Key components of the international institutional and legal framework

A developing framework to combat tax evasion

A developing framework to combat proliferation financing

The financial action task force (FATF)

FATF regional style bodies and associate members

Other relevant international bodies

Key requirements for financial institutions

Key components of a national AML/CFT framework

KEY COMPONENTS OF THE INTERNATIONAL INSTITUTIONAL AND LEGAL FRAMEWORK

The best and easiest way to view the international framework for combating money laundering and terrorist financing, is as a scale of activity, ranging from the international, to the regional, to the national, to the institutional and finally to the individual level. The framework is shown in Figure 2.1, with slight variations for each jurisdiction.

UN conventions and resolutions

UN Single Convention on Narcotic Drugs 1961; UN Convention on Psychotropic Substances 1971; UN Convention against Illicit Traffic in Narcotic Drugs and Psychotropic Substances 1988 (the Vienna Convention)

Collectively, these conventions have provided the international legal framework for the ‘war on drugs’, i.e. the global control and scheduling of various categories of drugs deemed harmful or abusive, including opium, heroin, cocaine, cannabis, ecstasy and LSD to name but a few.

The 1988 Convention agreed in Vienna went further. Its Article 5 (Confiscation) required states to cooperate in various ways in seizing and confiscating the proceeds of trafficking in illegal narcotics. Its particular focus was on mutual legal cooperation in such areas as extradition, search and seizure, service of documents, the transfer of legal proceedings between jurisdictions and preventing bank secrecy laws being used to prevent the mutual transfer of information relevant to a case.

Crucially, Article 3 (Offences and Sanctions) also required states to criminalise the laundering of the proceeds of illegal narcotics trafficking through the financial system, thus paving the way for the setting up of the international anti-money launding (AML) system.

UN Convention for the Suppression of the Financing of Terrorism 1999

The UN has had an anti-terrorist financing regime in place for some time on state actors (the so-called ‘rogue states’, such as Libya and Iran). It was only in the second half of the 1990s that the financing of terrorism by non-state actors came to the fore.

Following a series of resolutions condemning terrorist action during the 1990s, the UN adopted this convention at the General Assembly held in NewYork in December 1999. The resultant treaty came into force in April 2002. Article 2 of the Convention requires countries to criminalise the act of providing or collecting funds with the intention or knowledge that those funds will be used to carry out a terrorist attack.The Convention asserts that ‘financing is at the heart of terrorist activity’ and lays out the foundations for closer cooperation between law enforcement agencies, financial authorities and individual countries.

Countries that have ratified the treaty (known as State Parties) are required to put into place mechanisms to identify, detect and freeze or seize assets used or earmarked for terrorist activities, and financial institutions are called upon to be vigilant with regard to unusual transactions and to report to the authorities anything that they suspect may have links with terrorism or terrorist activities. They are also obliged to prosecute or extradite offenders, and to cooperate with other countries’ investigations. A State Party cannot, for example, turn down a request for mutual legal assistance on the grounds of its own banking secrecy laws.

UN Security Council Resolution 1373 2001

Following the attacks on the World Trade Center in September 2001, the United Nations Security Council passed UNSCR 1373 for the Suppression of the Financing of Terrorism. This is one of the lynchpins of international action against terrorist financing, and includes a range of steps and strategies to combat the financing of terrorism generally.

Resolution 1373 builds on the UN blacklisting regime which started with the creation of the Al-Qaeda and Taliban lists with UN Security Council Resolution 1267, following the 1998 Al-Qaeda attacks on the US embassies in Kenya and Tanzania. Resolution 1267 called upon all states to freeze funds and other property that may be used directly or indirectly to benefit the Taliban. Created in the aftermath of 9/11, Resolution 1373 goes a few steps further and encourages states to create their own blacklists.

Resolution 1373 reconfirms that all states should prevent or suppress terrorist financing, criminalise fundraising or the provision of economic resources for terrorism, and freeze the financial assets of terrorist groups. Terrorist acts should be established as serious criminal offences and anyone involved in their financing, planning or perpetration should be denied any kind of support and brought to justice. Particular emphasis is placed on the exchange of information between countries, not only with regard to terrorist actions and movements but also in light of the close links between terrorist acts and other types of organised crime and money laundering.

Critically, UNSCR 1373 continued the extension of the existing notification and sanctions regime, already applicable to ‘rogue states’, to individuals and organisations suspected of connections with terrorism. This led to the establishment of an international blacklist of suspected terrorists. Resolution 1373 also established the Counter-Terrorism Committee (CTC) as a monitoring body to try to ensure the Resolution is effectively implemented and to provide assistance for countries that need help in this regard.

UNSCR 1624 2005

The UN’s 50-year anniversary in September 2005 saw the adoption of UNSCR 1624, which among other things stresses that countries should criminalise incitement to commit terrorist acts and calls upon states to strengthen international border security. This development was a direct response to the open preaching of overtly violent and/or aggressive messages by, in particular, a small minority of Muslim clerics.

European Union Directives and Council Common Positions

European Convention on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime 1990 (The Strasbourg Convention)

This was signed in Strasbourg in 1990 and entered into force in September 1993. The Convention aimed to counter laundering of the proceeds of all types of crime (not just drug trafficking) and to improve international cooperation (Chapter III of the Convention), both between Council of Europe member states and with other countries around the world. With specific reference to money laundering the Convention included provisions for the establishment of a range of laundering offences (Chapter II Article 6). It also included provisions for the confiscation of the proceeds of crime and for ordering the disclosure of bank, financial and commerical records to facilitate the tracing and identification of such proceeds (Chapter II, Articles 2 and 4).

European Convention on the Laundering, Search, Seizure and Confiscation of the Proceeds from Crime, and on the Financing of Terrorism 2005 (Convention #198)

Updating and expanding on the 1993 Convention agreed in Strasbourg, this more recent Convention was adopted by the Committee of Ministers in May 2005 and is firmly grounded in the 1999 UN International Convention for the Suppression of the Financing of Terrorism (discussed above). Crucially, in Chapter II Article 2(2) the Convention focuses not only on the laundering and confiscation of criminal proceeds, but also on the interdiction of ‘clean’ money generated through legitimate sources but destined for criminal purposes – a key activity for financiers of terrorism, as has been noted. The text addresses the fact that quick access to financial information or information on assets held by criminal organisations, including terrorist groups, is key to the successful implementation of preventive and suppressive measures against them.

EU Money Laundering Directives

There have been three EU Directives dealing with Money Laundering. The First Directive, in 1991 (now repealed by the Third Directive) was the ‘basic package’ and required member states to implement laws centred around the Financial Action Task Force 40 – FATF 40 (see later in this chapter). It applied, however, only to a restricted range of financial institutions and only to the proceeds of drug related crimes. Accordingly, the Second Directive of 2001 extended both the range of crimes to be covered under national legislation and regulation, and also the categories of institutions to be affected, extending the latter to include not just banks but also ‘gatekeepers’ such as lawyers, notaries, trust or company service providers, accountants, auditors, tax advisers, real estate agents, casinos, auctioneers and other dealers in high-value goods.

The Financial Action Task Force’s previous review of its 40 Recommendations in 2003, together with the addition of nine Special Recommendations and other associated international activity in relation to terrorist financing resulted in the creation of a Third EU Directive of October 2005 (which came into force in the member states on 15 December 2007).

The Third Directive explicitly addresses terrorist financing as well as money laundering. It also contains more detailed ‘customer due diligence’ provisions than previous Directives. In particular these:

• are defined as comprising not just customer identification and verification of identity, but also establishment of the purpose and intended nature of the business relationship and ongoing monitoring
• apply to new and existing customers
• require identification of beneficial owners and the verification of the beneficial owner’s identity
• introduce exemptions from full customer due diligence (‘simplified due diligence’) for certain low risk situations, and
• require ‘enhanced due diligence’ measures for situations that present a higher money laundering or terrorist financing risk, at least for non-face-to-face business, ‘politically exposed persons’ and international correspondent banking relationships.

Furthermore:

• The Directive provides for comitology measures – legally binding implementing measures the Commission can adopt to clarify certain provisions of the Directive. Among others, the Commission may adopt criteria for simplified and enhanced due diligence, definitions of, for example, beneficial owner and politically exposed persons, and identify third countries that do not meet the provisions of the Directive.
• It recognises in EC law the concept of a risk-based approach to anti-money laundering.
• It applies a licensing/registration system for ‘currency exchange offices’, trust and company service providers that involves a fit and proper test for those who direct or beneficially own such businesses.
• It requires financial firms to apply customer due diligence and record-keeping standards to overseas branches and majority-owned subsidiaries (unless not permitted by local law).
• It introduces more explicit obligations on institutions to have systems for AML risk management and compliance.
• It includes miscellaneous provisions on, for example, the suspicious activity reporting regime and the relationship with financial intelligence units.

Council Common Position (2001/931/CFSP)

December 2001 also saw the implementation of a Council Common Position in drawing up a list (since regularly updated) of individuals, groups and entities involved in terrorism whose assets were to be frozen. The list at that time included ETA (Basque Fatherland and Liberty), the IRA (Irish Republican Army), GRAPO (the First of October Anti-Fascist Resistance Group), the terrorist wing of HAMAS, Palestinian Islamic Jihad and other revolutionary activist groups, as well as the names of individuals belonging to such groups. A more recent, updated version of this list (2011/931/CFSP published 31 January 2011) lists, in addition to a number of designated individuals, the following groups and entities:

1. ‘Abu Nidal Organisation’ – ‘ANO’ (aka ‘Fatah Revolutionary Council’, aka ‘Arab Revolutionary Brigades’, aka ‘Black September’, aka ‘Revolutionary Organisation of Socialist Muslims’)
2. ‘Al-Aqsa Martyrs’ Brigade’
3. ‘Al-Aqsa e.V.’
4. ‘Al-Takfir’ and ‘Al-Hijra’
5. ‘AumShinrikyo’ (aka ‘AUM’, aka ‘Aum Supreme Truth’, aka ‘Aleph’)
6. ‘BabbarKhalsa’
7. ‘Communist Party of the Philippines’, including ‘New People’s Army’ – ‘NPA’, Philippines
8. ‘Gama’a al-Islamiyya’ (aka ‘Al-Gama’a al-Islamiyya’) (‘Islamic Group’ – ‘IG’)
9. ‘Islami Büyük Doğu Akıncılar Cephesi’ – ‘IBDA-C’ (‘Great Islamic Eastern Warriors Front’)
10. ‘Hamas’, including ‘Hamas-Izz al-Din al-Qassem’
11. ‘Hizbul Mujahideen’ – ‘HM’
12. ‘Hofstadgroep’
13. ‘Holy Land Foundation for Relief and Development’
14. ‘International Sikh Youth Federation’ – ‘ISYF’
15. ‘Khalistan Zindabad Force’ – ‘KZF’
16. ‘Kurdistan Workers’ Party’ – ‘PKK’, (aka ‘KADEK’, aka ‘KONGRA-GEL’)
17. ‘Liberation Tigers of Tamil Eelam’ – ‘LTTE’
18. ‘Ejército de Liberación Nacional’ (‘National Liberation Army’)
19. ‘Palestinian Islamic Jihad’ – ‘PIJ’
20. ‘Popular Front for the Liberation of Palestine’ – ‘PFLP’
21. ‘Popular Front for the Liberation of Palestine – General Command’ (aka ‘PFLP – General Command’)
22. ‘Fuerzas armadas revolucionarias de Colombia’ – ‘FARC’ (‘Revolutionary Armed Forces of Colombia’)
23. ‘Devrimci Halk Kurtulu Partisi-Cephesi’ – ‘DHKP/C’ (aka ‘Devrimci Sol’ (‘Revolutionary Let’), aka ‘Dev Sol’) (‘Revolutionary People’s Liberation Army/Front/Party’)
24. ‘Sendero Luminoso’ – ‘SL’ (‘Shining Path’)
25. ‘Teyrbazen Azadiya Kurdistan’ – ‘TAK’ (aka ‘Kurdistan Freedom Falcons’, aka ‘Kurdistan Freedom Hawks’)
26. ‘Autodefensas Unidas de Colombia’ – ‘AUC’ (‘United Self-Defense Forces/Group of Colombia’).

Source: © European Union, http://eur-lex.europa.eu/

Al-Qaeda, Osama bin Laden and his associates were already designated in a separate Council Common Position of February 2001. Effectively this was the implementing mechanism within the EU for UN Security Council Resolution 1373, extending sanctions and account freezing to groups and individuals suspected of terrorism.

Patriot Act 2001

Although the Patriot Act is US legislation and clearly country-specific it needs to be included here as a section in its own right, since it was such a seminal response to the 9/11 terror attacks. Passed in the aftermath of the attacks, this wide-ranging piece of legislation promulgated stiff provisions affecting all financial firms with business touching the US directly or indirectly. In short, the Act is significant because its ramifications extend well beyond US territory and beyond US institutions. It also sets in place a number of counter-terrorist financing measures that have since become adopted as part of the international standard for best practice in combating terrorist financing.

Title III (International Money Laundering Abatement and Financial Anti-Terrorism Act of 2001) prohibits ‘covered financial institutions’ (basically US banks and US branches of non-US banks) from opening correspondent accounts with foreign shell banks (i.e. banks which did not have a physical presence in the jurisdiction where they were incorporated and which were not part of a larger group), and from doing business with other banks which did have relationships with foreign shell banks. It imposed enhanced due diligence requirements in respect of correspondent and private banking relationships with foreign banks (requirements again applying to both US banks and the US branches of foreign banks) and asserted ‘long arm’ jurisdiction over the assets of foreign money launderers, in so far as their accounts, assets or transactions touched the US.

A DEVELOPING FRAMEWORK TO COMBAT TAX EVASION

Tax evasion usually involves the concealment of legally obtained funds in order to avoid paying the taxes due. Tax evasion poses a serious threat to government revenues worldwide, and particularly since the start of the current global economic crisis in 2008 there have been significant developments in the international cooperative effort to combat tax evasion.

The Organization for Economic Co-operation and Development (OECD) has long been engaged in facilitating cooperation across jurisdictions in the fight against tax evasion. The OECD’s Global Forum on Transparency and Exchange of Information for Tax Purposes is a multilateral framework which seeks to implement and monitor the implementation of standards of transparency and exchange of information for tax purposes. The OECD standards provide for the international exchange on request of foreseeably relevant information for the administration or enforcement of the domestic tax laws of a requesting party.

With its Foreign Account Tax Compliance Act (FATCA), enacted in 2010, the US is at the vanguard in introducing harsher national measures designed to reinforce internationally agreed standards by legislating to enforce the disclosure of US taxable income held outside the US, to place obligations on both taxpayers and the foreign financial institutions holding their assets and to penalise those taxpayers and institutions that do not cooperate or make accurate information about their US-based income available.

Under FATCA, US persons and entities holding financial assets outside the US will be expected to report those assets to the US Internal Revenue Service (IRS). Foreign financial institutions – or FFIs – will also be required to report to the IRS on financial accounts held with them by US persons and entities, or by foreign entities in which US persons have a significant (10 per cent or more) ownership interest. FFIs will need to enter into an agreement with the IRS to comply with FATCA, or otherwise do no further business with US clients or US securities. If an FFI has not entered into such an agreement but nonetheless continues to do business with US entities and securities then it becomes subject to a fairly punitive withholding tax on all its US-based income. In other words, any FFI wishing to continue to do US business really has very little option but to comply with FATCA. Compliance with FATCA also requires FFIs to carry out specific due diligence in order to identify its US clients; and to withhold and/or deduct a withholding tax on the US-based income of any US clients who themselves have not complied with their obligations under FATCA. With the due diligence requirements of this law there are obvious parallels with the anti-money laundering and counter-terrorist financing procedures and systems already used by affected financial institutions.

The introduction of FATCA has implications in that financial institutions will need to review and update their existing provisions for account opening, account monitoring, record keeping and reporting in order to ensure compliance and avoid becoming subject to a withholding tax. Other countries and jurisdictions are likely to follow with equivalent legislation of their own and so, from the implementation perspective, it is as well for FFIs to prepare now on the assumption that, sooner or later, they will need their operations to be compatible with comparable rules in other countries, and not just FATCA.

A DEVELOPING FRAMEWORK TO COMBAT PROLIFERATION FINANCING

Increasing international concerns regarding the apparent intentions of certain states (notably Iran) to develop a nuclear weapons capacity has led to the development of some international accords and country-specific legislation designed to combat the financing of the proliferation of weapons of mass destruction (WMD).

Measures to combat proliferation financing have much in common with anti-money laundering and counter-terrorist financing. Hence the Financial Action Task Force (FATF), established initially to combat money laundering and subseqeuently terrorist financing, announced in October 2007 that it was extending its remit to combat proliferation financing, and has since issued guidance on this (see the section on FATF, below). The UN responded with Resolutions in December 2006, March 2007, March 2008 and June 2010, aimed at restricting trade with Iran that might enable or facilitate the proliferation of WMD.

EU Council Regulations 423/2007, 617/2007 and 1110/2008 restrict certain trade with Iran and specifically target proliferation financing by requiring credit and financial institutions who conduct business with Iranian financial institutions to:

• exercise continuous vigilance over account activity
• require that all information fields relating to the identification of originators and beneficiaries in payment instructions should be completed and, if the information is not supplied, to refuse the transaction
• maintain all records of transactions for a period of five years and make them available to national authorities on request
• report transactions involving an Iranian entity and, specifically, to report any suspicions that funds may be related to proliferation financing.

The US has also taken specific legislative steps to combat proliferation financing, with the passing into law in July 2010 of the Comprehensive Iran Sanctions, Accountability and Divestment Act (CISADA). This Act requires sanctions for companies that actively invest or intend to invest in Iran’s energy sector. Activities that can trigger sanctions include:

• making an investment that directly and significantly contributes to the enhancement of Iran’s ability to develop its petroleum resources, of:
  • $20 million or more, or
  • $5 million per investment, totalling $20 million or more in a 12-month period
• selling, leasing, or providing goods or services that could directly and significantly facilitate the maintenance or expansion of Iran’s domestic production of refined petroleum products, with:
  • a fair market value of $1 million or more, or
  • an aggregate fair market value of $5 million or more in a 12-month period
• selling or providing Iran with refined petroleum products, with:
  • a fair market value of $1 million or more; or
  • an aggregate fair market value of $5 million or more in a 12-month period
• providing goods or services that could directly and significantly contribute to the enhancement of Iran’s ability to import refined petroleum products, including;
  • insurance or reinsurance services
  • financing or brokering services, or
  • ships and shipping services, with a fair market value of $1 million or more, or an aggregate fair market value of $5 million or more in a 12-month period.

The intention of CISADA is to address the potential connection between such investment and Iran’s capability to develop its nuclear programme.

THE FINANCIAL ACTION TASK FORCE (FATF)

The FATF (also known as GAFI – Groupe d’Action Financière, see www.fatf-gafi.org) is an inter-governmental body whose membership at the end of 2011 comprised 34 member countries and two regional organisations. It was set up by the then G-7 Summit held in Paris in 1989 in response to the growing threat posed by international money laundering and was given the task of examining money laundering techniques and trends, setting out measures to combat them and then reviewing the action taken at both the national and international level. As terrorist financing has risen up the international agenda, the FATF’s role has naturally extended to encompass CFT as well and its remit was recently extended to include the proliferation of weapons of mass destruction (WMDs). It works in close cooperation with various other international bodies, including the IMF, the World Bank and the United Nations.

The FATF effectively has a manifold role at the heart of the overall AML and CFT regime, described below:

• To monitor the progress of countries in introducing AML and CFT measures, using self-assessments and more detailed mutual evaluations. ‘Non-cooperative’ governments have found themselves under heavy moral, political and economic pressure to toe the line through the reviews. For example, Austria eventually agreed to prohibit anonymous savings accounts as a result of pressure from the FATF, and the countries of Eastern Europe and the former Soviet Union (including Russia) have embarked upon urgent national legislative programmes in a very short space of time as a result of their inclusion on the ‘Non-Cooperative Countries and Territories’ List, dealt with in more detail in Chapter 7.
• To review trends, techniques and innovations in money laundering (which has led to annual and specialised money laundering typologies reports), and to keep member states abreast of the findings.
• To build a global AML and CFT network by extending the reach of FATF principles. This has resulted in new member countries joining the group; it has also led to the formation of regional FATF-style groups.
• To define and promulgate international standards on the combating of Money Laundering and Terrorist Financing and WMD Proliferation. At the heart of FATF’s activities are their recommendations on measures for the combating of Money Laundering and the Financing of Terrorism and Proliferation. Now known as ‘The FATF Recommendations’ they were completely revised and refreshed in February 2012. The extension beyond money laundering and terrorist financing into the field of proliferation has been a reaction to one of the major issues of our time. A number of states, notably Iran, appear to be taking steps to build a WMD capability and accordingly we may expect sequential action and guidance from FATF on the issue of WMD proliferation financing. FATF have already in fact responded with a ‘Typologies Report on Proliferation Financing’, published in June 2008 and focusing specifically on the trends and methods used in financing the development of WMD programmes.

The FATF Recommendations are available from the FATF website at www.fatf-gafi.org. However, for convenience they are summarised here.

The Forty Recommendations (February 2012)

The Forty Recommendations were first published in 1990, revised in 1996, and comprehensively updated in both 2003 and 2012. They were designed to provide a comprehensive plan of action for countries that needed to fight money laundering, terrorist financing and weapons proliferation, encompassing the following key areas:

• AML/CFT Policies and Coordination
• Money Laundering and Confiscation
• Terrorist Financing and Financing of Proliferation
• Preventive Measures
• Transparency and Beneficial Ownership of Legal Persons and Arrangements
• Powers and Responsibilities of Competent Authorities and Other Institutional Measures, and
• International Cooperation.

Countries have diverse legal and financial systems and therefore all cannot take identical measures. The FATF 40 therefore lay out broad principles for countries to implement according to their particular circumstances and constitutional frameworks. They are not a binding international convention, but many countries around the world have made a political commitment to fight money laundering by adopting and implementing the FATF 40 and those who do not face censure and reprisals if they refuse to do so.

What follows is only a brief summary of the recommendations and some of the interpretative notes to provide an overview of the headline requirements. It should not be taken as a substitute for detailed reference to the source document.

A:AML/CFT policies and coordination

Recommendation 1 requires countries to adopt a risk-based approach to combating money laundering and terrorist financing to ensure that resources are as efficiently applied as possible. R1 also requires financial institutions and Designated Non-Financial Businesses and Professions (DNFBPs) to ‘identify, assess and take effective action to mitigate their money laundering and terrorist financing risks’.

Recommendation 2 requires national coordination between policymakers, the FIU, law enforcement authorities, supervisors and others, to ensure that the implementation of policies and activities to combat money laundering, terrorist financing and WMD proliferation is effectively coordinated domestically.

B: Money laundering and Confiscation

Recommendation 3 requires countries to criminalise money laundering as a specific offence and to apply the crime to ‘the widest range of predicate offences’. A predicate offence, in this regard, is a serious offence which, legally, can give rise to money laundering where criminal proceeds have resulted from it. Most notably, the 2012 recommendations require that countries include tax evasion as a predicate offence, which was never the case previously.

Recommendation 4 requires countries to empower their competent authorities (such as police and prosecutors) to identify, trace, freeze, seize and confiscate criminal assets. It also permits countries to confiscate such assets ahead of any criminal conviction which is likely to be sought.

C: Terrorist Financing and Financing of Proliferation

Recommendation 5 requires countries to criminalise both the financing of terrorist acts and the financing of individual terrorists and terrorist organisations, as well as designating terrorist financing offences as predicate offences for money laundering purposes.

Recommendation 6 requires countries to implement ‘targeted financial sanctions régimes’ to prevent and suppress terrorism and terrorist financing pursuant to the various UN Security Council Resolutions, for the purpose of freezing terrorist funds and denying their availability to designated persons and entities.

Recommendation 7 requires that countries also implement targeted financial sanctions régimes aimed at preventing, suppressing and disrupting WMD proliferation pursuant, again, to UN Security Council Resolutions.

Recommendation 8 requires countries to pass laws which prevent the exploitation of NPOs for terrorist financing purposes.

D: Preventive Measures

Recommendation 9 requires that bank (and other financial institution) secrecy laws should be subordinate to the implementation of the FATF recommendations (so that, for example, institutions reporting in good faith cannot be the subject of successful legal actions for damages by customers and clients claiming damages for breach of confidentiality).

Recommendation 10 relates to customer due diligence (CDD). Financial institutions must undertake CDD when:

• establishing business relations
• carrying out occasional transactions above US$/€15,000 or certain wire transfers
• there is a suspicion of money laundering or terrorist financing, or
• there are doubts about the truth or adequacy of previously-obtained identification information.

Under Recommendation 10 institutions must:

• identify and verify the customer’s identity using ‘reliable, independent source documents, data or information’
• identify the beneficial owner of the account (i.e. the natural person or persons who own or control it, or for whose benefit it exists, and behind whom there are no further interests), and understand the ownership and control structure of corporations and other entities to this effect
• understand the purpose and intended nature of the business relationship; and
• conduct ongoing due diligence and transaction scrutiny throughout the course of the relationship to ensure consistency between account activity and stated purpose.

The CDD measures should be determined according to a risk-based approach (examples of which are dealt with in more detail in Chapter 4 of this book) and although customer identification and verification is not required to precede the opening of business relations, this is subject to the risks being effectively managed. An inability to conduct CDD for any reason should effectively prohibit a financial institution from providing the requested services and generate a need to consider the making of a suspicious transaction report.

Recommendation 10 is the subject of an extensive interpretative note containing expanded requirements on CDD for legal persons and arrangements. In particular, it contains a step-by-step process for the establishment of the identity of beneficial owners. Under this process, institutions should first identify the natural person or persons exercising control of the corporation or trust through ownership; failing that, they should attempt to establish those exercising control by means other than ownership (presumably, for example, through secret agreements, commercial arrangements etc.); failing that, they should establish a relevant natural person who holds a senior management position.

Recommendation 11 requires financial institutions to maintain transaction and CDD records for a minimum period of five years from the date of the transaction (in relation to transaction records) or following the termination of the business relationship (in relation to CDD records). These records must also be made available to competent authorities within the jurisdiction.

Additional Measures for Specific Customers and Activities

Recommendation 12 deals with politically-exposed persons (PEPs) and their family members or close associates and requires institutions to take additional steps to the CDD measures outlined in R10; in particular to put in place systems to determine whether the proposed relationship involves a PEP, to obtain senior management approval for such relationships, to take ‘reasonable measures’ to establish the source of wealth and the source of funds and to conduct ‘enhanced ongoing monitoring’ of the relationship.

Recommendation 13 contains a series of requirements in relation to cross-border correspondent banking, under which, in addition to the CDD measures described in R10, financial institutions must obtain information on and understand their respondents’ business, reputation, quality of supervision and quality of AML/CFT controls (particularly where CDD on customers have access to ‘payable through accounts’), as well as obtaining senior management approval for the establishment of new correspondent relationships and understanding the respective responsibilities of the respondent and co-respondent.

Recommendation 13 also prohibits the provision of correspondent services to shell banks.

Recommendation 14 requires countries to establish licensing and registration systems for customers who provide money value transfer services (MVTS) with appropriate penalties for unlicensed operators.

Recommendation 15 requires countries and financial institutions to risk assess new products and delivery mechanisms and technologies for money laundering and terrorist financing purposes and to take steps to mitigate those risks.

Recommendation 16 relates to wire transfers and is the subject of extensive guidance in the interpretative notes. The headline requirement is that countries must require financial institutions to include both originator and beneficiary information in wire transfers, and that that information should remain with the transfer throughout the payment chain.

There are also requirements for financial institutions to be able to detect wire transfers which lack the necessary information and also to freeze the processing of wire transfers apparently involving designated persons and entities.

Recommendation 17 allows countries to permit financial institutions to rely on third parties to perform CDD steps (other than ongoing due diligence) in certain circumstances. However, the relying institution must retain ultimate responsibility (in legal terms) for the adequacy or otherwise of the CDD measures.

Recommendation 18 requires that countries should compel their financial institutions to implement AML and CFT programmes which, in the case of institutions with overseas branches and subsidiaries, should be to a consistent standard throughout, based on the home country’s requirements.

Recommendation 19 requires that financial institutions should apply enhanced CDD measures to relationships involving countries which have been designated by FATF as higher risk.

Recommendation 20 requires that financial institutions be under an obligation to report suspicions of money laundering or terrorist financing promptly to the country’s Financial Intelligence Unit (FIU).

Recommendation 21 requires that national laws should protect financial institutions and their staff who have reported suspicions of money laundering or terrorist financing in good faith, from civil or criminal liability for breach of confidentiality. Recommendation 21 also mandates that countries prohibit by law the practice of ‘tipping-off’ (informing a customer that a report has been filed with the FIU).

Recommendations 22 and 23 contain a range of requirements in relation to designated non-financial businesses and professions (DNFBPs). Basically the CDD and record-keeping requirements set out earlier apply to DNFBPs in designated situations, as do the recommendations relating to internal controls/foreign branches and subsidiaries, higher-risk countries, the reporting of suspicious transactions and tipping-off.

Specifically, the interpretative notes to Recommendation 23 make it clear that lawyers (and accountants providing legal advice) are not required to file suspicious transaction reports in circumstances where the information forming the basis of their suspicion was acquired in a situation which was subject to professional secrecy or legal professional privilege. Furthermore, lawyers are not deemed to have ‘tipped-off’ a client if they seek to dissuade them from engaging in certain types of activity that might constitute money laundering.

Recommendations 24 and 25 require countries to ensure that information on beneficial ownership and control in relation to legal persons (e.g. corporations) and legal arrangements (e.g. trusts) is available and can be accessed by competent authorities, and that they should also consider measures to make information on beneficial ownership and control available to financial institutions and DNFBPs.

These greatly-expanded requirements in relation to beneficial ownership are the subject of an extensive interpretative note which makes it clear that, at the heart of the matter, companies are going to have to be able to draw a distinction between legal ownership on the one hand, and beneficial ownership on the other, and to appoint ‘one or more natural persons resident in the country’ to provide information on beneficial ownership to the authorities.

Recommendations 26, 27 and 28 require countries to maintain adequate regulatory and supervisory frameworks for financial institutions and DNFBPs, and set out the minimum standards applicable.

Recommendation 29 requires countries to establish a FIU for the analysis of suspicious transaction reports and the obtaining of further relevant information in relation to money laundering and terrorist financing.

Recommendation 30 outlines the required responsibilities of law enforcement and investigating authorities and emphasises the importance of ‘proactive parallel financial investigation’ and inter-agency cooperation.

Recommendation 31 details the required powers of law enforcement and investigating authorities, such as their ability to access all necessary documents for use in investigations and their powers to use investigative techniques such as undercover operations, communications interception and controlled delivery (i.e. participating in the handling and delivery of illegal goods and substances for the purpose of obtaining evidence for prosecution).

Recommendation 32 deals with cash couriers, and the requirement that countries should put in place mechanisms to control the cross-border transportation of cash and negotiable instruments through declaration and/or disclosure systems.

Recommendations 33 and 34 impose obligations on countries to maintain statistics pertaining to the effectiveness and efficiency of their AML/CFT systems and to provide feedback to financial institutions and DNFBPs which will assist them in complying with their obligations, in particular their reporting of suspicious transactions.

Recommendation 35 requires countries to maintain a range of ‘effective, proportionate and dissuasive’ sanctions against persons and entities which fail to comply with their AML/CFT obligations. These sanctions should also be applicable to directors and senior management of financial institutions and DNFBPs.

Recommendations 36 to 40 then finally cover a range of requirements in relation to international cooperation, including becoming parties to relevant international conventions, mutual legal assistance, cross-border asset freezing and confiscation, extradition and generally providing ‘the widest range of international cooperation in relation to money laundering, associated predicate offences and terrorist financing’.

Key differences between the 2012 Recommendations and their predecessors

Apart from bringing the former ‘nine special recommendations’ relating to terrorist financing within the body of the main AML recommendations, thereby creating a more unified and inclusive set of standards, the new 2012 FATF recommendations are different in the following key areas:

• Tax crimes are now predicate offences. Those who have followed the subject over the years will be aware that the absence of tax evasion and other serious tax crimes within the definition of ‘predicate offences’ which could give rise to money laundering – and therefore trigger the application of the necessary laws and standards – was an issue of hot debate. That debate has now been resolved and tax evasion (and other serious tax crimes) now sit alongside fraud, kidnapping and people- and narcotics-trafficking as offences which can give rise to money laundering.
• Politically Exposed Persons (PEPs). Whilst many financial institutions had included domestic PEPs within their PEP risk management processes for a number of years, the old standards did not actually require this, applying, as they did, only to foreign PEPs. This has now been remedied and the requirements for enhanced due diligence and the other standards in relation to PEPs effectively now apply to both foreign and domestic PEPs alike.
• Wire transfers. The previous standards (which in themselves significantly increased the information requirements relating to wire transfers) required only that originator information should remain with the wire transfer throughout its journey through the financial system. The new standard requires that both originator and beneficiary and related information should travel with the transfer.
• Beneficial ownership. Responding, no doubt, to the growing realisation of the extent to which front companies, front trusts and other types of corporate and legal structures and arrangements can be used for laundering large amounts of criminal money, as well as disguising funds destined for terrorism and proliferation, the new standards have expanded significantly the requirements in relation to the establishment of beneficial ownership.
  Specifically, R10 dealing with CDD now includes a step-by-step process to be followed when identifying beneficial ownership, as described earlier on. In addition, there are now major new requirements for countries to create systems (including a company registry, if they do not already have one) in which information on beneficial ownership is both recorded and available.
  Required measures include the nomination of a specific person or persons who will be responsible for available information regarding beneficial ownership and for providing further assistance to the authorities. Similar requirements apply to trusts and other legal arrangements. There are also requirements for countries to tackle ‘obstacles to transparency’ such as the misuse of bearer shares and nominee shareholding arrangements.

Practitioners will know that the issue of beneficial ownership in the day-to-day implementation of the standards poses one of the biggest practical challenges of all, so the increased focus on beneficial ownership is certainly hitting the ‘sweet spot’ in terms of where the real risks lie. Once countries start implementing the new standards, it will be interesting to see how they are met within the companies responsible for implementing them. For example, do many directors and officers of sizeable private companies even understand what the term ‘beneficial ownership’ means? (After all, it has taken bankers a while to understand it.) If the officer within a company responsible for maintaining and providing information on its beneficial ownership suspects that the information they have been given on beneficial ownership is suspect, will they be under a duty to disclose this? Will they commit a criminal offence if they fail to do so, or if the information which they have certified turns out to be false? How can countries prevent the information they collect on ‘beneficial ownership’ becoming just another layer of information which actually disguises true ownership and control? These are all questions which will have to be answered as the new standards become adopted in each country.

FATF REGIONAL STYLE BODIES AND ASSOCIATE MEMBERS

Several regional organisations and other bodies have been established to carry forward the principles and practices set out by FATF on a more localised/regional basis. They enjoy observer or associate membership status at the FATF and are:

• The Asia/Pacific Group on Money Laundering (APG)
• The Caribbean Financial Action Task Force (CFATF)
• The Eastern and Southern Africa Anti-Money Laundering Group (ESAAMLG)
• The Grupo de Accion Financiera Sud America (GAFISUD)
• The Eurasian Group (EAG)
• The Middle East and North Africa Financial Action Task Force (MENAFATF)
• The Council of Europe Committee of Experts on the Evaluation of Anti-Money Laundering Measures and the Financing of Terrorism (MONEYVAL)
• The Inter Governmental Action Group against Money Laundering in West Africa (GIABA).

All the groups analyse the latest money laundering and terrorist financing trends which have been detected in their region and all look to the FATF as the global leadership organisation in these fields.

OTHER RELEVANT INTERNATIONAL BODIES

International Monetary Fund (IMF)

The IMF has long been involved in international efforts to combat money laundering at a national level, and after the events of 9/11 it intensified and extended the remit of these activities to include combating the financing of terrorism. As a collaborative institution with a near-universal membership of countries (it has 187 members), the IMF is perhaps a natural forum for countries to share information and develop common approaches and appropriate policies to deal with such issues.

The IMF has also brought to bear its capabilities in the assessment of member states’ financial sectors, and the provision of technical assistance to help countries strengthen their financial sectors. The Financial Sector Assessment Programme (FSAP), established in 1999, is a joint effort with the World Bank and is designed to provide member countries with a comprehensive evaluation of their financial systems as a whole, rather than those of individual financial institutions. The FSAP aims to alert the national authorities to weaknesses in their systems, and to help them design countermeasures to reduce those weaknesses.The IMF and World Bank are also involved in policy development in the counter-terrorist financing arena and author publications on various issues of concern and interest, including reference guides, handbooks and working papers on topics such as the operation of Financial Intelligence Units, legislative drafting and the impact of terrorism on financial markets

The IMF has taken a number of specific steps to assist countries in strengthening their anti-money laundering counter terrorist financing provisions. In March 2004, the IMF Executive Board agreed to make AML and CTF assessments and technical assistance a regular part of IMF work, and to expand this work to cover the full scope of the FATF recommendations. In 2009, the IMF launched a donor-supported trust fund to finance technical assistance in AML/CFT.

Basel Committee on Banking Supervision (BCBS)

The Basel Committee was established at the end of 1974, and comprises central bank (or banking supervision authority) representatives from 27 countries including the US, Japan and a number of EU states. The Committee formulates broad supervisory standards and guidelines and recommends statements of best practice in the expectation that individual authorities will take steps to implement them through detailed arrangements – statutory or otherwise – suited to their own national systems. Its main guidance documents cover areas such as transparency in payments messages, account opening and customer identification, customer due diligence and international cooperation.

The Egmont Group

The Egmont Group was set up in 1995 to facilitate international cooperation and in its ongoing work aims to support the growing number of Financial Intelligence Units (FIUs) set up by various countries since 11 September 2001. Its purpose is broadly to provide a forum through which FIUs can improve their national AML programmes. Any FIU which considers itself to comply with the criteria of the Egmont Group, of being a central, national agency responsible for receiving (and where permitted, requesting) disclosures of financial information, and analysing and disseminating such information to the competent authorities as appropriate, is eligible to apply to become an Egmont member FIU.

The Wolfsberg Group

The Wolfsberg Group is an association of 11 global banks, which aims to develop financial services industry standards for know-your-customer, AML and CFT policies. The group first came together in 2000 (at the Château Wolfsberg in north-eastern Switzerland – hence the name) to draft anti-money laundering guidelines for private banking in the wake of some very negative money laundering scandals which had affected the industry. The Wolfsberg Anti-Money Laundering Principles for Private Banking was subsequently published in October 2000 (and revised in May 2002). Since then the group has published papers on a wide range of areas including ‘Terrorist Financing’ (January 2002), ‘Correspondent Banking’ (November 2002), ‘Monitoring, Screening and Searching’ (September 2003, revised 2009) and the ‘Risk Based Approach’ (June 2006). The group also publishes FAQs on a range of specific issues including beneficial ownership, Politically Exposed Persons (PEPs) and intermediaries.

IAIS and IOSCO

Beyond the banking sector, international bodies such as the International Association of Insurance Supervisors (IAIS) for the insurance industry, and the International Organization of Securities Commissions (IOSCO) have issued guidance to members on best practice in the combating of money laundering and terrorist financing.

KEY REQUIREMENTS FOR FINANCIAL INSTITUTIONS

There is by now a fairly well-defined suite of activities which, taken together, denote current international best practice in anti-money laundering and counter terrorist financing, and these revolve around the core areas below. More detailed information on best practice approaches is provided in Chapter 3.

Name screening

Before entering into a business relationship, prospective customers’ names must be checked against published lists of persons and organisations suspected of being connected with terrorism. Financial services must not be provided to those on the lists.

Risk assessment

Before entering into a business relationship, prospective customers must be assessed as to the degree of money laundering and terrorist financing risk which they pose, and must thereafter be the subject of appropriate risk-based procedures and controls. Risk factors to be considered include:

• location of customer and/or transaction
• type of customer (individual, corporate, trust, etc.)
• nature of customer’s business
• age/period of existence of customer
• countries where customer typically conducts its business
• counterparties of customer
• product profile and sales distribution channels.

A detailed explanation of a risk-based approach to money laundering and terrorist financing is provided in Chapter 4.

CDD and EDD

Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) must be undertaken where necessary, on a risk-sensitive basis, including:

• Identification. Evidence and verification of the customer’s identity must be obtained prior to the provision of services.
• Business purpose. Details of the business purpose of the relationship must be obtained.
• Beneficial ownership. Where this is unclear, beneficial ownership must be ascertained, the test being one of significant interest and control.
• Ongoing monitoring of accounts on a risk-sensitive basis and scrutiny of transactions to ascertain whether they are consistent with the stated purpose of the account.
• Prohibition on opening accounts for shell banks. Banks without a physical presence in the jurisdiction where they are incorporated, and which are otherwise not part of a larger group constituted in a well regulated country, are designated as ‘shell banks’ and may not be banked. It follows from this that where it is not obvious that a bank is not a shell bank, financial institutions must make reasonable efforts to establish whether or not it is a shell bank and thereafter to act accordingly.
• Simplified due diligence is allowed under certain circumstances, for example where customers are counterparties from well-regulated jurisdictions, or where a customer has been introduced by such an entity.

More information on CDD and EDD implementation is provided in Chapter 4.

Suspicion reporting

On a risk-sensitive basis, ‘suspicious’ transactions must be reported to the authorities and cooperation extended to the authorities in the investigation of such reports. Specifically, financial institutions must not make customers or third parties aware that such reports have been filed.

More information on different typologies, the features that characterise them and how to recognise these in financial business is provided in Chapter 6.

Record-keeping

Customer and transaction records must be retained and kept available for inspection for five years from the date of the end of the relationship (in the case of customer records) and five years from the date of the transaction (in the case of transaction records).

Staff training

Training must take place on a regular basis, in which relevant staff are trained in:

• how to recognise a potentially suspicious transaction
• what to do if they become suspicious
• their own legal obligations and those of the financial institution where they are employed
• the procedures and controls in place for dealing with AML/CFT issues within the financial institution.

More information about staff training and examples of tried and tested training techniques is provided in Chapters 3, 6 and 8.

Cooperation with relevant authorities

Cooperation must be extended, within the parameters defined by law, to law enforcement agencies in the investigation of suspected money laundering and terrorist financing. In suspected terrorism cases, in particular, it is especially important that financial institutions are able to produce records quickly in response to requests.

Responsiveness to international findings

Financial institutions must take account of information made available from reliable sources which is relevant to their assessment of money laundering and terrorist financing risk. For example, if a country appears on the list of Non-Cooperative Countries and Territories issued by FATF then financial institutions should reassess and amend their risk control procedures accordingly.

KEY COMPONENTS OF A NATIONAL AML/CFT FRAMEWORK

As part of the mutual evaluation regime, on an ongoing basis FATF conducts detailed assessments of the extent to which the AML/CFT regimes of different countries do or do not meet the international standards which it has set out in the FATF 40.

The basic requirements, however, for the institutional framework in each country are as follows, and each country must have the following.

Core legislation

The country must have primary statutes which criminalise the process of money laundering and terrorist financing, permit the seizure and confiscation of criminal and terrorist assets, impose criminal penalties (fines and imprisonment) for breaches of the law and which, in all other respects, comply with the requirements laid out in the FATF 40 and the various international conventions and regional treaties to which the country is a party.

Regulations or statutory instruments and interpretative notes or guidance

The country must have regulations or statutory instruments which address in detail the legal requirements contained in the core legislation, and which set out the various steps which regulated parties (i.e. financial institutions and the other ‘gatekeepers’ who are charged with AML and CFT duties) must take in order to fulfil their obligations. The regulations must cover such issues as:

• risk assessment
• customer identification and due diligence
• account and relationship monitoring
• suspicion reporting
• records maintenance
• internal controls
• staff training.

Along with other key areas identified in the FATF 40, it is not enough that regulations simply be issued; they should also be the subject of interpretative guidance which assists regulated firms in understanding and applying them.

Regulatory bodies

The country must have a regulator or regulators that have powers to inspect firms’ compliance with laws and regulations and to compel improvement. Regulators must have powers to censure and impose fines and other punishments in order to give ‘teeth’ to their inspections. It follows from this that the staff of these regulatory bodies must be knowledgeable about the AML and CFT matters which are the subject matters of their inspections.

Financial Intelligence Units

Countries must have centralised units to receive and analyse reports of suspicions of money laundering and terrorist financing under the legislation and regulation, to build knowledge and expertise of money laundering trends and methods within their country, and to make this intelligence available to the state enforcement bodies (see below) for the purpose of taking effective action.

Law enforcement agencies

Countries need to empower police forces or other investigative agencies to investigate money laundering and its underlying crimes, and terrorist financing and the plots being funded by it. Again, officers within these agencies need to be sufficiently skilled and knowledgeable in this regard, in order to be able to fulfil their tasks successfully. The area is typically so complex that designated agencies may be required to conduct specialised tasks such as asset tracing, asset seizure or terrorist surveillance.

Ultimately, the purpose of law enforcement is to catch criminals, seize their assets and bring cases to court, so they need to work closely with the next component of the national AML/CFT regime, below.

Prosecutory authorities

Countries need to have prosecutory authorities that can work with the police to prepare and bring to court cases of money laundering and terrorist financing. Again, specialist knowledge and expertise is required for the lawyers and case specialists involved in reviewing and preparing the cases for court, and presenting/advocating them in court.

Judicial and penal system

Countries must have judges, courts and prisons capable of administering justice according to the law. This means the system must have the capacity and resources to try cases and appeals which are brought before the courts and to do so within a reasonable time, and to have effective state institutions for punishment, once convictions have been obtained.

Integrity

Finally, and perhaps most importantly, it is worth mentioning here that the ‘golden thread’ running through all of the above is the requirement that a country’s AML/CFT regime and apparatus should have integrity at both the institutional and the individual level, and that decision-making should be free from bribery and corruption. Equally, the state should provide the necessary resources to protect, as far as humanly possible, individuals from threats, coercion and violence at the hands of the criminal community whose power they are trying to attack.