In today’s ACFCS Fincrime Briefing, global watchdog FATF issues new call in beneficial ownership battle, U.K. legal watchdog cites solicitor sector for weak AML practices, Swedish regulator, prosecutors to probe Swedbank, raising new fears of penalties, and more.

Please enjoy this unlocked story, part of the many benefits of being an ACFCS member.

Want to talk about industry trends, story ideas or get published? Feel free to reach out to ACFCS Vice President of Content Brian Monroe at the email address above. Now, on to more sweet sweet content!

FATF calls on countries to take multi-pronged approach to cracking open, sharing, updating beneficial ownership details in bid to boost transparency

Countries looking to counter one of criminals’ greatest assets – anonymous, opaque corporate shell companies – should establish systems that use one or more different methods to identify the beneficial ownership of an entity, a global anti-money-laundering watchdog said in a new report.

The Financial Action Task Force (FATF), an intergovernmental body that sets standards for combating money laundering and terrorist financing, said countries relying on a single approach are less effective in obtaining accurate and timely information about the ownership of an entity, just the latest in a series of analyses and reports on how to tackle the scourge of impenetrable, illusory corporate ownership structures.

The Paris-based international body, which this week published a paper recommending best practices for designing and implementing measures that address the transparency of beneficial ownership, first set standards on the issue in 2003 and later published step-by-step guidance in 2014.

The beneficial ownership refers to the ultimate owner of the entity, which includes companies, foundations and associations. FATF requires member countries to take steps to prevent entities from being used for criminal purposes, such as money laundering and terrorist financing, and to ensure the beneficial information can be obtained or accessed quickly by the authorities.

FATF said its members have found it challenging to implement and meet the existing standards.

Some common challenges include inadequate ways that ensure authorities could access the information in a timely matter and a lack of effective and proportionate fines on companies that fail to provide accurate information on beneficial ownership.

FATF recommended countries implement one or more mechanisms to meet its standards.

That could include using existing sources of information, such as those derived from financial institutions and from registries of property; and requiring company registries to keep up-to-date information on beneficial ownership; as well as obliging companies themselves to obtain information on shareholders or members, according to the report.

“The variety and availability of sources increases transparency and access to information, and helps mitigate accuracy problems with particular sources,” FATF said in the report, which also provides some cases and examples of best practices.

The paper comes as U.S. lawmakers look to address shell-company ownership transparency. Some limited-liability companies, often referred to as shell companies, are registered in the U.S. under the names of representatives who neither own nor operate those companies.

In recent weeks, the U.S. House of Representatives passed a bill that requires shell companies to disclose their true owners in an effort to crack down on money laundering and other crimes. It is unclear if the bill will pass the Senate, where a similar bill is being discussed.

The House bill requires most limited-liability companies and corporations report to the U.S. government the names of anyone with a significant financial stake or control over operations, (via FATF). To read more analysis from the WSJ, click here.

Monroe’s Musings: These FATF reports really are required reading for AML compliance officers, law enforcement, regulators and NGO watchdog groups.

Globally, FATF’s message on the dangers of hollow shell companies have been taken to heart.

Regions including the European Union, United Kingdom and other jurisdictions have changed laws to require that company formation agents, attorneys and other gatekeepers capture the details of corporates and provide them to the government to be kept in a public database.

One of the few large countries to be openly flouting this movement toward corporate transparency is the United States, though that could be changing with the recent bill on this issue finally leaving the House – after years of getting stuck in committee, even with broad bi-partisan support.

This movement toward transparency has direct import for bank AML compliance teams. The more information on corporates they have, the better AML teams can risk assess that company, and even individuals at that operation.

If data is the lifeblood of the AML program, and regulators want to see banks more broadly tinkering with innovation, being able to capture critical details to better risk assess clients and corporates could yield more precise risk assessments at the front end and more timely suspicious activity reports for law enforcement overall.

U.K. regulatory review of solicitors uncovers that fifth of law firms fail AML compliance

Story snapshot:

• Fifth of firms reviewed don’t have required firm risk assessment
• 7,000 firms will be checked for compliance
• New annual Risk Outlook highlights 172 money laundering investigations this year

The United Kingdom’s chief regulatory body over the legal sector has uncovered extensive failings tied to the financial crime compliance practices for attorneys, also called solicitors, noting that a fifth of firms scrutinized failed in a core program area: risk assessments.  

The U.K. Solicitors Regulation Authority (SRA) sent 400 firms queries in March to gauge compliance with updated 2017 Money Laundering Regulations, getting responses from every operation.

But that is where compliance roughly ended.

In the responses, the SRA noted broad failings in these firms’ anti-money laundering (AML) programs in several areas, including:

• Of the 400, 21 percent, were deemed not compliance with AML obligations.
• At the same time, 43 percent did not address all required AML risk areas.
• Similarly, 40 percent, didn’t understand they needed to do a firm-wide AML risk assessment, instead sending over individual risk assessments tied to a client or matter.

Part and parcel of the issue is that these law firms were attempting to use boilerplate AML compliance templates for compliance programs and risk assessments that should have been tailored to their own unique risk profile, according to the SRA.

In its review, SRA staff highlighted that the majority of firms, 64 percent, were using templates.

As a result, these firms’ risk assessments were “generally of lower quality,” the SRA stated. “Templates can be helpful, but too many firms appeared to take a ‘copy and paste’ approach, without thinking through the specific risks and issues faced by their firm.”

It also appeared that many law firms simply created the AML risk assessment recently because they knew a regulator was knocking at the door.

SRA officials were also concerned that many of the risk assessments, 135 of them equating to 38 percent, were dated recently.

“Although this could reflect an update of an earlier assessment, this suggests some firms may have only created one in response to our request and therefore some firms may not have an existing risk assessment,” according to the SRA.

In a bid to nudge firms into compliance, the SRA has released an updated warning notice, while also providing additional support, including guidance, checklists and a suggested template, that “reflects the learning from firms’ template submissions to the review exercise.”

The regulatory is warning that that first fusillade to strengthen AML compliance won’t be the last.

“We are engaging with firms to make sure they comply promptly,” the group said. “If they do not, they will face enforcement action.”

Fearing broader compliance failures across the legal sector, the SRA is currently requesting AML details from more than 7,000 firms, again focusing on their counter-criminal risk assessment, with further plans to carry out an extensive program of “targeted, in-depth visits to firms and calling in more firms’ risk assessments, ” (via the U.K. SRA).

Monroe’s Musings: I have been covering financial crime and compliance for more than 13 years, and I have been hearing – for about that time – that solicitors, company formation agents, real estate professionals and other gatekeepers in the United Kingdom have been giving short shrift to AML programs.

This is not a surprise to anyone. Why? When you consider that in certain parts of the world, including the United States and Canada, lawyers have successfully lobbied against formal AML rules clamped onto their profession.

The argument? That having to potentially send a suspicious activity report (SAR) against a client to the government would be a breach of attorney client privilege.

In essence, if you are in the midst of, say, a money laundering case defending a client against these charges and fighting government prosecutors, you just might hurt your defense if you file a report to the government that your client might be money laundering.

But while attorneys, lawyers, solicitors – whatever you may call them – and other gatekeepers have historically engaged AML obligations kicking and screaming, as noted by the SRA report, it’s good news the regulator has identified key vulnerabilities and trends and has a plan to bolster enforcement, oversight and, potentially, penalties.

Swedbank facing higher risks of penalties in Sweden as country fincrime watchdog announces formal investigation, weighs sanctions  

Embattled Swedbank AB faces an increased risk of fines amid allegations its Baltic operations may have handled more than $100 billion in potentially suspicious funds, the lender’s regulator said, just days after it confirmed separate probes by U.S. and EU authorities.

Sweden’s financial watchdog, the FSA, gave its strongest indication yet that there’s evidence of serious wrongdoing at Sweden’s oldest bank and biggest mortgage lender. Its findings to date show there could be grounds for sanctions, which under Swedish law can mean fines of up to 10 percent of a bank’s total annual income.

In Estonia, state prosecutors also said on Tuesday they had launched a separate criminal inquiry into the country’s largest lender in July.

The Swedbank case exploded earlier this year after the bank was forced to cease months of misstatements and acknowledge its involvement in the $220 billion Danske Bank A/S laundering scandal.

The development cost Chief Executive Officer Birgitte Bonnesen her job in March, and Swedbank said last week it’s now being investigated by multiple authorities in the U.S. On Monday, fresh allegations were leveled against the bank suggesting it may have breached European Union sanctions.

Shares in Swedbank fell more than 4% in Stockholm, pushing the bank to the bottom of the Bloomberg index of European financial stocks on Tuesday morning. Swedbank’s market value has slumped more than 30% this year.

Estonian prosecutors said they were investigating Swedbank for potential money laundering in 2011-2017 and presenting false information to financial supervisors.

They had previously said they were collecting information on Swedbank as part of a criminal investigation into Danske Bank A/S, which was ordered to leave the Baltic country earlier this year.

Though Tuesday’s development underscores the likelihood of Swedish fines, “the greater risk for Swedbank is of course still the U.S. authorities that are investigating the money-laundering scandal,” said Joacim Olsson, the CEO of the Swedish Shareholders’ Association. Those investigations may drag on for years, the bank said last week.

In statements on Tuesday, the Financial Supervisory Authorities of Sweden and Estonia both said their findings to date may result in sanctions. The FSA in Tallinn said it decided to escalate its probe after finding “evidence of a misdemeanor.”

The Swedish FSA, whose director recused himself earlier this year due to his ties to a former Swedbank board member, said it’s now found “sufficient grounds for assessing whether the deficiencies and weaknesses observed during the investigation should lead to a sanction or if the investigation should be closed in another manner.”

The regulator said it will now continue to analyze the circumstances in the matter as well as legal issues until the next step in the sanction process.

The FSA plans to announce its findings at the beginning of next year. A probe into the same matter at SEB AB is still ongoing, it said, (via Swedbank). To read more analysis from Bloomberg, click here.

Monroe’s Musings: In recent months, three top executives at the Estonian branch of Swedbank AB, including a one-time candidate for central bank governor, have been jettisoned amid an ongoing investigation into a vast money-laundering scandal involving hundreds of billions of dollars from Russia and other risky regions.

These funds came to Swedbank after moving through the Estonian branch of Danske Bank – revelations that have sparked accusations, recriminations and remediations at a bevy of EU banking groups and member state regulatory bodies.  

As a result, Swedbank confirmed in its third quarter filing released last week that it is being investigated for its possible involvement in the Danske saga with formal probes by supervisory authorities in Sweden and Estonia, the Latvian police department for combating economic crime (LECED) and the European Central Bank (ECB).

As well, the Swedish Economic Crime Authority is investigating whether employees of the bank “violated communication laws related to money laundering.”

In tandem, a “number of US authorities are also currently investigating Swedbank. These investigations may take years to conclude,” according to the report.

In short, what is happening at Swedbank, Danske Bank and other EU banks in the hotseat right now should be analyzed aggressively by financial crime compliance teams at large global banks with operations in the EU, Baltic or Nordic regions – lest they find themselves in the same precarious predicaments.

EY: Gold, drug money and a major auditor’s ‘cover-up,’ – special BBC report

A major accountancy firm allegedly covered up evidence of smuggling by an organized crime gang that was laundering British drug money, according to a media investigation.

EY failed to report suspicious activity at one of the world’s largest gold refineries and then altered a compliance report to hide the crime.

BBC Panorama found the gang laundered money by selling 3.6 tons of gold to the Kaloti refinery in Dubai. Both EY and Kaloti deny any wrongdoing.

Twenty-seven members of the money laundering gang were jailed in France in 2017.

The gang had collected cash from drug dealers in the UK and other European countries. They then laundered the dirty money by buying and selling black market gold.

Documents seen by Panorama and French news agency Premieres Lignes show that Renade International – a company owned by a member of the money laundering gang – sold $146m (£114m) of gold to Kaloti in 2012 alone.

The following year the accountancy firm EY, formerly known as Ernst and Young, had been asked to conduct a review of Kaloti’s compliance with rules designed to keep gold from illegitimate sources out of the global supply chain.

Smuggled gold

The auditors discovered that Kaloti had paid out a total of $5.2bn (£4bn) in cash in 2012, but EY didn’t report suspicious activity to the money laundering authorities.

EY also helped to cover up a crime – the export to Dubai of gold bars that had been disguised as silver to avoid export limits on gold.

The audit team had been shown what appeared to be bars of silver from Morocco, but scratching the surface revealed they were really gold bars coated silver.

The BBC and Premieres Lignes have now discovered the smuggled gold was owned by the money laundering gang’s company, Renade International.

Amjad Rihan was the lead auditor for EY in Dubai in 2013 and he says he wanted to report the suspicious activity at the time. But he says his bosses watered down reports and told him not to tell the authorities.

“If you identify a suspicious transaction you should report it to the authorities and what we identified was way beyond suspicion. Instead of reporting the crimes that I told them about, my bosses just covered them up,” he said.

EY did not just fail to report the crime – it helped to cover it up too.

Panorama has seen a number of drafts of a compliance report to a Dubai regulator. In the initial report, Kaloti seems to admit buying gold coated with silver. It says: “We acknowledge an incident… with the bars coated with silver.”

Suspicious activity

But EY rewrote the report so that it said: “We acknowledge transactions… in which there were certain documentary irregularities.”

The accountancy firm turned the crime into a “documentary irregularity”.

EY declined to comment about the rewriting of the report but said it was confident that all legal and reporting obligations had been complied with. The company said it had delivered its findings to the relevant regulator in Dubai.

The company said: “It was the work of EY Dubai that brought to light Kaloti’s non-compliance with the applicable regulations and ultimately resulted in the remediation of the issues.

“More recently, and many years after these events, Mr Rihan has raised certain unfounded allegations in a legal claim which is being vigorously defended.”

Under the Proceeds of Crime Act, accountants have a legal duty to report any suspicious activity to the police.

In its legal dispute with Mr Rihan, EY admits that the disguised gold “provided reasonable grounds for knowing or suspecting… money laundering.”

‘Appropriate checks’

But the accountancy firm claims it did not have to report this to the police because its auditors were not doing accountancy work at Kaloti.

Kaloti said that it had conducted all appropriate anti-money laundering checks.

“Kaloti would not knowingly enter into a trading relationship with any party in the knowledge that such party had been engaged in financial impropriety or criminal activity of any kind.

“It is categorically denied that Kaloti purchased gold coated in silver from Renade, or anyone else for that matter.”

The company said that cash payments were common in Dubai, but it no longer buys gold for cash, (via the BBC).

Monroe’s Musings: These allegations, if proven true, are difficult to fathom. This, and other Big Four accounting firms stake their reputations on ensuring something like this does not happen.

But it also reminds me of an instance in the AML arena when a consultant at a large auditing firm was accused of doctoring a compliance report to make the client look a little bit better.

After a lengthy investigation, the individual and audit firm were the subject of regulatory sanctions and penalties – and even a ban from working in one of the busiest places on earth for a consultant.

The issue: at any large company, no matter the stated standards, compliance training and even caterwauling on a call to stronger ethical norms, there are always going to be people who flout the rules for their own gain.

One of the few solutions is also having a strong whistleblower culture so that employees can hopefully identify and stop a colleague from breaking bad before it results in a massive company scandal.

One of the biggest blind spots for a compliance officer is the thoughts in an individual’s head when they choose to scheme ways around compliance defenses – and that vulnerability will never change.