Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

CHAPTER 22
ONGOING MONITORING

22.1 THE IMPORTANCE OF ONGOING MONITORING

In Chapter 13 we discussed the Know Your Customer obligations which are one of the main money-laundering-deterrence measures that every firm is required to implement. Such due diligence enables a firm to really understand its clients and therefore potentially to identify that they are undertaking inappropriate activity. Such an identification requirement should apply regardless of locally implemented regulation. It serves not only to ensure that the firm meets the regulatory requirements, but also to ensure that the reputation of the firm is not impacted by involvement with individuals or organisations which are found to be inappropriate.

Undertaking primary investigation into the business intentions and credibility of a customer is fundamental when distinguishing between a legitimate business interest and a business that is, in fact, a facade used for furthering criminal intentions. However, initial identification work is only the starting point in the money-laundering and terrorist-financing monitoring process that a regulated firm is required to implement. The initial due diligence conducted needs subsequently and continually to be supplemented by appropriate and sensible ongoing continuous customer and transaction monitoring.

Any money launderer or terrorist financer will obviously have expected initial customer due diligence to have been carried out by a firm. Indeed, they would be aware if the nature of their relationship with the firm were such that the firm would be required to conduct enhanced due diligence. Accordingly, the money launderer or terrorist financer would have developed documents and solutions in order to comply with such local regulations as would be likely to be reflected in the firm's systems and controls. This would be conducted to avoid creating suspicion at this stage. It would ensure that the money launderer or terrorist financer would get past the initial stage of working with the regulated firm either to initially place or layer illegal proceeds. It is during the subsequent layering and integration phases where the firm probably has the best opportunity to identify inappropriate activity, and it is the work required to be conducted by the regulated firm at this stage that we refer to as ongoing monitoring.

If we consider a business case, a money launderer will often register what appears to be a legitimate business and will then initially conduct activity that is consistent with the firm's expectations for such a business. At this stage, the firm will not consider that the account is operating inappropriately and no likelihood of identifying a suspicion would take place. Subsequently, the money launderer will start to introduce illicit funds into the account, using small amounts at first and large amounts later. It is at this point where analysis of the behaviour of the customer is necessary. What the firm is seeking to identify is customer activity that appears inconsistent with the firm's understanding of the customer and the nature of business being conducted.

If the money launderer is careful, they should be capable of developing a pattern of activity that appears to be legitimate. However, they often get either careless or lazy, which enables their activity to be identified.

If ongoing customer activity is closely monitored, it is possible for a firm to highlight unusual patterns of activity, which can alert the firm to the possibility of the account being used for money laundering. However, for this to be done consistently normally requires the implementation of money-laundering-deterrence software which identifies trends in customer behaviour that appear to warrant additional investigation. Clearly, initial due diligence alone cannot adequately predict how a customer relationship will develop. Therefore, ongoing monitoring is required to supplement the initial due diligence and alert the firm to any suspicious circumstances or activity which may subsequently arise.

22.2 THE LINK TO CUSTOMER RELATIONSHIP MANAGEMENT

So, the objective of ongoing monitoring of the business relationship is to help identify unusual activity. There is a clear link to customer relationship management which needs to be explored. Customer relationship management has the objective of considering a customer relationship and identifying that a specific type and nature of customer would have a predilection to acquire certain products based upon historic experience. It is of benefit to a firm to highlight potential sales of additional products to existing customers, since customer relationship management would indicate that a customer with this specific profile would normally be expected to acquire the following products. Such targeted marketing is more likely to be effective than general marketing of all products to the general business community.

Clearly, the ongoing money-laundering-deterrence monitoring obligation is really just the inverse of this. It takes the normal nature of customer relationships, potentially parameterised, and identifies transactions which are unusual for this type of customer. What this means in practice is that software solutions and approaches that are used for customer relationship management may potentially also be used in their inverse to identify unusual patterns of customer activity that may represent inappropriate activity.

An effective financial-crime-deterrence monitoring system should flag up transactions and activities warranting further examination, based on a probabilistic assessment of the nature of the activity conducted. These reports should be reviewed promptly by the appropriate person, and necessary action must be taken in response to the findings, or further examination undertaken. All of this needs to be carefully recorded, documenting clearly the decisions taken, to meet local regulatory requirements.

22.3 WHAT DOES ONGOING MONITORING INVOLVE?

There is no single way in which such monitoring should be conducted, and approaches vary considerably. The ongoing monitoring will typically include:

Scrutiny of transactions undertaken throughout the course of the relationship (including, where necessary, the source of funds), to ensure that the transactions are consistent with the firm's knowledge of the customer, their business and risk profile.
Ensuring that the documents, data or information held by the firm are kept up to date, since without current information it will not be possible to identify what is currently expected for this customer.

However, the firm will be aware that in some parts of its business, up-to-date, verified customer information may not be available. This may be due to local considerations or requirements including the impact of data secrecy or protection requirements. Such cases should be identified by the firm and additional procedures implemented to provide the necessary level of protection. Again, marketing approaches may be used to update information, offering new products or services to existing customers while also updating static information.

Customer transactions will need to be monitored over different periods of time to identify trends within the activity. Such monitoring should be conducted both across the business cycle and within cycles. Where possible, it would be advantageous for transactions to be monitored in real time, where transactions are reviewed as they take place or are about to take place. This will enable prompt action to take place and the funds to be identified swiftly, and reported if required.

22.4 ENHANCED ONGOING MONITORING

Certain customer relationships and transactions will require ongoing monitoring as a result of their very nature. Circumstances which may attract such enhanced ongoing monitoring will typically include:

Specific types of transactions: This can include high-risk transactions, however defined by the firm itself or required by local regulatory requirements. These could include transactions that involve transfers of large amounts of funds, such as the acquisition or disposal of commercial property. Cross-currency transactions and cross-border transactions may also be highlighted for additional review where these do not appear in the normal course of business.
The profile of the customer: A customer may, by their nature, represent a particularly high risk in light of their personal background, for example, customers who are PEPs or businesses that have a large volume of cash transactions, for example casinos. Again, a customer that has not historically had significant cash transactions and then starts to increase the incidence of such activity should be identified and become subject to additional investigation. This may take the form of individual customer contact to see if there are additional services that the customer requires, resulting from the changing nature of the business activity.

Such analysis will need to be documented, since the customer contact will serve a dual purpose. There may well be additional services that are required by such a customer given the changing nature of their activity. However, during the communication with the customer, additional information will be received which may either allay any concerns or confirm that there is, indeed, a true suspicion that requires additional investigation and potential reporting to the appropriate authority.
The parties concerned: If a payment has been made to a person or business which appears on a sanctions list, this would clearly make the payee account high risk. As discussed, since sanctions do change, a customer may be identified for the first time when new sanctions are implemented and will then require action to be taken by the firm. This is further discussed in Chapter 10.
Comparison of the activity of the customer with the profile of a similar customer: Accounts of certain businesses may show income which is higher than is normally expected from a business in the same industry sector. A comparison of the level of profits made by a similar business in the same industry sector or trade may raise awareness to the possibility of money laundering. Major frauds may be identified when a customer has a percentage of a market or level of profitability that is inconsistent with a firm's understanding of the customer.
Unusual transactions: A transaction may appear abnormal due to its very nature. It might be of an abnormal size, for example larger than transactions that are normally conducted by this specific client or the market in general. On the other hand, it might be a transaction which is unusual by its nature, in that transactions of such a type are not normally conducted by this firm, or are not normally conducted by this type of business.

There can also be transactions that are unusual due to their frequency. For example, a firm may normally make five international payments a month. If this suddenly increases to 50 transactions a month, this should trigger initial concerns warranting additional investigation.
The nature of a series of transactions: The types of things that tend to give concern here include companies that appear to issue large volumes of credit notes or make regular invoicing adjustments. It is often only when a series of transactions is looked at in the collective that the unusual pattern of behaviour can be identified by a firm.
Geographic area: The destination or origin of payments may involve a high-risk country, such as one appearing towards the lower reaches of the Transparency International list shown in the appendix. Such countries may well be considered to represent an increased risk of inappropriate activity, and therefore accounts involving these countries will require a higher level of ongoing monitoring.
Product risk: Some products may represent higher than normal risk for an institution and therefore require enhanced monitoring. There is no prescriptive list of such products, but cash collection accounts and complex savings products could, for example, fall into this category.

It is always for the firm to identify what would be considered high risk in its specific circumstances. A type of business that would be considered normal for one type of firm could, for example, appear completely abnormal for another. If you consider an institution that works in a local area providing finance for property and taking deposits, then an overseas corporate account might appear unusual and therefore high risk. Indeed, for a local savings institution, a customer from outside its normal market, even within its own jurisdiction, could be considered as warranting additional monitoring and be identified as high risk.

Transactions that, for an internationally active bank, would be considered routine may be unusual for a bank without an international presence. Therefore, each firm needs to undertake some form of risk assessment to develop the criteria to be used to define what might be considered unusual, and then to implement such systems and controls as are necessary to ensure that such transactions are promptly identified and reviewed. One concern is where a local firm hires staff that have been working in an international bank, since they may not identify a customer or transaction as being high risk due to their familiarity with the nature of business conducted. It will be important that induction training for such employees ensures that adequate processes and procedures are consistently implemented by such hires.

Another area of higher risk is customers where there is no regular face-to-face contact. This can often be the position with firms that provide credit cards or internet banking services through some form of distance-selling process. If regular contact is expected, but does not occur, then this also could be a warning that the customer relationship represents a higher-than-expected risk. Again, the firm will seek to rely on systems-based controls to manage such risks, making greater use of external data sources as appropriate.

22.5 THE RISK OF DORMANT ACCOUNTS

One specific area that represents a particularly high risk is that of dormant accounts. A dormant account is one where there has been no customer transaction for a specific period of time. Charges posted to the account by the firm or interest payments would not serve to delay an account being classified by the firm as being dormant. There is no global rule as to what is considered dormant, and practice does vary considerably. However, an account that has no customer contacts for six months may be generally considered as being high risk for financial crime deterrence purposes.

In these cases, the key concern that the firm will typically have is that the account may be abused by employees of the firm, with funds being diverted for personal use in some way.

Any movement in a dormant account is likely to be a concern, and the maintenance of background information on dormant accounts may also prove useful. A clear definition of what might be considered as being dormant needs to have been implemented consistently by the firm. This should include looking for any form of approach that could be used by an employee to prevent an account from being classed as dormant.

The firm should also be aware of transactions that are entered into by staff which appear to have the sole objective of ensuring that the account is not classified as dormant. Such transactions will normally be in the form of some type of adjustment to the account, perhaps 10–15 days before the account would normally have been classified as becoming dormant.

A typical case was reported in November 2009 in the UK, when a former policeman and employee of a bank attempted to defraud the bank. The banker used his position to access funds from dormant or untraceable accounts, and the policeman then laundered it by pretending to be a high-flying businessman. They were caught by police after conducting a £1.1 million transaction.

This type of event highlights the problem, in that it is the staff of the firm that have the best idea of how to take advantage of the systems that are applied by the firm and therefore to exploit loopholes. Accordingly, enhanced due diligence on staff activity and their personal accounts may well also be considered appropriate.

Firms normally do apply some confidence to the fact that information on a customer account is sent to the customer. However, since there is no customer activity on a dormant account, the reliance that can normally be placed upon the customer monitoring their account cannot take place. The same type of enhanced risk can also exist for any account where the customer is distant from the bank or reliant upon a bank employee for the receipt of customer information.

Therefore, dormant and similar distant accounts which are recognised as being high risk, as well as customers who are considered high risk, may require enhanced monitoring to effectively deal with the high-risk nature of the business relationship.

22.6 WHAT TYPE OF ENHANCED MONITORING IS REQUIRED?

Monitoring customers and transactions need not necessarily be a complex and sophisticated process. The scope and complexity of a monitoring system must be determined by taking into account the firm's business activities and the size of the firm. While monitoring of transactions and customer activity can be done using either manual or automated systems, the use of software significantly assists the process.

Key elements of any monitoring system should include having up-to-date customer information, which will enable the firm to have the opportunity to spot the unusual, and ask pertinent questions to elicit an explanation or the reason for unusual transactions or activities. The aim for such a process is to be able to judge circumstances which may appear suspicious, leading to further investigation being conducted to identify or disprove a suspicion.

So, the next time your credit card does not work when you are in an overseas jurisdiction, do have some sympathy for the card issuer. It is implementing money-laundering and fraud-detection procedures which have the objective of protecting you.

22.7 AUTOMATED VS. MANUAL SYSTEMS OF MONITORING

A review of a transaction database by an employee can result in a manual report of transactions that need to be investigated, but it is very hard just from such a cursory review to identify unusual trends in individual accounts. Similarly, reports may also be generated based on analytical software applications on a standard periodic basis. The chosen system of monitoring will depend on the size and nature of the firm, as a firm that has major issues of volume may need to implement a more sophisticated automated system programmed to pick up certain factors which appear to make a transaction suspicious.

The automated transaction-monitoring systems available on the market use a variety of techniques to detect and report unusual/uncharacteristic activity. The techniques used range from artificial intelligence to simple rules. The nature of the systems available is further described in Chapter 26. Further investigation and analyses from the output from such systems may lead to a valid suspicion of money laundering. However, such systems may also be difficult to implement and maintain due to their reliance on customer reference and transaction data, and they may also have what is referred to as a high incidence of false positives. That is, the software identifies a large amount of activity that is actually legitimate business activity, wasting significant amounts of precious staff time.

There is a danger when using an automated system that customers and transactions are not monitored on a personalised basis, but on a standard, characterised basis. Consequently, some form of continued personal review to supplement such monitoring is still likely to be required.

22.8 ISSUES TO CONSIDER WHEN IMPLEMENTING A MONITORING SYSTEM

Automated and manual systems vary in the approach they take to monitoring customer transactions, as discussed above. Firms must essentially evaluate their own objectives, in terms of what they wish to achieve from their monitoring system in order to assess which systems best suit their business needs. The kind of questions which firms should address when selecting a monitoring system which meets their needs include the following:

How does the solution enable the firm to implement a risk-based approach to assessing the risk inherent in transactions conducted with customers and third parties?
How do the system's parameters assist with the risk-based approach and lead to a reasonable correlation between transaction alerts and the incidence of money laundering or terrorist financing?
What are the levels of investigation that the firm is capable of undertaking and will the system produce a high level of false positives which impact the deliverance of an effective programme of monitoring?
What are the different types of money laundering and terrorist financing that are addressed by the system and are these consistent with the activities conducted by the firm?
What are the data requirements of the system and has the firm recorded the data necessary to support the required analysis?

Firms can, of course, always use back-testing to see if money-laundering-detection software is effective. By looking at historic data within the firm, known cases of historic money laundering should be identified whereas transactions which are known to be legitimate should not be selected for additional review.

22.9 STAFF TRAINING

Apart from a computerised monitoring system which produces reports, firms should also recognise the importance of staff awareness, as discussed in Chapter 14. Providing adequate training to staff is a direct and cost-effective method of raising the importance of staff continuously monitoring customers and transactions.

The importance of employees' experience and intuition should also not be ignored. Such knowledge can add considerably to a firm's ability to meet its ongoing monitoring obligations, as a result of the following factors:

Staff intuition is important, as employees with experience are able to spot suspicious activity through their personal knowledge of the nature of the customer, identifying patterns and concerns which would go undetected with a computerised reporting method.
Customer-facing employees benefit from direct exposure to a customer face-to-face, so they are able to witness changes in the customer's physical behaviour which could give rise to suspicion.
Customer-facing employees also benefit from telephone conversations with customers, and will be able to analyse the tone of voice and language used by customers, which could potentially arouse suspicion.
They also have practical experience of dealing with previous customers with similar backgrounds, which enables such employees to recognise differences which may give rise to suspicion.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for CHAPTER 22: ONGOING MONITORING

Create new playlist

Sign In

Sign Up