Family values

As I hope is clear from this blog, I work with clients from all over the regulated sector – although I will admit that I have very few law firms (because lawyers like to be trained by other lawyers) and very few estate agents (because, well, they’re estate agents and just can’t accept that they have to do all this AML stuff).  But the proportions of my client base do change: sometimes I will have more fiduciary firms, and then the banks get interested, and in the past three or four years I have taken on more clients in the gambling sector.  And one area of strong recent growth for me is family offices.

When I first heard the term, I had images of “Dallas” and JR, wheelin’ and dealin’, darlin’.  But turning to industry dictionary Investopedia, we learn that a “family offices are private wealth management advisory firms that serve ultra-high-net-worth (UHNW) investors – they are different from traditional wealth management shops in that they offer a total outsourced solution to managing the financial and investment side of an affluent individual or family”.  And I have noticed that in their elegant offices they tend to have rather superior biscuits, no doubt intended for the UHNWIs but gratefully snarfed by me.  But all is not well in the rarefied world of the family office, for money launderers – the little devils – have realised their potential.

It could be argued that we AMLers are not helping the cause: as AML obligations around PEPs (politically exposed persons) and other high-risk clients are increased, the more familiar, larger institutions may come to the conclusion that it’s all too much trouble, and decline to take them on as clients.  They then turn to more boutique firms, who need the business and might be willing to be that little bit more… accommodating when it comes to CDD.  We can’t say too much at the moment, for obvious reasons, but it seems that Jahangir Hajijev of Azerbaijan and his family (including his wife, of UWO fame) made extensive use of the family office services of Werner Capital in Belgravia – I bet their biccies are top-notch.  Although family offices could – quite rightly – say that they know their clients really well, it must be remembered that their clients will generally be really complicated, with – to put it simply – lots of money all over the place.  Checking source of wealth and source of funds for such people will be a full-time job.  Keeping track of their close associates will not be an easy task.  And then we have the age-old problem of client capture: if your entire livelihood depends on one client, how likely are you to rock the boat by reporting a suspicion about that client?

In the US there is an organisation called the Family Office Association, which offers guidance, training and networking to its members, and that seems a good idea – but a search on the word “laundering” on their website brings up no matches at all, which suggests that it is not on their radar.  This will not have escaped the notice of money launderers.

Posted in AML, Money laundering | Tagged , , , , , , , , | 8 Comments

A case in point

I’m ba-ack!  So let’s leap straight in with a complaint.  As every MLRO knows, nothing enlivens an AML training session like a story – known officially as a case study.  At the moment, staff are lapping up details of “the £16 million Harrods woman” and “the Assad niece living in luxury in Knightsbridge”.  But these are the big public stories of high-level political corruption – and arguably not the laundering worries that most people in the financial sector are going to be tackling every day.  Moreover, stories make it into the media only when official allegations have been made or – more commonly – once verdicts have been passed by the court.  And, as we all know, the “near miss” can be just as good a training opportunity.  Quoting lists of “red flag” indicators gleaned from industry reports does not make it real enough for people – it does not make them stop short and think, “That could easily have been me”.

I am frequently asked by clients to include case studies in my training.  But they must be relevant to our sector, they say, and they must be current.  This is not unreasonable – but where am I to find such stories?  Of course I fillet the case studies and best practice guidelines issued by regulators, and I sometimes pinch stuff from other jurisdictions and pretend it’s local.  I also ask MLROs if they have any tales from their own organisation – actual laundering, or near misses – and the answer is nearly always this: “Yes, but we can’t tell you about them and we don’t want staff to know.”  (Before I get waves of outrage about SARs and tipping off, I mean either instances where concerns were raised and then allayed, or ones where the investigation is now done and dusted.)  One MLRO even said that he wouldn’t be happy for staff to know about how a particular laundering scheme had (almost) worked because “it might give them ideas”.

What would be ideal as a training resource is a library of detailed yet engaging case studies.  But who could be trusted – or indeed bothered – to maintain such a thing?  The Egmont Group – the trade body for FIUs – does some work in this area, but their last set of case studies was published after the Best Egmont Case Awards in 2013.  (And these are grouped by jurisdiction and predicate crime rather than by affected sector, so you need to read a lot to find ones that are most relevant.)  You can use final notices and best practice indicators from regulators to cobble together stories, but it’s hard work.  So come on, MLROs: who’s up for submitting in-house tales of woe, suitably anonymised, to a central repository to be used for the good of all AML training?

Posted in AML, Money laundering, Training | Tagged , , , , , , , , | 6 Comments

Words speaking louder than actions

Now I know it’s important to Think Big – to have goals and targets and ambition.  But you can take it too far.  And I rather think that in their recent “Economic Crime Plan 2019-2022” the joint forces of HMG and UK Finance (which I understand is the jazzy new branding for the British Bankers’ Association and a few others) have done just this.

Turn, if you will, to page 17, to the section titled “Project and commitments”.  Now, I am a world-class list-maker.  My bullet points go down to four levels – so we’re talking semi-professional planning.  But I have yet to create a table of 52 actions (it’s just occurred to me: is that one a week?).  And some of these are really, really formidable.  “Develop framework to repatriate funds to victims of fraud”, for instance, and “develop a sustainable, long-term resourcing model for economic crime reform”.  The Pollyanna side of my nature has been beaten into submission by the barrage of frankly ludicrous “promises” made by those who are trying to convince us that Brexit will be a little bump in the road, easily negotiated, and so I have no appetite for long lists of holy grails – particularly when none of the five actions related to “Better information-sharing” even features the word “international”.  And as for the five actions related to “International strategy”, all five are apparently “ongoing” – so no target date for improvement or completion.

But perhaps it makes sense when I read that this plan was signed off by Home Secretary Sajid Javid and Chancellor Philip Hammond – neither of whom holds that office any longer.

Posted in AML, Fraud, Money laundering, Organised crime, Publications | Tagged , , , , , , , , , , , , | Leave a comment

So near and yet so far

At the end of June 2019, the UK’s Gambling Commission – one of our five-star AML regulators, getting top marks from users for both approachability and communication – published its 2018 money laundering and terrorist financing risk assessment.  This examines all incarnations of the gambling industry in the UK – arcades, gaming machines, lotteries, betting (remote and non-remote), bingo (remote and non-remote) and casinos (remote and non-remote) – and assigns to each a risk rating.  The money laundering risk ratings vary across the risk spectrum, while all forms of gambling are considered medium risk for terrorist financing.

For those of us unfamiliar with the gambling world, this report provides a timely explanation of the sector as it works now: gone are the days of perching at green baize tables, wreathed in smoke and kissing the dice for luck.  For instance, did you know that arcades now offer “privacy booths” for certain gaming machines [the mind boggles as to what might require privacy…] which makes it harder to supervise their use?  The increase in cashless payments further reduces customer interaction with staff.  And the latest technological advance – Bring Your Own Device – means that “a customer could place bets without needing an account or interacting with employees of the operator” (although this has yet to happen in the UK).  Add to this the increase in the use of crypto-currencies, as well as the continued use of informal value transfer systems (such as hawala) to fund accounts and a theme develops: no matter whether the gambling provider is technically non-remote (i.e. a real-life, physical premises), much of the money is moving in a remote manner that increases the risk of it evading due diligence checks and adequate monitoring.  And that’s a gamble none of us wants to take.

Posted in AML, Money laundering, Publications, Regulation | Tagged , , , , , , , , , , | Leave a comment

RUSI and the red team

Regular readers will know how I love “crisp” writing: writing that is clear, well-structured, unambiguous and just that little bit elegant.  (Compare and contrast with most of the hurried, rambling and frankly inaccurate drivel that appears online these days.)  Two of my favourite and most reliable sources for such written marvels are the Law Society of England and Wales (their practice notes are a masterclass in lucidity) and RUSI – the Royal United Services Institute, and more specifically their Centre for Financial Crime and Security Studies.

In the early summer, the CFCSS of RUSI published one of their occasional papers – this one on the topic of money laundering risk in the UK professional services sectors (“in particular the legal, accountancy, real estate, and trust and company service sectors”).  The report shares the findings from two workshops held in early 2019 and looks first at the money laundering threats facing these sectors and then at the responses to those threats.  The threats presented could be the baddies in a peculiar panto: we have the Oligarch and the Organised Crime Launderer.  And the standard responses – risk-based approach, CDD and suspicion reporting – are considered for their effectiveness in countering these threats.  And, as is the RUSI way, the report is topped and tailed with recommendations.

However, the most interesting part of the RUSI exercise is sadly missing.  As explained the introduction to the report, “it was decided to hold one session looking primarily at threats and vulnerabilities (threat workshop) and one looking at the responses of the professions (response workshop).  A further session, the red team exercise, was designed to allow attendees to draw up their own money-laundering scheme.  The outputs from this session are naturally not included in this paper.”  I can only hope they are being shared in a less public forum, as they will prove invaluable.

Posted in AML, Money laundering, Publications | Tagged , , , , , , , , , , | Leave a comment

The law(yer) is an ass

AML efforts tend to move in one direction: more, greater, stronger, bigger – whatever the right adjective may be.  Occasionally we see an unwinding (as when many jurisdictions removed general insurance business from the AML family) but for the most part, we tend to extend and increase.  That said, the intended direction of travel can be halted – and sometimes by the most unlikely brake.  Or maybe that’s my naivety talking; you might not find this unlikely at all.

The US is not a jurisdiction in which I work and so I hesitate to comment in any detail on their AML regime, except to observe that they do like to plough (sorry, plow) their own furrow (or should that be furrough?).  What I do know – and what often surprises those new to the world of AML – is that under the American regime, lawyers are not subject to AML obligations.  The AML obligations (CDD, record-keeping, etc.) are contained in the Bank Secrecy Act of 1970, which was significantly amended by the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA PATRIOT Act) of 2001, and (putting it simply) these laws apply only to “financial institutions”.  And no matter how broadly you define that term, it does not include lawyers.

Now call me an old cynic, but is that not crazy?  Everyone know that lawyers are vulnerable to money laundering – either deliberately enabling schemes for baddies or failing to spot that they are being misused by clients who look like goodies but are in fact baddies.  Just last month the FATF published updated guidance on the risk-based approach specifically for legal professionals, in which it states as accepted wisdom – which, come on, it is – that nearly every service offered by the legal sector can be used for money laundering, from holding client funds to advising on property sales, from forming companies and trusts to managing client affairs.  So it would seem logical that the US would upgrade its AML regime pretty sharpish to do what nearly everyone else in the world has been doing for years: welcome their lawyers into the AML fold.

There are plenty of influential Americans who want this to happen.  But they keep coming up against the most obstinate of opponents: the American Bar Association.  Yes, the official American Bar Association.  OK, so people are often a bit lukewarm about joining the AML family – UK lawyers were not cock-a-hoop about it either, I seem to recall.  But the Law Society does not have the clout of the ABA, and common-sense prevailed on this side of the pond.  The issue has come back into the headlines recently because the ABA is currently engaged in opposing the creation of a register of beneficial ownership.  We’re not talking about a public register – they oppose any register on the grounds that it “would impose burdensome, costly, and unworkable new regulatory burdens on millions of small businesses and their lawyers” and “raises serious privacy concerns for small businesses and the many individuals who would be designated as beneficial owners”.  You can read their full objections here.  If I were a wealthy criminal and needed a lawyer to help me with a spot of laundering, I know where I would go, and I’d pay handsomely for the privilege [little legal joke there – very little].  And I’m not alone in suspecting that this is the real reason for all the objections to anything AML-ish which could in any way inconvenience any paying client.

Posted in AML, Money laundering | Tagged , , , , , , , , , , , , , | 4 Comments

FATF 1, EU 0

The Fourth Money Laundering Directive brought us many delights, including Article 9: “Third-country jurisdictions which have strategic deficiencies in their national AML/CFT regimes that pose significant threats to the financial system of the Union (‘high-risk third countries’) shall be identified in order to protect the proper functioning of the internal market.”  The requirement is retained unchanged in the Fifth Money Laundering Directive.  Now I can see arguments on both sides.  Regulated businesses – particularly when it comes to dodgy jurisdictions – do like certainty, and an approved list of “high-risk third countries” might seem attractive.  But there are, it seems, more problems than benefits.  It’s looking outwards only, for a start: assessing only “third countries” (i.e. non-EU Member States) brings to mind planks and specks.  And as the European Commission – which adopts the list – is a political body, it is vulnerable to political pressure.

And so it has proved.  The first list was adopted by the European Commission on the advent of MLD4, and that first list was basically a carbon copy of the FATF’s list of jurisdictions with “strategic AML/CFT deficiencies”.  But then the Commission started to wonder whether it could do better than the FATF – yes, better than the agency that has devoted itself entirely to matters money laundering and AML for three decades.  Obviously that wondering should have led to the answer “no”, but it did not.  And in June 2018 the Commission published its own “Methodology for identifying high risk third countries”, which involves looking at the FATF list and then “taking into account strategic deficiencies… in relation to: (a) the legal and institutional AML/CFT framework of the third country, in particular: (i) the criminalisation of money laundering and terrorist financing; (ii) measures relating to customer due diligence; (iii) requirements relating to record-keeping; (iv) requirements to report suspicious transactions; (v) the availability of accurate and timely information of the beneficial ownership of legal persons and arrangements to competent authorities; (b) the powers and procedures of the third country’s competent authorities for the purposes of combating money laundering and terrorist financing including appropriately dissuasive, proportionate and effective sanctions, as well as the third country’s practice in cooperation and exchange of information with Member States’ competent authorities; (c) the effectiveness of the AML/CFT system in addressing money laundering or terrorist financing risks of the third country.”  If all of that sounds familiar, good: it’s because it covers the same ground as the FATF’s own modern methodology (compliance and effectiveness).  So far, so pointless.

But although the methodologies seem similar, the outcomes certainly are not.  And on 13 February 2019 the EC announced that it was adopting a new list of “high-risk third countries” – twenty-three in total.  Two in particular were rather annoyed at their inclusion: the US huffed that their four territories on the list (American Samoa, Guam, Puerto Rico and the US Virgin Islands) should not be there because “the same AML/CFT legal framework that applies to the continental United States also generally applies to US territories” [I’m saying nothing], while Saudi Arabia was quietly furious.  And quietly effective: King Salman sent letters to all EU leaders urging them to reconsider their decision, saying that his country’s inclusion “will damage its reputation on the one hand and will create difficulties in trade and investment flows between the Kingdom and the EU on the other”.  That did the trick: on 8 March 2019 the new list was unanimously rejected by the EU Member States and tossed back to the EC for them to have another think.

We now hear, courtesy of Reuters, that the commissioner in charge of the issue, Vera Jourova, has come up with a cunning plan: a revised process to list countries.  Instead of directly blacklisting those with shortfalls, the new process would be based on a “staged approach” under which risk countries would need to commit to changing their rules and practices by set deadlines, effectively producing a grey list of jurisdictions that would be blacklisted only if they failed to apply required reforms.  Again, if that sounds familiar, it should: IT’S HOW THE FATF DOES IT.  *throws hands in air in despair*

There will now be a two-week pause in blog posts while I hide away at the top of a mountain to finish my sixth Sam Plank novel.  You can keep track of my fiction-based progress on my writing blog, and indeed you can even have your say on what you think the title of the book should be.  And if you fancy having a look at the books, you can now download a free guide to the series, with the first chapter from each book and a glossary of Regency terms – you’d be bird-witted not to!  I’ll be posting here again from 7 August onward.

Posted in AML, Legislation, Money laundering | Tagged , , , , , , , , , , , , | 5 Comments


Here’s what I have read about Facebook Libra:

  • According to the Financial Times, it is “a new global digital currency backed by assets and supported by more than two dozen companies ranging from Visa and Mastercard to Lyft and Spotify”. It has been planned for some time: “[the] social network quietly assembled a crypto team and courted partners for more than a year.”  And “banks were notably absent from [the] list of initial backers”.
  • Running the show will be a new Facebook subsidiary called Calibra and an independent consortium called Libra Association
  • You won’t need a Facebook account to use Libra
  • According to Dante Disparte, head of policy and communications for the Libra Association, “the central goal here really is financial inclusion”
  • While Calibra is targeting only basic fund transfers to begin with, the subsidiary plans to expand its services to allow customers to pay bills and purchase goods or services
  • There are enormous “Big Brother” concerns; as John Harris has it in the Guardian, “Facebook will know the people and companies with whom its users have financially interacted, and that is likely to only be the start”.  And “whatever the guarantees [about data protection], the most basic point is obvious enough: why should a company with such an appalling record on personal data be trusted to so massively extend its reach?”.

And here’s what I have not read about Facebook Libra:

  • What are its money laundering and terrorist financing vulnerabilities?
  • Who will supervise it?
  • Will it be covered by the same AML/CFT obligations as are being gradually introduced for cryptocurrencies?
  • If it all goes pear-shaped, who will be accountable?

Given that one of the tenets of AML is that you should always do your money laundering research before you launch anything new, it’s something of an oversight.

(Here’s the word from the FATF, in Recommendation 15: “Countries and financial institutions should identify and assess the money laundering or terrorist financing risks that may arise in relation to (a) the development of new products and new business practices, including new delivery mechanisms, and (b) the use of new or developing technologies for both new and pre-existing products.  To manage and mitigate the risks emerging from virtual assets, countries should ensure that virtual asset service providers are regulated for AML/CFT purposes, and licensed or registered and subject to effective systems for monitoring and ensuring compliance with the relevant measures called for in the FATF Recommendations.”  Perhaps someone could mention it to Mr Zuckerberg or Mr Disparte.)

Posted in AML, Money laundering, Regulation, Supervision, Terrorist financing | Tagged , , , , , , , , , , , , | 5 Comments

On their own authority

Over a two-decade career in AML, one of the things I have noticed is the “normalisation” of the terms “money laundering” and “AML”.  When I first started out, I had to explain to everyone non-finance-y what money laundering was and what we were trying to do about it.  (One family friend wondered how I could hope to make a living telling people about one brand of car; she had mis-heard “fraud” as “Ford”.)  Nowadays you can’t watch a Hollywood film or Netflix drama or read a fast-paced thriller without stumbling across someone laundering dodgy money (usually wearing sunglasses and a sneer).  This makes me look good, of course: how prescient I was to choose a specialisation that would one day be so fashionable.  It was entirely by accident, I can assure you; I’m the contrary sort of person who prefers to be out of fashion.  But in many ways it is a good development, not least because money laundering awareness is spreading far and wide, with even organisations that are not [yet] required to do so by law putting in place their own AML procedures.

The latest to come to my attention is Aberdeen City Council.  Now, Aberdeen has had a few laundering headlines in its time.  In August 2014 Italian MEP Oreste Rossi announced that research done by the Transcrime Centre in Italy had shown that, in Scotland, “the Camorra stronghold is Aberdeen… where it controls the catering, public works, food retail and wholesale and property sectors” – although his view was later toned down in the November 2015 final report on “Organised Crime Infiltration of Legitimate Businesses in Europe”, which states simply that Aberdeen is one of the top three locations (along with Glasgow and Durham) mentioned in open-source material on organised crime groups.  That said, in August 2018 Scottish restaurateur Antonio La Torre was arrested in Italy on suspicion of mafia involvement – he was perhaps inevitably nicknamed “the Don of the Don”.  Those charges were dropped but he still faces firearms charges and must report daily to the police station in Mondragone, a seaside town just outside Naples.  In October 2018 Aberdeen solicitor Ian McDougall was struck off by the Law Society of Scotland after failing to answer for various AML failings in his firm and running off to (it is believed) Abu Dhabi.  And a month ago, Nigerian former professional footballer Jay-Jay Okocha was charged in Aberdeen Sheriff Court with money laundering allegedly relating to the proceeds of frauds perpetrated in Scotland in 2015.

Perhaps with these incidents in mind, on 30 June 2019 Aberdeen City Council’s audit committee approved a new “Anti-Money Laundering Policy”, which – although recognising that an MLRO is not a legal requirement for local authorities – nominates their Chief Officer-Governance as their, well, nominated officer.  They also supply a generous list of money laundering “flags”, including cash payments over £5,000, over-payments, and requests for overseas transfers to high-risk jurisdictions.  Is this perhaps a hint that our AML legislation, by not covering local authorities, is insufficient?  When an organisation voluntarily admits that it has a vulnerability to money laundering – albeit at a low level – and puts in place its own AML procedures, it certainly suggests that we could do more.

Posted in AML, Legislation, Money laundering, Organised crime | Tagged , , , , , , , , , | Leave a comment

Exceeding slow

You remember the summer of ’98.  The European Central Bank was founded in Brussels, Pete Sampras won the men’s singles title at Wimbledon, “Sex and the City” premiered on the telly – and Nigerian dictator Sani Abacha died at the age of 54.  In case you’re like me and keep losing decades when you work out how old you are, this was twenty-one years ago.  Abacha was not, for the AML community, a nice chap.  It is estimated that during his ascent up the greasy pole of Nigerian power (he served as Chief of Army Staff from 1985 then Chief of Defence Staff before becoming President in November 1993) he and his family accumulated US$5 billion of public funds, and in their 2004 “Global Corruption Report” Transparency International recognised him as the fourth most corrupt political leader in history.  In other words, we’ve known for a long time that any money squirrelled away around the world by Abacha or his rellies is dodgy and should be examined closely and almost certainly should be returned to the people of Nigeria.  But as we also know, the wheels of asset forfeiture grind exceeding slow – and most especially those of civil asset forfeiture.  It’s one of the enduring bugbears of we AML-ers: how can we convince people that AML initiatives work when it takes, like, forever to see the fruits of our labour?  And so we must rejoice whenever a thieving politician’s assets are found, seized and returned to their rightful owners – albeit decades later.

It’s a very complex exercise, of course, tracking down the Abacha billions, but he laundered some of his corrupt proceeds – $268 million – by moving it through the US and then popping it into accounts held in Jersey by a British Virgin Islands company called Doraville Properties Corporation.  As usual with such cases (and this explains in part the slowness of the system) there have been all sorts of legal debates.  In 2014 the US authorities asked for the money in Doraville’s accounts to be forfeit and a restraining order was granted in Jersey.  Doraville asked for the order to be discharged but their application was dismissed, as were their two appeals against the imposition of the order in the first place.  And on 4 June 2019 the Jersey authorities finally confirmed that – with all possible legal challenges exhausted by Doraville – the money had been moved from the bank accounts into the Civil Asset Recovery Fund under the control of the States of Jersey.  In other words, it is no longer Doraville’s money.  The next step is for Jersey, the US and Nigeria to work out an asset-sharing agreement to decide who gets what proportion of the money – and the word on the street (that’s Broad Street in St Helier) is that there is more money sitting in Doraville accounts that will go the same way.  So patience, grasshopper.  Perhaps we can see it as proof that ill-gotten gains are never washed clean but remain dirty forever, and will be pursued long after the crime has been committed and the criminal has died.

Posted in AML, Bribery and corruption, Money laundering | Tagged , , , , , , , , , , , | 1 Comment