In the UK, the main regulatory guidance with regard to money-laundering deterrence and terrorist financing is produced by the Joint Money Laundering Steering Group (JMLSG), which is made up of the leading UK trade associations in the financial services industry, including the British Bankers' Association. Its existence actually pre-dated the creation of the UK's original unitary regulator, the Financial Services Authority. The aim of the JMLSG is to encourage good practice in countering money laundering and to give practical assistance in interpreting the statutory UK Money Laundering Regulations. This is primarily achieved by the publication of industry guidance which offers advice on suitable ways to comply with laws and regulations on financial crime. It also highlights areas of concern and suggests processes and procedures that should be considered.
It is important to note that the UK has statutory provisions and therefore any breach of the regulations represents a criminal, rather than a civil, matter.
The rules themselves have been through many changes over the years and have both increased and decreased in their depth and scope. Initially drafted by experts in each individual field of financial services (the so-called coloured books), the rules have now been consolidated and reflect the UK's interpretation of relevant EU legislation as implemented into UK law incorporating FATF guidance.
Guidance is only issued by the JMLSG after it has been approved by HM Treasury and, as such, UK courts must take the guidance into account in the event of any legal proceedings. Adherence to the guidance is also regarded by the FCA and the PRA as demonstrating compliance with their relevant systems and controls rules. As such, the regulators have effectively taken the totality of the JMLSG guidance and incorporated it into their own rule books.
The JMLSG is made up of the leading UK trade associations in the financial services industry. As of July 2013, these consisted of the following organisations:
The breadth of the organisations represented provides a warning as to the scope of money-laundering regulation in the UK. In addition, other organisations, whilst not being direct members, have attendance rights, including bodies such as the Institute of Chartered Accountants in England and Wales, the equivalent bodies in Scotland and in Ireland and both the Institute and Faculties of Actuaries. The JMLSG has been producing money laundering guidance for the financial sector since 1990, initially in conjunction with the Bank of England, and then with the FSA to provide regularly updated guidance on the various money-laundering regulations in force – those set in 1993, 2001, 2003 and 2007. In June 2013, HMRC released three short factsheets summarising and offering advice and best practice on the money-laundering regulations. The factsheets cover an introduction to the regulations, visits by HMRC under the regulations and a guide to complying with obligations, including risk-management and reporting procedures. The factsheets are available from the HMRC website.
Given that the new regulators (FCA and PRA) do not have money-laundering deterrence as a primary objective, it will be interesting to see how new guidance is developed in future and the role that these new regulators will choose to adopt.
A major revision of JMLSG's guidance was published in January 2006 (and has been amended subsequently), based on a number of fundamental principles – including that of senior management accountability and the adoption of a risk-based approach. The risk-based approach allows firms to focus their money-laundering deterrence and counter-terrorist-financing resources on areas where the risk of money laundering and/or terrorist financing is considered highest. As we saw in Chapter 4, this had specifically been recommended by the Third Directive. The guidance therefore embodies what are considered to be proportionate and cost-effective approaches to managing these risks.
Text from the guidance is reproduced with the kind permission of the Joint Money Laundering Steering Group.
A risk-based approach essentially includes the following:
The JMLSG has periodically reviewed its guidance, and has made changes and additions as required. As mentioned above, an important revision took place in 2006 to reflect the implementation of the Proceeds of Crime Act 2002, and there were then subsequent revisions that implemented the Money Laundering Regulations 2007, which, in turn, implemented the EU Third Money Laundering Directive in the UK.
The JMLSG states that the purpose of the guidance is to:
The actual guidance is available for you to download for free from the following website: www.jmlsg.org.uk. The guidance is over 500 pages long, spanning three parts, and includes the following sections:
Part I:
These general rules have been used and are consistent with the guidance produced in the relevant chapters of this book and therefore are not reproduced here.
Part II (sector-specific guidance):
We have incorporated certain key elements of the guidance in this chapter.
Part III (specialist guidance):
From this website, all of the rules can be seen in detail and they do form a useful reference set for money-laundering deterrence specialists in any country. The guidance is detailed and consistent with the FATF principles, together with relevant EU legislation, but actually goes much further, providing guidance in areas of specific concern. In the remainder of this book we provide such guidance as is appropriate for the global reader. If you wish to look at specific UK guidance, reference needs to be made to the specific UK rules as set out on the above website. Of course, if you do require detailed local guidance, reference will need to be made to your local relevant authority and the rules that they have promulgated which achieve the same objectives.
Much of the content of the JMLSG guidance is consistent with the guidance that is offered throughout this book, so has not been reproduced here. However, as stated above, some of the Part II guidance information is worthy of your additional attention, and certain aspects are provided here in summary form for reference.
Credit cards are a way of obtaining unsecured borrowing. As such, the initial risks are more related to fraud than to “classic” money laundering, but handling the criminal property arising as a result of fraud is also money laundering. Card issuers will, therefore, generally carry out some degree of credit check before accepting applications.
The money-laundering risk relates largely to the source and means by which repayment of the borrowing on the card is made. Payments may also be made by third parties. Such third party payments, especially if they are in cash or by debit cards from different locations or accounts, represent a higher level of money-laundering risk than when they come from the cardholder's bank account by means of cheque or direct debit.
Balances on cards may move into credit if cardholders repay too much, or where merchants pass credits/refunds across an account. Customers may ask for a refund of their credit balance. Issuance of a cheque by a card issuer can facilitate money laundering.
Cash may be withdrawn in another jurisdiction. This is, in any event, the case in respect of an amount up to the credit limit on the card. Where there is a credit balance, the amount that may be moved is correspondingly greater; it is possible for a cardholder to overpay substantially, and then to take the card abroad to be used. However, most card issuers limit the amount of cash that may be withdrawn.
Where several holders are able to use a card account, the card issuer may open itself to a money-laundering or terrorist-financing risk in providing a payment token to an individual in respect of whom it holds no information. The issuer would not know to whom it is advancing money, unless it has taken some steps in relation to the identity of all those entitled to use the card. Such steps might include ascertaining whether the primary or any secondary cardholder is resident in a high-risk jurisdiction or whether any primary or secondary cardholder is a politically exposed person.
Measures that a firm might consider for mitigating the risk associated with a credit card customer base include the following:
Under the Electronic Money Regulations 2011 (Reg. 2(1)), electronic money is defined as:
Regulation 3 of the Electronic Money Regulations 2011 states that electronic money does not include:
Electronic money is a retail payment product that is used predominantly for making small-value payments and is currently growing in many jurisdictions. That the JMLSG has already included guidance in this area will be of interest to many international regulators seeking to develop their own regulations.
Electronic money is susceptible to the same risks of money laundering and terrorist financing as other retail payment products. Furthermore, where electronic money is limited to small-value payments, its use is less attractive to would-be launderers. For terrorist financing and other financial crime, electronic money offers a more accountable, and therefore less attractive, means of transferring money compared to cash.
The electronic money products in commercial use today do not provide the privacy or anonymity of cash, nor its utility. This is due to a number of factors. Products may, for example, be funded by payments from bank accounts or credit cards and therefore reveal the identity of the customer at the outset. The use of most electronic money products also tends to leave an electronic trail.
As issuers of electronic money usually occupy the position of intermediaries in the payment process, situated between two financial or credit institutions, they are often able to provide additional transaction information to law enforcement that complements identity data provided by other financial institutions. This may be equally or more valuable evidence than a repetition of the verification of identity process.
Fraud prevention and consumer protection concerns led to the placement of transaction, turnover and purse limits on products, limiting the risk to both issuer and consumer. These limits act to restrict the usefulness of the product for money laundering, and make unusual transactions more detectable.
The following factors will increase the risk of electronic money products being used for money laundering or terrorist financing:
The systems and controls issuers put in place must be commensurate with the money-laundering and terrorist-financing risk they are exposed to. The detail of issuers' systems and controls will, therefore, vary. Examples include those that:
Wealth management is the provision of banking and investment services in a closely managed relationship to high-net-worth clients. Such services will include bespoke product features tailored to a client's particular needs and may be provided from a wide range of facilities available to the client, including:
Money launderers are attracted by the availability of complex products and services that operate internationally within a reputable and secure wealth management environment that is familiar with high-value transactions. The following factors contribute to the increased vulnerability of wealth management:
In addition to the standard identification requirement, as a minimum requirement to counter the perceived and actual risks, the firm, and those acting in support of the business, must exercise a greater degree of diligence throughout the relationship which will be beyond that needed for normal retail banking purposes. The firm must endeavour to understand the nature of the client's business and consider whether it is consistent and reasonable, including:
The firm must be satisfied that a client's use of complex business structures and/or the use of trust and private investment vehicles has a genuine and legitimate purpose.
Visiting clients can be an important part of the overall customer due diligence process. In wealth management, relationship managers should generally visit their clients at their place of business in order to substantiate the type and volume of their business activity and income, or at their home if the business factor is not so relevant. The relationship manager who undertakes the visit should make a record by documenting:
The relationship manager should then update the client's profile where appropriate.
General insurers should consider the following:
Some ExO stockbrokers deal with high volumes of low-value customer transactions, whereas others direct their services towards higher net worth customers, and thus have fewer customers. Stockbroking customers may adopt a variety of trading patterns; the firm may be offering no advice and may have little or no knowledge of a particular customer's motives.
ExO customers are also free to spread their activities across a variety of brokers for perfectly valid reasons, and often do. Each broker may therefore actually have little in terms of transaction history from which to identify unusual behaviour. Many firms provide ExO stockbroking services on a non-face-to-face basis, including via the internet.
In view of the above, whilst stockbroking might be regarded as being of lower risk compared to many financial products and services, the risk is not as low as in providing investment management services to the same types of customer from similar jurisdictions.
Generally with asset finance, no monies are advanced to the customer, but are paid into a supplier's bank account to fund the purchase of an asset which is made available under contract to the customer. Repayments by the customer are usually made from other bank accounts by direct debit. Risk is also associated with hire purchase and lease products, as they could be used for layering.
Given that a loan does not result in the borrower receiving funds from the lender, but the use of assets, the initial transaction is not very susceptible to money laundering. The main money-laundering risk arises through the acceleration of an agreed repayment schedule.
Asset finance products, therefore, generally carry a low inherent money-laundering risk. An asset finance company will normally only accept payment of instalments from the customer named on the agreement, and in the case of overpayment will only make repayment to the customer named on the agreement.
All asset finance providers should carry out full credit searches on the businesses they transact with. Additional steps to verify identity will vary across the three markets, as set out below. Note that this may well go beyond what is required by the current money-laundering regulations, certainly in relation to low-risk areas which can now rely on simplified due diligence (SDD). However, these additional measures will still be important for fraud purposes.
As with any financial service activity, corporate finance business can be used to launder money.
Money-laundering activity through corporate finance will not usually involve the placement stage of money laundering, as the transaction will involve funds or assets already within the financial system. However, corporate finance could be involved in the layering or integration stages of money laundering. It could also involve the concealment, use and possession of criminal property and arrangements to do so, or terrorist funding.
The money-laundering risks associated with corporate finance relate to the transfer of assets between parties, in exchange for cash or other assets. The assets can take the form of securities or other corporate instruments.
Where there is less transparency over the ownership of the customer, for example, where ownership or control is vested in other entities such as trusts or special purpose vehicles (SPVs), or less of an industry profile or less independent means of verification of the customer, a firm should consider how this affects the ML/TF risk presented. It will, in certain circumstances, be appropriate to conduct additional due diligence, over and above the firm's standard evidence.
Firms have an obligation to verify the identity of all beneficial owners. They should also know and understand any associations the customer may have with other jurisdictions, and may also consider whether they should verify the identity of other owners or controllers.
Firms should maintain file notes setting out the basis on which they are able to confirm the structure and the identity of the customer and individuals concerned.
A key risk around trade finance business is that seemingly legitimate transactions and associated documents can be constructed simply to justify the movement of funds between parties, or to show a paper trail for non-existent or fraudulent goods. In particular, the level and type of documentation received by a firm is dictated principally by the applicant or instructing party, and, because of the diversity of documentation, firms may not be expert in many types of the documents received as a result of trade finance business when standard forms are not used.
Such a risk is probably greatest where the parties to an underlying commercial trade transaction are in league to disguise the true nature of a transaction. In such instances, methods used by criminals to transfer funds illegally range from over and under invoicing, to the presentation of false documents or spurious calls under default instruments. In more complex situations, for example where asset securitisation is used, trade receivables can be generated from fictitious parties or fabricated transactions (albeit the use of asset securitisation in trade finance is a very limited activity). The use of copy documents, particularly documents of title, should be discouraged.
The Financial Action Task Force (FATF), regulators and others have identified misuse of the trade system as one of the methods by which criminal organisations and terrorist financiers move money for the purpose of disguising its origins and integrating it into the legitimate economy. FATF typology studies indicate that criminal organisations and terrorist groups exploit vulnerabilities in the international trade system to move value for illegal purposes. Cases identified include: illicit trafficking in narcotic drugs; illicit trafficking in stolen or other goods; corruption and bribery; fraud; counterfeiting/piracy of products; and smuggling. More complicated schemes integrate these fraudulent practices into a complex web of transactions and movements of goods and money.
The FATF's June 2006 study notes that the basic techniques of trade-based money laundering include:
Generally, these techniques involve fraud by one party against another, but may also depend upon collusion between the seller and buyer, since the intended outcome of the trade is to obtain value in excess of what would be expected from an arm's length transaction, or to move funds from point A to point B without being detected or accounted for by the authorities. The collusion may arise, for example, because the parties are controlled by the same persons, or because the parties are attempting to evade taxes on some part of the transaction.
Where the nature of a transaction displays higher risk characteristics than normal business undertaken for the customer (instructing party), for example, the buyer falls into a higher risk category, then the firm should consider undertaking additional due diligence in line with its risk policies. Some of the checks firms could undertake (not all of which may be applicable or available in each case) include:
The enhanced due diligence should be designed to understand the nature of the transaction, the related trade cycle for the goods involved, the appropriateness of the transaction structure, the legitimacy of the payment flows and what control mechanisms exist.
The correspondent often has no direct relationship with the underlying parties to a transaction and is therefore not in a position to verify their identities. Correspondents often have limited information regarding the nature or purpose of the underlying transactions, particularly when processing electronic payments or clearing cheques. For these reasons, correspondent banking is, in the main, non-face-to-face business and must be regarded as high risk from a money-laundering and/or terrorist-financing perspective. Firms undertaking such business are required by the ML Regulations “to apply on a risk-sensitive basis enhanced customer due diligence measures”.
Correspondent banking relationships, if poorly controlled, can allow other financial service firms with inadequate AML/CFT systems and controls, and customers of those firms, direct access to international banking systems.
The following risk indicators should be considered both when initiating a relationship, and on a continuing basis thereafter, to determine the levels of risk-based due diligence that should be undertaken:
All correspondent banking relationships with respondents from non-EEA States must be subject to an appropriate level of due diligence, which, at a minimum, meets the requirements laid down in Regulation 14(3) of the ML Regulations and additionally will ensure that a correspondent is comfortable conducting business with/for a particular respondent (and hence its underlying customers) given the respondent's risk profile.
In assessing the level of due diligence to be carried out in respect of a particular respondent, the correspondent must consider:
Prior to establishing a new correspondent relationship, a person from senior management and independent from the officer sponsoring the relationship must approve the setting up of the respondent's account. For higher risk relationships, the correspondent's compliance (or MLRO) function should also satisfy itself that the risks are acceptable.
Correspondents are required by Regulation 14(3) of the ML Regulations to subject respondents from non-EEA States to enhanced customer due diligence, but should consider doing so whenever the respondent has been considered to present a greater money-laundering/terrorist-financing risk. The enhanced due diligence process should involve further consideration of the following elements designed to ensure that the correspondent has secured a greater level of understanding:
Traded products are usually traded on regulated markets, or between regulated parties, or with regulated parties acting as agent or principal. However, the characteristics of products, which facilitate the rapid and sometimes opaque transfer of ownership, the ability to change the nature of an asset and market mechanisms that potentially extend the audit trail, together with a diverse international customer base, have specific money-laundering risks that need to be addressed and managed appropriately.
One of the most significant risks associated with the wholesale markets and traded products is where a transaction involves payment in cash and/or third party payments.
Given the global flows of funds in the wholesale financial markets, it is important to recognise that although customers may remit funds from credit institutions, a firm could still be used to launder money. Traded products might, for example, be used as a means of changing assets rapidly into a different form, possibly using multiple brokers to disguise total wealth and ultimate origin of the funds or assets, or as savings and investment vehicles for money launderers and other criminals.
Firms dealing in traded products in the wholesale markets do not generally accept cash deposits or provide personal accounts that facilitate money transmission and/or third-party funding that is not related to specific underlying investment transactions. In the money markets, however, customers may request payments to third parties (e.g. FX payments to suppliers) and the associated ML risks need to be considered by the firm. There may also be third party funding of transactions in the commodities markets. Also, where a bank is lending funds to a customer to purchase a physical commodity and the customer hedges the risks associated with the transaction in the derivatives market through a broker, the bank may guarantee the payment of margin to that broker; this results in a flow of money between the broker and bank on the customer's behalf.
The extent to which certain products are subject to margin or option premium payment arrangements will affect the level of risk. The nature and form of any margin will need to be taken into account by the firm, through its risk-based approach, when identifying the customer and determining appropriate payment procedures.
OTC and exchange-based trading can also present very different money-laundering risk profiles. Exchanges that are regulated in equivalent jurisdictions, are transparent and have a central counterparty to clear trades can largely be seen as carrying a lower generic money-laundering risk. OTC business may, generally, be less well regulated and it is not possible to make the same generalisations concerning the money-laundering risk as with exchange-traded products. For example, trades that are executed as OTC but then are cleared centrally have a different risk profile to trades that are executed and settled OTC.
Therefore, from an AML/CFT perspective: