The sanctions enforcement measures included in the Economic Crime Bill will bring the UK sanction regime into closer alignment with US sanctions programmes and will, according to OSFI Director Giles Thomson, ‘strengthen OFSI’s ability to take appropriate enforcement action against persons…that fail to ensure they are not dealing with sanctioned entities’.
With the new rules now in effect, it is crucial that UK financial institutions understand their sanctions compliance obligations.
OFSI Sanctions Enforcement Powers
The rules set out in the Economic Crime Act concern sanctions enforcement and monetary penalties for persons that breach sanctions regulations. As of 15 June, 2022, the following measures are in effect:
Strict liability: Breaches of UK sanctions regulations will be evaluated on a strict liability basis regardless of an individual’s intent or knowledge that they were in violation.
Proportionate penalties: OFSI has the power to impose monetary penalties for sanctions breaches ‘proportionately and effectively’ and where it is ‘in the public interest to do so’. The rules emphasise the importance of self-disclosure and attempts to prevent sanctions breaches as mitigating factors in any subsequent punishment.
Publication of breaches: OFSI has the power to make the details of sanctions breaches public where a monetary penalty has not been imposed.
Penalty reviews: Senior UK officials may now conduct reviews of monetary penalties for sanctions breaches, in addition to UK ministers.
The Changing Sanctions Landscape
The OFSI sanctions enforcement changes are designed to make the UK’s sanctions regime more impactful and responsive to global threats.
Prior to 15 June, OFSI was not able to prosecute sanctions breaches unless there was ‘reasonable cause to suspect’ that the person breaching the rules knew that they were doing so. This meant that many sanctions violations went unpunished as a result of a lack of supporting evidence – and allowed sanctions targets to continue to perpetrate illegal activity.
Similarly, where a sanctions breach previously did not result in a monetary penalty, OFSI was unable to release details of the persons responsible to the public. Under the new rules however, firms will still risk reputational damage for sanctions violations even if they are not punished financially.
Finally, by extending the power to review sanctions penalties to senior officials, OFSI intends to speed up the UK’s sanctions enforcement process and ensure that the measures remain a useful diplomatic deterrent.
The fast-tracking of the Economic Crime Act, and its relevant sanctions enforcement measures, reflects the UK’s attitude to ongoing Russian aggression in Ukraine, and the threat that poses to regional and global stability. The UK’s reputation as a financial destination for Russian oligarchs, including members of President Vladimir Putin’s elite inner circle, meant that a huge amount of Russian assets were held in UK banks and financial institutions when the invasion began. With that in mind, UK sanctions against Russia represent a significant part of the collective global response to the invasion, and the 2022 enforcement measures a way for OFSI to act more decisively against organisations and individuals that take action to prolong the hostilities.
UK Business Challenges
OFSI’s new sanctions rules, and in particular the introduction of strict liability, require UK businesses to review their sanctions screening solutions carefully. In the context of Russia’s war with Ukraine, and the global sanctions landscape, new designations are added and withdrawn from watchlists regularly, which means UK firms must ensure that their solutions are updated continuously to ensure they are not doing business with the UK’s Russian sanctions targets, or any targets on the UK government’s autonomous sanctions watchlist.
Given the urgent need for sanctions compliance, UK firms must implement a screening solution capable of collecting and analysing vast amounts of customer and transaction data, and of reacting to a constantly changing regulatory environment. In practice this means:
Conducting suitable due diligence to establish customer identities and build accurate customer risk profiles.
Screening customer transactions for suspicious activity.
Germany is one of the wealthiest members of the EU and a hub for thousands of multinational businesses. While Germany provides an array of commercial opportunities, its financial profile also attracts criminals who seek to exploit the country’s financial system to launder money and commit other financial crimes. Accordingly, AML regulations in Germany are a serious priority for financial authorities: Deutsche Bank, for example, has received significant fines for compliance violations – including a $150 million dollar fine in 2020 for its involvement in the Danske Bank money laundering scandal.
Given the government’s increasing focus on financial compliance, and the potential for significant fines and penalties, companies in Germany should understand the anti-money laundering (AML) and counter-financing of terrorism (CFT) landscape – and how to meet their regulatory obligations.
What is BaFin?
Germany’s financial regulator is known as the Federal Financial Supervisory Authority, or the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin). The regulator was established in 2002 to provide oversight for all financial institutions in Germany, including banks, stock exchanges, and insurance companies.
BaFin’s authority and powers are provided by Germany’s Banking Act (Gesetz über das Kreditwesen). In its supervisory role, BaFin works to ‘prevent irregularities in the banking system’, including those which may endanger the safety of assets or ‘substantially prejudice the economy’. BaFin sets financial regulations, including AML/CFT rules, for all institutions operating in Germany, and monitors their ongoing compliance. It is also responsible for issuing licences to German financial institutions that meet relevant criteria.
AML Regulations in Germany
As a member of the Financial Action Task Force (FATF), Germany transposes FATF AML/CFT recommendations into domestic legislation. Similarly, as a member of the EU, Germany must implement AML/CFT measures introduced in the EU’s Anti-Money Laundering Directives (AMLDs), which are issued periodically in order to maintain regulatory consistency across the union.
With those factors in mind, AML regulations in Germany are set out in the Money Laundering Act or Geldwäschegesetz (GWG). The GWG defines the crime of money laundering in Germany and includes the following important regulatory points:
Following FATF guidance, financial institutions in Germany must develop and implement risk-based AML/CFT programmes.
Financial institutions must implement suitable customer due diligence (CDD) processes and screen customer transactions for suspicious activity.
Where suspicious activity is detected, financial institutions must submit a report to Germany’s Financial Intelligence Unit (FIU).
AMLD Compliance in Germany
Germany’s AML/CFT policy is shaped by the EU Anti-Money Laundering Directives, which reflect evolving financial crime methodologies and harmonise the regulatory environments in different EU member states. The most recent AMLD is the Sixth Anti-Money Laundering Directive (6AMLD) which focuses on the ongoing harmonisation of money laundering regulation across the EU.
Germany implemented 6AMLD via the Draft Act for the Effective Prosecution of Money Laundering (Gesetz zur Verbesserung der strafrechtlichen Bekämpfung der Geldwäsche). The Draft Act introduced the following regulatory measures:
A list of 22 money laundering predicate offences, including environmental crime and cyber crime.
An expansion of the definition of money laundering to include aiding and abetting.
An extension of criminal liability for money laundering to legal persons, meaning companies and partnerships and their senior management employees.
Minimum 4 year prison sentences for individuals convicted of money laundering.
Information sharing requirements with other EU countries in order to facilitate cross-border prosecutions.
Updates to the German Banking Act
The German government implemented updates to the Banking Act in 2021, introducing more stringent AML/CFT measures than required by 6AMLD. Under the new rules, the following AML/CFT measures are in effect:
Predicate offences: The distinction between predicate offences and money laundering offences has been removed. Under the new rules, German authorities may prosecute a broad range of financial crimes as money laundering offences.
Foreign companies: If foreign companies (or a subsidiary) are active in Germany, those companies may be liable to German prosecution for money laundering. Similarly, foreign companies that commit money laundering predicate offences abroad may face criminal liability for those offences in Germany.
Reporting obligations: Businesses in Germany must now comply with more comprehensive AML/CFT reporting rules, applicable to a broader range of transactions. Businesses may also be required to justify their business procedures to the FIU.
AML in Germany: Achieving Regulatory Compliance
Under FATF recommendations, German financial institutions must take a risk-based approach to compliance – which means they must assess individual customers and then deploy a proportionate compliance response. With that in mind, firms in Germany should implement suitable Know Your Customer (KYC) procedures in order to understand their customers’ financial behaviour, including:
Identity verification: Financial institutions should perform customer due diligence (CDD) in order to establish and verify their customers’ identities. The CDD process should involve the collection of customer names, addresses, and birthdates, and the collection of company information including beneficial ownership details.
Transaction screening: German firms must screen their customers’ transactions for signs of financial crime, including irregular transaction patterns, and transactions involving high risk counterparties or jurisdictions.
Environmental, social and governance (ESG) factors and adverse media monitoring are an important part of AML/CFT compliance in Germany.
ESG
In December 2019, BaFin published its Guidance Notice on Dealing with Sustainability risks which included descriptions of ‘risk identification, management, and control processes’. In 2021, the German government passed the Supply Chain Act (Gesetz über die unternehmerischen Sorgfaltspflichten in Lieferketten), a law concerning corporate due diligence for supply chains. Under the rules, firms in Germany must extend humanitarian and environmental due diligence obligations to their supply chains, including establishing systems to prevent and minimise ESG risk.
Adverse Media
Customer involvement in financial crime is often revealed in news media prior to its confirmation by official sources. With that in mind, adverse media, also known as negative news, is a good indicator of AML/CFT risk.
Under EU AMLD regulations, firms in Germany must implement adverse media screening requirements as part of their risk management solution. The Fourth Anti-Money Laundering Directive (4AMLD), for example, introduced a requirement for firms to screen against open source media, such as ‘reputable newspapers’. 5AMLD subsequently expanded that requirement to a broader range of business sectors and emphasised the need for firms to integrate suitable screening technology.
2024 Bafin Guidance: Mandatory Adverse Media Screening
In July 2024, BaFin updated its GWG compliance guidance, known as Auslegungs und Anwendungshinweise (AuA), in anticipation of the new EU Anti-Money Laundering Act (AMLA), and the need for ongoing compliance with EU AMLDs. Amongst the compliance updates set out in AuA ‘2.0’ was the introduction of mandatory adverse media screening.
While AuA 2.0 acknowledges that adverse media screening is not explicitly required under the GWG, it states that sanctions screening and high risk country list screening is no longer sufficient for compliance, and that firms in Germany must “use all knowledge available” in order to establish AML risk, including knowledge derived “from media analyses”.
Following the updated guidance, firms in Germany must now implement adverse media screening as part of their GWG compliance solution.
Next Generation AML Technology
In order to achieve compliance with AML regulations in Germany, it’s vital that you integrate AML software capable of analysing vast amounts of relevant customer data, and of minimising costly false positive alerts. Ripjar’s next generation Labyrinth Screening platform is built for that purpose, integrating cutting edge screening technology to deliver automated data management, multilingual name matching, and the capability to adapt to a changing risk landscape in real time.With the capability to build deetailed AI Risk Profiles for every customer, and generate concise AI Summaries of that risk data, Labyrinth promises to supercharge your screening solution, strengthen decision making, and ensure your business is always prepared for compliance challenges.
The EU has set an implementation date of 2024 for AMLA, which means that banks and financial institutions across the region must understand how the new authority will function when it begins operations and how it will affect their AML/CFT responsibilities.
European Banking Authority – EBA Report
The AMLA announcement came in light of growing concerns that the EU needs to do more to address the challenges of risk-based AML/CFT supervision across the region. In 2019, the European Banking Authority (EBA) initiated an assessment of competent authorities’ AML/CFT approaches in EU member states. The results of that assessment were released in 2022, and revealed that ‘significant challenges remain in important areas such as the identification and assessment of money laundering and terrorist financing risks.’
The EBA identified a number of common supervisory challenges, including:
Identifying money laundering risks in the banking sector.
Translating assessments of money laundering risks into risk-based supervisory strategies.
Using resources to ensure effective AML/CFT supervision.
Taking proportionate enforcement measures to correct AML/CFT compliance weaknesses.
Ensuring effective cooperation between member states’ FIUs.
What Will AMLA Do?
The Anti-Money Laundering Authority is a component of the EU’s comprehensive policy on preventing money laundering and terrorism financing. In practice, AMLA will have two main areas of AML/CFT focus:
AML/CFT supervision
Support for member state Financial Intelligence Units (FIU)
In its supervisory role, AMLA will carry out periodic reviews of the financial authorities that it supervises, monitoring and supporting financial institutions and ensuring the harmonised application of EU AML/CFT regulations. The manner in which AMLA exerts its regulatory power will vary by the level of AML/CFT risk that financial institutions present, and constitute both direct and indirect supervision.
Direct supervision
AMLA will take a direct supervisory role with EU financial institutions that pose a particularly high AML/CFT risk. This category of institution is referred to as ‘Selected Obligated Entities’.
Selected Obligated Entities will be designated according to a range of criteria, including how many EU member states a particular entity is established in. For example:
Credit institutions that are established in 7 EU member states or more (including as subsidiaries or branches)
Financial institutions that operate in 10 EU member states or more (including as subsidiaries or branches)
Selected Obligated Entities will also be designated according to certain benchmark risk indicators, such as:
The number of high risk customers, such as politically exposed persons (PEPs), that they do business with.
The volume of products and services they trade in that have AML/CFT vulnerabilities.
The volume of deposit and payment account services that they provide.
The volume of correspondent banking services that they provide to third parties.
The volume of correspondent banking clients from high risk third countries that they do business with.
The volume of activity that they engage in with virtual asset service providers in third countries.
AMLA’s direct supervisory authority gives it the power to conduct investigations into Selected Obligated Entities, demand the submission of documents, conduct interviews, and perform on-site inspections. Where AMLA discovers compliance violations or AML/CFT deficiencies, it may:
Request a plan detailing how the entity will achieve AML/CFT compliance.
Place restrictions on the entity’s business operations.
Impose changes to the entity’s governance structure.
Withdraw licences.
Penalties: AMLA may also impose penalties on the entities that it supervises. AMLA financial penalties may be imposed up to a maximum of 10% of the entity’s previous annual turnover, or €10 million. AMLA may also refer certain matters to the relevant national authorities in cases where it is possible to prove criminal activity.
Indirect supervision
AMLA will have an indirect supervisory role with non-Selected Obligated Entities via their national financial authorities. When the AML/CFT compliance performance of these entities degrades significantly, national financial authorities will be required to notify AMLA, which may then request an investigation or the imposition of sanctions. In some cases, AMLA may request national authorities grant it direct supervision over the noncompliant entities.
Beyond any need for intervention, AMLA will exercise indirect supervision on an ongoing basis by maintaining a harmonised AML methodology in member states. With this in mind, AMLA will set out guidelines and make recommendations for risk-based AML/CFT, perform periodic assessments of national supervisors, and even conduct reviews of non-financial supervisory authorities.
Risk Assessments and AMLA
AMLA’s supervisory focus is intended to promote a harmonised regulatory environment across the EU, with member states categorising financial institutions by their exposure to AML/CFT risk and imposing risk-based compliance requirements on those institutions. Following Financial Action Task Force (FATF) guidance, risk-based AML is predicated on a need to perform effective assessments of customers and their transactions in order to build accurate risk profiles. Risk assessments should take place at onboarding and then throughout the business relationship to capture changes in risk.
With that in mind, firms should prioritise the following processes as part of their risk-based approach:
Customer due diligence: EU banks and financial institutions must understand who their customers are in order to perform accurate risk assessments. In practice, this means performing suitable customer due diligence (CDD) by collecting data such as names, addresses, dates of birth, and company incorporation details.
Ultimate beneficial ownership: Money launderers may attempt to use corporate structures or shell companies to conceal their identities. Accordingly, EU firms should establish ultimate beneficial ownership (UBO) of customer entities as part of their CDD process in order to inform their risk assessments.
Enhanced due diligence: Higher risk customers, or customers that generate certain AML alerts as a result of a risk assessment, should be subject to enhanced due diligence (EDD) measures, including more intensive screening and monitoring procedures.
PEP screening: Elected officials and government employees present a higher AML/CFT risk and may be classified as politically exposed persons (PEPs). Firms should screen their customers to establish whether they should be classified as PEPs and monitor their status for any changes in risk.
Adverse media monitoring: Changes to customer risk profiles may be revealed in global news media. With that in mind, firms should monitor adverse media sources from across the world for stories that involve their customers. Adverse media monitoring is one of the best ways to enhance the risk assessment process since customer risk exposures may be revealed in news stories prior to their confirmation by official sources.
AMLA and Financial Intelligence Units
AMLA’s AML/CFT support focus means that it will coordinate with member states’ Financial Intelligence Units to facilitate cross-border cooperation. Practically, AMLA’s support role will include:
The release of guidelines and recommendations to member states’ supervisory authorities and to regulated entities.
The introduction of templates and models for suspicious activity reporting.
Participation in joint analysis of cross-border suspicious activity.
The introduction of a secure network between EU FIUs known as FIU.net.
AMLA Compliance
AMLA is expected to be operational by 2024 which means that firms should begin preparing now to meet the challenges of a new compliance environment. Effective, risk-based AML requires the strategic application of technology: firms must be able to capture a vast amount of customer and transaction data, and perform ongoing monitoring to detect changes in risk profiles. With that in mind, Ripjar’s next generation AML solutions are designed to identify and manage risks in real time, and help firms adjust to new threats and obligations as they emerge.
To find out how Ripjar can help your business achieve compliance in a changing EU regulatory landscape, get in touch today.
In an evolving regulatory landscape, you need to understand how to meet your anti-money laundering compliance responsibilities wherever you do business. Global anti-money laundering (AML) and counter-financing of terrorism (CFT) compliance is a complex challenge that can vary significantly by jurisdiction, risk environment, and emerging fintech innovations.
To help your business overcome its compliance challenges, and understand its regulatory responsibilities read our guide to money laundering regulations around the world.
Global Money Laundering Regulations
The Financial Action Task Force
An intergovernmental organisation comprising 39 member states, the Financial Action Task Force (FATF) works to prevent international money laundering and terrorism financing, and to enhance the global compliance standards. To achieve those objectives, the FATF has developed a set of AML/CFT recommendations which its member-states must implement via domestic legislation. As new criminal trends, regulations, and fintech innovations emerge, the FATF adjusts its recommendations to reflect the global risk environment.
FATF compliance generally requires member-states to implement the following fundamental AML measures and controls:
Governments must treat money laundering as a criminal offence and establish a national financial intelligence unit (FIU) to manage money laundering reports.
Domestic businesses should implement a risk-based approach to money laundering, performing risk assessments on their customers and deploying proportionate compliance responses.
Businesses should implement Know Your Customer (KYC) measures, including customer due diligence (CDD), in order to build out accurate customer risk profiles.
Businesses should screen and monitor their customers on an ongoing basis in order to detect suspicious activity and capture changes in risk profiles. Customers should be screened against relevant risk indicators, such as politically exposed person (PEP) lists, sanctions lists, and adverse media stories.
Financial authorities should assist international counterparts in cross-border criminal investigations.
European Money Laundering Regulations
The Anti-Money Laundering Directives
The European Union issues Anti-Money Laundering Directives (AMLD) on a periodic basis in order to standardise AML/CFT regulation across the bloc. EU member-states are required to transpose the regulatory measures set out in the AMLD into domestic legislation – and do so by a predetermined implementation deadline. The latest EU AMLDs are the Fifth Anti-Money Laundering Directive (5AMLD) cand the the Sixth Anti-Money Laundering Directive (6AMLD), which introduced the following key AML/CFT measures:
5AMLD – Implemented 10 January 2020
Introduced public right of access to beneficial ownership registers and role-based PEP lists.
Expanded AML/CFT reporting and record-keeping obligations to cryptocurrency service providers.
Introduced transaction limits of €150 for prepaid card transactions, and €50 for online prepaid card transactions.
Imposed AML/CFT reporting and record-keeping obligations on high value transactions of €10,000 or more as a way to address financial crime in boutique industries such as the art trade.
Introduced mandatory enhanced due diligence checks for transactions involving high risk countries.
6AMLD – Implemented on 3 June 2021:
Set out a harmonised list of 22 money laundering predicate offences, including the two new offences of cyber-crime and environmental crime.
Added ‘aiding and abetting’ to the definition of the money laundering criminal offence.
Extended criminal liability for money laundering to legal persons, essentially enabling corporations to be punished for criminal activity perpetrated by employees.
Introduced harsher punishments for money laundering offences, including minimum 4 year prison terms.
Introduced requirements for member-states to share information in order to facilitate dual-criminality prosecutions that span international borders.
Accordingly, under UK AML/CFT rules, financial institutions must conduct risk-based checks on their customers, including performing customer due diligence (CDD) checks, establishing ultimate beneficial ownership (UBO), screening against PEP lists and sanctions lists, and running adverse media checks.
The Financial Conduct Authority (FCA) is the UK’s main financial regulator. Working with the Bank of England and the Prudential Regulatory Authority, the FCA sets out regulatory compliance requirements and provides AML/CFT oversight for UK financial institutions.
Switzerland
Switzerland regulates money laundering and terrorism financing under the Federal Act on Combating Money Laundering and Terrorist Financing in the Financial Sector 1997, also referred to the as the Anti-Money Laundering Act (AMLA). The act imposes AML/CFT reporting and record-keeping regulations on financial institutions in Switzerland, along with sanctions, PEP, and adverse media screening requirements.
The Swiss Financial Market Supervisory Authority (FINMA), or Eidgenössische Finanzmarktaufsicht, is Switzerland’s primary financial regulator. FINMA is responsible for issuing operating licences to Swiss banks and financial institutions and for ensuring compliance with AML/CFT regulations.
Nordic States
While AML regulations vary across the region, Nordic states generally mirror their southern and western neighbours in implementing the latest FATF money laundering guidance. As EU member-states, Sweden and Finland are required to transpose the anti-money laundering directives into domestic legislation. Norway is not in the EU and while it is not obliged to implement AMLD, it has, via its Anti-Money Laundering Act (2018), transposed 4AMLD and 5AMLD. In practice, this means that Nordic states impose the same kind of CDD measures, and sanctions, PEP, and adverse media screening processes as other FATF-member states.
Nordic countries have dedicated financial authorities, known as Financial Supervisory Authorities (FSA), that provide AML/CFT supervision, issue operating licences, enforce regulations, and work with governments to develop new legislation. Sweden’s FSA is called Finansinspektionen, while Denmark’s FSA and Norway’s FSA are both called Finanstilsynet.
The Middle East
Middle Eastern AML/CFT regulations are often significantly divergent between states. With that in mind, many Middle Eastern countries present an elevated risk of money laundering and are designated on the FATF’s Jurisdictions under Increased Monitoring list – also known as the FATF ‘greylist’. The greylist currently includes Jordan, Pakistan, Syria, Yemen, and the United Arab Emirates.
The United Arab Emirates, comprising Abu Dhabi, Dubai, Sharjah, Ras Al Khaimah, Ajman, Umm Al Quwain, and Fujairah, was placed on the FATF greylist in 2022. The FATF cited deficiencies in the UAE’s AML/CFT framework, including poor beneficial ownership controls and ongoing failure to address terrorism financing. The UAE’s primary AML/CFT legislation is the Federal Decree-Law No. (20) of 2018 On Anti-Money Laundering and Combating the Financing of Terrorism and Financing of Illegal Organisations. The law requires financial institutions in the UAE to implement AML reporting, record-keeping, and screening measures. In response to FATF concerns, the UAE has extended AML/CFT rules to designated non-financial businesses and professions (DNFBP).
The US regulates money laundering and terrorism financing through the Bank Secrecy Act (BSA) and the Partriot Act. The Bank Secrecy Act was introduced in 1970 and requires US banks and other financial institutions to implement an internal AML program with reporting and record-keeping obligations, and with risk-based CDD measures, and PEP, sanctions, and adverse media screening requirements. The Patriot Act was introduced in 2001 in response to the September 11 terror attacks: it modified the BSA by adding new CDD and screening requirements and increasing noncompliance penalties.
In 2021, the US passed the Anti-Money Laundering Act 2020 (AMLA), the most significant amendment to the BSA since the Patriot Act. AMLA introduced the following AML/CFT measures:
New requirements for the disclosure of beneficial ownership.
Increased financial penalties for money laundering offences and compliance violations.
New protections for corporate AML/CFT whistleblowers.
Expanded powers for US authorities to investigate foreign banks suspected of money laundering.
A pilot program to increase information sharing with the foreign branches of US banks.
The US’ primary AML/CFT regulator is the Financial Crimes Enforcement Network (FINCEN), which works at a state and federal level to ensure BSA compliance. In addition to FINCEN, the US’ Office of Foreign Assets Control (OFAC) works to enforce the US’ sanctions regulations.
The Hong Kong Monetary Authority (HKMA) is responsible for supervising banks and financial institutions in Hong Kong.
Singapore
Singapore is also an FATF member-state and has implemented a risk-based approach to AML/CFT in its domestic legislation. Singapore’s main money laundering regulation is the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act (CDSA) which defines the offence of money laundering and sets out the relevant CDD measures and screening controls required for compliance. In 2020, Singapore implemented the Payment Services Act (PSA) which expanded AML/CFT regulations to payment service providers and fintech services in the city.
As an FATF member-state, Australia requires banks and financial institutions to implement risk-based AML/CFT solutions. Australia’s primary AML/CFT regulations are the Financial Transaction Reports Act 1988 and the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, which set out reporting and record-keeping obligations along with other compliance requirements such as CDD measures, and PEP, sanctions, and adverse media screening.
The Australian Transaction Reports and Analysis Centre (AUSTRAC) provides AML/CFT supervision in Australia with the stated goal of ‘preventing, detecting and responding to criminal abuse of the financial system’. Like other financial regulators, AUSTRACs responsibilities include handling licensing applications, enforcing AML/CFT regulations, and cooperating with international financial authorities.
Nordic countries have a reputation as traditionally safe banking destinations, with the financial institutions of Norway, Sweden, Denmark, Finland and Iceland regularly ranking amongst the safest in the world. However, following a series of high profile international money laundering cases involving Nordic banks, that reputation has been shaken, putting a spotlight on Nordic banking AML compliance.
The cases in question involved banks across the region. In 2018, for example, Denmark’s Danske Bank was implicated in a €200 million money laundering scheme connected to its Eastern European and Russian branches. In 2019, Sweden’s Swedbank was also implicated in the Danske Bank scandal after an investigation revealed it had laundered around €20 billion in its Estonian branches for Russian customers. In 2020, another Swedish institution, SEB Bank, was fined SEK1 billion after an investigation revealed poor money laundering controls in its Baltic branches.
In response, in 2021 Nordic governments collectively requested that the IMF conduct an independent review of the region’s money laundering and terrorism financing risks, so that regulators could take appropriate steps to strengthen their regulatory compliance controls.
Given the increased focus on anti-money laundering (AML) and counter-financing of terrorism (CFT) in the region, it is more important than ever that companies understand the Nordic regulatory landscape and the compliance obligations that it entails.
Nordic Banking Regulators
All of the Nordic states have established dedicated domestic authorities, known as Financial Supervisory Authorities (FSA) to provide oversight and supervision of AML/CFT regulation. Key regulatory bodies include:
Norway – Finanstilsynet
The Financial Supervisory Authority of Norway supervises Norway’s financial system, and is responsible for managing the licensing of banks and financial institutions, with the goal of ‘promoting financial stability and well-functioning markets’.
Norway’s primary AML regulation is the Anti-Money Laundering Act. As a member of the EU, Norway implements the Anti-Money Laundering Directives.
Sweden – Finansinspektionen
The Financial Supervisory Authority of Sweden provides oversight of all banking, securities and insurance companies, working to ‘authorise, supervise and monitor all companies operating in Swedish financial markets’.
Sweden’s primary AML regulations are the The Money Laundering and Terrorist Financing (Prevention) Act and the The Act on Penalties for Money Laundering Offences. Sweden is also in the EU and implements its Anti-Money Laundering Directives.
Denmark – Finanstilsynet
The Danish Financial Supervisory Authority is responsible for the ‘supervision of financial undertakings’ of banks and other financial service providers in Denmark. It also assists the government in developing financial legislation, and collects and communicates financial sector statistics.
Denmark’s primary AML regulation is the Act on Measures to Prevent Money Laundering and Financing of Terrorism. As an EU member state it implements the Anti-Money Laundering Directives.
Finland – Finanssivalvonta
The Finnish Financial Supervisory Authority provides oversight for Finland’s financial and insurance sectors, working to ‘enable balanced operations of credit institutions, insurance and pension companies and other supervised entities in stable financial markets’.
Finland’s primary AML regulation is the Act on Preventing Money Laundering and Terrorist Financing. Finland also implements the Anti-Money Laundering Directives as an EU member state.
Iceland – Seðlabanki Íslands
Iceland’s Financial Supervisory Authority merged with the Central Bank of Iceland in 2020, with the Central Bank taking on its supervisory responsibilities. As a regulator, the Central Bank is responsible for monitoring Iceland’s financial institutions ‘to ensure that their activities are in compliance with the law and with Governmental directives’.
Iceland’s primary AML regulation is the Act on Measures against Money Laundering and Terrorist Financing. Although it is not an EU member state, Iceland is part of the European Economic Area (EEA) and adopts elements of the Anti-Money Laundering Directives as part of its domestic AML/CFT legislation.
Nordic Banking Risk Environment
Nordic banking money laundering scandals created financial turmoil across the region. The pattern of compliance failures suggested that Nordic banks were collectively struggling to implement effective AML controls, and failing to adequately address risks. Key compliance vulnerabilities that may have contributed to the compliance failures of the Nordic banking system include:
Information Sharing
Nordic banks struggled to share important risk data across borders and institutional frameworks due to barriers such as data secrecy laws. Following the AML scandals, Nordic banks launched a joint scheme to share information on suspicious transaction patterns.
Compliance Technology
Nordic banks used out of date AML/CFT technology, creating regulatory blindspots and generating high volumes of false positive alerts. The remediation of false positives not only created administrative backlogs, but had a negative knock-on effect on the effective management of true positives.
Manual Compliance
Nordic banks relied on manual compliance processes during important customer due diligence (CDD) processes, leading to poor quality risk profiles and slower alert remediation. The challenges of manual compliance were exacerbated as firms were forced to deal with high volumes of alerts.
Employee Compliance Training
Research suggests that employees of Nordic banks were hesitant or unable to address compliance violations, with up to 62% of employees failing to intervene upon discovery of unethical behaviour. The deficiencies in regulatory awareness reflected a failure in company leadership and a need to enhance compliance training to better spot money laundering red flags.
AML Solutions for Nordic Banking
In the wake of its AML challenges, the Nordic banking community is taking collective action to address its compliance failings, including an effort to enhance the data that it collects in order to perform more robust CDD and build more accurate risk profiles.
The push for better customer data also reflects the need for better financial crime technology solutions. For example, banks that previously relied on manual Google searches of customer names and risk factors, are now implementing automated screening solutions, adding speed and accuracy to their compliance processes, more intuitive name-matching, and the capability to adapt quickly to changes in the risk environment.
Beyond speed and accuracy, the automated screening solutions add depth and detail to customer data processes, with advantages over manual searches that include:
Name-matching: Automated solutions can screen against a vast range of customer names in different language systems. Similarly, solutions can be programmed to recognise regional naming conventions, aliases, and spelling variations.
Politically exposed persons: Automated PEP screening enables firms to capture information from a range of PEP lists. In conjunction with other screening tools, automation allows for the swift detection of changes in PEP status.
Adverse media: Automated adverse media screening solutions can cover a variety of news stories from different foreign countries, taking into account source reliability and political bias.
Sanctions screening: The global sanctions landscape changes constantly. Automated sanctions screening helps firms know as soon as possible when a customer is designated on a sanctions list and use fuzzy logic algorithms to account for naming discrepancies.
Future Compliance Considerations in Nordic Banking
The Nordic banking community is likely to focus on improvements to its collective KYC framework. The EU’s anti-money laundering directives will also have an effect on Nordic banking AML compliance: the Sixth Anti-Money Laundering Directive (6AMLD) came into effect on 3 June 2021, with an overt focus on the harmonisation of anti-money laundering standards across the EU. The EU also recently announced an update to 6AMLD; particularly relevant to Nordic financial institutions is the introduction of new whistleblowing protections for workers that identify compliance violations within their companies.
Get in touch to discover how Ripjar can support your AML compliance in the Nordics
The European Union issues anti-money laundering directives (AMLDs) as a way to ensure that all member states adhere to a common set of financial compliance regulations. The European Parliament introduces new AMLDs periodically, and every government in the EU is expected to implement them by passing appropriate domestic legislation. Although the UK left the EU in 2020, it has implemented similar anti-money laundering legislation in order to keep pace with the compliance standards set out by the AMLDs.
EU AMLDs reflect the changing global financial landscape: each AMLD contains measures to address emerging criminal trends and methodologies, integrate new technologies and Financial Action Task Force (FATF) recommendations, and to address deficiencies in previous directives. When the EU announces a new AMLD, it gives member states a time period in which to make the necessary changes to domestic anti-money laundering (AML) and counter-financing of terorrism (CFT) legislation, and to allow banks and financial institutions to adjust their compliance and risk management solutions. After the implementation deadline the new AML/CFT regulatory environment is considered law across the EU.
The EU’s most recent AMLD was the Sixth Anti-Money Laundering Directive (6AMLD) – which built on the AML/CFT measures introduced in the 4AMLD and 5AMLD respectively. With the EU having announced a new anti-money laundering ‘legislative package’, it is important that obligated entities within the bloc understand their new obligations.
To help your business stay on top of its AML/CFT obligations, read our guide to the most recent EU AMLDs.
4AMLD
The Fourth Anti-Money Laundering Directive came into effect across the EU on 26 June 2017. The directive focused on strengthening the risk based approach to AML/CFT recommended by the FATF. 4AMLD’s key measures included:
Enhanced beneficial ownership: 4AMLD introduced a requirement for member states to compile a national register of beneficial owners. The definition of ‘beneficial owner’ was expanded to include members of a firm’s senior management.
Risk assessments: Under 4AMLD, companies had to factor in new customer data as part of their AML risk assessment process, including customers’ locations and the types of products and services they were using.
Politically exposed persons: 4AMLD adjusted the definition of politically exposed person (PEP) to include ‘domestic PEP’.
Noncompliance penalties: 4AMLD introduced a ‘name and shame’ requirement for firms found to be in violation of AML/CFT regulations. The directive also increased mandatory AML/CFT noncompliance penalties in the following ways:
A maximum fine of €5 million or 10% of annual turnover for legal persons
A maximum fine of €5 million for natural persons
5AMLD
5AMLD was implemented across the EU on 10 January 2020 and built on many of the measures introduced in 4AMLD. It introduced a new focus on fintech products and services, including the growing use of cryptocurrencies. Key 5AMLD measures included:
Beneficial ownership transparency: After 4AMLD introduced beneficial ownership registers, 5AMLD introduced a public right of access to the information they contained. Similarly, member states had to ensure that their registers were interconnected with others across the bloc to enable centralised verification.
PEP lists: Like 4AMLD’s beneficial ownership lists, 5AMLD introduced publicly available PEP lists, setting out a list of domestic ‘politically exposed’ roles.
Risk assessments: 5AMLD introduced a requirement that member states publish periodic risk assessment reports in order to raise public awareness of AML/CFT threats.
Virtual currencies: 5AMLD expanded existing EU AML/CFT regulations to cryptocurrencies and cryptocurrency service providers. The new rules meant that cryptocurrency exchanges had to register with domestic authorities and share information with Financial Intelligence Units (FIU).
Prepaid transaction limits: 5AMLD included measures to address the AML/CFT threat posed by prepaid credit cards. Under the new rules, transaction limits on prepaid cards were reduced to €150 (from €250) for in-person transactions, and to €50 for online transactions. 5AMLD also prohibited companies from accepting prepaid cards issued in countries that did not meet the EU’s compliance standards.
High risk due diligence: 5AMLD introduced a uniform set of mandatory enhanced due diligence measures to be applied to transactions involving high risk countries.
High value transactions: 5AMLD extended AML/CFT reporting obligations to transactions of high value goods amounting to values of €10,000 or more. The measure was intended to address money laundering in certain ‘boutique’ industries, such as the art trade.
6AMLD
6AMLD came into effect on 3 June 2021 and is the most recent EU anti-money laundering directive. While 5AMLD expanded the scope of the EU’s AML/CFT regime, 6AMLD is broadly intended to harmonise and clarify regulatory detail, and to help companies in the EU do more to directly address financial crimes. With that in mind, the key measures of 6AMLD include:
Harmonised predicate offences: 6AMLD sets out a harmonised list of 22 predicate offences for money laundering, including offences such as human trafficking, fraud, and counterfeiting. The list includes the two new money laundering predicate offences of cybercrime and environmental crime.
Aiding and abetting: Under 6AMLD, the definition of the crime of money laundering has been expanded to include aiding and abetting.
Liability: Before 6AMLD, only individuals could be prosecuted for the crime of money laundering. Under 6AMLD, that criminal liability is extended to legal persons such as corporations. In practice, this means that organisations can also be punished for money laundering offences committed by their employees.
Penalties: 6AMLD harmonises money laundering criminal penalties and punishments across the EU. The new rules introduce a minimum prison sentence of 4 years for individuals found guilty of money laundering (from the previous minimum of 1 year).
Dual criminality: Under 6AMLD, member states are required to share information and facilitate cooperation in order to prosecute money laundering crimes that span international borders. These dual criminality prosecutions have required some member states to criminalise certain predicate offences, regardless of whether they were already illegal.
How to Comply with Anti-Money Laundering Directives
Any new money laundering directive requires companies within the EU to review their AML/CFT compliance and risk management solutions, and adjust to the new regulatory environment where necessary. This process may require the following steps:
A review of risk exposure under the new regulatory environment, followed by any necessary adjustments to risk management solutions. Under 6AMLD, for example, companies need to ensure their risk management solutions take into account cybercrime and environmental crime predicate offences.
A review of customer risk assessment procedures. A new AMLD may alter the risk profiles of both new and existing customers.
New training procedures for compliance employees. The introduction of new regulations means that compliance employees may need to update their regulatory knowledge in order to continue to meet their obligations.
The EU will continue to issue anti-money laundering directives in response to a changing threat landscape. In July 2021, the European Commission announced that it would be overhauling its AML/CFT rules with ‘an ambitious package of legislative proposals’. In addition to strengthening its existing AML/CFT framework, the package will specifically take into account the money laundering challenges posed by technological innovation.
As part of the package, the EU has announced a new directive which ‘repeals and replaces’ AML/CFT rules introduced in 6AMLD (and previous AMLDs). The directive includes a range of key measures and provisions, including:
The introduction of national supervisory bodies in all member states.
A requirement for member states to carry out national risk assessments every 4 years.
More robust protections for corporate whistleblowers.
A framework to allow FIUs across the EU to perform joint analysis of suspected criminal activity.
Clarification on the information which should be included in beneficial ownership registers to ensure that FIUs can ‘obtain up-to-date, adequate and accurate information’.
New requirements for the processing of personal data to ensure consistency with EU data-processing rules.
To learn more about how you can effectively respond to the EU’s anti-money laundering directives, contact us today
Following Russia’s invasion of Ukraine, the UK joined the international community in condemning Vladimir Putin’s regime and in issuing an unprecedented package of severe economic sanctions. While its international actions have been swift and significant, the UK government has also announced that it will be taking major steps with domestic legislation to detect and prevent members of Russia’s elite – so-called ‘oligarchs’ – from misusing the economic system.
To that end, Prime Minister Boris Johnson has brought forward plans for the UK’s new Economic Crime Bill, in order to enable financial institutions and authorities to target Russian oligarch finances held in UK banks. Prime Minister Johnson said that the bill would ensure that President Putin and his supporters would have “nowhere to hide” their illegal money.
What is the Economic Crime Bill?
The Economic Crime (Transparency and Enforcement) Bill is a long-awaited legislative measure intended to target the anonymity of money launderers that exploit the UK’s financial system. Britain’s legal and financial community has urged the government to implement the Economic Crime Bill for years. First drafted in 2018, the bill was delayed as new priorities emerged: the invasion of Ukraine changed those priorities, prompting the UK government to fast-track the legislation, along with additional financial measures to follow in coming months.
The Economic Crime Bill was introduced into the UK’s Parliament on 1 March 2022. The new version of the bill contains the following legislative measures:
Overseas Entities Register
The Economic Crime Bill introduces a UK register of overseas entities that own property in the UK. The register will include information on the beneficial owners of those entities. UK companies are already required to provide beneficial ownership information to a register of People with Significant Control (PSC) and the new rules are intended to create parity for foreign entities.
The register will be retroactively applicable, extending to properties bought by foreign persons up to 20 years ago in England and Wales, and to properties bought since December 2014 in Scotland. Noncompliance with the regulations may result in fines of up to £500 per day, and prison sentences of up to 5 years.
Unexplained Wealth Orders
Unexplained Wealth Orders (UWO) require their targets to explain the source of their assets, including their properties, to the authorities. Where that explanation is unsatisfactory or inadequate, the authorities may assume the asset was obtained unlawfully, and confiscate it from its owner.
UWOs were introduced in the UK in January 2018 with the goal of addressing foreign criminals laundering money through property ownership. However, UWOs have proved difficult to enforce: only 9 UWOs have been issued since their introduction, with the most recent case ending in defeat for the UK’s National Crime Agency (NCA) at a cost of £1.5 million to the taxpayer. No UWOs have been issued since 2020.
The Economic Crime Bill has been designed to make UWOs easier to issue and enforce. Under the new rules, law enforcement authorities:
Will have a longer period of time in which to review materials presented in response to a UWO.
Will incur lower legal costs if an UWO prosecution is ultimately unsuccessful.
Will be able to issue UWOs to the directors, officers, and trustees of a target asset, making it easier to address property ownership hidden behind foreign corporate structures.
Sanctions Enforcement
The Economic Crime Bill also reforms the UK’s sanctions enforcement rules by introducing strict liability for noncompliance. Under the current system, the Office for Financial Sanctions Implementation (OFSI) can only prosecute sanctions breaches if it has ‘reasonable cause to suspect’ that the person involved knew they were breaking the rules. New measures in the Economic Crime Bill will introduce a ‘strict civil liability test’, enabling OFSI to impose financial penalties for sanctions breaches regardless of any awareness of wrongdoing.
The introduction of strict liability will make it easier for OFSI to impose fines, and punish sanctions noncompliance. The new rules will also allow OFSI to publicly release the names of organisations that breach sanctions but that do not receive a fine.
Economic Crime Bill: Compliance
Given the current escalation in sanctions activity against Russia and against Russian oligarchs and politicians, it is vital that firms stay ahead of their regulatory responsibilities. In practice, this means implementing an effective risk management process that enables fast, efficient client name matching.
Ripjar’s risk screening solution integrates next generation name-matching software to ensure you maximise true positive hits on global sanctions and watchlists, and minimise false positives, across a range of language systems and character sets. Powered by machine learning technology, our solution includes advanced adverse media monitoring tools capable of analysing a spectrum of news sources across 21 languages in order to ensure you are informed as soon as your client’s risk profile changes.
Give yourself the best opportunity to understand and mitigate risks early: speak to Ripjar about how our screening technology can deliver significant commercial advantages.
Get in touch to learn how Ripjar can help your compliance with the Economic Crime Bill.
Russia’s invasion of Ukraine on 24th February 2022 prompted a swift and severe response from the international community and triggered a range of economic sanctions unprecedented in their scope and severity. In coordination with the UK, the US and Canada, the EU joined Western economic powers in imposing sanctions against Russia designed to punish President Vladimir Putin’s regime, and degrade Russia’s ability to bring military power to bear against its neighbour.
The EU’s sanctions on Russia are intended to “cripple the Kremlin’s ability to finance the war, impose clear economic and political costs on Russia’s political elite, and diminish its economic base”. In addition to Russia’s economy, the EU is also targeting Russia’s transport, trade, and energy sectors in what foreign policy chief, Josep Borrell, has called “the harshest package of sanctions we have ever implemented.”
The EU issued the first round of sanctions following Russia’s initial incursion into Ukraine, but has since implemented a second round of sanctions that target the Russian economy more broadly, along with specific measures against a list of politicians and military commanders.
What are the EU’s Russia Sanctions?
Existing Sanctions
The EU imposed sanctions on Russia in 2014, following the annexation of Crimea. Sanctions were also implemented in response to the Russian government’s ongoing interference in Western democratic elections and its oppression of political dissidents and journalists – such as the poisoning and imprisonment of Alexei Navalny. The EU’s sanction regime targets individuals and entities and includes asset freezes, trade prohibitions, import and export bans, and travel bans.
The first round of 2022 sanctions: 23rd February 2022
The first round of the EU’s 2022 sanctions against Russia were announced on 23rd of February, in response to Russia’s recognition of the ‘independence’ of the Donetsk and Luhansk regions of Ukraine and subsequent troop incursions into those areas before the large-scale invasion began on 24th February. Josep Borrel characterised Russia’s recognition of Donetsk and Luhansk as an “illegal and unacceptable” violation of international law.
The sanctions entailed the following measures and restrictions:
Asset freezes and travel bans against the 351 members of the Russian State Duma (the lower house of Russia’s parliament) who voted to recognise the ‘independence’ of Donetsk and Luhansk.
Asset freezes and travel bans against 27 Russian individuals and entities deemed to have ‘contributed to the undermining or threatening of the territorial integrity, sovereignty, and independence of Ukraine’. The targets of the sanctions include:
PSB Bank
VEB Bank
Bank Rossiya
Internet Research Agency
Sergei Shoigu, Russia’s Defence Minister
Igor Shuvalov, Head of VEB Bank
Maria Zaharova, Russian Foreign Ministry spokeswoman
Margarita Simonyan, head of the RT TV news channel
Prohibitions on Russian banks and state-owned entities accessing the EU’s financial markets and raising funds in the EU financial system.
Further targeted sanctions prohibiting business relationships with individuals and entities in the Donetsk and Luhansk regions.
The second round of 2022 sanctions: 25th February, 2022
Following the first round of sanctions, and in response to Russia’s ‘unprovoked and unjustified’ escalation to a full-scale invasion, EU member-states implemented a second round of sanctions on 25th February, including sanctions targeting President Putin and Russian Minister of Foreign Affairs, Sergey Lavrov.
The second round of sanctions targets the following areas of the Russian economy and social infrastructure with a range of measures:
Finance
Expanded measures to further cut Russian access to European capital markets.
Prohibitions on Russian state-owned entities using EU trading venues.
Prohibitions on Russian nationals and residents depositing funds into EU financial institutions, and on Russian nationals holding accounts with EU financial institutions.
Prohibitions on the sale of euro-denominated securities to Russians.
A ban on transactions with the Russian Central Bank.
Energy
Prohibitions on the ‘sale, supply, transfer or export’ of goods and technologies, and on the provision of services, relating to oil refining to Russia.
Transport
A ban on the export of goods and technology for use in the Russian aviation and space industries.
A ban on the provision of insurance and maintenance services relating to aviation and space technology to Russia.
Technology
Restrictions on the export of dual-use goods and technology to Russia, and on the export of goods and technology that may be used to enhance Russia’s defence and security sectors.
Visa Policy
Russian diplomats and officials will no longer be able to benefit from visas that enable privileged access to the EU. The measure does not affect ordinary Russian citizens.
The EU has also frozen the assets of President Putin and the Minister of Foreign Affairs, Sergey Lavrov.
The EU’s sanctions measures are expected to affect 70% of the Russian banking market – in particular companies involved in defence – and prevent Russian politicians and oligarchs from hiding their money in European safe havens. They are also expected to increase Russian borrowing costs and inflation, and degrade Russia’s industrial sector.
Switzerland’s Sanctions on Russia
Although it is not an EU member-state, and traditionally remains neutral in issues relating to global conflicts, Switzerland has joined the EU and the wider international community in levelling sanctions against Russia. Switzerland’s government has stated that the sanctions do not violate the country’s long-held neutrality principle because they have been implemented as a way to address Russia’s violation of international law.
Switzerland’s Russia sanctions were implemented under the ‘Ordinance on Measures in connection with the situation in the Ukraine’ on 25th February 2022, and include the following measures:
Asset freezes on designated Russian individuals and entities.
A ban on entering business relationships with designated Russian individuals and entities.
Asset freezes against Russian President Vladimir Putin, Prime Minister Mikhail Mishustin, and Foreign Minister Sergey Lavrov.
A ban on imports and exports to the Ukrainian regions of Donetsk and Luhansk.
Closure of Swiss airspace to all flights from Russia.
How to Comply with the EU’s Russia Sanctions
With Russia’s invasion of Ukraine ongoing, the sanctions risk landscape is likely to remain fluid for the foreseeable future. The complexity of the EU’s Russia sanctions programme is exacerbated by the capability of Russian oligarchs to hide money around Europe, and conceal their footprints with corporate structures and shell companies.
With that in mind, it is essential to have a balanced approach to sanctions and watchlist management that offers a holistic perspective on your company’s risks. Our risk management solution includes next generation name-matching software in order to maximise true matches and minimise false positives – even when matching Cyrillic, Asian and other character sets with Western or Latin names and vice versa.
One of the best ways to stay ahead of evolving sanctions compliance obligations, is to implement effective adverse media screening. Ripjar’s Adverse Media screening solution adds another dimension to your risk management capabilities, deploying continuous monitoring and identification measures in order to detect high risk customer names as soon as they are featured in news stories. Integrating machine learning data classification, our data processing hub can read articles in 21 languages, across a wide range of sources, and is designed to identify pertinent risk so that analysts can decide if further action must be taken.
The Swiss Financial Market Supervisory Authority (FINMA) is responsible for regulating Switzerland’s anti-money laundering (AML) and counter-financing of terrorism regulations, and for providing supervision for the country’s banks and financial institutions. FINMA is a prominent international regulatory body: Switzerland’s reputation as a global banking destination stretches back hundreds of years, and Swiss Banks are some of the wealthiest in the world, holding an estimated $6.5 trillion in assets.
FINMA: Background
Switzerland’s banking industry is known for its confidentiality, and has developed a reputation as a destination for criminals attempting to hide illegal money. In particular, criminals have sought to exploit Switzerland’s traditionally-permissive financial anonymity rules and high levels of discretion for banking customers – which include the deployment of technological measures to conceal identities. In 2021, the Tax Justice Network ranked Switzerland at 3 on its Financial Secrecy index, and at 5 on its Corporate Tax Haven index, estimating that money hidden in Swiss banks amounted to over $21 billion. Global regulators have picked up on the financial criminal trends affecting Switzerland, with the Financial Action Task Force (FATF) highlighting numerous AML/CFT deficiencies in its Mutual Evaluation Reports (MER).
In response to the threat to Switzerland’s financial system, and to global financial markets, the Swiss government introduced the Swiss Financial Market Supervisory Authority in 2007. Established under the authority of the Anti-Money Laundering Act (AMLA), FINMA is an independent regulatory body and was a merger of the Federal Office of Private Insurance, the Federal Banking Commission, and the Anti-Money Laundering Control Authority.
What Does FINMA Do?
FINMA has a mandate to ‘supervise banks, insurance companies, financial institutions, collective investment schemes, and their asset managers and fund management companies’, and to ensure ‘that Switzerland’s financial markets function effectively’. In order to achieve those objectives, FINMA engages in the following activities:
Issuing licences: Individuals and companies that wish to engage in financial market activity in Switzerland must obtain an operating licence from FINMA. Different types of licence are available for different types of application, but each involves strict qualification criteria.
Regulatory supervision: FINMA supervises all ‘licensed banks, financial institutions, insurance companies, collective investment schemes and their asset managers and fund management companies’ in Switzerland. Following its mandate, FINMA’s objective is to protect customers from the effects of insolvency or malpractice, and to ensure that Switzerland’s financial markets function effectively.
Implementation of legislation: Where it finds evidence of noncompliance or violations of Swiss law, FINMA has the authority to conduct investigations of the persons involved and ‘use all the means of enforcement available’ under Swiss law to implement the relevant supervisory legislation.
Developing regulations: In addition to its supervisory and enforcement roles, FINMA participates in regulatory projects, under the authority of Switzerland’s Federal Department of Finance (FDF) and the State Secretariat for International Finance (SIF). FINMA engages in regulation in order to meet its supervisory objectives, and issues ordinances and circulars to announce new regulatory rules.
Switzerland’s AML Law
Switzerland’s principle AML/CFT law is the Federal Act on Combating Money Laundering and Terrorist Financing in the Financial Sector, which is also known as the Anti-Money Laundering Act (AMLA). Introduced in 1997, the Act represents the legal basis for combating money laundering in Switzerland, and imposes a variety of reporting, record-keeping, and monitoring obligations on banks and financial service providers.
As a Financial Action Task Force (FATF) member-state, Switzerland’s AML/CFT regulation mandates a risk-based approach. This means that financial service providers in Switzerland must assess the criminal risk that each customer presents, and then deploy a proportionate compliance response, with higher risk customers subject to more intensive AML/CFT measures.
Under AMLA, banks must put the following AML/CFT measures in place:
Customer due diligence: Banks in Switzerland must establish the identities of their customers by requesting certain documentation, including passports, driving licences, birth certificates, and company incorporation documents.
Transaction monitoring: Certain financial behaviour may indicate money laundering activity. Accordingly, banks must monitor customer transactions for suspicious activity and report such activity to FINMA.
Sanctions monitoring: Customers that are subject to international sanctions may seek to use Swiss bank accounts to conceal their connection to illegal money. With that in mind, banks in Switzerland should screen their customers against the relevant sanctions and watchlists, including the Swiss sanctions list, and the United Nations sanctions list.
PEP screening: Elected officials and government employees also pose elevated AML/CFT compliance risks and banks should screen customers to find out if they are politically exposed persons (PEP).
Enhanced due diligence: Since criminals may be drawn to the financial opportunities presented by the Swiss regulatory environment, banks in Switzerland must be prepared to deploy enhanced due diligence measures effectively for high risk customers. Enhanced due diligence involves more rigorous scrutiny of a customer’s identity, including obtaining more detailed identifying documents, performing more intensive checks into business relationships, and establishing the source of customers’ wealth and funds.
Adverse media: Illegal financial activity involving Swiss banks often attracts the attention of investigative journalists – and criminals that use Swiss bank accounts to launder money are often exposed in the media before that information is confirmed by government authorities. With that in mind, banks should integrate adverse media monitoring as part of their AML/CFT solution in order to capture changes to a customer’s risk profile as soon as possible.
It is important for banks to consider the Swiss banking industry’s risk landscape, and adjust their adverse media solution to capture relevant breaking stories quickly and efficiently. Important factors include the geographic source of the media, its credibility, reporting bias, and financial institution’s own risk appetite.
FINMA Recent Developments
In response to concerns about the transparency of its banking system, FINMA has been working to enhance Switzerland’s AML infrastructure.
Mutual Evaluation Report: The FATF’s most recent Mutual Evaluation Report (MER) on Switzerland, released in 2016, outlined several areas of concern, with the following key findings:
The majority of Switzerland’s money laundering risk derives from offences committed abroad.
Many Swiss financial institutions do not implement due diligence measures satisfactorily for existing customers.
The number of suspicious transaction reports generated by Swiss institutions is insufficient, and reports tend to be prompted by external information.
FINMA needs to make further progress in imposing noncompliance sanctions that are sufficiently dissuasive.
In 2020, FATF released an update on Switzerland’s progress in addressing areas of concern raised in the 2016 report. It upgraded Switzerland’s compliance performance in several areas but stressed that more progress was needed.
Cyber-attack reporting obligations: In 2022, the Swiss government indicated that it would introduce an amendment to the Federal Act on Information Security relating to the reporting of cyber-attacks. Under the proposal, banks and financial institutions in Switzerland would be obliged to report cyber-attacks to FINMA with penalties of up to CHF100,000 for noncompliance.
Get in touch to learn how Ripjar can help you with FINMA compliance.
The Financial Conduct Authority (FCA) is an independent regulatory body responsible for overseeing the UK’s financial markets and services. Established under the authority of the Financial Services Act (2012), FCA was introduced on 1 April 2013, replacing its predecessor, the Financial Services Authority (FSA). FCA shares its regulatory responsibilities with the Bank of England’s Financial Policy Committee (FCP), and the Prudential Regulatory Authority (PRA).
What does the FCA do?
The FCA oversees over 51,000 financial service providers in the UK including banks, financial advisers, and mutual societies. In its oversight role, the FCA has three objectives:
To protect consumers of financial products
To enhance the integrity of the UK’s financial industry
To ensure effective competition between UK financial service providers in the interests of consumers
Authorization: The FCA is responsible for authorizing banks and financial service providers to operate in the UK. In order to obtain an operating license, organizations must submit an application to the FCA demonstrating that they have met a set of regulatory criteria.
Enforcement: Where compliance violations are found, FCA has the power to force firms under its jurisdiction to change the way they do business, impose remedial requirements, and issue significant financial penalties. The FCA’s enforcement powers take in criminal and civil measures, and include:
Prohibition of firms and individuals from carrying out regulated activities
Fines for firms and individuals found to have violated compliance regulations
Criminal prosecution against firms and individuals suspected of financial crimes
Publications or public announcements of disciplinary actions
FCA Rules and Regulations
The FCA has issued a list of conduct rules for both firms and individuals to help them comply with the UK’s financial crime laws, including the Money Laundering Regulations and the Proceeds of Crime Act. The conduct rules are set out in the FCA Handbook and comprise two tiers, one for individuals and one for senior managers working within the financial services industry:
Tier one: individual conduct rules
You must act with integrity
You must act with due care, skill, and diligence
You must pay due regard to the interests of customers and treat them fairly
You must observe proper standards of market conduct
Tier two: senior manager conduct rules
You must take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively
You must take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system
You must take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively
You must disclose appropriately any information of which the FCA would reasonably expect notice
How to Comply with FCA Rules
The FCA expects banks and financial service providers to develop solutions to ensure that they operate in compliance with the UK’s financial crime legislation. In practice, this means that UK firms must implement a range of measures and controls, backed by financial intelligence technology, to detect and assess the criminal risks that they face. These should include:
Customer identification: UK firms should perform suitable due diligence on their customers to accurately establish and verify their identities and the nature of their business.
Transaction monitoring: UK firms must monitor their customers’ transactions for signs of financial crime, including unusual transaction patterns, and transactions with high-risk counterparties or jurisdictions.
Politically exposed persons: UK firms should establish whether their customers are politically exposed persons (PEP) – and therefore pose a greater risk of financial crime such as money laundering.
Adverse media stories: UK firms should screen regularly for adverse media stories that involve their customers. News media may signal a customer’s involvement in financial crime prior to confirmation by official sources.
Recent FCA Activity
Throughout 2021, the FCA focused on addressing the concerns of a changing financial landscape, and the criminal threats that emerged as a result of the Covid-19 pandemic. Amongst the initiatives that it launched in 2021, were the InvestSmart campaign and the Scamsmart campaign, both intended to protect consumers from fraudulent financial activity, including investment scams and cyber-crime.
The FCA is also focusing on corporate AML compliance and issued a series of significant fines throughout 2021. Notable examples of FCA AML compliance fines in 2021 include a £147 million fine for Credit Suisse, a £63.9 million fine for HSBC, and a fine of over £264 million to NatWest. The FCA is currently working to raise awareness of the dangers posed by cryptocurrencies and ensure cryptocurrency service providers operate in compliance with the UK’s financial regulations. That effort saw 223 FCA registration applications from cryptocurrency service providers in 2021 and, in January 2022, an FCA proposal for a regulatory crackdown on high risk cryptocurrency investments.
FIND OUT HOW RIPJAR CAN HELP YOU Comply with FCA regulations. PLEASE GET IN TOUCH.
2021 was another difficult year for the financial industry as the effects of the coronavirus pandemic continued to create negative consequences for banks and financial institutions. That trend included a range of new compliance challenges as service providers and financial regulators adapted to a shifting risk landscape and an array of emerging Covid-19-inspired criminal methodologies.
The amount of AML fines issued in 2021 reflects the increased regulatory scrutiny. After investigations are completed, 2021’s AML fines are expected to exceed $2.22 billion – matching the 2020 total. With those figures in mind, numerous regulators took significant enforcement actions against banks and financial institutions under their jurisdiction in 2021. Some notable examples from around the world include:
Financial Conduct Authority (FCA): United Kingdom
In 2021, the UK’s Financial Conduct Authority prioritized the threat of cyber-crime, which increased during the Covid-19 pandemic as customers transitioned en-masse to online banking and financial services. The FCA also focused on corporate compliance, opening around 1,293 enforcement cases and issuing around £189.8 million in penalties.
While FCA issued a £147,190,200 compliance fine to Credit Suisse in October 2021, its largest fine came at the end of the year, when it handed down a fine of over £264 million to NatWest for significant failures to monitor and report suspicious transactions related to jeweler Fowler Oldfield. In the final days of 2021, FCA also issued a fine of £63.9 million to HSBC for failing to address long-term weaknesses in its transaction monitoring controls. Another notable FCA fine handed down in the final days of 2021:
Enforcement target bank: National Westminster Bank PLC (NatWest)
Reason for enforcement action: Significant AML compliance failures
Amount of fine: £264,772,619.95
Australian Transaction Reports and Analysis Center (AUSTRAC) – Australia
In 2020, Australian Transaction Reports and Analysis Center took a significant enforcement action against the Westpac Banking Corporation for serious breaches of Australia’s AML/CFT Act, including a failure to implement transaction monitoring and customer due diligence controls. AUSTRAC ultimately handed Westpac a record $1.3 billion fine. In 2021, Westpac was fined an additional $113 million by the Australian Securities and Investment Commission (ASIC) which cited the bank’s ‘poor compliance culture’ as a factor in its misconduct.
In 2021, AUSTRAC maintained its focus on corporate enforcement but did not issue any AML fines. AUSTRAC did, however, issue a remedial direction to Australian Military Bank Ltd (AMB) to ‘review and uplift’ its compliance with AML/CFT laws. The direction included requirements that AML submit to an independent audit, enhance its AML/CFT reporting protocols, and then submit to an additional audit to ensure the implementation of those measures. In June of 2021, AUSTRAC revealed an investigation into National Australia Bank NAB) for ‘potential serious and ongoing non-compliance’.
Enforcement target bank: Australian Military Bank
Reason for enforcement action: AML compliance deficiencies
Amount of fine: N/A (remedial direction)
Office of Foreign Assets Control (OFAC) – United States
Under President Biden, the US continued to emphasize sanctions compliance, building on trends established during the Trump administration, which took a record 3,900 sanctions actions between 2016 and 2020. In 2021, the Office of Foreign Assets Control took 20 separate enforcement actions against individuals and organizations, totaling $20,896,739.22 in fines. The largest OFAC sanctions fine was issued in January against Union de Banques Arabes et Françaises for violations of the US’ Syria sanctions program.
Enforcement target bank: Australian Military Bank
Reason for enforcement action: Violation of US Syria sanctions program
Amount of fine: $8,572,500
Bank Secrecy Act (BSA) – United States
The BSA is the US’ primary AML legislation and is enforced by the Financial Crime Enforcement Network (FINCEN). In 2021, FINCEN imposed several significant AML fines against US banks and other financial service providers for failures to comply with the requirements of the BSA. FINCEN issued its most significant fine against credit card company, Capital One, in January 2021, for willful and negligent violations of the BSA, including a failure to file thousands of suspicious activity reports and currency transaction reports. The fine amounted to $390 million.
Enforcement target bank: Capital One
Reason for enforcement action: Violation of the Bank Secrecy Act
Amount of fine: $390,000,000
Monetary Authority of Singapore (MAS) – Singapore
Like other regulatory authorities, the Monetary Authority of Singapore focused on addressing the financial challenges of the Covid-19 pandemic during 2021. The regulator took several enforcement actions in response to violations of the Corruption, Drug Trafficking and Other Serious Crimes Act (CDSA), including a S$1 million fine for Bank J Safra Sarasin for ‘serious breaches of MAS’ AML/CFT requirements’. However, MAS most significant fine of 2021 was issued against Goldman Sachs’ Malaysian subsidiary as part of a deferred prosecution agreement with the US Department of Justice over the 1Malaysia Development Berhad scandal. Under the penalty, Goldman Sachs was required to pay the Singapore government $122 million.
Enforcement target bank: The Goldman Sachs Group Inc
Reason for enforcement action: Violations of the Prevention of Corruption Act
Amount of fine: $122 million
Looking ahead to 2022, with a potentially-reduced focus on Covid 19, it will be interesting to see how regulators choose to execute their oversight responsibilities.
FIND OUT HOW RIPJAR CAN HELP YOU with aml and risk compliance. PLEASE GET IN TOUCH.
The Australian Transaction Reports and Analysis Centre (AUSTRAC) is Australia’s financial intelligence unit and its primary financial regulator. AUSTRAC was founded in 1989 following the passage of the Financial Transaction Reports Act 1988 and is headquartered in Australia’s capital city, Canberra. AUSTRAC is organized into three departments that reflect its responsibilities: intelligence, capability and strategy, and regulation, education, and policy. The regulator is currently led by CEO Nicole Rose.
AUSTRAC is responsible for detecting and preventing financial crime in Australia and for providing regulatory oversight for the country’s financial service providers. In order to fulfil those responsibilities, AUSTRAC collects and analyzes reports from banks and other obligated organizations which it then uses to generate financial intelligence data for subsequent criminal investigations.
Reporting threshold: Firms in Australia must submit Threshold Transaction Reports (TTR) to AUSTRAC when handling transactions of A$10,000 or more (or an equivalent amount in foreign currency). TTRs must be submitted within 10 business days of the transaction date.
International funds transfers: When funds of any amount are transferred into or out of Australia, either electronically or via a designated remittance agreement, firms must submit an international funds transfer instruction report (IFTI) to AUSTRAC. IFTIs must be submitted within 10 days of the transaction.
Suspicious matters: When customers engage in any kind of suspicious activity, firms must submit a suspicious matter report (SMR) to AUSTRAC within 72 hours of detecting the suspicious activity (or 24 hours if it relates to terrorism).
Cross border movement: In 2020, the Australian parliament passed an amendment to the Anti-Money Laundering and Counter-Terrorism Financing Act. Under the new rules, when persons move physical currency in amounts of A$10,000 or more (or an equivalent amount of foreign currency) into or out of Australia, they must submit a cross border movement (CBM) report to AUSTRAC within 5 business days.
Risk Based Compliance
Following Financial Action Task Force (FATF) recommendations, AML rules in Australia require firms to take a risk-based approach to regulatory compliance, deploying AML/CFT measures proportionate to the risks that they face. Firms should build their risk-based compliance on an effective risk management solution in order to identify and assess their customers at onboarding, and to monitor their behaviour throughout the business relationship. In particular, firms should focus on the following key AML/CFT factors:
Identity verification: Firms should establish and verify the identities of their customers in order to build accurate risk profiles and to accurately match customer names during subsequent KYC screening and monitoring processes.
Transaction monitoring: Firms should continuously monitor their customers’ transactions in order to manage risk profiles, and identify transactions that may warrant an AUSTRAC suspicious matters report.
Political corruption: Politically exposed persons (PEP) such as elected, and government officials present an elevated AML risk. Accordingly, firms in Australia should screen their customers to determine whether they are PEPs and therefore warrant a greater degree of AML/CFT scrutiny. AUSTRAC requires firms to screen for domestic, foreign, and international PEPs.
Sanctions and watchlists: Australia maintains an autonomous international sanctions list and enforces United National Security Council sanctions. Accordingly, AUSTRAC requires firms to screen foreign customers against the relevant sanctions and watch lists and take any relevant compliance steps, such as asset freezes and SMR submission.
Adverse media: News stories often indicate customer involvement in money laundering or terrorism financing before official sources offer confirmation. With that in mind, AUSTRAC recommends that firms conduct adverse media searches, both at onboarding and throughout the business relationship, in order to detect news stories that affect their customers’ risk profiles. Adverse media searches should be conducted with sufficient scope and should include any relevant foreign language news sources.
AUSTRAC Initiatives
AUSTRAC works closely with financial institutions across the country to address emerging criminal methodologies and regulatory changes. With that in mind, AUSTRAC’s recent initiatives reflect a changing financial landscape:
De-banking: In October 2021, AUSTRAC issued a statement on de-banking as a result of account closures, and focused on the potential for that trend to increase the risk of money laundering. De-banking refers to the process of a financial institution exiting a business relationship with a customer as a result of perceived higher risk. AUSTRAC suggests that money transfer businesses, cryptocurrency exchanges, and fintechs are amongst the organizations most at risk of de-banking and may be exploited by criminals in the illegitimate financial system as a result. With that in mind, AUSTRAC urged banks to enhance their risk-management solutions to increase their capability to serve higher risk customers.
Cryptocurrency exchanges: In November 2021, an Australian government Senate Select Committee recommended establishing a new licensing regime for cryptocurrency exchanges. Under existing regulations, AUSTRAC imposes the same registration requirements on cryptocurrency exchanges that it does other financial service providers. The new licensing regime will be implemented to address gaps in current regulation and to improve protection for consumers.
Digital asset ‘travel rule’: FATF recently updated its ‘Travel Rule’ to include cryptocurrency services providers. The rule, which is implemented by AUSTRAC, requires the beneficiaries and originators of fund transfers to exchange identifying information in order to establish an audit trail and better address AML/CFT risks. The Australian Senate Select Committee recommended further clarification on AML/CFT measures as they apply to cryptocurrency service providers in order to ensure they are ‘fit for purpose’.
Find out how Ripjar can help you comply with AML Screening and Monitoring requirements in Australia and globally. PLEASE GET IN TOUCH.
A central bank digital currency (CBDC) is a form of electronic money, usually an analogue of a fiat currency, endorsed by a government and issued by its central bank.
Driven by advances in financial technology, digital currencies, including cryptocurrencies such as Bitcoin and Ethereum, have transformed the global financial landscape. In March 2020, the Bank of England published a CBDC discussion paper to explore the opportunities and risks of introducing a UK CBDC. While the regulator has not yet determined whether a CBDC will be introduced in the UK, the paper represents the first steps of an exploratory process.
With regulators around the world exploring the possibilities of CBDCs, it is important that financial institutions develop an understanding of the digital currency landscape and how their compliance responsibilities might change.
How do digital currencies work?
CBDCs share many similarities with cryptocurrencies: units of a CBDC are represented virtually by digital tokens: stores of value that may be transmitted instantly to recipients around the world via high-speed internet connections, and that may be exchanged for goods and services where they are accepted by vendors. Those tokens are cryptographically secured on software infrastructure known as a blockchain: every time tokens are exchanged between users on the blockchain, a network of computers tracks and verifies those changes with distributed ledger technology (DLT) and adds that information to the chain as a new ‘block’ of data. The tracking and verification processes used by certain cryptocurrency blockchains can be slow and inefficient since they require the agreement of multiple user nodes. In theory, CBDC verification will be faster since currency exchanges will be processed by a central bank without any need to facilitate decentralized consensus mechanisms.
Since they are electronically integrated into a software network, digital tokens have a much broader utility than a simple payment medium – and may be used by a spectrum of apps and fintech instruments to expand financial possibilities and service access for their user community.
How do CBDCs differ from cryptocurrencies?
Unlike cryptocurrencies, which are generally built around decentralized blockchain technology and governed by the consensus of their user communities, CBDCs are issued and controlled by a centralized authority – a central bank – and much more closely regulated.
In developing their own CBDCs, governments are seeking to retain the speed, innovation, flexibility, and security of blockchain technology without the high-risk, decentralized anonymity of cryptocurrencies. CBDCs may not use the same distribution methods as blockchain-based cryptocurrencies, and will not necessarily implement the same cryptographic tracking, verification, and security technology to facilitate exchanges. Instead, CBDCs will be fully electronic currencies, with governments retaining full centralized control over their financial features and transmission.
In practice, this means that governments will control the governance, oversight, and supply of CBDC digital tokens, and use them to perform important economic functions and regulatory tasks. The digital tokens issued to represent a CBDC will, like a fiat currency, be backed by a country’s asset reserves.
CBDC risks and opportunities
The Bank of England’s CBDC discussion paper explored the opportunities and risks associated with the introduction of a CBDC. After collating participant responses, the regulator set out the following emergent core principles for the implementation of a CBDC in the UK:
The CBDC should promote financial inclusion, and be accessible for users regardless of their age, social demographic, technical knowledge, or disability.
The CBDC should be deployed in a competitive ecosystem to promote innovation and to save users time and money.
In exploring the potential of a CBDC, the central bank should not overlook the value and impact of other innovations on the payments services landscape.
The CBDC must comply with the UK’s anti-money laundering and counter-financing of terrorism regulations and should protect its users’ privacy insofar as that does not compromise AML/CFT compliance.
The CBDC should not compromise the central bank’s ability and responsibility to ensure monetary and financial stability.
While digital currencies offer new financial possibilities, they also offer financial criminals new opportunities to operate outside traditional financial systems. In particular, the accessibility and anonymity of CBDCs may increase the risk of international sanctions violations, letting users conceal their identities and evade conventional AML/CFT controls by moving illegal funds quickly between different jurisdictions.
CBDC screening considerations
In order to avoid sanctions violations and other compliance risks, CBDCs should be introduced with robust identity verification requirements, deployed as part of an organization’s Know Your Customer (KYC) process. This means that organizations should establish and verify the identities of their customers by collecting data (such as names, addresses, dates of birth) and then use that data to inform customer risk profiles and to screen against international sanctions lists. While identity verification is a foundation of effective AML, digital currencies present a range of compliance challenges that conventional currencies and transactions do not:
Customer identities: Since it may be more difficult to establish customer identities in CBDC-related services, organizations should seek to integrate digital identification measures, including enhanced customer due diligence, and biometric controls such as fingerprint, voiceprint, and facial scan technology.
Suspicious transactions: Organizations should reconsider their transaction monitoring process for CBDC services, taking into account the elevated risks associated with digital funds. Typically, high risk digital currency transactions include those in which customers have provided inadequate identification, or transactions involving senders and recipients in high-risk jurisdictions.
Sanctions screening: Organizations should ensure their sanctions screening solution is updated with the latest data and can handle the unique challenges of CBDC screening (anonymity, speed, etc.).
Compliance technology
The AML/CFT challenges associated with CBDCs mean that organizations must implement suitable automated technology solutions in order to ensure regulatory compliance and to manage the vast amounts of digital customer and transaction data they are required to collect. In addition to offering significant speed and accuracy benefits over manual risk screening, smart technology promises a range of specific advantages for compliance with CBDC-focused regulations:
Machine learning: Automated compliance systems often incorporate machine learning technology which enables organizations to categorize and prioritize CBDC data efficiently, and make better decisions based on previously collected data. Machine learning tools may, for example, help organizations spot unforeseen risks quickly – such as when a customer’s financial behavior diverges from established expectations, or when new patterns and trends emerge across the often-volatile digital currency markets.
Security: Since digital identity verification requires customers to submit a range of personal data, smart technology may be employed to put robust protections in place, such as biometric verification, two-factor authentication, and end-to-end encryption. Beyond protecting customer data and assets, smart technology can prevent criminals from misusing CBDC financial services to launder money and fund terrorist activities.
Versatility: The digital currency landscape is evolving at a pace. Smart software solutions allow firms to adapt to changes in data collection requirements scaling up and down as business and regulatory needs change. Similarly, smart software enables firms to react quickly to changes in criminal methodologies, deploying more effective AML responses based on emerging trends and threats.
WANT TO LEARN HOW RIPJAR CAN HELP WITH Central Bank Digital Currencies? PLEASE GET IN TOUCH.
