Financial Crime Wave – AI, blockchain and AML unite, U.S. fintech update, Danske Bank, and more
Thursday, August 2, 2018
Posted by: Brian Monroe
By Brian Monroe
August 3, 2018
In this week’s Financial Crime Wave, a look at how artificial intelligence, the blockchain and anti-money laundering can unite to save the world, the U.S. Treasury releases long-awaited guidance, support for fintech space, with a side of cybersecurity, Danske Bank’s compliance struggles land it before Parliament, and more.
Turning KYC into a Strategic Advantage through tactical use of blockchain, AI: analysis
In the complex context of crafting anti-money laundering (AML) programs, know-your-customer (KYC) provisions are more important in 2018 than ever before, as they from the foundation of the overall counter-crime framework. Several business trends are driving the push for businesses of all sizes to crack down on illegal activities – or face penalties potentially into the billions of dollars. But as the need for KYC rises, so do the costs. In fact, the average bank spends $56 million a year on KYC compliance, according to a Thomson Reuters survey. And these costs aren’t likely to drop anytime soon as they are also inextricably intertwined and typically form the numeric foundation of the AML customer risk assessment, which itself then links to the tuning of the transaction monitoring system. So how can companies of all sizes comply with regulations while also creating a quality user experience? Blockchain may be the answer.
The distributed ledger of the blockchain boosts businesses’ ability to comply with KYC/AML on several fronts. First, it breaks down many of the current silos in larger organizations, allowing data to be shared concurrently with all parties. “Any updates and changes in a client’s status or a potential scam or fraudulent transaction could be communicated and updated in near real-time,” says Breana Patel in Finextra. Next, the blockchain can make identity verification and management much easier. Blockchain startup KYC-Chain, for instance, has developed compliance software that helps businesses meet the highest compliance regulatory standards with minimum effort. In addition, through its not-for-profit arm, the SelfKey Foundation, it’s working on an identity wallet to help consumers securely manage their identities and easily apply for financial services. KYC-Chain and SelfKey allow companies to comply with KYC/AML, counter-terrorism financing and data protection laws, and to onboard new customers with more efficiency, while individuals can preserve control of their own identity, (via Coin Announcer).
Ring plundered $1.2 billion of Venezuelan oil money, laundered it in South Florida, feds charge
A web of former Venezuelan officials and businessmen was charged in Miami recently with operating a massive $1.2 billion international money-laundering racket funded with stolen government money that was invested in South Florida real estate and other assets. The defendants are accused of embezzling funds from Venezuela’s vast oil income and exploiting its foreign-currency exchange system to amass illegal fortunes in the United States and other countries, according to a federal criminal complaint. The complaint describes a Venezuelan government culture in which officials, politicians and businessmen connected to President Nicolás Maduro and his predecessor, the late Hugo Chávez, have plundered the national oil company, PDVSA, to enrich themselves while impoverishing the South American country.
The complaint names eight defendants and lists nine unidentified co-conspirators. Among them is a German national arrested recently at Miami International Airport who manages “banking” activities for numerous Venezuelan officials and kleptocrats. Matthias Krull, 44, a Panamanian resident who also worked as a banker in Switzerland, made his first appearance in Miami federal court just weeks ago. Another defendant, Gustavo Adolfo Hernandez Frieri, 45, a Colombian-born naturalized U.S. citizen, was arrested in Italy during this time and is expected to be extradited. He is accused in the complaint of using his Miami financial firms, Global Security Advisors and Global Strategic Investments, to launder money with false mutual-fund investments, (via the Miami Herald).
Nearly half of Australian companies hit by cybercrime, as organized criminal groups get more aggressive, hackers more sophisticated, PwC global survey reveals
Australian companies are being ripped off more than ever by customers, suppliers and cyber-hackers using the dark web backed by organized crime. Advisory firm PwC revealed that customer fraud was now the number one economic crime in Australia, with 45 per cent of companies surveyed attacked during the past two years.
PwC's global economic crime survey, out today, warned businesses that organized crime syndicates using the dark web were becoming more sophisticated and now used new technologies to fake documents and IDs to infiltrate and rob organizations. PwC's cyber markets leader Steve Ingram told AM 60 per cent of economic crime in Australia was committed by a "frenemy" who comes in the guise of employee, customer or supplier, (via ABC).
New cyberattack tactic from Asia: State Governments warned of malware-laden CDs being sent by snail mail from China
Here’s a timely reminder that email isn’t the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned, highlighting the unending creativity of scammers looking to infect U.S. public and private systems. This particular ruse, while crude and simplistic, preys on the curiosity of recipients who may be enticed into popping the CD into a computer. According to a non-public alert shared with state and local government agencies by the Multi-State Information Sharing and Analysis Center (MS-ISAC), the scam arrives in a Chinese postmarked envelope and includes a “confusingly worded typed letter with occasional Chinese characters.”
The MS-ISAC said preliminary analysis of the CDs indicate they contain Mandarin language Microsoft Word (.doc) files, some of which include malicious Visual Basic scripts. So far, State Archives, State Historical Societies, and a State Department of Cultural Affairs have all received letters addressed specifically to them, the MS-ISAC says. Nevertheless, attacks like this are a reminder that cybercrime can take many forms. The first of Krebs’s 3 Basic Rules for Online Safety — “If you didn’t go looking for it don’t install it” — applies just as well here: If you didn’t go looking for it, don’t insert it or open it, (via Krebs on Security).
Florida under the federal microscope for laundering through trade
When it comes to trade-based money laundering, South Florida is in the bull’s eye, with its mix of location, infrastructure and wealth of high-end real locales, (via Daily Business Review).
A look at tactics to keep training on track for persnickety third parties
Tips on developing an effective third-party compliance training program, including how to keep things relevant, relatable and accountable, (via HRDive).
Top bank CCO takes head compliance post at crypto firm
Former Pershing CCO Jeff Horowitz Joins Coinbase as CCO, in major boost to sector’s financial crime compliance perceptions and commitment to counter fraud, (via Coin Telegraph).
The great virtual value debate: How do you classify cryptocurrencies – coins, tokens and securitized tokens, oh my!
One of the most contentious debates in the cryptocurrency world surrounds classification of blockchain-based digital assets, tokens and cryptocurrencies. With more than 1,650 cryptocurrencies or tokens trading in the public domain, it is important to understand their nuanced differences. Here are some tips:
· Cryptocurrency: Dominating this conversation in the United States is whether specific coins are securities, and secondly, if a utility token can exist. Recently, the SEC shed some light by declaring both Bitcoin and Ethereum non-securities as there is no expectation of equity.
· Tokens: The original intent behind Ethereum was that it supported smart contracts by using their blockchain token called Ether or ETH. In this case, a token stands as a digitized tool to perform a service, similar to those physical token coins used in some video game arcades or laundromats.
· Crowd funding: In this digitized version, the Ethereum platform was intended to perform a service and store more complex, automated, yet immutable code on their blockchain. What complicates this is that many start-up tech companies are using Initial Coin Offerings (ICOs) on the Ethereum platform to launch crowd-funding campaigns and raising money, to some acting like securities, or stocks.
· Tokenized Securities: Now, a hybrid product that is emerging quickly is the tokenized security. The primary difference with this model is that the issuer is offering shares or portions of ownership of the company. There is also a belief that these types of securities will eventually adhere to SEC regulation, which is yet to be determined.
What drives the regulatory discussion is a 1946 Supreme Court ruling now called the Howey Test, which determines if something is a security or not. The tenets of the Howey Test are: invested money, profit expectations, a common enterprise, profits from a third-party promoter. For a token to be considered a security, each of the above must be true, (via Reuters).
DOJ fines Wells more than $2 billion for role in mortgage crisis, lying about stability of securities
The Justice Department announced today that Wells Fargo Bank, N.A. and several of its affiliates will pay a civil penalty of $2.09 billion based on the bank’s alleged origination and sale of residential mortgage loans that it knew contained misstated income information, just the latest in a long list of domestic and foreign banks to pay similar mammoth fines related to activities that led to a mortgage meltdown and economic recession. Investors, including federally insured financial institutions, suffered billions of dollars in losses from investing in these products containing loans originated by the bank, (via DOJ).
Swiss courts battling French authorities over UBS tax row fishing expedition
A Swiss court has blocked the country’s tax authorities from helping their French counterparts access UBS client information, ruling the existence of bank accounts in Switzerland belonging to French residents wasn’t enough to suggest potential tax avoidance.
The Swiss Federal Administrative Court sided with UBS Switzerland AG Monday in the bank’s challenge to a February decision from Switzerland’s Federal Tax Administration to help the French tax authorities access information related to thousands of bank accounts belonging to French residents, (via Law 360).
Federal authorities seize FlawlessEscorts.com, arrest operators on prostitution, money laundering charges
The operators of FlawlessEscorts.com were arrested and their website seized, federal authorities said today. Brandon Martin and Tameko Lindo were charged with money laundering and conspiracy to commit money laundering in connection with their ownership and operation of FlawlessEscorts, an online business offering prostitution services. “In just under four years, these defendants are alleged to have secured more than 3,000 hotel bookings to use in the furtherance of their prostitution scheme,” said Angel Melendez, a special agent with the Homeland Security Investigations in New York.
The site operators allegedly required escorts to deposit the proceeds of their commercial sex acts into a number of corporate and personal bank accounts that they controlled. They allegedly “used the proceeds of the prostitution scheme for personal gain and to further their illegal prostitution business," he said. "They paid, for example, over $180,000 from bank accounts under their control to advertise for the website and to pay expenses of individual escorts,” (via Reason).
World anti-trafficking brings attention to growing threat
UNODC marks world day against human trafficking, urges to better protect children and young people, with financial institutions and their AML teams at the forefront of the vanguard, (via UNODC).
New Enforcement Structure at FINRA, SRO calling for increased ‘Fintech’ Commentary
Finra asks advisers to share their insights about “fintech innovation in the broker/dealer industry,” while also unveiling a new structure for its enforcement staff, as it retools to improve effectiveness, strengthen anti-money laundering and other counter-fraud programs and better address criminal abuse patterns, particularly in the penny stock space, (via the Plan Advisor).
U.S. Treasury releases long-awaited fintech report, calls for national charter, security breach system, innovation sandbox
The U.S. Treasury today released a report identifying improvements to the regulatory landscape that will better support nonbank financial institutions, embrace financial technology, also called the fintech space, and foster broader innovation in terms of financial services, anti-money laundering compliance and cybersecurity. The sprawling, 222-page report touches multiple times on anti-money laundering (AML) programs, chiefly related to how machine learning and artificial intelligence (AI) could improve transaction monitoring surveillance to more quickly sniff out potential money laundering, frauds and illicit schemes – and strengthen and streamline regulatory exams.
“Machine learning may additionally be used to help reduce fraud and conduct surveillance for money-laundering and other illicit financing risks,” according to the report. “Financial regulators are also beginning to employ machine learning to enhance their own analysis and understanding of economic and financial markets.” The recommendations in the report can be summarized in four main categories:
· Adapting regulatory approaches to changes in the aggregation, sharing, and use of consumer financial data, and to support the development of key competitive technologies;
· Aligning the regulatory framework to combat unnecessary regulatory fragmentation, and account for new business models enabled by financial technologies;
· Updating activity-specific regulations across a range of products and services offered by nonbank financial institutions, many of which have become outdated in light of technological advances; and
· Advocating an approach to regulation that enables responsible experimentation in the financial sector, improves regulatory agility, and advances American interests abroad.
One of the most controversial pieces of the report comes as the Treasury clearly backed the Office of the Comptroller of the Currency’s special purpose “fintech” charter, which caused friction and even lawsuits at the state levels – particularly in New York. “At the federal level, Treasury encourages the Office of the Comptroller of the Currency to further develop its special purpose national bank charter, previously announced in December 2016,” according to the report, (via the U.S. Treasury). To view a shorter fact sheet, click here.
Expanding Danske Bank money laundering case to be discussed in Estonia's parliament
Estonia’s parliament held an extraordinary meeting on Tuesday to discuss a money laundering case involving Danske Bank, a week after authorities received a criminal complaint against the bank from Kremlin critic Bill Browder. Shares in Denmark’s biggest lender have fallen 22 percent this year as allegations its Estonia branch was involved in money laundering between 2007 and 2015 have intensified, with some estimates into the billions of dollars. The bank has launched its own investigation into the allegations and will present its findings in September.
The Estonian parliament’s legal affairs committee said it has summoned, among others, the country’s justice minister, Urmas Reinsalu, Prosecutor General Lavly Perling and the chairman of the Financial Supervision Authority, Kilvar Kessler, for the meeting. The potential fine Danske Bank could face depends on whether U.S. regulators take action. While the bank doesn’t have a banking license in the United States, it has a bond program in dollars, which could prompt U.S. regulators to open a case. For now, analysts on average put estimates for potential fines at roughly 4 billion Danish crowns ($628 million), (via Reuters).
Autonomous Alert Control in AML Transaction Monitoring
What does this mean? Acting independently. One of the biggest problems in AML transaction monitoring is the impossibility to control the production of false positives. Model calibration (and user segmentation) can alleviate the symptoms, but in many cases, they generate another problem, false negatives, (via LinkedIn).
Making a living scamming the scammers
A look at how YouTube streamers are turning the tables on scammers and using hacking tactics to teach better cyber hygiene – with a hefty dose of hilarity, hijinks, (via Engadget).
Hong Kong regulator, banks launch blockchain-based trade finance platform in bid to bolster speed, transparency
Hong Kong’s banking regulator and seven banks, including HSBC Holdings Plc and Standard Chartered PLC, this month stated they will jointly launch a trade finance platform in September using blockchain technology in a move to add speed, transparency and efficiency to a very manual, risk-prone sector. Trade finance deals that can be better analyzed, and more quickly scrutinized for anomalies on the banking, finance and products side, could also cut down on trade-based money laundering.
The platform will be one of the largest examples globally of a government-led, cross-bank effort to reform the multi-billion dollar trade finance sector using the distributed ledger technology that underpins digital currencies such as bitcoin. The sector is often described as one of the most manual and paper-orientated parts of the financial services industry. The blockchain project is aimed at digitizing documents and automating processes to reduce risk and increase the financing capability of the banking industry, (via Reuters).
In the aftermath of the Russia Summit, will there be a bigger battle of the branches on sanctions and trade?
Beyond the politics of the moment and its aftermath, the Helsinki meeting could have legal consequences, should Congress move to insert itself, beyond its standard law-making and oversight role, in sanctions and trade matters. And not just with respect to Russia.
There are a number of ways that Congress can play a greater role in sanctions and trade. Such Congressional involvement, if it materializes, would likely be designed to constrain the President, such as by restricting his ability to lift, not impose or modify sanctions through Executive action, or lawmakers can carve out specific individuals, companies or entities to designate, (via MassPoint).
AML compliance still an expensive slog, but a smidgeon less so, says survey
The percentage of firms spending more than 10 hours a week tracking and analyzing regulatory developments is falling, according to a survey by Thomson Reuters. Overall, the trend is continuing from last year, said the Cost of Compliance Survey. In 2018, just six percent spend more than 10 hours a week tracking and analyzing regulatory developments, after reaching a peak (24 percent) in 2014, but this occurs with the context of a rising specter of regulatory change and continuing uncertainty, (via Reuters).