Mexico Credit Card Fraud

At ACFCS, we know you are busy – ok, make that really busy – and don’t always have time to keep tabs on the many reports, documents, surveys and academic treatises that may, or may not, have made their way into your inbox.

That’s why ACFCS has done the hard work for you – reading them and pulling out the highlights in our inaugural Report Roundup below.


In an analysis of de-risking, one academic takes a data-driven approach and concludes that firstly, the “problem of de-risking warrants a reconsideration of the enforcement approach” and, secondly, recommends authorities should reorient global bank’s “payoff matrix by reducing the cost of compliance and regulatory risk associated with providing financial services to high-risk, low-profit customers.”

Those are some of the findings in the report, titled “An Economic Approach to Evaluating the Impact of AML/CFT Regulations.” The paper culminates with the radical notion that federal and state regulators and investigators should “consider tolerating ‘honest mistakes’ on the part of financial institutions in order to achieve the goals of integrity and inclusion in the international financial system,” (via Duke University).

Card fraud

More than half of consumers in Mexico experienced credit card fraud in 2016 – up from 33 percent and 44 percent in 2014 and 2012 respectively – and nearly half in other large economies, including Brazil at 49 percent and the United States at 47 percent, according to a new survey and related analysis by the Aite Group.

The report, a sample of which can be viewed below, notes that with thousands of confirmed data breaches in 2015 and billions of data records stolen since 2013, the assumption should be that almost all global consumers’ credentials and/or card information has been compromised. Meanwhile, the underground market for user information has matured so much that it is indistinguishable from a legitimate economy.

Given these threats, the report asks and attempts to answer some very difficult, but salient questions, including can financial institutions and consumers prevent fraud? And if not, how can financial institutions reduce costs and protect revenue when fraud does occur? This report, the first in a two-part series on how card fraud affects consumers, looks at consumers’ fraud experiences, perceptions of trust in financial institutions, and risky behaviors. It is based on ACI Worldwide’s March 2016 survey of 6,035 consumers in 20 different countries, (via the Aite Group).

Correspondent banking

In another report looking at the causes and consequences of de-risking, this time focusing on the pruning of correspondent banking connections to what are perceived to be regions with a higher risk of financial crime, the International Monetary Fund (IMF) concludes that the broad-based trend is having a more pronounced effect on emerging markets and developing economies, including those in Africa, the Caribbean, Central Asia, Europe and the Pacific as well as countries under sanctions.

The report notes that “correspondent banking relationships (CBRs), which enable the provision of domestic and cross-border payments, have been terminated in some jurisdictions following the global financial crisis,” and that some of the pressure directly ties back to anti-money laundering risk. “Generally, such decisions reflect banks’ cost-benefit analysis, shaped by the re-evaluation of business models in the new macroeconomic environment and changes in the regulatory and enforcement landscape, notably with respect to more rigorous prudential requirements, economic and trade sanctions, anti-money laundering and combating the financing of terrorism (AML/CFT) and tax transparency,” according to the report.

And the problem could get worse if regulators don’t address what banks should do in the case of servicing riskier clients or regions. “Further pressures to withdraw CBRs may arise where regulatory expectations are unclear, risks cannot be mitigated, or there are legal impediments to cross-border information sharing.” Moreover, the trend could actually leave regions already in crisis of conflict more stressed in the end. “Pressure on CBRs could disrupt financial services and cross-border flows, including trade finance and remittances, potentially undermining financial stability, inclusion, growth, and development goals,” according to the report, (via the International Monetary Fund).

Personal liability

Top level compliance officers, particularly in areas tied to financial crime compliance, are facing a dual-edged threat in form of significantly higher regulatory scrutiny in recent years on programs, people and outcomes along with fresh challenges to adequately staff and resource these divisions, in both quantity and quality. Those are some of the findings of a recently-published report by law firm DLA Piper.

“The last year has been incredibly active for compliance professionals,” Brett Ingerman, a partner at DLA Piper and cochair of the firm’s Global Governance and Compliance practice, told Corporate Counsel Connect, citing the new survey. Most notably, the Yates Memo, delivered by US Department of Justice Deputy Attorney General Sally Yates in September 2015, now holds individuals, and potentially including chief compliance officers (CCOs) and other compliance professionals, personally liable for the company’s wrongdoing.

As well, he stated, the Justice Department has appointed their own first-ever compliance counsel, “further reinforcing the focus in this area and creating concerns about increased scrutiny among the compliance industry,” he said in the editorial. According to the report, 65 percent of respondents said that these changes will have an impact on their decisions to even remain CCOs, leading to new ways to insulate top compliance officers from harm.

“Companies are going to take the necessary steps to protect their compliance officer – making sure their CCO is covered by the insurance policy and making sure bylaws include indemnifications. We will see companies adjust to the specter of the liability.” Even more worrisome, the report concludes that only 30 percent of CCOs feeling their compliance programs are adequately staffed and can do the job required of them, (via Corporate Counsel Connect). To read the full report, please click here.

FinCEN Benefical ownership rule

Want to get into more insight into the critical details of the US Treasury’s Financial Crimes Enforcement Network’s (FinCEN) recently finalized “beneficial ownership” rule? Well, you are in luck. The agency released an extensive, though not overly lengthy, nine-page “frequently asked questions” document to help institutions better understand and implement some of the more nebulous and persnickety parts. Importantly, FinCEN gives more attention to what constitutes an actual “beneficial owner” and addressed a key criticism of civil society groups in more adroitly laying out who can have “significant control” and how they can’t be nominees.

Here are some examples of the questions and answers, in all an important effort to lay out more straightforward guidance and proffer clarity on what has been one of the most significant anti-money laundering (AML) undertakings to take place in more than a decade:

Q: Who is a beneficial owner?

A: The Rule defines beneficial owner as each of the following:

 each individual, if any, who, directly or indirectly, owns 25 percent or more of the equity interests of a legal entity customer (i.e., the ownership prong); and

 a single individual with significant responsibility to control, manage, or direct a legal entity customer, including an executive officer or senior manager; or any other individual who regularly performs similar functions (i.e., the control prong). This list of positions is illustrative, not exclusive, as there is significant diversity in how legal entities are structured. Under this definition, a legal entity will have a total of between one and five beneficial owners (i.e., one person under the control prong and zero to four persons under the ownership prong).

Q: What types of individuals satisfy the definition of a person with “significant responsibility to control, manage, or direct a legal entity customer?”

A: Under the Rule, a legal entity must provide information on a control person with “significant responsibility to control, manage, or direct the company.” The rule also provides examples of the types of positions that could qualify, including “[a]n executive officer or senior manager (e.g., a Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Managing Member, General Partner, President, Vice President, or Treasurer).” FinCEN’s expectation is that the control person identified must be a high-level official in the legal entity, who is responsible for how the organization is run, and who will have access to a range of information concerning the day-to-day operations of the company, (via the Financial Crimes Enforcement Network).

*This post has been updated.*