In today’s ACFCS Fincrime Briefing, U.K. hands down record penalty against remitter in London MSB sweep, red hot compliance job market slows, salaries stagnate, FATF reviews AML laws, effectiveness in Greece, Iceland, Hong Kong, highlighting key common themes around the oversight of non-bank sectors and information sharing, and more.

Please enjoy this unlocked story, part of the many benefits of being an ACFCS member.

Want to talk about industry trends, story ideas or get published? Feel free to reach out to ACFCS Vice President of Content Brian Monroe at the email address above. Now, on to more sweet sweet content!

U.K. regulator hits money remitter with record penalty at nearly eight million pounds on AML risk assessment, training failings

A United Kingdom financial regulator Wednesday levied a record nearly eight-million pound penalty against a West London money remitter for a host of financial crime compliance failures, including lax customer scrutiny and related risk scoring, threadbare written and implemented policies and a trivial amount of training.

Her Majesty’s Revenue and Customs (HMRC) handed down the 7.8-million-pound fine against Touma Foreign Exchange Ltd for ignoring anti-money laundering (AML) regulations, which “could have left them at the mercy of criminals looking to wash dirty cash,” according to officials.

“Money laundering is the lifeblood of the illicit drugs trade, human trafficking and other serious crimes which bring harm and misery to communities across our country,” said Simon York, Director of HMRC’s Fraud Investigation Service. “It also supports economic crime which costs the UK billions of pounds every year.”

In the latest historic fine, the money remitter had a “wide range of serious failures under the Money Laundering Regulations.”

Examiners stated that between June 2017 and September 2018, the business breached rules in critical AML 101 areas, including:

• risk assessments and associated record-keeping
• policies, controls and procedures
• fundamental customer due diligence measures
• adequate staff training

As part of the penalty, HMRC in May banned Hassanien Touma from “any management roles at a business governed by anti-money laundering regulations” after he acted as an officer for the Money Services Business (MSB) and failing to take a required “fit and proper” vetting test to ensure he had the expertise for the role.  

The fine occurs as U.K. regulators and investigators engage in more aggressive AML compliance oversight tied to MSBs and, in particular, foreign money remitters engaging in transactions tied to risky regions, regimes or entities at a higher risk for financial crime, (via the U.K. HMRC).

Monroe’s Musings: This penalty and sweep is a long time coming. The U.K. in recent years has tried to strengthen its AML enforcement and penalties against banks – mostly foreign operations tied to risky regimes – but is finally centering is powerful regulatory and investigative lens of the non-bank sector: money services businesses (MSBs).

The U.K. has for decades been known as the regime that has “gold-plated” Financial Action Task (FATF) recommendations, with some of the strongest laws on the books. But as the 2000s waned and morphed into the 2010s, the U.K. lagged in terms of the overall number of penalties and sizes – even as U.S. regulators and investigators levied AML fines as high as $9 billion.

The U.K. has also taken considerable heat about laundering through real estate and the beneficial ownership blackholes in its crown dependencies and overseas territories – which strenuously and vociferously resisted efforts by the home country to break open corporate ownership bastions.

Not surprisingly, as the U.K. deals with its major fincrime and compliance vulnerabilities one by one, it had to deal with MSBs, in this case money remitters. The oversight and compliance – or lack thereof – of many MSBs is a problem the world over, including in the U.S., Europe and Asia.

I am expecting this to also come out as an issue in the Nordic and Baltic regions. You know why.

At issue with money remitters is that a money launderer can easily move from one remitter to the next and move large amounts of money – in many cases without even providing identification documents.

With criminals always choosing the path of least resistance, its clear why the U.K. had to address is MSB money remitter lapses head on with a hopefully dissuasive and statement-making action, education and more aggressive overall oversight.

Christie’s expert hunts for stolen millions in lawsuit against Bank of Valletta

An international hunt for millions in cash stolen from an art specialist in New York has found its way into a Maltese court, knocking on the door of auditor Joseph Sammut and his Libyan networks – and put pressure squarely an a bank’s customer due diligence and transaction scrutiny, foundational blocks of the anti-money laundering program.

Sammut, a one-time treasurer for the Labour Party, is already in court facing criminal charges of having set up fabricated companies to enable Libyan nationals to obtain residence permits. Many of these clients enjoyed the patronage of the Gaddafi family back in Libya. Indeed, Sammut even handled private finances for Muammar Gaddafi’s slain son Muatassim, with Bank of Valletta.

For years now, the internationally known specialist Pierre Amrouche, has been chasing €6 million in funds which disappeared from his company, and allegedly funneled into a Libyan venture that never existed.

Even here, Joseph Sammut’s clients – flaunting their Gaddafi connections – are at the heart of the accusations made by Amrouche, an international specialist for Christie’s in African and tribal arts.

Now the revered expert Amrouche is accusing Bank of Valletta of showing negligence in its due diligence when his manager Henri Baudet, used €6 million from a fund used for art transactions, to invest in a ‘Libyan project’ run by Belgian national Dirk Borgers and Tunisian national Maher Mellouli.

The cash eventually passed through BOV accounts held by a host of companies set up in Malta by Joe Sammut, for Mellouli.

Baudet has since been convicted by a Geneva court for breach of trust and forgery, receiving a suspended sentence of 24 months’ jail, as well as being ordered by a Maltese court to pay Amrouche €750,000 in cash processed via Maltese bank accounts.

The Mellouli companies in Malta include those already flagged by MaltaToday back in 2015, when Sammut started attracting considerable business from Gaddafi associates.

The companies Sealandair Energy, Aviacom, Gencon, Best Inter, and Mediterranean Oil have also come under the focus of Command Global Services, an American investigative firm once tasked by a Libyan magistrate to hunt down Libyan dictator Muammar Gaddafi’s hidden assets.

Amrouche’s lawyers believe the art expert’s millions were split amongst these companies for the personal use of Mellouli and the late Borgers, who promised huge profits to Baudet for a ‘Libyan project’ which had the interest of one of Gaddafi’s sons. The claims were false, (via Malta Today).

Monroe’s Musings: I found this story fascinating, which I why I chose to share it with ACFCS Members and highlight it for the rest of the financial crime and compliance communities.

Why? Because not only is this person’s quest a microcosm of how fraudsters and criminals move money, it’s also a microcosm of mismanaged risk management.

Banks the world over are under intense pressure to review and risk rate customers and transactions for potential ties to illicit entities. A person moving millions of dollars tied to an amorphous project in Syria should have raised red flags aplenty.

This failure has now brought legal, and potentially investigative and regulatory, scrutiny to this institution. Moreover, if it comes to light this bank has become a de facto choice for criminals and illicit funds from other risky regions – think Russia, China, and other fractious Middle Eastern regimes tangentially tied to terror groups – get ready to see some fireworks.

U.S. compliance job prospects and compensation review: ‘Challenging and stagnant’

A multi-year, massive investment and build-up of compliance staffing by financial firms has stalled in the United States as the financial crisis and the Dodd-Frank regulatory overhaul that fueled the surge fades into memory, according to recruiters, compliance professionals and hiring managers.

Regulatory Intelligence regularly speaks with several top compliance, legal, and risk recruiters about issues such as supply and demand of candidates, requirements for skills, experience and qualifications, and compensation trends. There is now a consensus that the sellers’ market for compliance talent has softened.

Post-financial crisis and the passage of the Dodd-Frank Act, compliance and risk hiring exploded on Wall Street while other areas such as trading and operations experienced deep cuts. As one recruiter put it, “if you had a pulse, you could find a job in compliance between 2012 and 2016.” This is no longer the case.

Relocation still very much a factor

At the same time as many traders have been replaced by computers through the advancements of algorithmic and computerized trading programs, operations and compliance positions have gradually been relocated to lower-cost locations rather than entirely eliminated. Firms have quietly moved compliance and other back and middle office functions to less costly locations.

As one recruiter put it, “all the compliance positions are now in Jacksonville, North Carolina, and Utah, or Poland or India.” Multiple other recruiters agreed, citing the fact that the same $100,000 to $150,000 salary goes much further in those locations from a standard of living perspective.

Compensation is ‘stagnant’

The typical compliance officer compensation and bonus has remained very flat for several years. This is likely a result of supply and demand, relocation mentioned above, and technology.

According to Alan Johnson with the compensation consultancy Johnson Associates, many will see their pay stay flat or possibly decline this year. Pay is under pressure because of increased competition and automation, according to a recent report published by the firm.

The Johnson Associates report is based on the firm’s work with 16 major banks and asset managers that are not named, Johnson told Regulatory Intelligence, adding that “the heyday of compliance and risk job growth and pay has waned.”

Compliance and risk have now been lumped in with other senior professional groups at firms.

“Therefore, if the pool is up or down, they will be up or down as well, to some degree,” Johnson said.

Still a spot at the table for compliance?

Johnson still sees a need for compliance.

“A good scandal, or a change in leadership in Washington such as the Democrats winning the White House and Senate will be a boon for compliance,” he said.

Virtually all of the individuals Regulatory Intelligence spoke with described the compliance job market as “challenging,” despite strengths in the overall economy, labor force, financial sector, and stock market.

As one individual put it, “it shouldn’t be this difficult when there is a bull market and full employment.”

Therefore, it’s safe to assume that other factors are having a significant impact on hiring and pay.

Specialized AML skills ‘essential,’ but now expected

Although several recruiters suggested Trump’s deregulatory agenda as a potential factor, others disputed that theory, saying new regulations in areas such as cybersecurity, privacy, cryptocurrencies, and financial technology are complex and far from “deregulatory.”

The skills necessary in different areas of compliance are unique.

Whether it’s surveillance, regulations and regulatory change, data analysis, financial crime, AML and KYC, or cyber security, all of the recruiters agreed that specialized skills and experience are essential. However, such skills are now expected and do not seem to necessarily be rewarded with greater job security or higher pay.

Another factor universally cited by the recruiters was the impact of technology on the industry, requiring new skills and potentially displacing people.

Learning a new language to land a job

Technical skills, or at a minimum technology understanding, are a must according to all of the recruiters.

In more junior positions, technology skills such as proficiency in VBA (Visual Basic for Applications, the programming skill within Excel and other Office programs to create a task-automation macros) and SQL (Structured Query Language, a special-purpose language designed for managing databases) are highly sought after, as they allow for the customization and creation of necessary reports.

Python, which is often used in machine learning, data science and cloud infrastructure also is in demand, (via JD Supra, Reuters Regulatory Intelligence).

Monroe’s Musings: Well, we all knew it couldn’t last forever.

Ya know, that red hot compliance job market that seemed to keep bubbling and frothing with ever more demand and soaring salaries.

Financial crime compliance, as important as we all see it, is and has always been a cost center. And when the Congressional, regulatory and investigative pressure starts to ebb – as it has under the administration’s push for fewer regulations and billion-dollar penalties becoming far less frequent – bank budget overlords start to tighten the purse strings and shrink staff.

Of course, as this story points out, that isn’t the only reason. Improvements in technology, AI and automation are trimming some of the lower-ranking, less-skilled AML jobs. Interestingly, the specializations so many compliance professionals have spent thousands of dollars on to master aren’t as shiny.

In fact, they are just another requirement to stay employed or get a foot in the door. So what does the future look like?

Fincrime compliance professionals may need to broaden their skillsets to become more malleable and indispensable to their current institution – and become attractive to future employers.

Think a human compliance Swiss army knife – able to swiftly, fluidly and confidently move between AML, fraud, corruption and cyber disciplines, leading teams, and knitting them together to improve investigations, close cases and create richer and more timely intelligence for law enforcement – the true desirous outcome of the current laser focus on efficiency, effectiveness and results.

In FATF reviews of Greece, Hong Kong and Iceland, threads of common weaknesses tied to information sharing, oversight of non-bank sectors

The Paris-based Financial Action Task Force (FATF), the worldwide standard-setter and evaluator of counter-crime compliance rules, has had a busy week, revealing an updated follow up review of Iceland and two full mutual evaluation reports of international flashpoint Hong Kong and Greece, which has been chastised by internal and external watchdog groups about laundering through real estate and other non-bank areas.

The three reports, while wildly different geographically, did have several common threads running through them, including difficulties coordinating and sharing information within the country’s various regulatory and investigative agencies and requesting and proffering details to and from foreign partners. FATF only truly lauded Greece on this issue.

In tandem, FATF evaluators dinged these jurisdictions in a bevy of areas related to designated non-bank financial entities, including money services businesses, real estate, attorneys, company formation agents and related groups.

In short, regional regulators have poor oversight of many non-bank groups, few enforcement actions and penalties – a deleterious dynamic begetting sectors that, while subject to formal AML obligations, filed few suspicious activity reports compared to their banking compatriots.

In its evaluation, FATF reviewers cited Hong Kong, in particular, for a lack of an extradition mechanism with mainland China, the very subject that has sparked weeks of fiery protests from residents fearful their roughly independent status could be deteriorating in the face of more aggressive enforcement against all forms of financial crime.

Here are some fincrime and compliance snapshots:

Iceland

Co-ordination in the context of anti-money laundering/counter-financing of terrorism AML/CFT is relatively recent and largely limited to preparation of the National Risk Assessment (NRA), a relatively recent requirement from FATF to force countries to get a sense of their own unique risks, responses and still-gaping gaps.

Although co-ordination has been discussed and may occur informally and on an ad hoc basis, there is not yet an overarching strategy or functioning mechanism to ensure domestic coordination at the ministerial level or among competent authorities.

This lack of co-ordination negatively affects Iceland’s entire AML/CFT regime.

Overall, money laundering (ML) has not been a priority for Icelandic authorities. The lack of resources allocated to identifying, investigating and prosecuting ML results in a lower level of effectiveness in pursuing ML.

There are several impediments to the effective use of financial intelligence by the country’s financial intelligence unit (FIU) and law enforcement agencies, more generally, including:

• Limited STR filing outside of the main commercial banks and payment institutions.
• Lack of information sharing among competent authorities in relation to cross-border movement of currency and assets.
• Lack of access to updated and accurate information on NPOs and beneficial ownership information.

To read the full release and follow up report on Iceland, click here.

Hong Kong, China

Overall Hong Kong, China has a sound regime to fight money laundering and terrorist financing that is delivering good results, but it must do more to enhance prosecution of money laundering involving crimes committed abroad and strengthen supervision of certain non-financial businesses.

While Hong Kong has a relatively low domestic crime rate, it faces a significant risk of attracting those who seek to launder the proceeds of crimes such as corruption and tax evasion, including those attempting to secret funds out of China, which has strict currency movement restrictions.

As well, some smaller institutions, non-financial businesses and their supervisors do not always understand these risks, or how to mitigate them.

Authorities, on the whole, respond effectively to the large number of requests for cooperation from foreign counterparts, but that has become a one-way street.

However, given the jurisdiction’s position as an international financial centre, and the risks it faces from crimes committed abroad, it is not making sufficient outgoing requests for cooperation. Authorities could focus more on prosecuting the laundering of proceeds from foreign offences.

To read the full release and report on Hong Kong, click here.

Greece 

Greece has worked to form the foundations for dissuasive and effective action against money laundering and terrorist financing.

However, it needs to improve prosecution of these crimes and focus more on the risks that face the non-financial sector, in particular improving the oversight of money services businesses that can move illicit assets abroad.

Part of the issue is that Greece only recently completed its first ever comprehensive national assessment of money laundering and terrorist financing risks in 2018.

At the forefront of the financial crime risks the country faces is the lucrative drug trade, creating streams of dirty funds. Other risks include corruption and smuggling of migrants. The country’s terrorist financing risks come primarily from domestic terrorist groups.

To its credit, Greece has a particularly strong legal framework to counter these crimes, with relatively minor improvement needed on the technical compliance side of the equation, such as laws on the books.

Authorities work together effectively, making good use of financial intelligence. Greece is effectively using tools to disrupt terrorist financing, and seize and freeze criminals’ assets but delays can prevent effective money laundering prosecution.

Greece should also prioritize the investigation and prosecution of money laundering as a standalone offence.

Greece authorities actively co-operate with foreign counterparts to both share information and to build their own cases for investigation.

The Greek banking sector understands its potential exposure to crime, but is currently faced with a dearth of detailed guidance on the laundering risks tied to lawyers, tax advisors and other non-financial entities.

Supervision of this sector is often inconsistent, including the sanctioning of entities that fail to implement the required measures to prevent criminals and terrorists from using their services.

Greek investigators have access to a database of up-to-date beneficial ownership information of legal persons as well as other databases.

However, it is difficult to obtain timely and accurate ownership information concerning the Greek shipping industry, which frequently uses higher risk bearer shares and complex structures involving offshore locations.

To read the full release and report on Greece, click here, (via FATF).

Monroe’s Musings: These reports are required reading for financial crime compliance professionals.

That’s because what FATF cites as progress helps define country risks for bank compliance teams and the areas in a region they ding for AML compliance and fincrime failings become major country regulatory focal points – initiatives that always filter down to what banks are required to do on the ground in terms of AML expectations.