: Organizations must perform ongoing
analysis and testing of the AML/CFT models to assess the scenario logic,
performance, model technology, assumptions, and model parameter
settings.

End-to-End, Pre- and Post-Model Implementation Testing: End-to-end
testing is required to ensure rules are validated and data are complete
and accurate. This Final Rule also requires regulated

Individual professionals are increasingly being held accountable for
sector specific crimes, through prosecution (accusing and bringing to
trial) of linked financial crime offenses such as fraud. They may also
be held accountable for their organizations' AML/CFT failures. When
prosecuted, individuals have been imprisoned, fined, suspended, or
debarred from professional activities in regulated sectors.

Compliance professionals must recognize the risks and specific
accountability that they personally face in their work environments.
They should ensure that they are fully up-to-date with legislative and
regulatory requirements specific to their role and sector. If they have
any concerns regarding integrity or behavior within their firm or
business, they should escalate issues through the appropriate formal
reporting or whistleblowing channels and document the fact.

Methods of Money Laundering

Illicit money can move through numerous commercial channels, including
products such as checking, savings, and brokerage accounts; loans; wires
(Electronic transmission of funds among financial institutions on behalf
of themselves or their customers. Wire transfers are financial vehicles
covered by the regulatory requirements of many countries in the
anti-money laundering effort) and transfers (paypal); and financial
intermediaries, such as trusts and company service providers, securities
dealers, banks, and money services businesses.

FATF and FATF-style regional bodies (FSRBs) publish periodic typology
reports to monitor changes and better understand the underlying
mechanisms of money laundering and terrorist financing. The objective of
these reports is to provide information on the key methods and trends in
these areas and to ensure that the FATF 40 Recommendations remain
effective and relevant.

1. Money Laundering methods in Banks

Electronic transfer of funds

An electronic transfer of funds is any transfer of funds that is
initiated by electronic means, such as internet-based transfers, an
automated clearing house (ACH), an automated teller machine (ATM),
mobile telephones, and other devices. Electronic funds transfers can
happen within a country and across borders.

Systems such as the US Federal Reserve wire network, or Fedwire, the
Society for Worldwide Interbank Financial Telecommunication (SWIFT), and
the Clearing House Interbank Payments System (CHIPS) move millions of
wires and transfer messages daily. As such, illicit fund transfers can
be easily hidden among the millions of legitimate transfers that occur
each day. For example, money launderers might initiate unauthorized
domestic or international electronic transfers of funds---such as ACH
debits or cash advances on a stolen credit card---and place the funds
into an account established to receive the transfers. Another example is
stealing credit cards and using the funds to purchase merchandise that
can be resold to provide the criminal with cash.

To avoid detection at any stage, money launderers can take basic
precautions, such as varying the amounts sent, keeping the transfers
relatively small and under reporting thresholds, and, when possible,
using reputable organizations.

Transaction monitoring software providers have developed sophisticated
algorithms to help detect and trigger alerts that might indicate money
laundering or other suspicious activity using electronic transfers of
funds.

Following are some indicators of money laundering using electronic
transfers of funds:

Funds transfers occur to or from a financial secrecy haven or
high-risk geographic location without an apparent business reason or
when the activity is inconsistent with the customer's business or
history.

Large incoming funds transfers are received on behalf of a foreign
client, with little or no explanation or apparent reason.

Checks and money orders are used to receive many small, incoming
transfers of funds or to make deposits. Upon credit to the account, all
or most of the transfers or deposits are wired to another account in a
different geographic location in a manner inconsistent with the
customer's business or history.

Funds activity is unexplained, repetitive, or reveals unusual
patterns.

Payments or receipts are received that have no apparent link to
legitimate contracts, goods, or services.

Funds transfers are sent or received from the same person to or from
different accounts.

Remote deposit capture (RDC) is a product offered by banks that allows
customers to scan a check and transmit an electronic image to the bank
for deposit. The convenience provided by RDC can be abused by money
launderers because they no longer need to go into the bank and risk
detection. Because RDC minimizes human intervention in reviewing cleared
items, it decreases the ability to identify potential fraud indicators,
such as an altered check and multiple deposits of the same item. Often,
the resulting fraud is not prevented but rather detected after it has
already occurred.

To mitigate risk:

Integrate RDC in monitoring systems and fraud prevention systems

Ensure items submitted through RDC are reviewed for sequentially
numbered checks and money orders without payees

Total volume of activity processed for an account via RDC is
incorporated into the overall transaction monitoring

Appropriate limits are placed on a customer's ability to deposit checks
via RDC.

Product is offered to customers' to whom it is appropriate

Action is taken quickly when fraud is detected

Correspondent banking is an arrangement whereby one bank acts as the
agent of another bank in a foreign country. A local, or respondent, bank
has customers who want banking services in a foreign country, so it
contracts with a foreign correspondent bank to provide those services.
By establishing multiple correspondent relationships, a local bank can
undertake international financial transactions for itself and its
customers in jurisdictions where it has no physical presence. Large
international banks often act as correspondents for thousands of other
banks. The indirect nature of correspondent banking relationships means
that the correspondent bank provides services for individuals and
entities for which it has neither verified the identities nor obtained
any firsthand knowledge.

Correspondent banking is vulnerable to financial crime, especially
because correspondent banks do not know the customers of the respondent
directly and rely on the respondent bank's internal controls. In
addition, less information is available to help the correspondent
recognize suspicious activity.

Some respondents are, themselves, correspondents to third banks, a
practice called **"nesting."** Nested accounts further shield
correspondent banks from knowing the parties involved.

Senior management support is essential for compliance officers to
effectively execute their duties.

Organizations that ignore red flags associated with a customer
relationship can suffer significant reputational, regulatory, and
financial consequences.

Nested accounts are high-risk because Correspondent banks should
include periodic reviews of their respondent bank's AML/CFT framework as
part of their larger AML/CFT framework. Correspondent banks need to
undertake risk assessments and ensure that their policies and procedures
regarding respondent bank relationships and their transactions are
adequate to mitigate against identified risks, especially in high-risk
relationships.

In some correspondent relationships, the respondent bank's customers are
permitted to conduct their own transactions---including sending wire
transfers, making and withdrawing deposits, and maintaining checking
accounts--- through the respondent bank's correspondent account without
first clearing the transactions through the respondent bank. Those
arrangements are called payable-through accounts (PTAs).

Elements of a PTA relationship that can threaten a correspondent bank's
AML/CFT defenses include the following:

PTAs with foreign institutions licensed in offshore financial service
centers with weak or under-developed bank supervision and licensing laws

PTA arrangements in which the correspondent bank regards the
respondent bank as its sole customer and fails to apply its customer due
diligence (CDD) policies and procedures to the customers of the
respondent bank

- PTA arrangements in which subaccount holders have currency deposit
and withdrawal privileges

PTAs used in conjunction with a subsidiary, representative, or other
office of the respondent bank, which might enable the respondent bank to
offer the same services as a branch without being subject to supervision

Risk mitigation:

PTA's are not prohibited

Only offer PTA's after developing and maintaining policies and
procedures designed to guard against the possible improper or illegal
use of PTA's facilities by foreign banks and their customers'

Identify the ultimate users, review the foreign banks procedures, review
local requirements of the foreign bank on transaction monitoring and
monitor together the account activities reporting suspicious or unusual
activity.

Concentration accounts are internal accounts established to facilitate
the processing and settlement of multiple or individual customer
transactions within the bank, usually on the same day. They do this by
aggregating funds from several locations into one centralized account
(i.e., the concentration account). Concentration accounts are also known
as special-use, omnibus, settlement, suspense, intraday, sweep, and
collection accounts. They are frequently used to facilitate transactions
for private banking, trust and custody accounts, funds transfers, and
international affiliates.

Money laundering risks can arise in concentration accounts when the
customer-identifying information, such as name, transaction amount, and
account number, is separated from the financial transaction. When
separation occurs, the audit trail is lost, and accounts can be misused
or administered improperly.

Banks that use concentration accounts should implement adequate
policies, procedures, and processes covering operation and recordkeeping
for these accounts, including:

Requiring dual signatures on general ledger tickets

Prohibiting direct customer access to concentration accounts

Capturing customer transactions in the customers' account statements

Prohibiting customers' knowledge of concentration accounts and their
ability to direct employees to conduct transactions through these
accounts

Retaining appropriate transaction and customer identification
information

Frequently reconciling accounts by an individual who is independent of
the transactions

Establishing a timely discrepancy-resolution process

Identifying and monitoring recurring customer names