For various reasons (obesession, mainly) I’ve just been reading the FSA’s Notices on Habib Bank and its MLRO Syed Itrat Hussain. In case you missed it, on 4 May 2012 the FSA fined the bank £525,000 and the MLRO £17,500 for “failure to take reasonable care to establish and maintain adequate anti-money laundering (AML) systems and controls”, furthermore commenting that “the failings at Habib lasted almost three years and exposed the firm to an unacceptable risk of laundering money”. There were numerous errors made, but one of the worst was the bank’s failure to conduct enhanced due diligence for high risk customers.
To set the scene, Habib also made some boo-boos with its list of high risk jurisdictions – downgrading some on the simple basis that the bank had a branch there, even though (in the words of the FSA) “the higher risk of money laundering they presented was not negated by Habib’s physical presence in those countries or any specialist knowledge of them”. Despite paring the list in this way, the bank did still end up with some customers that it admitted were high risk – but then “the EDD conducted was inadequate, and/or EDD had not been conducted prior to transactions occurring on the account”.
Sometimes firms can get so tied up in the mechanics of researching, designing, reviewing and generally polishing to a high shine their risk-based approach that they overlook the whole purpose of it: to allow the application of differentiated due diligence. Mis-categorising clients – in this case, calling them normal risk when they were in fact high risk – can be explained (if not excused) as misinterpretation. But actually putting the red spot on a client, showing that you recognise them as high risk, and then not doing EDD – well, that’s plain daft. Although I am amused to see the FSA falling back on my word of the month – adequate/inadequate….
In an odd sort of way I am pleased an MLRO has been fined. Not because I wish anything bad on an individual but personally, as an MLRO and responsible for training, I constantly tell staff particularly relationship managers that they carry a great responsibility for identfication of suspicious activity. Even more so – banks will always sell the value of the relationship manager – understanding the customer’s business, keeping close to their plans etc etc. . So with that message an RM can only with diffculty defend not spotting an unusual (possibly suspicious) transaction.
So a good example of personal liability – I am always on the look out for others.
You and me both – you know how I love a laundering conviction. I dread the day that an MLRO I know and like will fall foul of the system, but I think the odds are against it: the MLROs who care enough to read AML blogs and articles, and to develop tailored training and detailed procedures for their staff, are a world away from the ones we see being named and shamed.
You make an excellent point about the status of the RM – who sometimes seem to want the credit without the responsibility… It is a point I may pinch, sorry, adapt for future training!
Best wishes from Susan
Pingback: The FSA’s duck shoot | I hate money laundering