Sweden is a prosperous Nordic country and EU member-state with a highly developed economy. While it is traditionally regarded as a safe financial destination, recent criminal scandals have damaged Sweden’s reputation. In 2019, for example, an investigation into the Swedish bank Swedbank exposed a $200 million money laundering scheme in its Eastern European and Russian branches, and led to a €360 million fine. Similarly, in 2022, investigators uncovered money laundering regulatory violations at Swedish gambling companies Kindred, ATG, and Pinbet – and subsequently issued millions of Euros in fines to each company.
To combat the threat of financial crime, and protect the integrity of its financial system, Sweden is tightening its anti-money laundering (AML) and counter-financing of terrorism (CFT) controls, and pushing for a more robust regulatory framework across the EU. Given the increased focus, firms must understand their AML/CFT obligations in Sweden, and how to achieve regulatory compliance.
Sweden’s AML Regulator: Finansinspektionen
Established in 1991 as a merger of the Bank Inspectorate and the Insurance Supervision Authority, the Financial Supervisory Authority of Sweden, or Finansinspektionen (FI), is the country’s primary financial regulator.
FI operates under the authority of the Swedish Ministry of Finance and is responsible for examining the “risks and control systems” of the country’s financial institutions and supervising “compliance with statutes, ordinances and other regulations.” Those duties mean that FI is responsible for assessing the effectiveness of Sweden’s AML/CFT legislation and, where necessary, making recommendations for amendments. In its supervisory role, the regulator also assesses the financial health of companies setting up in Sweden, and issues permits to those deemed competent to conduct business.
In addition, FI has a mandate for financial education, disclosing clear and accurate financial information to the Swedish public and issuing guidance on compliance regulations to public and private entities. As Sweden’s national financial regulator, FI works with counterparts in other countries to aid AML/CFT investigations and address global criminal threats.
Key Sweden AML Regulations
Sweden’s main article of AML/CFT legislation is the Money Laundering and Terrorist Financing (Prevention) Act, also known as the Anti-Money Laundering Act, which requires firms to implement a risk-based AML/CFT compliance programme. In practice, this means that firms must assess the risk that individual customers present, and then deploy proportionate compliance measures. The AML Act also requires firms to monitor customers and their transactions for suspicious activity, and report AML alerts to Sweden’s Financial Intelligence Unit (FIU).
EU AMLDs: As a member of the EU, Sweden implements the Anti-Money Laundering Directives (AMLD), which are released periodically by the European Parliament and transposed into domestic legal frameworks. The latest AMLD is the Sixth Anti-Money Laundering Directive (6AMLD), which came into effect on 3 June 2021. Key regulatory details of 6AMLD include a harmonised list of money laundering predicate offences, an increase in the minimum penalties for money laundering, and an expanded definition of the crime of money laundering to include aiding and abetting.
AML/CFT penalties: In 2020, the penalty for money laundering in Sweden was capped at €50 million. Individuals found guilty of money laundering may face prison sentences of between 6 months and 6 years.
How to Comply With Sweden’s AML Regulations
In order to comply with Sweden’s risk-based AML/CFT regulations, firms must implement the following measures:
Customer due diligence: Firms must conduct customer due diligence (CDD) in order to identify their customers and build accurate risk profiles. The CDD process includes the collection of names, addresses, dates of birth, and other identifying information, and should also include the ultimate beneficial ownership (UBO) of customer-entities.
Transaction screening: Firms must screen their customers’ transactions on an ongoing basis for signs of money laundering activity. This might include transactions involving high risk counterparties or high risk jurisdictions.
Sanctions and watchlist screening: As part of the screening process, firms must ensure they are not doing business with sanctions targets and politically exposed persons (PEP). To identify this type of high risk customer, firms must screen against international sanctions lists, PEP lists, and other relevant financial crime watchlists.
Adverse media screening: One of the most effective ways to strengthen compliance with risk-based screening requirements is to screen customers for involvement in adverse or negative news media. News reports and other forms of online media often reveal information about customers before it is officially confirmed – enabling firms to react as quickly as possible when a customer’s risk profile changes.
The EU AMLDs require firms to implement adverse media screening as part of their AML/CFT compliance process. This means that firms must integrate software capable of screening for adverse media on a global scale, with a coverage that includes traditional print and screen outlets, websites, and other data sources such as blogs, forums, and social media platforms.
Recent AML Initiatives in Sweden
The Swedish government is pushing for the EU to implement its most recent AML/CFT proposals, and is keen to advance the introduction of a single AML/CFT Rulebook, and a centralised Anti-Money Laundering Authority (AMLA). Discussions around both initiatives have gained broad consensus from EU member states but the location of the new AMLA is yet to be decided.
Sweden will also implement the EU’s Markets in Crypto-Assets (MiCA) regulation, a landmark new framework for managing the risks posed by unbacked crypto-assets and stablecoins. MiCA will come into effect in 2024, and joins the Transfer of Funds Regulation (TFR) which extends AML/CFT reporting and record-keeping obligations to cryptocurrency service providers.
Next Generation AML Screening for Swedish Compliance
Sweden’s AML/CFT landscape is changing, and financial institutions need to be able to respond quickly to new risks and regulatory requirements, and emerging criminal threats.
In this environment, Ripjar’s Labyrinth Screening platform provides a powerful compliance advantage, enabling searches of thousands of structured and unstructured data sources, including foreign news stories, sanctions lists, and watchlists, and generating real time financial intelligence. Built with next generation machine learning technology, Labyrinth enables firms to extract the most relevant compliance data from a source in seconds, so that firms can react quickly to new threats, in Sweden and beyond, and know as soon as possible when a client’s risk profile changes.
When money launderers disguise their identities behind corporate infrastructure or foreign shell companies, it falls to compliance teams to uncover the true criminal risk by running ultimate beneficial ownership (UBO) checks. Misuse of shell companies and corporate structures is a significant global threat, costing economies hundreds of millions of dollars in lost income per year, while enabling corruption and criminal activities around the world.
Given the scale of the threat, intergovernmental money laundering watchdog, the Financial Action Task Force (FATF), includes a requirement for UBO checks as part of its 40 Recommendations – meaning that firms must consider UBO as part of their AML/CFT compliance solution. However, in a shifting risk landscape, in which criminals continuously develop new techniques to hide illegal funds, AML/CFT regulations must evolve to keep pace and, in 2023, the FATF updated its UBO guidance to reflect new challenges.
With that in mind, we’re exploring the FATF’s UBO updates, along with some of their key compliance challenges.
How has the FATF UBO guidance changed?
Following a 2022 commitment to “preventing the misuse of legal persons”, the FATF strengthened its UBO guidance during its February 2023 Plenary in Paris. The update specifically affected Recommendation 24, Guidance on Beneficial Ownership of Legal Persons, with the goal of ensuring that “competent authorities have access to adequate, accurate and up-to-date information on the true owners of companies” and that criminals, corrupt officials and sanctions targets cannot use shell companies “to hide their dirty money and illicit activities”.
The FATF made 3 key updates to its UBO guidance:
Multi-Pronged Approach
The FATF requires members to take a “multi-pronged approach” to establishing beneficial ownership that incorporates “several sources of information”. At its core, the multi-pronged approach refers to UBO information obtained by companies as part of customer due diligence (CDD), and to UBO information held by public authorities on a registry (or “alternative mechanism”) that can be accessed rapidly and efficiently.
Under the multi-pronged approach, the FATF emphasises the importance of public and private entities being able to “access and exchange information on beneficial ownership”, and using that capability to “inform the national understanding of current and emerging risks.”
UBO Verification
The FATF clarified its guidance on the verification of UBO data in order to ensure its accuracy. The updated guidance made clear that UBO information verification must be risk-based and could include the following measures:
A review of documents such as share certificates, shareholder registers, and board meeting resolutions.
Manual or automated cross checks with government databases, including population registers, taxpayer registers, and vehicle and land registries.
The verification process must prove that a natural person “actually exists and is who they claim to be”. In practice, this means conducting a review of government-issued documents and verifying a “combination of attributes” such as name, birth date, and nationality. In establishing that a person is a beneficial owner, firms should consider:
Whether the person has ownership of or voting rights in the entity they control.
Whether the person is actually exercising their control rights over the entity – or is taking instruction from a third party.
Whether the beneficial owner is consistent with the “structure and risk profile” of the entity.
Foreign Company Ownership
The FATF also clarified that its UBO standards should extend beyond a country’s borders, to foreign-created businesses “with sufficient links with their country”. The updated guidance states that beneficial ownership information about foreign-created businesses should be “timely”, “adequate”, and “up to date”. The 2023 update also sets out stronger controls to “prevent the misuse of bearer shares and nominee arrangements”.
UBO Challenges in 2023
While FATF guidance calls for governments to establish public beneficial ownership registers, some countries have encountered legal friction in implementing that specific measure.
The European Union: In the EU, the Fifth Anti-Money Laundering Directive (5AMLD) set out requirements for public beneficial ownership registries – a regulation which came into effect in January 2020. However, upon discovering that they had been added to the beneficial ownership registry in Luxembourg, several politically exposed persons (PEP) requested that their names be removed.
After that request was denied in Luxembourg, the PEPs launched a legal bid, citing factors such as privacy and security risks. Ultimately, the EU Court of Justice upheld the legal bid – a decision which overrode 5AMLD and meant that many EU member states either restricted public access to their UBO registers, or suspended the registers entirely. AML/CFT experts have pointed out that the decision had significantly reduced AML/CFT transparency, and made it easier for criminals to use corporate infrastructure to conceal illegal activities.
South Africa: In February 2023, South Africa was added to the FATF Grey List for failing to meet AML/CFT standards set out in the Recommendations. In its action plan for South Africa, the FATF set out a requirement that the South African government implement a UBO register in domestic legislation by the end of January 2025.
Address UBO Challenges with Next Generation Technology
The FATF’s 2023 update has made UBO compliance a priority for regulators around the world – and particularly in jurisdictions where legal challenges are taking valuable customer data offline. Where UBO verification has become more difficult – as a result of legal challenges or a lack of available information – firms will need to work harder to establish and verify the identities of their customers by gathering as much identifying data as possible.
One of the best sources of information on beneficial ownership is negative news or adverse media, where breaking stories frequently reveal customer connections to corporate entities, including shell companies before that information is confirmed by official sources. Both the Panama Papers (2016) and the subsequent FINCEN Files (2020) featured revelations about shell company misuse, and exposed illicit financial activity in low-regulation jurisdictions around the world – triggering numerous AML/CFT investigations and leading to the recovery of over $500 million in lost revenue.
To capture adverse media data relevant to UBO verification, firms must implement a technology solution capable of sourcing data from around the world, while minimising false positives and noise by extracting only the most relevant information. Powered by next generation machine learning technology, Ripjar’s Labyrinth Screening platform delivers that capability, enabling firms to search for customer names across thousands of global media sources in real time, in over 20 foreign languages. Generating actionable financial intelligence in seconds, Labyrinth searches ensure your firm has the latest risk data at its fingertips, and can use that data to make faster, stronger decisions about UBO and other critical AML/CFT issues.
Contact us to discuss how Ripjar can help you comply with the latest FATF UBO guidance
While Belgium has a reputation as a wealthy and politically influential European power, it also faces an increasing number of financial crime threats, which include international money laundering and terrorism financing activities. In 2021, for example, Belgium’s financial intelligence unit (FIU) recorded 46,000 suspicious transactions, up 50% on the previous year. In order to protect its own economic system from that threat, and contribute to global anti-money laundering (AML) and counter-financing of terrorism (CFT) efforts, Belgium has built a robust regulatory framework for financial institutions, and established a financial regulator to oversee compliance.
If you’re setting up or doing business in Belgium, it’s important to understand how Belgium’s AML regulations will affect you, and what steps you need to take to protect your organisation from risk.
Belgium AML Regulators
The Financial Services and Markets Authority
Belgium’s primary financial regulator is the Financial Services and Markets Authority (FSMA). Established in 2011, the FSMA replaced its predecessor, the Banking Finance and Insurance Commission (CBFA), as part of an effort to consolidate supervision of Belgium’s financial system, and protect the transparency, fairness, and orderly operation of its markets. To that end, the FSMA works primarily in the following domains:
Supervision of financial products and services, including pension schemes
Compliance with financial conduct rules and AML/CFT regulations
Surveillance of markets and distributed financial information
Financial education
The FSMA works with the National Bank of Belgium (NBB) and the Federal Public Service Economy in its supervisory role, and has the authority to conduct onsite inspections or request documentation in order to verify AML/CFT compliance. Where it finds violations, the FSMA may issue warnings, impose business prohibitions, or impose sanctions including significant financial penalties against the offending firms.
As a member of the European Securities and Markets Authority (ESMA) and other international financial organisations, the FSMA also represents Belgium on the global financial stage. To that end, it is signatory to numerous international financial crime agreements and coordinates with counterpart organisations to protect global financial markets.
The CTIF
Following Financial Action Task Force (FATF) and EU directives, Belgium has also established a financial intelligence unit (FIU), known as the Financial Intelligence Processing Unit (CTIF). Like other FIUs, the CTIF is an independent, autonomous entity responsible for collecting and processing AML/CFT data, including suspicious transaction reports (STR), in order to provide actionable intelligence for subsequent law enforcement investigations. The CTIF also coordinates with counterpart FIUs in other countries to aid in the investigation and prosecution of financial crime.
Key AML Regulations in Belgium
Belgium’s main AML/CFT legislation is the Law of 18 September 2017 on the Prevention of Money Laundering and Terrorist Financing – also known as the “AML Law”. The law transposes the details of the EU’s Anti-Money Laundering Directives, establishing a set of risk-based AML/CFT requirements for firms that operate within Belgium’s jurisdiction.
As new AMLDs are released, the Belgian government updates the AML Law to include the latest regulatory detail. The Sixth Anti-Money Laundering Directive, for example, sets out a harmonised list of money laundering predicate offences, and expanded the definition of money laundering to include aiding and abetting.
Belgian authorities may impose fines for non-compliance with the AML Law, which may reach up to €1,250,000 for non-financial companies, and €5000 or 10% of annual turnover (whichever is greater) for financial companies.
How to Comply with Belgium’s AML Law
The AML Law imposes risk-based AML/CFT requirements on firms operating within Belgium. This means that firms must conduct a risk assessment of individual customers to establish the level of risk they present, and then deploy proportionate AML/CFT compliance measures.
Establishing risk accurately is a significant challenge for financial institutions, which must collect and analyse large amounts of data in order to establish accurate customer risk profiles. With that in mind, Belgian AML/CFT compliance solutions typically include the following controls:
Customer due diligence (CDD) measures to establish and verify the identity of customers, and build accurate risk profiles. Required CDD information may include names, addresses, places of business, and other identifying materials.
Ultimate beneficial ownership (UBO) verification of corporate structures in order to ensure that money launderers are not concealing their identity with shell companies or corporate structures.
Customer screening against relevant watchlists, including politically exposed person (PEP) lists and global sanctions lists, and adverse media sources. PEPs and persons subject to sanctions represent a high financial crime risk, so firms must perform ongoing screening to verify any changes to customer statuses.
Adverse media screening: In an evolving financial landscape, one of the quickest ways to establish true customer risk is to conduct adverse media screening – which may reveal critical compliance information before confirmation by official government sources. Adverse media includes news stories, social media, blogs, and forum posts, and may detail involvement in criminal activity, incoming regulatory changes, or a customer’s designation on watchlists and sanctions lists – all of which will likely change a customer’s risk profile.
Sanctions screening: Customers that are subject to international sanctions pose an elevated AML/CFT risk, and should be subject to enhanced due diligence (EDD) including adverse media scrutiny. As an EU member-state, Belgium must comply with EU sanctions screening requirements: in particular, firms should pay close attention to Russia sanctions, which are updated frequently, and currently designate a range of companies and individuals that directly support or are involved with the invasion of Ukraine.
Belgium AML Initiatives: Crypto Regulation
In addition to the most recent AMLD measures, Belgium will, like other EU member states, implement the Markets in Crypto Assets (MiCA) regulation. Scheduled to be introduced in 2024, MiCA will affect the AML/CFT treatment of crypto assets, introduce specific requirements for the use of stablecoins, and establish an EU-wide crypto asset service provider register overseen by the European Banking Authority.
Belgium has focused heavily on crypto regulation recently, with an amendment to the AML Law in 2022, which brought crypto service providers under the scope of the legislation (and previous EU AMLDs). The amendment introduced the following measures:
A definition of “exchange services between virtual currencies and fiat currencies” as they pertain to the AML Law.
A definition of the type of crypto exchange services that fall under the scope of the AML Law.
A prohibition on non-European Economic Area persons offering or providing crypto exchange services in Belgium.
An FSMA registry of crypto exchange service providers.
A number of new criminal offences and sanctions that pertain to crypto asset activities.
The amendment came into effect on 1 May 2022.
AML Compliance Solutions
EU AMLDs include strict requirements for both sanctions and adverse media screening compliance, and firms in Belgium must be prepared to search international data sources for customer involvement in risk factors set out in domestic legislation. Speed, scope, and accuracy are critical to effective customer screening, which means firms must seek a solution with a global scope, that can be tailored to their risk appetite, and that can minimise false positive alerts.
Ripjar’s Labyrinth Screening platform is built to achieve screening compliance in Belgium, the EU, and jurisdictions around the world. Built with cutting-edge machine learning technology, Labyrinth Screening is informed by thousands of global data sources in real time, including the latest adverse media, sanctions list and watchlist updates. Labyrinth is capable of searching in over 20 foreign languages to ensure firms capture data from every corner of the world, and delivers actionable intelligence in seconds so that firms can make important decisions quickly and confidently.
Developed to ensure that global criminal threats are met with a global response, the FATF Global Network serves to promote the consistent worldwide application of the FATF AML/CFT Recommendations and facilitate mutual evaluations of member states. While the FATF was created in 1989, the Global Network was effectively established in 2005 with the introduction of associate membership for FATF-Style Regional Bodies (FSRB). Today, the Global Network refers to the FATF and its 206 member jurisdictions, and its 9 FSRBs (along with various FATF observer members).
The relationship between the FATF and FSRBs is governed by the High Level Principles and Objectives, which also map the operational structure of the Global Network. The Principles also set out the obligations and expectations of Network participants, and their reciprocal rights. Since the introduction of FSRB associate membership, FSRBs have worked closely with the FATF to improve the functionality of the Global Network, develop global AML/CFT standards, conduct mutual evaluations of member states, and assess the implementation of the FATF Recommendations.
The Global Network currently comprises the following participants:
Financial Action Task Force: The FATF develops and sets global AML/CFT standards and conducts mutual evaluations of members to determine whether those standards have been implemented effectively. The FATF also identifies and designates high risk jurisdictions with significant AML/CFT deficiencies. The FATF works with FSRBs in the pursuit of its global AML/CFT objectives.
APG: The Asia/Pacific Group on Money Laundering is an FSRB dedicated to ensuring the adoption, implementation, and enforcement of AML/CFT standards in APAC. APG members include the United States, Canada, China, India, Korea, Japan, Australia, and New Zealand.
CFATF: The Caribbean Financial Action Task Force is an FSRB committed to ensuring the implementation of FATF standards in the Caribbean basin. Member countries include Barbados, Bermuda, Jamaica, the Bahamas, Trinidad and Tobago, and Venezuela.
MONEYVAL: The Committee of Experts on the Evaluation of Anti-Money Laundering Measures (MONEYVAL) is an FSRB and monitoring body composed of 27 member states of the Council of Europe. State representatives of MONEYVAL are typically senior political, legal or law enforcement officials, and the organisation’s objectives include conducting mutual evaluations, peer reviews, and MER follow-ups.
EAG: The Eurasian Group comprises 9 eastern-European and Asian states, including Russia, India and China, and joined the FATF as an associate member in 2010. Like other FSRBs, the EAG works to promote the implementation of FATF AML/CFT Recommendations and facilitate mutual evaluations.
GAFILAT: The Financial Action Task Force of Latin America (GAFILAT) is an FSRB made up of 17 South American, Central American, North American countries, including Mexico, Colombia, Argentina, Chile and Brazil. It became an FATF associate member in 2006.
GABAC: The Central Africa Money Laundering Action Group (GAFILAT) is an African FSRB consisting of the central African countries of Cameroon, Congo, the Democratic Republic of Congo, Gabon, Equatorial Guinea, Gabon and Chad.
MENAFATF: The Middle East and North Africa Financial Action Task Force is an FSRB committed to implementing the FATF’s Recommendations in the Middle East and North Africa. Its member states include Algeria, Bahrain, Egypt, Jordan, Morocco, Qatar, Saudi Arabia, and the United Arab Emirates.
The Global Network’s Strategic Vision
The function of FSRBs and their relationship with the FATF has evolved substantially since 2005, with the Global Network becoming more “cohesive and inter-related”. Given that progress, the FATF has stated that it aims to “more effectively leverage the expertise and work of the Global Network” by setting out a “strategic vision” to better facilitate its AML/CFT objectives and cooperation with FSRBs.
With that in mind, the FATF has set out the details of the strategic vision:
The Global Network will serve to mobilise the political will of FATF and FSRB members, with the FATF acting as the global standard-setter, and FSRBs as regional experts.
The Global Network will operate on principles of “inclusivity and collaboration” in order to ensure the consistent interpretation and application of FATF Recommendations, and to strengthen cohesion between members.
Both the FATF and FSRBs will have adequate resources, expertise, and institutional structure needed to operate effectively, with commitment to FATF standards and mutual evaluation work. The Global Network will drive improvement in the implementation of FATF Recommendations.
The Global Network will identify common priorities in order to mitigate global financial crime threats and identify weaknesses in FATF recommendations.
FSRBs will focus on understanding regional AML/CFT risks, challenges, and needs, while the FATF will focus on understanding global AML/CFT risks, and the appropriate responses to them, while taking regional considerations into account.
The Global Network will promote a common global understanding of FATF Recommendations and how to implement them effectively. Meanwhile, the FATF will support and strengthen the Global Network in this capacity in order to ensure consistency in global understanding of the Recommendations.
FATF Annual Report 2021-22
The strategic vision is subject to periodic review so that the Global Network can adapt to developments on the AML/CFT risk landscape. In its Annual Report 2021-22, the FATF set out the ways in which the Global Network had strengthened in the previous 12 months with a focus on the following 3 priorities:
High level engagement with FSRBs
Building capacity to address FSRBs’ internal challenges
Increasing support for FSRBs from FATF members
Key outcomes from 2021-22 included:
A commitment from the FATF Ministerial, in April 2022, to strengthen the Global Network and endorse the strategic vision.
An agreement in June 2022 to ensure that FSRBs are prepared to conduct the next round of mutual evaluations, and to work towards a more cohesive and collaborative Global Network.
Continuing high level engagement between FSRBs and national and regional authorities, with a focus on the importance of AML/CFT to national security and stability.
Continuing efforts from FSRBs to enhance internal functioning, promote FATF standards, and facilitate mutual evaluations.
Ongoing FATF assistance for high priority FSRBs in addressing internal challenges.
Ongoing FATF monitoring of its members’ support for FSRBs, in particular for completing mutual evaluations in a timely manner.
Achieving FATF Compliance
The Global Network was established to help countries implement FATF Recommendations at a regional level while contributing to the FATF’s AML/CFT objectives. With this in mind, most authorities require firms to implement a risk based approach to AML/CFT, assessing the risk posed by individual customers by collecting data, and screening for criminal threats, with a global scope.
Ripjar’s Labyrinth Screening platform enables firms to meet their global risk-based compliance obligations by screening against thousands of data sources in over 20 languages, and taking in sanctions lists, watchlists, and adverse media stories. Our platform is built on cutting edge machine learning technology to capture structured and unstructured data, make intuitive decisions about customer matches, and adapt as soon as possible to changes in the risk landscape.
Learn more about Ripjar’s AML/CFT compliance solutions: get in touch
Spain is one of the wealthiest nations in Europe, with a highly developed economy that hosts a spectrum of businesses and investment interests. Unfortunately, Spain’s growth and development as an economic power has also made it a target for criminals, who seek to exploit its financial system to commit fraud and other serious financial crimes, such as money laundering and terrorism financing. In response to those threats, the Spanish government has developed a robust anti-money laundering (AML) and counter-financing of terrorism (CFT) framework to protect the country’s economic system and meet its obligations in the global fight against financial crime.
Following recent financial scandals across Europe, and high profile prosecutions of money launderers within Spain, Spanish regulators have increased their focus on screening and compliance. Given the potential for steep financial penalties, it’s vital that businesses understand Spain’s AML regulations, how to achieve compliance, and how to manage incoming regulatory challenges.
Spain’s AML Regulator: SEPBLAC
Established in 1993, the Commission for the Prevention of Money Laundering and Financial Crimes, or Servicio Ejecutivo de la Comisión de Prevención de Blanqueo de Capitales (SEPBLAC) is Spain’s AML/CFT regulator and financial intelligence unit (FIU). SEPBLAC operates under the authority of the Secretariat of State for Economy and Business Support, which is a collective composed of a number of Spanish government representatives and law enforcement agencies.
In its supervisory role, SEPBLAC’s mission is to ensure that financial institutions comply with Spain’s risk-based AML/CFT regulations “in accordance with the best international practices”. As an FIU, SEPBLAC handles the submission of suspicious transaction reports (STR), analysing financial data to determine whether to launch criminal investigations.
Like most global AML/CFT regulators, SEPBLAC also has a duty to work with international counterparts to address financial crime threats. To that end, SEPBLAC coordinates with other EU supervisory authorities and FIUs, and shares financial intelligence on platforms such as FIU-Net and the Egmont Secure Web (ESW).
Anti-Money Laundering Directives: As an EU member, Spain is required to transpose into law the EU’s Anti-Money Laundering Directives (AMLD). The most recent AMLD, the Sixth Anti-Money Laundering Directive (6AMLD), included a new definition of the crime of money laundering (that included aiding and abetting), set out a harmonised list of money laundering predicate offences, and increased the minimum penalties for persons convicted. Spain implemented 6AMLD through Royal Decree-Law 7/2021, of April 27.
Penalties for money laundering in Spain are imposed under the Criminal Code and include a prison sentence of up to 6 years and a fine of up to three times the value of the assets involved. Authorities may also impose business prohibitions of up to 3 years on persons found guilty of money laundering.
How to Comply with Spain’s AML Regulations
Following Financial Action Task Force (FATF) guidance, Spain requires firms to take a risk-based approach to AML/CFT, which means they must assess the risk that their customers present, and then deploy proportionate compliance measures. The FATF Recommendations set out the measures and controls that must be implemented as part of a risk-based AML/CFT compliance solution. These include:
Customer identification: Firms must collect identifying information from customers in order to build accurate risk profiles. Suitable customer due diligence (CDD) information includes names, addresses, birth certificates, and business incorporation documents. High risk customers may warrant enhanced due diligence (EDD) measures.
Beneficial ownership: Firms must ensure that customers are not using shell companies or corporate structures to conceal their identities and evade compliance controls. Accordingly, AML/CFT solutions should also include verification of the ultimate beneficial ownership (UBO) of customer-entities.
Suspicious transactions: Firms must screen customer transactions for suspicious activity, including transactions with high risk individuals or transactions that involve high risk jurisdictions.
Customer screening: Firms should ensure that customers are not designated on international sanctions lists or watchlists, and are not politically exposed persons (PEP), by screening customers on an ongoing basis against the relevant data sources.
Adverse Media Screening: One of the most effective and accurate ways to establish customer risk is to screen customers against adverse media sources, which include news stories, social media, blog posts, forum posts, and more. Adverse media typically reveals customer AML/CFT risk, such as involvement in financial crime, before it is confirmed by official sources – and so enables firms to deploy the appropriate compliance response as quickly as possible. Firms should dedicate screening resources to capture a wide range of adverse media from around the world.
Incoming AML Regulations
In June 2022, the EU reached a provisional agreement to introduce a new regulatory framework for unbacked crypto-assets and stablecoins, known as Markets in Crypto-Assets (MiCA). The EU also passed the Transfer of Funds Regulation (TFR), which extends AML/CFT regulations to cryptocurrency service providers. Both regulations will come into effect in Spain, and across the EU, in 2024. With the new regulations on the horizon, firms in Spain should ensure they adjust their compliance solutions to account for new levels of risk from transactions that involve virtual assets.
AML Solutions: Screening Technology
Under the EU’s AMLD regulations, firms in Spain must be prepared to screen against a range of global data sources including adverse media. With that in mind, it’s vital that firms find a technology solution capable of searching for customer names with suitable scope, flexibility, and accuracy in order to capture breaking news stories, new sanctions designations, social media entries, and other types of media – and do so quickly whilst minimising false positive alerts.
Ripjar’s Labyrinth Screening platform gives firms that capability. Built on cutting edge machine learning technology, Labyrinth enables comprehensive, real-time searches of thousands of global data sources, including foreign news articles, sanctions lists, and watchlists, in over 20 languages, and delivers actionable financial intelligence in seconds. In a complex and changing EU regulatory landscape, Labyrinth lets firms tailor their compliance response to specific AML/CFT risk factors, react to new legislation and criminal threats, and know as soon as possible when a customer’s risk level changes.
The Middle East is an increasingly important financial destination, with economic development across the region attracting global capital and innovation. However, the dramatic growth of certain Middle Eastern countries has led to an increase in financial crime, including money laundering and terrorism financing, which typically exploit the region’s high risk industries such as construction, oil and gas, and real estate. Corruption has also been a traditional financial crime risk in the Middle East, with a number of recent scandals, such as the $3 billion fraud case that led to the collapse of NMC Healthcare in the UAE in 2020.
Middle Eastern countries have responded to the criminal threats they face by implementing anti-money laundering (AML) and counter-financing of terrorism (CFT) regulations, which impose a range of screening, monitoring, and reporting regulations. To help your firm navigate its compliance landscape, let’s take a closer look at the AML/CFT environment in a number of Middle Eastern jurisdictions.
Key Middle Eastern AML Regulators and Regulations
UAE – CBUAE
The United Arab Emirate’s (UAE) primary financial regulator is the Central Bank of the UAE (CBUAE), which provides supervision for licensed financial institutions and has a mission to “regulate, develop, oversee, and maintain” the UAE’s financial system. The bank carries out its supervisory duties through its Banking and Insurance Supervision Department, which includes the Regulatory Development Division, which sets the UAE’s AML/CFT policies.
Qatar’s financial regulator is the Qatar Financial Centre Regulatory Authority (QFCRA). Established in 2002, the QFCRA has a mandate to “authorise and regulate firms and individuals conducting financial services” and maintains a dedicated AML/CFT unit which works to ensure compliance with Qatar’s AML/CFT rules. The Authority also contributes to “Qatar’s ongoing engagement with international standard-setting bodies”.
Key Qatar AML regulations: Qatar’s Law No. (20) of 2019 on Combating Money Laundering and Terrorism Financing is the state’s primary AML/CFT law. The law sets out a range of risk-based compliance obligations for financial institutions in Qatar, including customer due diligence, beneficial ownership, and customer screening and monitoring.
Saudi Arabia – Ministry of Anti-Money Laundering, SAMA, SAFIU
There are a number of government bodies that address money laundering in Saudi Arabia, including the Ministry of Anti-Money Laundering, the Saudi Arabian Monetary Agency (SAMA), and the Saudi Arabian Financial Intelligence Unit (SAFIU). The AML/CFT efforts of these entities are coordinated through the Permanent Committee for Anti-Money Laundering, which is headquartered at the SAMA head office in Riyadh.
Key Saudi Arabia AML regulations: The main AML regulation is the Saudi Arabia Cabinet Decision No. 80/1439, approving the Anti‐Money Laundering Law, also known as the AML Law. There are a number of important supporting laws to the AML Law, including the Implementing Regulation to the AML Law October 2017. Similarly, the main CFT law in Saudi Arabia is the Law on Combating Terrorism Crimes and Financing (and its corresponding implementing regulation). The AML and CFT laws impose risk-based compliance obligations on firms within Saudi jurisdiction.
Oman – CBO, CMA
The Central Bank of Oman (CBO) is Oman’s primary AML/CFT authority, responsible for supervising and licensing all financial institutions in the country, and implementing its AML/CFT regulations. The Capital Markets Authority (CMA) also has an AML/CFT regulatory role but is responsible for supervising Oman’s capital market and insurance sectors.
Key Oman AML regulations: The principle AML/CFT law in Oman is the Law on
Turkey’s AML/CFT authority is the Financial Crimes Investigation Board, or Mali Suçlar Araştırma Kurulu (MASAK). Operating under the Ministry of Finance, MASAK has the power to implement AML/CFT policy in Turkey, conduct investigations, and assist law enforcement agencies with prosecutions.
Key Turkey AML regulations: Implemented in 2006, Turkey’s principle AML law is Law No. 5549 on Prevention of Laundering Proceeds of Crime, which imposes reporting, record-keeping, monitoring and screening obligations on Turkish financial institutions. In 2023, Turkey introduced Law No. 6415 on the Prevention of the Funding of Terrorism, which expanded the definition of terrorism financing and the power of authorities to prosecute alleged cases.
How to Comply with the Middle East’s AML Regulations
The Middle Eastern states listed above have committed to implementing the AML/CFT standards recommended by the Financial Action Task Force (FATF) – either as members of the FATF, or as members of the Middle Eastern and North Africa FATF (MENAFATF), an FATF-style regional body.
Following the FATF Recommendations, Middle Eastern jurisdictions must develop and implement risk-based AML/CFT compliance regulations, which require firms to establish individual customer risk levels and deploy proportionate compliance measures in response. In practice, this means that Middle Eastern financial institutions must conduct robust data collection and screening processes, including:
Identity verification: Firms should apply customer due diligence (CDD) measures to establish the identity of their customers and build accurate risk profiles. Where customers present a higher risk of financial crime, firms should apply enhanced due diligence (EDD).
Transaction screening: Middle eastern firms must screen customer transactions for suspicious activity, which may include transactions with high risk individuals or transactions involving high risk jurisdictions.
PEP and sanctions screening: To establish customer risk levels, firms must check that customers are not suspected of financial crimes, are not politically exposed persons (PEP), and are not designated on international sanctions lists. To that end, firms must be able to screen customers against the relevant sanctions and watchlists.
Adverse media screening: Firms should screen their customers for involvement in adverse media – which may disclose important risk information before it is confirmed by official sources. Firms should screen for adverse media with a global scope in order to ensure they collect as much risk data as possible.
Recent AML Developments in the Middle East
The Middle East can be a volatile AML/CFT environment with risk levels varying significantly between jurisdictions.
Following a Plenary and Working Group Meeting in 2022, the FATF chose to designate the UAE on its list of Jurisdictions Under Increased Monitoring, also known as the Grey List, as a result of failures to address “strategic deficiencies” in its counter-terrorism financing framework.
Designation on the Grey List means that financial institutions must be alert to an elevated risk of doing business in listed countries, while listed countries are required to work with the FATF to address points on an AML/CFT action plan. The UAE, for example, recently issued guidance for financial institutions on improving their understanding of AML/CFT risk, including implementing digital ID systems to enhance CDD.
The UAE is not the only Middle Eastern country on the Grey List, and joins Syria, Yemen, and Turkey, which was added in October 2021. Iran is designated on the FATF’s Black List, or High Risk Jurisdictions Subject to a Call for Action, which indicates a high level of AML/CFT risk and requires firms to deploy suitable countermeasures.
Customer Screening Technology for Middle East AML Compliance
Many financial activities in the Middle East are associated with industries that pose an elevated risk of financial crime but that stretch across borders and involve complex international supply chains. With this in mind, it is critical that firms implement a customer screening solution capable of matching names to watchlists, new stories, and other media in the Middle East and across the world, capturing large volumes of data while minimising noise and false positive AML alerts.
Ripjar’s Labyrinth Screening platform integrates cutting-edge machine learning technology and advanced analytics to help your firm enhance its customer screening process in the Middle East and beyond. Labyrinth enables searches of thousands of data sources, including news stories, sanctions lists, and watchlists in over 20 foreign languages, taking into account non-Western spelling conventions and characters, such as the use of Arabic, to enable effective, accurate decision making. Fast, flexible and customisable to your risk appetite, Labyrinth Screening offers a powerful advantage in managing the diverse and evolving risk landscape of the Middle East.
The AML & FinCrime Tech Forum took place in January 2023, bringing together leaders, experts, and innovators from across the data science, fintech, and anti-money laundering (AML) and counter-financing of terrorism (CFT) communities. The Forum focused on the latest strategies to combat financial crime, with debates, presentations, and demonstrations of fintech and regtech innovations.
Ripjar’s Chief Product Officer, Gabriel Hopkins, attended the event to lend his professional expertise to the panel discussion: Future FinCrime and the Pain Points Within Your Organisation. The panel included speakers from banks and fintech organisations, who discussed the most dangerous emerging criminal methodologies, how they impact and harm both customers and institutions, and how technology can help address the threats. Moderator Howard Rawstron, Head of Economic Crime Prevention Oversight at Lloyds Banking Group, acknowledged that many of the topics involved potential future scenarios, but that the panel’s pedigree would ensure that the debate benefitted from a depth of industry experience.
Let’s take a closer look at some of the key questions and points from the discussion.
What are the biggest emerging financial crime threats to both customers and institutions?
The panel opened by examining the significant challenges that institutions face in keeping pace with the sophistication of financial criminals. Susan Symes, UK Head of Investigations at Fidelity International, pointed out that criminals increasingly exploit technology to use their victims to support the fraud they are committing – using push payments for example to get customers themselves to initiate fraudulent payments unwittingly, and so make it harder for firms to detect the presence of bad actors. Symes added that, in many cases, customers are unaware that they are victims of fraud: criminals may imitate certain brands or products to disguise fraud, or use the pretext of a maturing payment that offers returns down the line to keep victims unaware of the fraud until months later.
Renitha Singh, Group Financial Crime Compliance Officer at Liberty Holdings, raised the prospect of “state capture” as a significant financial crime threat. Singh used the example of the infiltration of the South African government by a criminal organisation to illustrate the potential for organised crime groups to extract huge amounts of money from corrupt or vulnerable state entities.
Ripjar’s Gabriel Hopkins echoed those sentiments, pointing out that financial crime, and specifically fraud, had undergone a change in recent years: from something that happened to people, to something that people did to themselves. Hopkins suggested that shift had made it much more difficult for banks to stay ahead of financial criminals.
How should institutions balance customer controls with customer experiences?
The ongoing challenge of financial crime compliance is to implement AML/CFT controls that are robust enough to detect criminals and fulfil regulatory obligations, without making a firm’s products and services too onerous for customers to use.
The panellists cited the careful integration of technology as a significant advantage in addressing this issue. Fenergo VP of Product Marketing Aoife Doyle suggested that the front-end experiences of customers were less of a problem; with a lot of effort put into the technical quality of the front-end, customers generally receive seamless (and pleasing) experiences when interacting with websites directly. Doyle went on to contrast those experiences with the back-end process, during which firms are required to “scramble” to retrieve data from multiple systems in order to fulfil regulatory requirements, creating significant administrative friction and slowdown in the ultimate delivery of services.
Susan Symes focused on the specific risks of balancing experiences with compliance, pointing out that the dynamic plays into the hands of criminals who may offer expedited services as a way to extract money and data from frustrated customers. Symes emphasised that “disruption” was the key to tackling fraud: the more obstacles fraudsters face when attempting to gain customers’ confidence, the more likely their efforts are to fail. On the notion of AML/CFT controls versus customer experiences, Symes stated that it was always “easier to sleep” knowing that customers were frustrated, than having handed their details to criminals.
Acknowledging those ethical and regulatory concerns, Gabriel Hopkins noted that artificial intelligence (AI) and machine learning tools nonetheless represent a “transformational” asset in the battle to deliver positive customer experiences by giving firms the power to “make strong decisions for their customers, very very quickly”.
How should firms handle the threat of ultimate beneficial ownership?
Where criminals use corporate infrastructure to conceal their identities, electronic identity verification takes on a new importance. Aoife Doyle suggested that firms should seek to leverage a rules-based approach to establishing ultimate beneficial ownership (UBO) – especially in jurisdictions where the threshold for beneficial ownership may refer to individuals with ownership of 10% or even 2% of a given company.
Doyle also suggests that firms must be prepared to work hard to establish UBO, including exploring opportunities to re-use established data to inform compliance decisions. Notably, the complexity of the UBO challenge requires firms to go beyond tech solutions and factor in skilled human intelligence for those instances where compliance efforts need to go deeper than tech-derived identity verification.
In an industry facing a shortage, what skills are needed for economic crime prevention?
While acknowledging the power of employee talent and intelligence in compliance investigations, the panel agreed that it was difficult to overstate the utility of technology, and important not to over-rely on human intuition. Renitha Singh brought both a regulator and commercial perspective to the question, pointing out that compliance technology enables even untrained employees to identify suspicious activity and intervene to prevent potentially serious financial crimes.
Emphasising the “amazing” accomplishments of fintech, Gabriel Hopkins stressed there was an ongoing important role for humans in financial crime processes. Referencing the critical “sixth sense” that top fraud analysts have for spotting criminal activity, he suggested that it was probably “a little too soon” for the eradication of human roles, particularly within fincrime compliance where there are factors which still limit automated decision making. However, Hopkins also pointed out that technology innovation is a constant, and that a number of new, exciting innovations, such as ChatGPT generative AI, are likely to have a big impact in the near future. Hopkins stressed the need to manage the hype around new technology: for example, while ChatGPT has undeniable potential, it exhibits a number of flaws in its current form which limit its use in fraud and financial crime prevention.
How can collaborations help tackle financial crime?
Where government institutions lack the resources to tackle financial crime effectively, or (like the South African government) are compromised by bad actors, collaboration with private entities can be an effective AML/CFT strategy. Renitha Singh referenced the collaborative success of the South African Money Laundering Integrated Task Force (SAMLIT), a think tank that combines public and private resources in a joint effort to assist in prosecutions. Singh pointed out that the value of public-private collaborations lies in their potential to share data and to work operationally – as opposed to the often-ineffectual “gestures” of governments.
In agreement, Gabriel Hopkins added that all collaboration initiatives must be backed by strong security to ensure the safety of public information, and by the political will to effect real change.
How are different demographics affected by financial crime?
In a constantly changing financial landscape, criminal threats can vary significantly by demographic. Susan Symes set out the variety of strategies that criminals use to approach customers, including targeting the users of certain apps or the viewers of certain adverts, or compromising personal devices such as mobile phones. Demographic threats are not fixed, and may change by age, wealth, time of year, and so on. With no one-size-fits-all solution, firms must think about the specific vulnerabilities of their customer groups, and be prepared to continually assess the countermeasures they deploy to prevent crimes.
What can firms do to improve the financial crime detection and investigation process?
The panel emphasised the need to prioritise data in any AML/CFT solution in order to optimise outcomes. While finding and stopping criminal activity directly is obviously a priority, Gabriel Hopkins stressed the need to use customer data contextually as a way to discern changes in behavioural patterns – a strategy that has proved to be effective in almost all levels of technology deployment.
Getting the most out of disparate, dispersed data is key to the investigative process – and with this objective in mind, Hopkins also suggested that firms take steps to make their data as accessible and comprehensible as possible, including introducing a knowledgebase framework and integrating AI-enabled tools. Ripjar’s Labyrinth Screening platform, for example, is built for exactly that purpose, with cutting-edge AI and machine learning technology giving firms the power to identify high risk customers as quickly as possible and make better compliance decisions.
Discover Labyrinth Screening Advantages
In a complex risk landscape, Labyrinth Screening searches thousands of global data sources across different languages, including watchlists, sanctions lists, and news stories, delivering actionable intelligence in seconds while minimising noise and false positives. Labyrinth also gives firms the ability to tailor searches for the most relevant AML/CFT data, building more accurate, more useful risk profiles for each customer.
To learn more about how Ripjar can manage AML/CFT pain points, get in touch today.
Following widespread legislative reforms, the Asia-Pacific (APAC) region has seen an increase in financial crime investigations in recent years. While geopolitical events such as the Covid-19 pandemic and the global supply chain crisis slowed anti-money laundering (AML) and counter-financing of terrorism (CFT) efforts in 2021 and 2022, APAC AML regulations will continue to evolve in 2023, and compliance teams should prepare for change.
From the emerging risks of cryptocurrency and digital assets, to new global economic sanctions, the Asia-Pacific region’s financial risk landscape is diverse. To help your organisation stay ahead of its obligations, and address criminal threats, let’s explore some of the most notable AML changes from key APAC regulators.
Singapore
The Monetary Authority of Singapore (MAS) is a regional leader in financial crime enforcement, and regularly announces initiatives to combat financial crime in Singapore and beyond. In October 2022, MAS announced its National Strategy for Countering the Financing of Terrorism, a five-pronged plan for addressing the misuse of Singapore’s financial system for terrorism financing. The plan calls for greater coordination between law enforcement agencies and international counterparts, and sets out the following key priorities:
Coordinated, comprehensive risk identification, emphasising cooperation between government agencies.
Strong legal and sanctions enforcement frameworks, matched to international AML/CFT standards.
Risk-based supervision, matched to international standards and best practices.
Greater inter-agency law enforcement cooperation to ensure decisive action against terrorism financiers.
In support of its inter-agency cooperation objectives, MAS announced the roll-out of its Collaborative Sharing of ML/TF Information & Cases (COSMIC) platform, which is scheduled for implementation in 2023. Co-created by 6 major international banks, COSMIC will facilitate information sharing between organisations in Singapore, with a focus on shell company abuse, illicit trade finance, and weapons proliferation.
Hong Kong
Hong Kong’s primary financial regulator, the Hong Kong Monetary Authority (HKMA) has stated that its priorities for 2023 include tackling fraud and the use of mule accounts to launder money. Its 2022 Risk Assessment report set the money laundering risk to the banking sector at “High”, with fraud as the principal threat.
In order to address fraud, and other AML/CFT risks, the HKMA is continuing efforts to promote wider adoption of AML technology. Those efforts include its Fintech 2025 strategy, which includes a range of initiatives to promote information sharing between financial institutions, such as the launch of the Commercial Data Interchange (CDI).
In 2023, the HKMA has identified the following supervisory priorities:
Prudential work: Health checks on non-bank financial institutions.
Technology: Continuing promotion of fintech adoption and a focus on cybersecurity and third-party risk management.
AML risk: Data-driven supervision, regulatory updates, information sharing, and an analytic focus on mule account networks.
Consumer protection: Investor protection for virtual assets, enhanced protection for credit card services, mandatory reference checking.
China
China’s regulatory scrutiny of money laundering activities increased in 2022 following a significant rise in money laundering convictions between 2016 and 2019. The Chinese government launched its three year action plan to crack down on money laundering in 2022. Led by the People’s Bank of China (PBOC) and the Ministry of Public Security, the plan sets out new coordination and consultation requirements between government departments in order to target money laundering, and includes proposals for new risk prevention mechanisms, AML training programmes, and solutions for the analysis of money laundering typologies.
China’s focus on AML/CFT follows its fourth-round Mutual Evaluation Report by the FATF. As part of its efforts to implement FATF requirements, China clarified its customer due diligence (CDD) rules, and extended those rules to non-banking payment institutions, loan companies, financing firms, and other types of financial service providers.
Japan
Following the FATF’s Mutual Evaluation Report of Japan in August 2021, the Japanese government published its action plan for compliance. The FATF’s main criticism of Japan’s AML/CFT framework was a lack of understanding of risk in certain financial institutions. Accordingly, the action plan requires Japanese financial institutions to improve their risk assessment and risk mitigation measures, and to ensure the efficacy of their ongoing CDD measures.
Japan’s Financial Services Agency (FSA) also identified fintech advances as a source of AML/CFT risk, suggesting that regulatory action will be forthcoming in 2023. The FSA highlighted the risks of crypto-assets, artificial intelligence algorithms, and even “deepfake” videos as potential risk factors and suggested that Japan’s financial institutions should leverage digital tools to enhance the effectiveness of their AML/CFT countermeasures.
With that challenge in mind, Japan has been focusing on new cryptocurrency regulations. In September 2022, the government announced that it would be amending the Act on Prevention and Transfer of Criminal Proceeds in order to extend the FATF’s Travel Rule reporting requirement to cryptocurrency and stablecoin transactions.
Australia
In 2021, the Australian government launched an inquiry into the adequacy and efficacy of Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regime. The inquiry identified an ongoing financial crime risk from Designated Non-Financial Businesses & Professions (DNFBPs) such as real estate agents, casinos, gambling companies and lawyers, which had not been brought into the scope of certain AML/CFT reforms. As a result of that failure, criminals had used Australian DNFBPs to launder billions of dollars, enabling criminal activities and networks across APAC.
The inquiry recommends that the Australian Transaction Reports and Analysis Centre (AUSTRAC) extend its AML/CFT reporting rules to DNFBPs, encourage financial institutions to integrate technology as part of their risk-based AML/CFT frameworks, and better align its AML/CFT regulations with international standards. As part of that effort, Australia announced plans for the introduction of a new beneficial ownership registry in November 2022: the registry will aid law enforcement efforts in tracking down foreign money launderers that exploit the country’s financial system.
APAC AML Regulations: How Technology Can Help
APAC is a complex and challenging AML landscape, and firms that do business across the region must be ready to manage a diversity of regulatory obligations. While certain trends, such as the focus on digital asset regulation, reflect the global financial situation, national concerns, such as Australia’s DNFBP crisis, require a localised response.
To understand risk exposure in this environment and avoid regulatory compliance penalties, firms must be able to collect and analyse data at scale, with speed and accuracy. Ripjar’s Labyrinth Screening platform was designed with that objective in mind, enabling firms to search customer names in real time against thousands of adverse media stories, sanctions lists, and watchlists. Integrating machine learning technology, Labyrinth helps firms extract meaningful data from a spectrum of structured and unstructured sources, and adapt quickly to the changing regulatory requirements of jurisdictions across APAC and the world.
To discuss how Ripjar can help you with AML compliance in APAC, get in touch
US compliance teams faced no shortage of adversity in 2022, not least the consequences of Russia’s invasion of Ukraine and lingering Covid-19 pandemic measures. Those challenges prompted a decisive regulatory response from the US government, and meant that firms had to adapt to an evolving anti-money laundering (AML) and counter-financing of terrorism (CFT) risk landscape in order to avoid damaging penalties.
With the Ukraine war and economic turbulence ongoing, US AML regulations will continue to evolve to meet new financial crime risks in 2023. To help your firm navigate the compliance landscape and meet its obligations, let’s take a look at some of the key upcoming US AML regulation changes.
The FINCEN Final Rule
The US’ Anti-Money Laundering Act 2020 (passed on 1 January 2021) set out new rules for the reporting of beneficial ownership information (BOI). Intended to crack down on the use of shell companies and legal structures in money laundering, the rules introduce new reporting requirements and ensure that US law enforcement and security agencies have access to essential company ownership information.
In September 2022, the Financial Crimes Enforcement Network (FinCEN) published its final rule on the BOI provisions. Due to be implemented on 1 January, 2024, the final rule broadly aligns with the original proposals, and introduces the following regulatory points:
A definition of “reporting companies” that are obliged to comply with the BOI rules.
A definition of “beneficial owners” which includes individuals that exercise “substantial control” over a company, such as senior officers or C-suite employees, or that have at least 25% control of the company.
A requirement for companies to report “company applicants” which refers to individuals who file company formation documents, and to individuals who direct those responsible for filing.
A list of ownership information that must be reported, including the names, addresses, and birthdates of owners, and other identifying documents (such as driving licences).
A requirement for firms to report no later than 30 days after their registration date.
A clarification of criminal and financial penalties for reporting violations. Under the new rules, responsibility for violations will “fall principally on individuals” rather than reporting companies.
Closing loopholes in the US AML/CFT framework that are vulnerable to exploitation by shell companies and cash real estate purchases.
Continuing to enhance the US AML/CFT framework by providing clear compliance guidance, facilitating information sharing, and funding supervision and enforcement.
Enhancing the effectiveness of law enforcement in combatting illicit finance.
Enabling the benefits of new technologies while mitigating the risks that they pose and addressing the potential threats of virtual assets and other fintech innovations.
Responsible Financial Innovation Act
Introduced to congress in June 2022, the Responsible Financial Innovation Act (RFIA) is intended to “create a regulatory framework for digital assets” in the US. Also known as the “Lummis-Gillibrand Bill” (after its proponents, senators Cynthia Lummis and Kirsten Gillibrand), the RFIA will provide regulatory clarity for the use of digital assets, including the authorities which will provide oversight for them, and will introduce reporting responsibilities for digital asset service providers.
Key highlights of the RFIA include:
Oversight: The Commodity Futures Trading Commission (CFTC) would become the primary regulator of digital assets.
Reporting: Issuers of digital assets would be required to periodically disclose information to the Securities and Exchange Commission (SEC). All digital asset service providers would be required to make certain disclosures to customers.
Stablecoins: Issuers of stablecoins would be subject to new prudential regulations.
DAO classification: Decentralised Autonomous Organisations (DAO) would be classified as “business entities” and subject to the relevant regulations and tax treatment.
Taxation: Digital assets would be subject to tax rules, with the IRS introducing guidance on certain tax issues.
Responsible Development of Digital Assets
The US government’s regulatory focus on digital assets is growing. In September 2022, President Biden released the Comprehensive Framework for the Responsible Development of Digital Assets, which included recommendations for protecting consumers and national security interests from the risks of digital assets.
The Framework suggests that the Biden administration will introduce further regulatory controls on digital assets in 2023 and beyond. Key highlights include:
Guidance: While the US government prepares digital asset regulations, the Treasury will “issue guidance and rules to address current and emergent risks in the digital asset ecosystem”.
Collaboration: The Treasury and other federal agencies will cross-collaborate with US firms to provide and implement regulatory guidance on digital assets.
Education: The US Financial Literacy Education Commission (FLEC) will lead efforts to increase public awareness of the risks and fraudulent practices associated with digital assets.
Global Sanctions and Ukraine
With the invasion of Ukraine entering its second year, it is likely that the US, along with Western allies, will add to its “unprecedented” sanctions programme against Russia and President Vladmir Putin’s regime. In February 2023, the White House announced a range of new economic restrictions, including:
New export restrictions targeting Russia’s defence and energy sectors.
A crackdown on attempts by third parties to evade US sanctions on Russia.
A joint initiative with the UK to impose sanctions against Russian cybercriminals.
Beyond Ukraine and Russia, the US will evolve its sanctions programmes against a range of global targets. In particular, it is likely that the US will continue to exert pressure on Iran in response to its ongoing oppression of human rights protesters, and efforts to develop nuclear weapons. In early February, the Biden administration imposed sanctions against Iranian petrochemical manufacturers that were selling fuel to customers in Singapore and Malaysia.
It is also likely that the US will target China with additional economic sanctions in response to ongoing espionage activities, including the Chinese spy balloon that was discovered in US airspace in early February. Following that incident, the US announced the addition of six Chinese technology companies to the Bureau of Industry and Security (BIS) Entity List as a result of their support for China’s military aerospace programmes.
Using Technology to Comply with US AML Regulations
While the US is following a global trend of digital asset regulation, its sanctions activity in 2023, especially pertaining to Ukraine, may be harder to predict, and depend on both the economic situation in Russia and progress made on the frontlines. In a compliance context, this means that financial institutions must implement agile screening solutions with a global scope, and be ready to move quickly to adapt to geopolitical developments. Innovative AML technology will continue to be critical to US AML compliance. In a complex and evolving risk environment, firms must be able to acquire meaningful data quickly and accurately, and minimise the amount of false positives their screening solution generates.
With that goal in mind, Ripjar’s Labyrinth Screening platform has a proven track record of helping firms extract actionable insight from complex data sets, including millions of adverse news media articles, and international sanctions and watchlists such as the US’ OFAC sanctions list. Labyrinth uses advanced machine learning algorithms to process data in real time, in over 20 foreign languages, delivering results in seconds to ensure your organisation understands its risk liability, in the US and around the world.
Learn more about Ripjar’s US AML compliance solutions: get in touch today
While it’s easy to rely on tried and tested compliance strategies, the financial landscape moves fast, and firms must be able to keep pace with that change to prevent crimes like money laundering and to avoid damaging penalties. Achieving global regulatory compliance means having the right tools, resources, and knowledge in place to manage a range of threats, but even the smallest change in legislation or criminal methodology can have significant effects on a firm’s compliance performance. That challenge requires compliance officers to adjust their compliance approach constantly, screening customers regularly to capture changes in risk, and keeping up to date with the standards and best practices recommended by financial regulators.
In May 2022, the Wolfsberg Group, an association of global banks, published a series of negative news screening (NNS) FAQs to enhance international anti-money laundering (AML) and counter-financing of terrorism (CFT) standards. NNS, or adverse media, is a crucial component of AML/CFT strategies because changes in customer risk are often revealed by media sources before official confirmation. However, it’s easy to forget that established NNS strategies may quickly become outdated without regular reviews, consequently failing to account for new technologies or the sophistication of criminal methodologies.
With a focus on addressing the limitations of certain approaches to negative news screening, the Wolfsberg Group FAQs offer guidance on how firms should adjust their compliance solutions in a changing risk landscape. To help your organisation build and maintain a robust NNS solution, let’s take a look at some of the most important changes you might need to make to your framework in 2023, and the four things you should stop doing.
1. Stop screening against only sanctions and watchlists
Sanctions lists and watchlists, such as the UNSC sanctions list, set out the names of persons subject to international sanctions measures, which usually involve trade prohibitions, asset freezes, and other economic restrictions. Sanctions violations carry significant financial and criminal penalties, so it makes sense that firms focus heavily on screening those documents as part of the AML/CFT process. However, a variety of factors complicate the sanctions screening process, such as translation and spelling variations of names, and out-of-date information – both of which can lead to false positives and, worse, false negatives.
Given the importance of sanctions list compliance, the Wolfsberg Group FAQs recommend broadening the information collected to inform the process – specifically integrating NNS as a way to capture sanctions risk. Global adverse media screening represents a way to stay a step ahead of new sanctions designations, and to resolve potential screening discrepancies. For example, the identity of a customer with a name that resembles a sanctions designation, may be clarified with a NNS search that confirms any initial AML/CFT alert with peripheral information. Similarly, NNS enables firms to respond quickly to new data points, such as announcements of law enforcement investigations, before customers are added to the relevant sanctions lists.
2. Stop relying on search engines for NNS
Negative news media is so useful for AML/CFT compliance officers because it is available, for free, online and easily accessible through public search engines such as Google, Bing and Yahoo. These search engines can deliver results from across the world in seconds, and include data from news organisations, blogs, forums, social media pages, and more. Manual searches are easy to conduct, relatively low cost, and can be integrated easily into an existing compliance framework.
However, search engines have significant limitations in the context of AML/CFT compliance and using them exclusively to conduct NNS could expose your company to risk. Commercial search engines like Google are essentially just content-delivery mechanisms that deliver results based on algorithmic assumptions about what a user wants to find. Those algorithmic results are opposed to the exhaustive data contained in dedicated AML/CFT databases, which are updated regularly with highly relevant information.
3. Stop conducting NNS in a single language
Financial institutions may assume that because a transaction originates in a single country, it is acceptable to limit the NNS process to that country in order to capture criminal threats. This approach represents a dangerous blindspot since it ignores the scope of global financial crime, and the diverse range of risks that a firm may face. Global financial crime necessitates a global compliance response: in the context of NNS, this means that firms must go beyond the ‘immediate’ location of a suspicious transaction and expand the negative news screening process across borders, in more than one language.
Multi-language NNS more accurately reflects the shape and character of international financial crime, which might see a customer commit fraud in one jurisdiction and then try to launder the proceeds in another country. Similarly, a firm may need to screen against foreign language news sources in order to establish if a customer is (or will be) subject to sanctions – and is attempting to exploit a foreign financial system in order to evade those measures. This approach requires technology solutions with multi-language screening capability, conducted with the same level of efficiency as the firm’s native language. Multi-language screening should also take into account differences in spelling, transcription, and translation.
4. Stop overlooking ESG risk
Environmental, social, and governance (ESG) risk has become a global regulatory priority in recent years, with several governments releasing guidance and introducing plans for new laws based on the relevant ethical factors. While NNS has traditionally focused on financial regulations, ESG concerns include waste management, ecological practices, equity, fair labour practices, and community investment, amongst other issues. Failure to consider ESG risk can result in criminal, financial, and reputational damage, and the range of new screening considerations represent a significant compliance burden.
Fortunately, firms may also capture ESG risk data with existing NNS processes – in the same way as they might capture data on money laundering or similar crimes. NNS parameters may be adjusted to detect stories with specific ESG relevance, such as labour disputes, involvement in ecological disasters, and so on. With climate change, workplace equality, and other social concerns rising in prominence in 2023, firms that prepare their compliance frameworks for ESG regulation may be better placed to avoid regulatory friction.
Using Technology to Achieve Compliance in 2023
The Wolfsberg Group FAQ guidance may require service providers to make significant adjustments to their NNS process. That change can be a challenging prospect, involving the broadening of search parameters and the collection and analysis of vast amounts of media data from sources around the world.
In practice, effective NNS means integrating an agile and adaptable technology solution that reflects the fast-moving nature of the media landscape. It may seem burdensome to evolve an established NNS process to meet the standards set out in the Wolfsberg guidance, but it’s important to remember that modern compliance technology can help to reduce or even eliminate the risks associated with outdated NNS processes, with enhanced speed, efficiency, and accuracy.
Ripjar’s Labyrinth Screening platform was designed to address the demands of modern NNS compliance. Labyrinth enables firms to conduct real-time NNS, delivering actionable intelligence in seconds, and ensuring that you learn about changes in customer risk as soon as possible. Powered by cutting-edge machine learning technology, Labyrinth Screening offers a spectrum of compliance advantages, including search capabilities in over 20 foreign languages, and access to thousands of international data sources, from sanctions and watchlists to local and national news outlets.
To learn more about Ripjar’s NNS technology, click here
The EU’s anti-money laundering regulations reflect a challenging global financial landscape, and evolve to account for emerging criminal threats, geopolitical change, and new technologies. Recent events such as the Covid pandemic and Russia’s invasion of Ukraine have only added complexity to the EU’s AML requirements, and increased the importance of regulatory compliance for organisations across the bloc.
Non-compliance with EU AML regulations carries the possibility of strict financial and criminal penalties. In 2022, for example, France’s financial regulator imposed a €1.5 million fine against Crédit Agricole for transaction monitoring and customer due diligence failings, while the Netherlands’ financial regulator issued a €2 million fine against Robeco for similar due diligence failings. With those penalties in mind, EU compliance officers must ensure that they account for a diversity of criminal and regulatory risks, and understand how incoming changes will affect their organisation’s products and services.
From data protection and cryptocurrency, to reporting rules and economic sanctions, the 2023 EU AML package will bring new compliance challenges for firms of every size. To help you stay ahead of those challenges, we’ve put together a guide to the key EU AML developments that your organisation needs to be ready for.
The EU AML Authority
In 2021, as part of its wider EU AML package, the European Commission proposed the creation of a new Anti-Money Laundering Authority (AMLA), which would be dedicated to protecting the EU’s financial system from money laundering and terrorism financing threats. In a September 2022 address, EU Commissioner Mairead McGuinness described AMLA as a “game changer”, and set out a range of functions that it would perform, including the supervision of high risk cross border financial sector bodies, and the provision of a Joint Supervisory Team with national supervisors.
AMLA is scheduled for implementation in 2024. The Commissioner pointed out that it will not replace existing national AML/CFT authorities but will contribute to the creation of a harmonised supervision system across the bloc.
The New 6AMLD
The EU’s AML package also included the announcement of updates to the Sixth Anti-Money Laundering Directive – essentially a ‘new’ 6AMLD. The updates entail a range of legislative mechanisms and measures, which include the introduction of:
National risk assessments every 4 years
Financial intelligence unit (FIU) frameworks for analysis and SAR submission
Clarification of beneficial ownership information requirements
Cross-border asset registers
New public supervisory bodies to provide oversight for EU self-regulatory bodies
Clarification of the rules for collecting personal data in the context of AML/CFT
Enhanced protection for whistleblowers that expose financial crimes
Common Rules of Conduct for FIs
Accompanying the creation of AMLA, will be the introduction of a ‘single rulebook’ for AML/CFT across the EU, based on the harmonised practices set out in the AMLDs. The single rulebook will establish a set of common rules of conduct for financial institutions (FIs) operating in the EU, including:
More detailed customer due diligence (CDD) rules to help FIs determine what type of measures should be applied for different levels of risk.
Clarification on the rules for determining ultimate beneficial ownership (UBO) in order to establish a more consistent definition of the term across the EU. The rules will also clarify the powers and obligations of FIs when investigating UBO.
A requirement to connect bank accounts to national registers in order to facilitate faster information sharing processes.
Crypto Asset Transfer Regulations
In June 2022, the EU announced its landmark Markets in Crypto Assets (MiCA) framework, which will come into legal effect in 2024. A set of crypto regulations relating to unbacked crypto assets and stablecoins, MiCA imposes the following compliance requirements on cryptocurrency service providers:
Under MiCA, issuers of stablecoins will have to maintain a sufficient liquid reserve to ensure redemption in the event of a mass withdrawal.
MiCA will require crypto asset service providers to obtain authorisation from a national authority in order to operate in the EU.
MiCA will introduce a public register of crypto asset service providers that are non-compliant with the new regulations. The register will be overseen by the European Banking Authority (EBA).
MiCA will come into effect in 2024 along with the Transfer of Funds Regulation (TFR), a separate set of compliance requirements that address the anonymity risks associated with cryptocurrency transactions. The TFR will introduce the following measures and controls:
Cryptocurrency exchanges must obtain the personal details of all parties involved in a crypto asset transfer or transaction. This requirement also applies to unhosted crypto wallets when the value of a transaction exceeds €1,000.
Crypto service providers must screen beneficiaries of transactions against sanctions lists.
Crypto service providers must provide the authorities with the personal data of customers when it is requested.
EU firms should begin preparing for the introduction of TFR and MiCA, which are legislatively intertwined, and which are designed to further harmonise AML/CFT regulations across the EU.
The UK’s Second Economic Crime Bill
While the UK left the EU in 2020, its AML/CFT regulations have kept pace with those of the EU. One of the most significant regulatory changes that will take effect in the UK in 2023 is the second Economic Crime (Transparency and Enforcement) Bill, which will prioritise the prevention of foreign money laundering and promote the UK as a safe business destination. Under the second Economic Crime Bill, the UK will implement the following regulatory steps:
Enhanced investigative and enforcement powers for Companies House.
Reform of limited partnership regulations to prevent misuse by foreign persons.
New regulatory powers to seize and recover crypto assets derived from money laundering and other financial crimes.
Enhanced anti-money laundering regulations including reformed information sharing rules, a simplified SAR submission process, and an increased focus on high value financial crime.
The second Economic Crime Bill builds on steps taken in the first Bill, which introduced an overseas entities register containing beneficial ownership information, a simplified unexplained wealth order (UWO) process, and strict liability for economic sanctions breaches. The Economic Crime Bills reflect the UK’s commitment to keeping pace with the EU, in 2023 and beyond, on issues such as Russian abuse of western financial systems, and the money laundering risks posed by cryptocurrencies.
How Technology Can Support EU Regulatory Compliance in 2023
The EU AML package will require firms to expand their compliance capabilities in 2023, with specific new requirements for data collection during CDD and UBO checks, and the sanctions screening process. At the same time, firms will have to adapt to enhanced scrutiny from new and existing authorities, which will be focusing on AML/CFT harmonisation. In this changing environment, it is crucial that firms find and implement a technology solution capable of meeting new compliance standards, and of adapting to new regulations as they are introduced.
Ripjar’s Labyrinth Screening platform offers your business a powerful advantage in meeting the evolving standards of EU AML/CFT compliance. Powered by machine learning technology, Labyrinth Screening enables you to search customers against thousands of structured and unstructured data sources, including adverse media, and global sanctions and watch lists. Labyrinth delivers actionable intelligence in real time, screening in over 20 foreign languages, to ensure that you know as soon as possible when a customer’s risk profile changes, and can adapt to new threats as they emerge, or new legislation as it is implemented.
Learn more about Ripjar’s EU AML/CFT compliance solutions – contact us today
Automated AI/ML tools have significant potential for fighting financial crime, especially in the context of anti-money laundering (AML) and counter-financing of terrorism (CFT), since they enable financial institutions to analyse data and make compliance decisions faster and more accurately. The decision-making power of AI/ML can also help to reduce false positive alerts, increasing the efficiency of the AML/CFT compliance process and allowing firms to better adapt to emerging criminal methodologies and changing regulations.
Given the influence of the Wolfsberg Group on international AML and CFT standards, it is important that financial institutions are familiar with the newly-released Principles, and are able to integrate them within their AI financial crime strategies.
What are the AI and Machine Learning Principles?
In its mission to help global banks tackle financial crime, the Wolfsberg Group has previously stated its support for using AI and ML to “detect, investigate, and manage” risks such as money laundering, terrorism financing, and fraud. With that in mind, one of the group’s current priorities is to help both public and private sector entities take advantage of the opportunities presented by innovations – such as AI and ML – in financial crime and risk management contexts.
The Principles align with the Wolfsberg Group’s objective to see financial service providers leverage technological advances to improve compliance while reducing friction for customers using financial products. However, the Group points out that it is “critical” for firms to “consider data ethics” when using AI/ML technology, and so must also “understand the potential impact” of such technology “to ensure that it results in fair, effective, and explainable outcomes.”
The Wolfsberg Group’s 2022 AI compliance principles comprise the following five elements.
Legitimate Purpose
The Principles emphasise the need for financial institutions to be aware of, and guard against, the misuse and misrepresentation of data collected by AI/ML systems. Specifically, the Principles state that AI/ML solutions must be adopted for “the legitimate purpose of financial crime compliance” and not be used for other activities (for example, market research). Key to the successful application of the legitimate purpose principle is the integration of an “assessment of ethical and operational risks” of AI/ML into a compliance solution.
Proportionate Use
Financial institutions must balance the development and implementation of AI/ML solutions against the risks that they present. Practically, this means that financial institutions should consider the proportionate use of AI/ML technology, using it only where it can effectively detect and prevent financial crime as part of their compliance infrastructure, and where it is cost efficient to do so. The Wolfsberg Group also notes that AI/ML technologies entail a margin of error, and that this should also be included when determining proportionate use.
Design and Technical Expertise
The Principles stress the importance of financial institutions understanding how to use AI/ML technology in order to “avoid ineffective financial crime risk management” and to ensure it is applied ethically. This means that firms must implement AI/ML compliance solutions with clear compliance outcomes in mind, and ensure that personnel responsible for the technology should have suitable skills and expertise, and be able to identify potential data biases. Similarly, senior management personnel should be familiar with the ways that AI and ML are integrated as part of their firm’s compliance solution, and ensure that robust testing and validation programmes are in place to deliver ongoing effectiveness.
Accountability and Oversight
Regardless of whether their AI/ML solutions are developed in-house or outsourced, financial institutions should understand that they bear ultimate regulatory responsibility for their outcomes. Given that compliance failures carry significant financial and criminal penalties in most jurisdictions, it is important that firms train their employees on how to use the technologies properly and think carefully about oversight, especially in contexts where there are data management risks and other ethical concerns. Firms should challenge their AI/ML accountability infrastructure regularly to ensure it remains effective.
Openness and Transparency
The sensitive nature of the data that AI/ML systems process make openness and transparency significant operational priorities. When considering transparency requirements, firms should take care to ensure that they balance the capability of AI/ML systems to detect and prevent financial crime, with the need to protect the privacy rights of their customers and clients (along with other data protection obligations). Examples of transparency in AI/ML contexts include explaining exactly how the technology uses data, how the technology processes inputs, and how it operates in line with a firm’s governance and risk appetite.
How to Comply with the Wolfsberg Group’s AI Principles
Data is critical to AI/ML compliance technology and the Wolfsberg Group acknowledges that AI/ML solutions “require financial institutions to consolidate and process large amounts of data, from multiple sources”. To meet that requirement, firms must put automated global screening solutions in place to manage their data needs, and use those solutions to screen customers on an ongoing basis to ensure they capture the latest risk information.
Integrating cutting-edge machine learning technology, Ripjar’s Labyrinth Screening solution is designed with that need in mind. Labyrinth is capable of searching customer names against thousands of global data sources, including foreign adverse media sources in over 20 languages, and generating results in seconds. In a shifting regulatory landscape, Labyrinth Screening enables firms to blend structured and unstructured data to deliver actionable, real time insight, reduce compliance friction, and respond to compliance alerts as quickly as possible.
Learn more about Ripjar’s AI and ML-enabled screening technology: contact us today
In October 2022, the Australian Transaction Reports and Analysis Centre (AUSTRAC) released guidance on how firms should conduct source of funds and source of wealth checks on their customers, as part of their anti-money laundering (AML) and counter-financing of terrorism (CFT) obligations. Following draft guidance released earlier in 2022, the publication emphasises the importance of the risk-based approach, which requires firms to assess each customer’s risk individually and deploy proportionate compliance measures.
AUSTRAC’s focus on source of funds and wealth comes in the context of an ongoing investigation in Star Entertainment Group, which allegedly submitted fake source of funds letters to the Bank of China to prevent appropriate AML checks into certain customers’ gambling income. If the investigation finds that the letters were faked, Star Entertainment Group could be charged with money laundering offences, and face significant financial and criminal penalties.
The new AUSTRAC source of funds and source of wealth guidance is designed to help firms in Australia deal more effectively with suspicious high value transactions, and so sets out directions for collecting relevant source of funds and wealth information, and for verifying that information. With the Star Entertainment Group investigation ongoing, it is important the firms in Australia become familiar with the new guidance, and implement it within their own compliance solutions.
Defining Source of Funds and Source of Wealth Checks
AUSTRAC’s guidance states that the identification of sources of funds and wealth “is an important part of understanding your customers’ financial circumstances, background and position” and, crucially, can indicate whether a customer is involved in criminal activity. Before establishing a customer’s source of funds or wealth, however, it is necessary to define certain concepts associated with the check process:
Source of funds: The funds involved in specific transactions or used to pay for designated services. Examples might include gambling payouts, shares and dividends, inheritance payments, pension payments, legal compensation or the sale of property, artwork, or vehicles.
Source of wealth: The funds that comprise a customers’ entire wealth and assets. Source of wealth may also take in the activities that contributed to a customer’s net worth. Examples might include long term investments, income from employment, income from rental properties, income from businesses, and assets acquired through inheritance.
Risk-based approach: AUSTRAC has previously published guidance around the risk based approach to AML/CFT, which essentially enables firms to balance their compliance resources and budget with the level of risk that they face. In practice, ‘risk-based’ means that higher risk customers should be subject to enhanced due diligence (EDD) measures that involve greater scrutiny of their financial activities. Source of funds and source of wealth checks should be part of the EDD process since they enable firms to establish how and where customers obtained their funds and assets.
Key Guidance
AUSTRAC’s 2022 guidance involves the following key points:
Risk triggers: Source of funds and wealth checks should be triggered under certain EDD circumstances, including:
The overall rating that a customer risk assessment generates, which may depend on the customer’s circumstances, transactional activity, geographic location, and the products and services that they use.
The quality of a customer’s due diligence information. Incomplete, missing, or fraudulent information, for example, may indicate that a customer has high AML/CFT risk and that their source of funds or wealth should be scrutinised.
Adverse media that indicates a customer is involved in criminal activity or that their AML/CFT risk profile has changed (such as designation on a sanctions list, for example).
Politically exposed persons: Government employees and elected officials, known as politically exposed persons (PEP), carry a higher AML/CFT risk. Accordingly, AUSTRAC requires firms to conduct source of funds and source of wealth checks on all PEP customers, along with their relatives and close associates (RCA). It is worth noting that foreign PEPs present a particularly high AML/CFT risk.
Privacy law: Source of funds and source of wealth checks often involve the collection of customers’ sensitive personal data, which means that firms should be aware of their responsibilities under Australian privacy law. AUSTRAC emphasises the need to consult the Australian Privacy Principles when collecting funds and wealth data.
Verifying Source of funds and Source of Wealth
AUSTRAC directs firms to collect and analyse a range of information in order to verify sources of funds and wealth. That process may include consulting resources already provided by customers, requesting a formal declaration from customers, and searching secondary sources such as websites, adverse media, commercial databases, and sanctions and watchlists.
The specific approach a firm takes to verifying source of funds and source of wealth may vary:
Source of funds verification: In order to verify sources of funds, firms must establish the origin of a customer’s funds, and substantiate how the customer received the funds in the first place (property sales, gifts, etc). Where a third party has provided a customer with funds, firms should seek to verify that original transaction.
Source of wealth verification: AUSTRAC warns that it may be more difficult to verify sources of wealth than sources of funds, and that the type of information required for satisfactory verification may vary depending on a customer’s risk. The guidance suggests that source of wealth verification should be obtained via reputable sources, including company registries, banks, accountants, and lawyers.
Using Technology to Enhance Source of Funds and Wealth Checks
Effective risk-based source of funds and source of wealth checks require firms to collect a range of data, sometimes from disparate, unstructured sources, in order to ensure that they understand their customers’ risk profiles. That objective means screening customers and transactions on an ongoing basis so that firms can detect suspicious transactions and changes in risk as soon as possible. With that challenge in mind, it is crucial that firms implement screening technology capable of managing vast amounts of data, from domestic sources and from around the world, to generate information about funds and wealth quickly and efficiently.
Ripjar’s Labyrinth Screening solution enables firms to enhance their source of funds and source of wealth checks significantly, gathering customer data from thousands of sources in real time, including sanctions and watch lists, PEP lists, and foreign adverse media stories in over 20 languages. Integrating powerful machine learning technology, Labyrinth blends structured and unstructured data seamlessly in order to reconcile customers’ financial activities with expected behaviour. With Labyrinth Screening we aim to optimise the results of source of funds and wealth checks, reducing noise and false positives in order to deliver actionable intelligence and, ultimately, help you make crucial compliance decisions.
To learn more about risk-based AML/CFT screening solutions, contact us today.
