Category Archive

As noted in my last post on this area, working out who to deal with in some countries is very difficult. Trying to use the do not deal lists in any form of modern banking practice is very tricky and error prone at best.

A truly risk-based system, though, is going to need to apply differing weights to the differing circumstances of each deal.

Operating on the principle that no deal should be banned unless explicitly forbidden by legislation (a truly risk based system must deal on this basis) a possible, if very simple, way to organise this would be to assign differing risk weights to each deal, with the countries involved being allocated percentages.

As the risk percentage increases then higher and higher approval levels should be sought (and the regulators kept informed).

Under this system, dealing with a counterparty that the bank has been dealing with for decades, and the bank well understands the business and there have been no recent changes to cash flow may attract only a nominal risk weight - say 1%. Dealing with a new counterparty in the US would be, say, 10% and a new counterparty in a known tax haven 50%. Dealing with, say, North Korea, would attract an automatic 70%, with any North Korean government enterprises attracting an additional 30%, placing them in the highest-risk category.

Combine this with percentages based on information on other aspects of the deal and you have a system.

Deals with a total risk weight of under (say) 20% would get the usual process, with between 20 and 50% needing the sign-off of the head of risk management, deals between 50% and 75% needing CFO sign-off (and AUSTRAC notification) and deals over 75% needing Risk, CFO, CEO sign-off and AUSTRAC notification.

This sort of system would be easy to automate - at the simplest level put into a spreadsheet or simple database and could be implemented in a few days. Provided it is done on as part of the initiation of every new deal with the counterparty and updated on a regular basis (say quarterly) this should allow you to claim compliance with the relevant parts of the AUSTRAC requirements.

This is obviously going to slow down the deal process, though. Getting this into your primary databases, along with some further KYC work, will be needed for business reasons.

It is not too late to get this done by 12 December, as required under the regulations. Better hurry, though - AUSTRAC is already sounding annoyed with the apparent lack of progress. You do not want to be the one they choose to make an example of.

The Reserve Bank of Australia issued updated international do not deal lists, with the consolidated version covering people from Yugoslavia, Zimbabwe and companies from North Korea. They also included a Swiss person (Jacob Steiger) on the North Korea list - presumably because they believe that Jacob has been helping the DPRK with a little bit of laundry on the side.

As a side note I doubt the use of such lists. Don’t get me wrong, they are a have to have, but is it likely that Mugabe is likely to be trying to open a bank account in Australia in his own name? Given that, at a minimum, he would be able to ask for a fake passport and other ID to be generated for him in whatever name he chose it does not seem likely to me that an Australian bank would be opening an account in the name of “MUGABE, Robert Gabriel, President - DOB 21/02/1924″ any time soon.

Anyway, if you are in operations in one of the banks checking your list against this would be a good thing to do. Do it now and you may even have it done before the APRA letter gets to you.

[UPDATE - looks like I was wrong. Jacob has allegedly been assisting in nuclear weapons activities]

On of the issues that continues to bug me in relation to money laundering is the potential for (and almost certainly the actuality of) the use of various online non-bank payments services for money laundering purposes.

There must be tens, if not hundreds, of ways of moving funds around the globe while creating a good cover story to explain the movement and thus wash the funds.

A good example would be to use eBay and PayPal - if I needed to move funds from (say) Australia to Hong Kong it would be easy for my counterparty in Hong Kong to arrange an auction for a seemingly valuable, if fake, item (say an antique of some description) then I bid for the item, a fair way over its true value - using a second account (or another associate) to ensure the bidding goes high enough to transfer the funds I need to.

At the close of the auction I arrange payment for the item and it is shipped to me. Total costs of transfer - shipping for the vase (if you think it needed) and seller’s premium on eBay. Result - funds transferred with good cover story if the Australian Federal Police ever come knocking. If you want to totally cover your tracks (and maybe make an insurance claim) just break the vase.

The in-game transfers in the MMPORGs (such as Second Life) have been blogged on before, notably by Chris Skinner, as has eGold. While large, one off-transfers are likely to get picked up on these I would have thought that frequent, low value transfers would not. All you would need to move large numbers around the planet would be several accounts, possibly under multiple names.

The question then comes down to: should they be regulated like other money transfer services and, if so, how? Often there will be no physical presence of these firms in a country and blocking them in some way would cost a fair amount, be ineffective in any case and eliminate a legal business.

The only real way I can think of doing it is the way that the US attacked the online gambling industry - cutting out transfer to the business involved. In this case it would not be to cut them out, but to make them reportable.

Any thoughts?

I would invite readers to have a read of Chris Skinner’s post over at Finextra today. As I am not a beta tester over there, I cannot comment directly, but the basic premise of the post is that most money-launderers use cash at some stage of the laundering process, so the solution to money laundering is to do away with cash entirely.

Personally, I find this a bit extreme a solution. Cash is useful to me for several reasons beyond the illegal (not, of course, that I would do illegal stuff with it). It is handy for small payments and for buying things like lunch it is a lot quicker. Paying for things I buy off mates is easier in cash as I do not always have a web browser with me to make a direct payment into their bank account (although my new toy, a Nokia N95, comes close) and it saves me having to note everything down to transfer the funds later.

It also makes it easier to hide purchases (like birthday presents) where I do not want my wife to know how much I spent.

What do readers think? Is the proposed solution worse than the proposed cure?

It looks like AUSTRAC are going to be as helpful as possible in the process of you assessing your AML / CTF risk if the release today of their Self Assessment Questionnaire (warning - 2MB MS Word document) is any guide to the future. It is big, at 46 pages and, in parts, fairly intimidating, but it does break the Act and Rules down in a handy, systematic way. Read the rest of this entry »

Just a quick note - the final version of the anti-money laundering / counter terrorism financing rules are now out. Last chance to spot any obvious errors / problems - they will be registered by 13 April. Go for it.

While I specialise in bank regulation the more I see of it, in general, the less I believe in it. I tend to spend a fair part of my time trying to mitigate its worst effects. A good example of this is what I call reverse regulatory capture - where the stronger the regulation the more the banks (and any other regulated entity) tend to start trying to run their enterprise to please the regulator, rather than to please the stakeholders in the business and the less real thought they put into . Read the rest of this entry »

These are the initial steps that you need to undertake in implementing AML/CTF legislation. These steps are common to a lot of compliance projects, so they can be used a bit more generically. The important thing here is to get this under way soon so that you can demonstrate to AUSTRAC that you are trying to comply. There is a 15 month window in the legislation to achieve full compliance - but this will only be allowed if you can show you are actually trying. Read the rest of this entry »

I attended the AML / CTF¹ session in Perth on Friday with the Minister (Chris Ellison), Greg Mole and Jeff Gray from the Department and KPMG and two things became even clearer about the legislation.

1. It is a fundamentally different type of regulation to that which we are used to here - truly risk based; and
2. There is a lot of work to be done.

Read the rest of this entry »

The second draft of the proposed rules have now been released, with much of the content having been expected. The big change, though, is to the identification procedures. From my reading of the rules, the scope of s38 has been limited. s38 is the one that allows third party identification - for example one bank carries out an identification procedure and another bank can rely on that procedure. Read the rest of this entry »

Just a quick note on the almost equally quick Senate enquiry on the anti-money laudering / counter-terrorism financing bill currently before the Senate. If you want to make a submission, you only have a few days left - go here.

Submissions from the original draft have been carried over with the revived sittings concentrating on the changes between this one and the previous exposure drafts. Submissions need to be in by 17 November.

On Wednesday this week (1 November) the new anti-money laundering / counter-terrorism financing (AML / CTF) bill was introduced into the Parliament. The bill, as far as I can tell from a quick read (it is 297 pages long), is not much changed from the previous draft. That is to say that the associated rules cover most of the bits that will be really interesting.

The stuff on the Attorney General’s site is a little more comprehensive - but still does not tell us what is in the rules. The fact sheets (here) cover a bit, though - face to face identification will not be required and the old 100 point check will go - the new system is meant to be risk based, so less risky transactions (like opening a superannuation account) will need less ID, but more risky ones (arriving unannounced at a bank with a sackful of cash and asking to send it overseas, for example) will need much more, perhaps including something like a police check.

In this phase the main thrust of the bill is directly at financial services firms, the gambling sector (more ID needed at the casinos, the TAB and the pokies) and when you buy or sell gold or silver bullion. Lawyers and accountants doing similar things (like providing trust accounts) are also covered. The next bill, some time next year,  will cover real estate agents, jewellers, lawyers and accountants. So if you need to buy a house or an engagement ring without providing ID, do it now.

Once the associated rules are out, and I have had a good chance to read them, I will post again.

I have been trying to get some time to write on this, but the new bill is very long (281 pages in the bill alone) and complex and I am unlikely to do it full justice in a short post. I will try anyway.

As has been the practice with this government, this draft comes fully loaded. It seems the government has never to have met a financial regulation it did not like. A reasonably sensible international measure comes in and they use it as an excuse to load in a vast quantity more than even the worst fears.

More over the page. Read the rest of this entry »

While I try to avoid posting on matters not directly relevant to Australia, this one I thought had particular importance to the global financial system and anti-money laundering in particular.

This article on the FT Asia website today, if confirmed to be true, may indicate that China is starting to realise that money laundering, even by close friends, is not in its interest.

On the other hand, they could just be trying to send a political message and will resume normal service soon. Either way, it will be some time before Australian banks can certify any Chinese bank as a true partner in the fight against money laundering.

It is a good first step, though. Maybe the amount of US currency arriving here that was not printed in the US will diminish.

To get off Basel for a while - Senator Ellison has announced that the AML bill will be delayed until at least mid-June. The longer this goes on the more changes we can expect from the White Paper and therefore the more consultation will be needed when it comes out.

There will be a few big issues here - for the banks' customers the most visible change will be how they have to identify themselves to the bank and whether they need to re-identify themselves at some stage. For the banks, the big issue will be an IT one - how to identify when a customer's behavior changes in a suspicious way.

Read the rest of this entry »