The Role of Sanctions in Achieving International Peace and Security

Sanctions are a form of control a country exercises to coerce another country, group of countries, individuals, or entities to change their behavior and policies and follow the international trade rules. It is an integral part of the AML process and KYC procedures.

Sanction lists help to know which individuals, entities, and businesses are banned from trading. So, companies can make an informed decision regarding establishing and continuing a business relationship with the sanctioned entities or individuals. The sanction screening process helps businesses to know if their customers have been banned, and they can stop doing business with them to safeguard their reputation, protect their business interests, and avoid AML penalties.

What are Sanctions?

Sanctions are part of the foreign policy imposed by a country or groups of countries to ban another country, individuals/entities from doing business with them. Sanctions act as a coercion tool that governments use to pressure the prohibited countries/entities/ individuals to follow the rules and regulations and work in the interest of the global economy.

There are several forms of sanctions, and the most popular is the economic sanction that bans countries or groups of countries from doing business with sanctioned entities. Economic sanctions are measures one or more countries adopt against a business organization/government or group of nations to force them to follow international laws. Economic sanctions create financial difficulties for the banned countries and lead to substantial monetary losses. Sanctions can be unilateral and multilateral.

The former refers to when a government imposes a sanction on a person, entity, or nation – businesses operating in the sanctioned country will also be banned from doing business with them. The latter refers to when an international body such as the UN imposes sanctions. All the members of the UN will have to issue sanctions against the notified persons in their respective countries. So, the importance of the global sanction lists is no lesser than the local list of the respective country.

Who Appears on the Sanction List?

Sanctions are imposed on an individual – it may be a PEP, a business head, a criminal, or a terrorist. Sanctions may also be issued against the entity or a group of people – may be a terrorist or criminal organization. Sanctions are also issued against countries. It prohibits businesses from conducting transactions with persons or enterprises operating in or from the sanctioned country.

Sanctions prohibit different activities, such as trade restrictions and banning commercial activities. It is against the law to do business with a sanctioned entity. So, as a part of its AML compliance and KYC process, a company must verify sanction entities with a proper sanction screening process.

What are sanctions lists?

Sanction lists mention the sanctioned entities on which unilateral and multilateral sanctions have been imposed. It flags individuals, entities, and countries that pose a high risk to a business and the world economy. It helps to protect a business from being misused for or vulnerable to money laundering and terrorism financing. Several global bodies, such as the EU, OFAC, and the UN, impose sanctions and issue a detailed listing of the same. The sanctioned entities or individuals have a higher probability of committing financial crimes.

But it is pertinent to note that the sanction lists are updated regularly to accommodate the changes in the current political and economic scenario. It is important to note that businesses keep track of the frequent listings and de-listings made in the sanction lists and keep themselves updated with the latest sanctions.

Non-compliance in Sanction Screening

Non-compliance in the sanction screening process leads to paying fines and huge penalties. Failure to follow the sanction screening rules also leads to imprisonment for a considerable term. Apart from the penalties, non-compliance leads to reputational damage, negatively impacting the goodwill of the business earned over the years.

The diligence required in sanction screening

It is advisable to adopt a proactive compliance approach and conduct due diligence based on the business’s risk appetite and the customer’s potential risk. It will prevent risks of noncompliance. Integrating a practical compliance framework into the system is the best practice for an efficient approach toward compliance with AML rules, KYC, and sanction screening. Also, businesses must keep themselves updated with the revised guidelines and regulations and conduct due diligence accordingly.

With a good software solution, a company must bother about the AML compliances, where the screening and other compliance processes would be automated. It will keep the business ahead of the curve by following all the latest guidelines in AML compliance and conducting the sanction screening in almost real-time.

How does Sanction Screening Work?

In sanction screening, businesses have to screen the customers’ database/profile against the individuals/entities and countries appearing on the sanction list issued by the local government and international bodies. Basis the sanction searches, a business will screen its customers on the global and local lists to check whether any of its customers are named on the sanction list. The objective is to conduct a thorough screening to help them comply with the sanction rules and regulations and protect the business from being exploited by the money launderers. It also helps in protecting the company’s reputation. Today, businesses rely on software solutions to automate the sanction screening process and get quick and accurate results

Manual sanctions screening processes are time-consuming and cumbersome, with the possibility of human errors, making the whole exercise futile. It results in the wastage of precious resources and time. So, it is best to rely on technology to bring in the much-needed efficiency and higher accuracy in the results, saving time and cost.

Why should automated sanctions screening be preferred?

With technology and digitization spreading their wings across different spans of businesses, it is recommended to deploy an advanced tech-based solution for the sanctions screening process. There are several advantages of the sanction screening software. The software will automatically run quick and accurate searches in the local and global sanction lists and quickly identify if any of the customers are sanctioned. Technology will automate the process, bring more efficiency, and speed up the customer onboarding decision-making process.

Ease of Search

The software will run quick searches in the local and international sanction lists and deliver fast results. It helps the business make swift, informed decisions that will help them identify companies appearing on the sanction lists and whether to conduct business transactions with them or not.

Accuracy

Relying on the software will eliminate human errors and provide more precise outcomes.

Integration with Existing Systems

The software solution integrates with the current in-house AML systems and increases the existing solution’s capability. Business organizations get a 360-degree view of their customer’s profiles and correctly determine the true identities of the customers and the associated risks.

Updated Information

The software will conduct searches based on the latest and revised guidelines in the sanction screening rules and updated lists without businesses manually tracking the amendments.

Additional Tip for Sanction Screening:

It is highly suggested to develop a robust AML compliance framework in the organization and adopt a proactive approach toward sanctions screening. So, during the screening process, businesses should search for aliases, and name variations, including and excluding middle names. Also, match the customers’ information based on the date of birth, middle name, nationality, ID number, etc.

Final Words

It is mandatory to follow the sanction screening rules and comply with the AML regulatory compliances. Sanction monitoring can be effective and result-oriented with the help of technology that automates the AML compliance process. It helps to keep in sync with the latest updates in new listings and de-listings so they have updated lists and can correctly screen their customer database and keep it up to date. It allows businesses to avoid penalties and make informed decisions by not doing business with a sanctioned entity, saving monetary costs and reputational damages.

About the Author

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Article UAE

Enhanced Due Diligence: Navigating the measures to manage high-risk under Singapore AML Laws

The regulated entities engage with different customers every day, coming from different jurisdictions from various business profiles, posing different levels of money laundering or terrorism financing exposure. The AML regulations in Singapore mandate the regulated entities to apply adequate customer due diligence measures depending on the customer’s risk profile. The law prescribes adopting Enhanced Customer Due Diligence when engaging with high-risk customers, i.e., the business relationships or the transaction construed as posing an increased risk of financial crime.

In this article, let us explore Enhanced Due Diligence (EDD), the measures there under, the circumstances when EDD is performed, and its significance under AML Singapore regulations.

What is Enhanced Due Diligence?

Enhanced Due Diligence (EDD) is a type of customer Due Diligence comprising extensive measures applied to establish the customer’s identity when the assessed risk arising from such customer or business relationship is high.

EDD is an extension of the Standard Customer Due Diligence, generally followed in the case of normal customers, categorized under low or medium-risk levels. During EDD, the regulated entities dive deep into the customer’s background to detect potential red flags suggesting involvement in money laundering or terrorism financing attempts. In addition to the basic due diligence related to identifying and verifying the identity, EDD involves additional inquiry and review around the customer, their purpose of establishing the business relationship, their financial profile, etc.

What are the circumstances when Singapore AML regulation mandates the performance of EDD?

The AML regulations of Singapore provide for the following circumstances when the customer would be classified as “high-risk”, warranting the regulated entity to implement the Enhanced Due Diligence process:

When the customer comes from or is closely associated with the countries subject to FATF’s Call for Action, either apply the countermeasures or adopt enhanced measures to manage the risk (FATF Blacklist).
When the customer is a resident of or has business connections with jurisdictions with inadequate regulatory frameworks to combat money laundering and terrorism financing or countries notorious for financial crimes or high levels of corruption.
When the customer or the beneficial owner is a Politically Exposed Person (PEP) or is a close associate or a family member of a PEP. (It is important to note that in case of a domestic PEP or a person holding a prominent public function in any international organization, such customer shall, by default, not be treated as high-risk unless any unusual activity is detected or any other risk indicator suggests otherwise).
When any concerned authority has notified the person as posing an increased risk of money laundering or terrorism financing.

In addition to the above, if the regulated entity observes any other red flag or potential risk indicator requiring the customer to be classified as high-risk, adequate enhanced due diligence measures must be applied in proportion to the risk assessed.

What are the EDD measures prescribed under the Singapore AML regulations?

To manage the increased risk of financial crime, the EDD program crafted by the regulated entity must be comprehensive and focused on detecting any malicious intention of the customer to exploit the business for laundering funds or financing terrorist activities. The EDD measures that must form part of the entity’s EDD framework are as follows:

Inquiry around the financial profile of the customer:

When a potential customer is identified as high-risk, the inquiry must be made around the funds involved in the transactions and the nature of the customer’s income to establish whether such amount is in any way connected with any financial crime. As part of EDD, the regulated entities must make reasonable efforts to understand the customer’s income level and the nature of the source of funds and wealth and try to determine its legitimacy using reliable sources like salary slips, annual financial statements, or tax returns. In the case of a corporate customer, the regulated entities must apply these measures to check the financial profile of the beneficial owners as well, as they are the real persons pumping in the funds or navigating the transactions.

Here, the source of funds would mean the origin of the funds or the amount involved in the particular transaction. While the source of wealth indicates the origin of the accumulated assets or resources of the customer.

Senior Management Approval:

The senior management of the regulated entity must be aware of the increased risk that a customer or a transaction poses to the business. For this, the Singapore AML regulations require that the regulated entities seek senior management approval when a business relationship is proposed to be established with a high-risk customer.

Moreover, senior management approval is also required in the case of an existing customer when the customer’s risk classification changes during the ongoing business relationship. This approval must be obtained before executing any further transaction with the customer, i.e., continuing the existing relationship.

Applying enhanced ongoing monitoring:

It is essential to track its profile and the transactions in the course of an established business relationship to detect any red flags or suspicious activities promptly. The frequency and the degree of such ongoing monitoring must be increased in case of high-risk customers subject to Enhanced Due Diligence. Here, the regulated entities may implement a policy to periodically select certain transactions of high-risk customers that would be thoroughly investigated to check their validity.

Approach to implementing the Enhanced Due Diligence

Having developed a robust Enhanced Customer Due Diligence program, it is equally important to adopt the right approach to ensure the effectiveness of the EDD measures. A systematic approach, as mentioned hereunder, will help the regulated entities in managing the high ML/FT exposure and staying compliant with the Singapore AML regulations:

1. Assessing the customer risk and identifying the high-risk business relationships:

The foundation of the EDD program is that the regulated entity has classified a customer or a business relationship as high-risk. The entity must adopt a holistic approach while determining a customer’s risk profile, considering various factors like the location of the customer, its business activities, the intended nature of the business relationship, etc.

2. Obtaining and verifying additional details and documents:

Once high-risk customers or transactions are identified, the regulated entities must obtain additional information and documents from the customer. The authenticity of the received details and documents must be verified.

3. Checking the adequacy of measures applied to the risk identified:

Having applied the additional measures and checks, the regulated entity must assess whether these measures align with the customer’s increased risk and whether the Customer Due Diligence process can be construed to have been satisfactorily concluded. If the regulated entity still believes that the measures do not appropriately manage the risk, the entity must consider applying stringent measures, if possible; otherwise, reject the customer and explore the requirement to report the person by filing a Suspicious Transaction Report (STR).

4. Perform ongoing monitoring of the customer’s profile and the transactions:

Once the high-risk customer is onboarded, the regulated entity must subject this customer and the transactions monitoring to ongoing monitoring to detect any suspicious customer behaviour or transaction inconsistent with the customer’s overall profile. If any red flags suggest the customer’s involvement with financial crime or attempts to launder the funds, the regulated entities must timely report the same to the authorities by filing a suspicious Transaction Report.

By thoroughly adopting the enhanced due diligence process, the regulated entities can efficiently detect and prevent financial crime while staying compliant with the AML regulations in Singapore.

Why is EDD a significant element of the AML Program?

Enhanced Due Diligence, though it may be treated as an additional exercise requirement for more resources, is essential, making a significant impact on the regulated entities’ efforts to combat financial crimes, which are as follows:

When the regulated entity implements the EDD program, it demonstrates the commitment and dedication of the business in fighting money laundering and terrorist financing. It enhances the government and the customer’s trust and confidence in the business.
With more strict measures and checks, the regulated entities can control the financial criminals sneaking into the business to achieve their criminal objectives. It saves the business from commercial loss and also avoids reputational damages.
When EDD measures are not applied for customers posing higher ML/FT risks, the same tantamount to regulatory non-compliance results in huge fines and penalties. It also adversely impacts the regulated entity’s reputation in the market.

In the interest of the business, it is inevitable for the business to design and maintain a robust Enhanced Due Diligence program to manage the risk, protect the business, and stay AML compliant.

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article Singapore

AML Implications for Politically Exposed Person (PEP)

Identifying a Politically Exposed Person (PEP) can be a challenging task. The customer identification process is crucial as the exercise can help a business correctly assess the risk of creating a business relationship with PEP. If the identity and connections of the person are not known to the company and without correct risk assessment, mitigation of the risk becomes complex leading to reputational damage.

Let’s discuss PEP and the implications of not correctly identifying the PEP.

What is a PEP?

PEP is an acronym for Politically Exposed Persons. PEPs are persons with political power who can exercise political influence to carry out business activities and other administrative roles at their discretion. PEPs are most likely to be suspected of bribery and involved in corrupt activities, as they influence the spending of government funds. It is noteworthy that not only the person with the political power but also the family, friends, and close associates are also considered high-risk customers owing to the relationship they share with the PEP.

PEP’s definition differs from country to country, and it’s a broad term in which businesses exercise their best judgment to identify a PEP. There are several factors that businesses need to consider in the risk assessment, such as the type of business, the country in which it operates, and the local AML regulations.

Q. Would a person holding political position in foreign country be also considered as “PEP” under UAE AML Regulations?

It is to be noted that that the PEP is not restricted to only domestic public functions. Rather, the person who has been entrusted with prominent public designation in any other foreign country and person entrusted with the management or any prominent function within an international organization would also be construed as PEP under the category of “foreign PEP” and “Heads of International Organizations (HIOs)” respectively.

Being a PEP is not a crime, but companies must remember that a particular risk is involved in maintaining a business relationship with the PEP, that comes with their status or position in government. Companies should conduct a thorough background check and know if the persons have been involved in any money laundering cases or financial crimes. With complete knowledge of the PEP, businesses can make informed decisions regarding due diligence to be carried out and assess the risk correctly. PEPs have a higher risk because of their vulnerability to corruption and bribery cases. They can know the amount of risk involved with such entities and take appropriate measures to conduct KYC processes and Enhanced Due Diligence.

Businesses must follow compliance and regulations depending on their jurisdictions and the local laws. The type of business, the sector and the company’s geographies, and the AML laws governing the country are considered while analyzing a PEP. The government has imposed huge fines for not identifying the PEPs. Also, it is essential to have an internal AML department and a robust compliance framework that will guide the business to follow the AML rules and identify PEPs by implementing an adequate due diligence process.

Why is the identification of PEP important?

PEPs are more likely to get involved in financial crimes like money laundering, corruption, and bribery. Identifying PEP is crucial because they are prone to be of high risk to businesses, as they have the power to influence decisions in government, including the spending of government funds and may try to hide the source of their wealth. Also, their relatives and associates must be scrutinized as they might be involved in money laundering activities on behalf of the PEP. They may try to run the illegal money through their names and make the illicit wealth amassed during the PEP’s political and administrative career appear legal.

Who is categorized as a PEP?

PEP is a broad term, and there is no clear answer to the above question. The definition of PEP differs from one country to another. People working in the government at different levels are described as PEPs. Members of Parliament, Heads of state – presidents, ministers, heads of departments, mayors, etc. can be categorized as PEP. People at the judicial levels, such as judges, are also classified as PEP. But not all judges fall under the PEP category.

People holding diplomatic positions such as ambassadors and senior positions in the management of government-run organizations are also considered PEP. Bank officials in senior positions of national banks are regarded as PEPs. Senior officials in the sporting events responsible for organizing events and closing contracts on behalf of the government or ministry are also considered high-risk customers and fall under the PEP category.

Family & Friends:

Parents, children, spouses, partners, siblings, and close relatives can also be termed PEPs. So, they are also subject to EDD because they are associated with PEP.

Business Associates:

People with close business relationships with PEP are also considered persons associated with PEPs; people holding joint beneficial ownership or legal arrangements with the PEP are considered high-risk customers. Associates who conduct transactions on behalf of the PEP are also categorized as high-risk customers. UBOs established to provide benefits to the PEP are also considered PEPs.

Do all PEPs pose a risk?

Not all PEPs pose a risk to a business. It needs a customized approach to identify a PEP and assess the risk category as not all PEPs are high-risk. It depends on the company policies and its risk-based approach. Some may not consider people with a political position in the lower hierarchy in the government as a risk. On the contrary, some institutions consider anyone with political and administrative powers a PEP. PEPs signify the probability of being corrupt due to the intense political connections and their influence on political, administrative, or legislative powers. Businesses cannot employ a blanket approach as not all PEPs are corrupt and cannot make them suffer because they are connected or related to a PEP.

What is the time limit for considering the PEP status?

Once a PEP may not necessarily remain a PEP for the lifetime. It may be irrational to consider a person as PEP years after the person has lost the power to influence government’s decision-making.

Regarding past PEP where time has elapsed since the person ceased to hold a prominent public position, it is critical to evaluate whether that person still influences government even after his official duties as PEP has been discontinued. To determine the current status of PEP’s influential power, DNFBPs should consider factors like power and seniority derived by the person from its previous role, corruption history and potential, person’s association with other PEPs, the connection between previous role and the present work profile, etc.

How do businesses identify the PEPs?

Identifying the PEPs is an integral part of the AML compliance process. The compliance team conducts manual searches and background checks on online and offline material. Nowadays, screening software solutions are available that help in AML compliance and identify the risks associated with that particular individual. Having a clear strategy is essential to making decisions regarding PEPs. It would be advisable to set up an in-house AML department that will provide an insight into the approach to be followed for identifying the PEP and the risk assessment of such a person marked as PEP.

Steps to Identify a PEP

1. Create a PEP policy

A robust PEP policy is recommended to identify the PEPs. With a robust AML compliance framework, businesses can accurately assess the risk of different customers. It helps to correctly identify and verify the customer’s identity and flag the potential PEP – whether domestic PEPs, foreign PEP or HIOs. It is advisable to get an annual health check of your compliance framework and get expert assistance from AML compliance specialists. Relying on AML software would be best to identify and verify customers and their status as PEP or associated with PEP. With CDD and EDD processes and continuous monitoring, businesses can accurately identify PEPs, monitor their status, and transaction with them.

2. Onboarding Assessment

Verifying the person’s identity during onboarding is crucial. Identify the PEP at the first step of initiating the customer relationship. Also, continuous monitoring is required, as the PEP status may change over a while. So, it’s vital to keep a tab on the PEP status. It helps to assess the risk involved during the customer journey correctly. To assess the PEP status accurately, it is essential to get accurate information in real-time. Technology can immediately help you with information about the PEPs while tracking their political journey.

3. Enhanced Due Diligence

PEPs are entrusted with administration responsibilities and wield power to get things done at their discretion. Companies can use EDD as a powerful method to identify the source of PEP’s funds and verify their financial and professional background before becoming a PEP. EDD will help make an informed decision regarding establishing a business relationship with people identified as PEPs – they may be close associates, family, or friends of the PEP. Continuous monitoring of the customer profile is also required to detect any changes from the original verification conducted at the time of onboarding. Often non-profit organizations, charities, etc., are misused to launder money by the PEPs, so businesses must also verify the PEPs’ connection with such charitable organizations.

How to check if someone is a Politically Exposed Person (PEP)?

In order to check if a person is a Politically Exposed Person (PEP), reporting entities can resort to AML screening software. The name-screening software would screen the customer against the sanctions list and the list of PEPs. It is difficult to check for PEPs manually as no such global database is publicly available. One can perform Google searches, but that involves a lot of filtering, and the result may not be reliable.

About the Author

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Article UAE

KYC Transformation From Manual KYC Checks to Automated

The significance of customer due diligence measures has increased more than ever because of the government’s strict stance and the emphasis on adherence to the AML laws. The regulation has become broad to combat money laundering and counter-terrorist financing. Business organizations may find it hard to keep pace with the evolving AML laws and regulations, control related costs, and offers a seamless onboarding experience to ensure high customer satisfaction.

Entities must follow the AML regulations to avoid penalties and fines and protect their organization from being exploited by criminals for illicit gains. The criminals are adopting new ways to launder money and are using technology rampantly to make their illegal proceeds appear legal and later use the same to fund criminal and terrorist activities.

As the money laundering typologies are changing, there is a need to upgrade the KYC process to deal with the new challenges posed by criminals smartly. Let’s discuss how the KYC process – the essential requirement of the AML laws – can be improved and how this can help combat the rising money laundering cases.

We live in a constantly evolving digital space where digitization has seeped into business operations so deep that we cannot imagine the business landscape without it. But there is still some reluctance on the part of the companies that rely mainly on human resources to solve business problems. AML compliance will not succeed if it solely depends on human resources and manual efforts. Therefore, it needs technology as its foundation to construct the robust AML/CFT framework.

Employees can leverage the technology to help the business comply with the evolving AML rules and regulations. The best way to keep pace with the AML rules and protect the organization from being vulnerable to criminals is to rely on appropriate AML software. AML consultants can help you with the proper AML software selection.

AML Software

A beneficial owner can be described as a person who is the owner of a business or a person who controls it. Knowing the legal entity and the person who manages the company is likely to get the maximum benefit from the transaction with the business organization. It will help correctly assess the customer-specific risk of associating with the business and the management of the same. Knowing the UBO will allow the company to effectively carry out the KYC process and comply with the AML laws by knowing the person’s identity who is to be benefitted the most from the business relationship.

As per the FATF, the ultimate beneficial owner is the person who ultimately owns or controls the business or a person on whose behalf transactions are carried out. The FATF also says that the UBO includes people with ultimate effective control over a legal person or arrangement.

As per the regulations, the ultimate beneficial owner UAE is defined as a

natural person, who directly or indirectly owns or controls a company,
Individuals who own at least 25 % share or voting rights in a company,
Individuals with the power to dismiss and appoint a majority of a company’s directors.

KYC Automation Advantages

With automation, there are several benefits that businesses can get, and they can achieve complete AML compliance. Technology will improve the KYC process drastically and help the company comply with the AML rules at every stage of the customer relationship journey.

Better CX:

Businesses streamline the customer onboarding process, and with continuous monitoring, they can keep a tab on the customer profile and track any changes in it.

With AML compliance at the software’s core, businesses can ensure that they make the customer onboarding process much faster and cost-efficient without bothering the customers. They can drastically reduce the onboarding durations and get complete insights into the customer profile in a short period.

Quick customer onboarding with minimal correspondence creates a good impression in customers’ heads. Moreover, the compliance team can efficiently handle high-risk customer profiles and avoid errors with the help of AML technology.

Efficient Risk Management:

A business must thoroughly evaluate the customer profile before commencing business relationships. They also have to continuously monitor the customer profiles throughout the business relationship to monitor the customer behavior and track any changes.

The AML software will help businesses in accurate and efficient risk management. Technology-based KYC processes reduce human intervention and the errors from it. With correct risk management with the help of tools, businesses can achieve full AML compliance and protect their organization from being sabotaged by criminals. With access to a broad set of customer data points, companies can track customers’ changing profiles more efficiently and identify money laundering instances in real time.

Improved Efficiency:

Automation saves a lot of time and resources for a business. Often AML compliance is considered a financially draining process, and companies find it overwhelming too because of the several complexities and changing AML guidelines.

AML regulations are updated based on the current economic and worldwide political scenarios. Therefore, businesses must update their AML compliance process and keep pace with the amendments. By relying on AML technology, companies can instantly improve their efficiency in AML compliance and make their process more accurate and result-oriented, aligned with ever-evolving laws.

Boost Productivity:

Manually managing the AML compliance process is a time-consuming process. Businesses must allocate human resources dedicated to collecting, organizing, storing, and retrieving customer data. Verifying the customer’s identity will not help the AML compliance process if done manually.

Technology will automate all the functions and bring more efficiency into compliance. The technology empowers a business to manage the compliance steps seamlessly with more accuracy and comparatively less time. It speeds up the customer onboarding process, helps in accurate risk management of individuals and entities, and monitors the changing customer behavior throughout the customer journey. Further, the time saved by switching to technology can be diverted to more critical business operations.

Cost-efficiency:

One of the most significant advantages of AML compliance technology is that it offers substantial financial improvement. Businesses can drastically cut compliance costs and provide a smooth onboarding process.

Let AML UAE; the AML compliance experts help you build a strong business case for AML and KYC compliance transformation.

KYC is a crucial part of an organization’s structure. If you need to carry out the KYC transformation successfully, you must consider several factors. You should outline the objectives and the requirements for your KYC improvement process. The goals should define what you should achieve and the effect you want to have on the current KYC process. It is crucial to have clear expectations from the KYC transformation process and set a budget for it.
Other factors that businesses should consider are resource allocation, such as the number of resources required to manage the KYC transformation process.
You must also decide on the technology you will use for KYC improvement. Several AML software available in the market can help you make the KYC compliance process robust and help identify any fake or forged identity documents at the very onboarding stage.
The business also needs to keep track of the progress made in the KYC improvements with well-defined KYC processes. With specific timelines and goals, the management of the KYC transformation journey becomes easy and smoot

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article UAE

Corporate Registry: Powerful tool in fighting money laundering and other financial crimes

In today’s times, criminals have adopted more sophisticated approaches, including the exploitation of legal structures, to launder criminal proceeds and execute other financial crimes, making it challenging for the regulatory authorities to detect and prevent the same. Here, the role of the country’s corporate registry cannot be discounted, which promotes transparency around the ownership and control structures, boosting accountability in the economy.

The use of corporates, especially shell and shelf companies, is growing worldwide, wherein the money launderers create complex structures to obscure the owner’s identity and move the criminal proceeds from one country to another. Further, the criminals exploit the Non-Profit Organizations (NPOs) to raise and provide funds to the terrorist organizations. These legal persons or legal arrangements are deployed in all three stages of money laundering – placement, layering, and integration, adversely impacting the integrity of the economy.

Only when the beneficial owners and the controlling minds behind these structures can be decoded the misuse of these can be controlled. Thus, the Customer Due Diligence process of the Anti-Money Laundering (AML) program provides for identifying the beneficial owners and verifying their identity using independent, reliable sources. And what else can be a reliable source to verify these details other than the corporate registry?

In this article, let us explore how corporate registry can be leveraged as a powerful tool to effectively fight financial crimes, creating transparency around the existence and nature of the legal structure with whom the business relationship is established.

What Is A Corporate Registry?

A corporate registry is a centralized system maintaining and managing the information and documents about the business entities operating in the jurisdiction. The Corporate Registry is generally managed by the government or regulatory authority, instilling credibility of the data and records maintained. The Corporate Registry maintains the information about the companies, covering the following:

Legal form of the business

Unique identification of the business

Registered place of business

Current status – active or dormant

Nature of business activities conducted

Ownership structure

Compliance records of the business, etc.

How Can The Corporate Registry Be Leveraged In Fighting Money Laundering And Other Financial Crimes?

A corporate registry can be used to detect the instances where criminals are trying to exploit the legal structure and prevent the conclusion of money laundering activities.

Given the information in the Corporate Registry, the reporting entities can rely on this database to verify the corporate customer’s information, including the beneficial ownership structure, and make an independent, informed decision on the customer’s risk profile. The overall quality and effectiveness of the reporting entities’ Customer Due Diligence measures are enhanced when backed by the Corporate Registry.

The legitimacy of the corporate customer and the nature of business activities presented by the authorized person can be cross-verified with the data available with the Corporate Registry. This will enable the reporting entity to determine whether the company is a legitimate business regulated by some laws and supervised by regulatory authorities.

Further, the details about the customer’s financial information and the location of the business, as available with the centralized repository, also help in understanding the company’s financial background and its association with high-risk countries.

One essential information about the customers for verification of which the corporate registry can be a great source is the beneficial ownership structure and the senior management looking after the routine operations of the customer.

It is not just restricted to the CDD process of corporate customers, but the power of the corporate registry can be leveraged to enhance the CDD measures in the case of individual customers as well. When conducting KYC for the natural person, the corporate registry can be referred to for understanding the person’s association with any business organization. This information can help the reporting entity understand the person’s financial position. Further, the database can also serve as a platform to search for any enforcement matters pending against the person or the company he is associated with, which may or may not relate to any financial crime.

Some Illustrations As To When The Reporting Entity Can Use The Corporate Registry In The Course Of AML Measures

Example 1:

A natural person is intending to buy a property worth INR 1 crore. The reporting entity enquired about the source of wealth of the person but is not satisfied with the same. In such a case, the reporting entity can refer to the Corporate Registry to check the person’s association with any business organization and his/her designation (if holding a key managerial position). It may also access the financial information about the person’s remuneration (if a key managerial person in a listed company).

Example 2:

A private limited company intends to avail of the services, but its authorized signatory is reluctant to share information about its beneficial owners and senior management.

Here, the reporting entity can access the corporate registry to understand the company’s business activities and gather information about the shareholders, beneficial owners, board of directors, and the company’s financial statement. These details would help the reporting entity determine the customer’s risk profile and decide whether to deal with the company.

Example 3:

A company has approached a bank seeking a loan of INR 4 crores. Before extending the loan, the bank intends to understand the company’s loan repayment capacity. For this, the bank can access the corporate registry and review the company’s financial statements to determine its financial position and ability to repay the debt and make a final decision on whether to offer the requested loan.

Strengthening The Corporate Registry As An AML Tool

To use the corporate registry as a powerful solution empowering the jurisdiction’s AML/CFT regulations, the concerned authorities must ensure the information’s completeness, accuracy, and timeliness. The information captured about the business activities, owners and senior management personnel, place of business operations, financial status, etc., must be comprehensive and up-to-date.

Any reference to outdated data or incomplete data in the repository can be exploited by the criminals as an opportunity to launder funds or finance terrorist organizations.

For this, the regulatory authorities may introduce laws and rules mandating the corporate entities to register the information with the Corporate Register immediately upon incorporation and when any critical business information changes. This will serve two purposes –

making sure that required information about the business is available in a consolidated database which can be used as a reliable source of cross-verification of the information furnished by the entity itself, and
with a mandatory reporting requirement, the criminals may refrain from using the legal structure or shell companies to execute the financial crimes.

Moreover, the regulations may prescribe for mandatory filing of certain declarations or reports with the corporate registry, giving information and status of the company’s operations, followed by an independent inspection or assessment, bringing in more confidence in the centralized information maintained by the corporate registry.

With the transparency and accountability infused through the corporate registry, the AML measures of the reporting entities and the country’s AML landscape can be fostered.

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article India

The risk-based approach in Anti-Money Laundering Compliance

The principal AML regulation in Singapore, viz., Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act 1992 and various guidelines issued by the Monetary Authority of Singapore (MAS) require regulated entities to adopt a risk-based approach in Anti-Money Laundering Compliance.

With the revised FATF International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation, issued in 2012, the risk-based approach has become central to fulfilling various requirements set therein.

The FATF requires applying a risk-based approach at several levels, starting at the country level in the form of national ML/TF risk assessment, then at the state, and finally at the company level.

History of risk-based approach:

Earlier, financial institutions, banks, and other non-financial businesses and professions followed the regulatory requirements concerning customer risk assessment.

It was a tickbox kind of approach where every customer and the regulated entity were treated equally irrespective of their risk appetite and the risk carried by them. The companies used to follow a checklist and collect documents required by the law to comply with the risk assessment requirements.

Many criticized the one-size-fits-all approach as each entity is different in terms of its business, customers, products, services, and related risks. This led to adopting the risk-based approach in dealing with financial crimes like anti-money laundering.

What is the principle of risk-based approach (RBA)?

In simple terms, the risk-based approach refers to adopting a methodology where risks are identified, assessed, and managed in accordance with the amount of damage they can cause. The risk-based approach follows the principle of “higher the risk, higher the amount of controls.

The firms resort to the risk-based approach as the resources are always scarce, and they must be deployed in such a way that they can be optimally utilized.

What is the risk-based approach in anti-money laundering?

Financial Institutions, Non-Financial Businesses and Professions, and Virtual Asset Service providers are the primary targets of financial criminals. There are a variety of financial crime risks, and these risks are associated with products, services, customers, geographies, delivery channels, technology, and more.

The risk-based approach is a recognition of the fact that not all customers are the same, and some of them pose a higher level of money laundering and terrorist financing risks than others.

What is the need for a risk-based approach in anti-money laundering?

Each company is different in terms of products and services, customer base, delivery channels, geography, technology, and more; hence, a one-size-fits-all approach in terms of deploying controls to counter money laundering risks can not work.

The companies should be able to assess their own money laundering and terrorist financing risks and take necessary measures to counter them, and there comes the need for the adoption of a risk-based approach.

The adoption of a risk-based approach forces companies to understand various ML/TF risks they are exposed to and tailor their AML/CFT program to counter them.

How to implement a risk-based approach to AML?

To implement a risk-based approach to AML, companies need to follow the following steps:

1. Risk Identification

The first step is identifying risks associated with customers, products, services, geographies, delivery channels, and technologies.

2. Risk Assessment

Each risk needs to be assessed in terms of its likelihood and potential impact on the business. Normally, risk factors are assessed in terms of their impact, viz., low, medium, and high.

3. Controls identification

Suitable controls are identified in line with the assessed risk

4. Implementation of Controls

Controls are implemented and evaluated in terms of their effectiveness.

5. Ongoing Monitoring & Health Check

Ongoing monitoring and regular health checks are performed to identify new risks, potential harm posed by each risk factor, and the effectiveness of controls in place. It is also assessed whether the net risk is within the limits of the amount of risk a firm wants to carry.

6. Record Keeping

Regulated entities must maintain records concerning their ML/TF and customer risk assessments. Accordingly, the entity must maintain records around risk factors, their likelihood and impact, controls and their effectiveness, residual risk, and risk appetite. Further, KYC records, customer risk assessment records, records related to screening, suspicious transaction reports, and ongoing monitoring must be maintained. As per the FATF recommendations, these records must be maintained for a period of 5 years.

What are the benefits of a risk-based approach?

The risk-based approach is beneficial in fighting the menace of financial crimes.

1. Flexible

The risk-based approach is flexible; companies can customize their response against the risks considering their potential impact.

2. Efficient

The risk-based approach is efficient in the sense that the companies can put higher controls in areas where they feel there’s more ML/TF risk.

3. Systematic

The risk-based approach follows a systematic methodology and considers various risks related to customers, products, services, technology, delivery channel, etc.

What controls are commonly employed by companies adopting the risk-based approach to counter ML/TF risks

AML compliance program: It is best to have an effective AML compliance program that consists of AML policies, procedures, and controls. The business must create an AML policy document in line with its ML/TF risk. The AML compliance program is then implemented to counter various money laundering risks.
AML compliance officer: The AML compliance officer is responsible for implementing the AML framework approved by the board of directors. He ensures that the AML/CFT policies and procedures are followed regularly and that the staff is adequately trained to counter money laundering and terrorist financing.
KYC: Know Your Customer (KYC) is an integral part of the onboarding process in which the business collects customer documents to verify their identity. The business must know whom they are dealing with and understand the risk associated with the customer profile.
CDD: Customer Due Diligence (CDD) is a significant part of an AML compliance program. The compliance department verifies various documents and performs screening, in-depth investigation, and customer risk assessment. A decision to onboard the customer is made based on the customer acceptance policy. In the case of high-risk customers, Enhanced Due Diligence (EDD) is performed, and the source of funds, source of wealth, and top management approval is obtained before entering into a business relationship.
Transaction monitoring: A business must closely monitor the transactions and detect any suspicious activity. With continuous monitoring, the business can identify and prevent money laundering attempts immediately. It can file suspicious transactions with the authorities and diligently follow the AML rules and regulations. Transaction monitoring lets the business keep track of customer behavior and detect unusual patterns that might be connected to money laundering.
PEP Screening: PEP refers to Politically Exposed Persons. They hold influential positions or have political connections to help them gain an undue advantage. Such a customer profile is highly risky because of access to funds and power. So businesses must carry out EDD – Enhanced Due Diligence process, monitor transactions and report suspicious activity as part of a proactive AML compliance program for PEPs.
UBO Identification:Identifying the Ultimate beneficiary ownership is a part of the risk-based approach that a business must integrate to know the ultimate beneficiary of the transactions. UBO identification lets the company correctly understand the real beneficiary behind the legal structures and take appropriate measures to counter money laundering risks.
Training: Regular training helps frontline staff know emerging risks and associated red flags they can apply while dealing with customers. A refresher training for the compliance department will help institute a common understanding of AML/CFT policies and procedures. Further, training the top management will help secure their commitment to the AML/CFT efforts put in by the business.
Record Keeping:The company must document and maintain the Enterprise Wide Risk Assessment (EWRA) performed by it. Various risk factors, their likelihood, and their impact, must be documented along with the controls put into effect by the company. The risk appetite of the company and the residual risk must be documented so that the necessary corrective measures can be recommended by the compliance officer and approved by the top management.
Senior management oversight: The senior management must be aware of the company’s ML/TF risks exposure to formulate strategies to mitigate and manage the risks. The board must approve and oversee the implementation of the AML/CFT program and ensure that it aligns with the company’s risk-based approach. Further, senior management must approve all high-risk customers before entering into a business transaction with them.
Adverse Media Monitoring: Adverse Media Monitoring helps understand negative media reports against a customer or a potential customer. It helps the compliance officer understand if the customer has a criminal history. Criminals generate dirty money by committing predicate offenses, then try to place that money into the legitimate economy. Adverse media monitoring helps identify risks associated with a customer and take the necessary measures to counter ML/TF risks.
Risk-based regulatory reporting:A business can prevent money laundering and financing of terrorism by reporting suspicious transactions. Continuous transaction monitoring helps in identifying unusual customer behavior and preventing crime. All suspicious activities and transactions must be reported to Singapore’s Suspicious Transaction Reporting Office (STRO). It is a risk-based approach that helps companies protect their organization against reputational damage, helps to safeguard customers’ interests and abide by AML rules and regulations.

Risk-based approach examples

Example 1:

An accountant deals with a customer hailing from a country known for weak AML laws.

To mitigate and manage this risk, the compliance team requests for AML/CFT policy of the customer, classifies the customer as high-risk, and conducts Enhanced Due Diligence.

Example 2:

A financial institution identifies a sudden increase in cash deposits by a customer.

To mitigate and manage this risk, the compliance team requests fresh KYC documents to understand if there is a change in the business activities of the customer, asks for the source of funds, carries out ongoing monitoring, and evaluates whether to offboard the customer in accordance with the customer exit policy and file suspicious transactions report.

How often should the risk assessment be carried out under the risk-based approach?

As a best practice, the risk assessment should happen at least once a year. However, new product introduction, identification of new risks, and changes in national risk assessment could trigger a fresh ML/TF risk assessment.

How should AML/CFT program take account of the risk-based approach?

The AML/CFT program should be drafted in line with the Enterprise-Wide Risk Assessment performed by the regulated entity. The risk factors having the greatest impact must be adequately managed and controlled. Various risk factors like products, services, customers, geography, technology, and delivery channels must be considered while defining procedures around customer risk assessment. Further, the customer acceptance policy should define customer onboarding criteria and procedures. Red flags concerning the business must be documented, and the staff must be trained to identify and tackle them. Written procedures must be drafted to report all suspicious activities and transactions. The AML/CFT program must document criteria and procedures around the ongoing monitoring of a business relationship. Further, the requirements around Enhanced Due Diligence must be documented to counter the risks arising from a high-risk customer. Sanctions screening requirements should be clearly documented and explained to the staff.

Risk-based approach with Sanctions Screening Software

The sanctions screening software helps identify if the customer is a sanctioned individual or entity. Its underlying database must be updated regularly to counter the new risks arising out of newly listed individuals and corporates. Further, it must be configured in such a way that false matches are reduced, and true matches are identified and escalated immediately.

Risk-based approach with transaction monitoring software

The transaction monitoring software must be configured in such a way that red flags concerning customers are given due consideration while processing the transactions. The entity must be able to define rules and scenarios requiring the immediate attention of the compliance team. All suspicious transactions must be automatically flagged for further scrutiny and action by the compliance department.

Why adopt a risk-based approach?

The global best practices in countering ML/TF advocate adopting a risk-based approach. The risk-based approach aims to follow the legislation’s true intent and prevent financial crimes. It’s a systematic approach providing flexibility to an entity to implement necessary controls to counter ML/TF risks. The risk-based approach is more efficient in countering money laundering and terrorist financing. Further, it minimizes the cost of compliance and undue hardship on customers. It is dynamic enough to respond to new and emerging risks in line with the changes in ML/TF typologies.

Adopting a risk-based approach to AML/CFT

It is best to have a risk-based approach to prevent money laundering and financing of terrorism. Companies should create an AML compliance program in which KYC is a critical part. The Know Your Customer policy lets the business know who the customer is and whom they will onboard. It helps in risk assessment and mitigation with the appropriate measures. KYC and CDD are the foundation of an AML program, and so businesses must follow the rules and regulations to avoid non-compliance and legal consequences such as penalties. A business should also invest time in sanction screening to find if a customer is on the sanction list and make informed decisions to continue or discontinue the business relationship. Other elements in the risk-based approach are PEP- Politically Exposed Persons, and UBO- Ultimate Beneficiary Ownership.

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article Singapore

10 Organizations Working to Fight Financial Crimes and Prevent Money Laundering

Money Laundering is a global issue, and many organizations are working relentlessly to fight financial crimes and combat money laundering. Financial frauds are rising as criminals use innovative ways to launder money. These organizations act as watchdogs and include compliance professionals and AML trainers contributing in their capacity to combat money laundering, financial crimes, and terrorism funding. Let’s discuss the top 10 organizations working in the compliance field and helping the world economy from falling prey to the activities of criminals who may be tax evaders, money launderers, terrorists, or other criminal organizations.

Let’s know about 10 critical organizations working to fight the menace of money laundering – a global issue that impacts the world economy.

1. Financial Action Task Force (FATF)

The Financial Action Task Force is a famous international organization that prevents financial crimes and money laundering. The organization assists authorities in the fight against various criminal activities such as the rampant trade of illegal drugs, extortion, human trafficking, etc., and financing of terrorism. It makes policies to prevent financial crimes but needs the support of the governments to implement these policies. The FATF recommendations help fight organized crimes, corruption, and terrorism. More than 200 countries are committed to following the organization’s recommendations.

2. Association of Certified Financial Crime Specialists (CFCS)

This organization offers various solutions focused on training, membership, and certifications around financial crimes. It provides certification that validates skills across the entire financial crime spectrum and is considered a gold standard for compliance professionals in more than 80 countries. People can get trained in various finance and compliance allied subjects such as AML and crypto compliance and educate themselves on other financial crime risks. The CFCS community is significant, and members can interact, update themselves with news and accelerate their career growth by accessing the best career opportunities in the network.

3. Anti-Money Laundering and Financial Crime (AMLFC) Institute

The institute AMLFC collaborates with universities and professional organizations to combat financial crimes. The institute offers certifications for AML, countering the financing of terrorism, cybersecurity, Foreign Corrupt Practices Act (FCPA), fintech, and allied regulatory compliances. It also sponsors research to improve AML practices and strengthen AML compliance frameworks.

4. Transparency International

Transparency International works towards unraveling the widespread corruption internationally while focusing on three main activities – advocacy, research, and campaigning. The organization hosts a Global Anti-Corruption Consortium and is involved in various activities such as funding investigative journalism and analysis of financial crime.

5. International Money Laundering Information Network (IMoLIN)

The International Money Laundering Information Network (IMoLIN) is an internet-based network affiliated with United Nations Office on Drugs and Crimes (UNODC). IMoLIN provides eLearning resources, training courses, and access to the case-law database. It helps governments, organizations, and individuals fight the issue of black money, money laundering, and the financing of terrorism.

6. Stolen Asset Recovery Initiative (StAR)

UNODC and the World Bank fund the Stolen Asset Recovery Initiative (StAR). It is a perfect example of an international initiative and effort to fight corrupt practices. The organization plays a crucial role in recovering the assets of the victims of fraud and other financial crimes conducted by corrupt officials. The knowledge and resources by StAR guide the concerned authorities in recovering stolen or lost assets. It collaborates with developing nations’ leaders to identify and prevent money laundering practices.

7. Association of Certified Anti-Money Laundering Specialists (ACAMS)

The organization is one of the largest global organizations fighting financial crimes. Apart from providing certifications, the organization hosts conferences dedicated to AML compliances and regulatory frameworks. People working in the AML compliance field can enhance their knowledge and skills by becoming Certified Anti-Money Laundering Specialists (ACAMS), improving their career prospects and contributing to reducing financial crimes and their impact.

8. Organization for Economic Cooperation and Development (OECD)

The core power to prevent financial crimes rests with the government, and the OECD utilizes the ability of international government cooperation to fight financial crime. The organizations play a crucial role in shaping the policies that promote prosperity and prevent financial abuse.

9.International Consortium of Investigative Journalists (ICIJ)

The ICIJ is a renowned non-profit news organization with a USA-based newsroom and a global network of investigative journalists. It is known for exposing the widespread international network of financial crime, which triggers excellent awareness on the subject and attracts worldwide attention. It collaborates with popular mainstream news organizations and is credited with unearthing the most sophisticated crimes in the history of financial crimes, such as the Panama Papers.

10. Association of Certified Fraud Examiners (ACFE)

The Association of Certified Fraud Examiners is a global organization fighting financial fraud. It provides test preparation material and certification for becoming Certified Fraud Examiners (CFEs). The certificate states that participants have the skills to identify and prevent financial fraud. The members can access a large pool of online resources, including courses, statistics, and case studies. They can connect with other members who can hugely benefit from the annual fraud conference hosted by the ACFE Global Fraud Conference.

Final words

The global fight against financial crimes and money laundering is endless as criminals adopt innovative ways to commit financial crimes. Many criminal networks are spread worldwide, and they keep trying to launder money and abuse the domestic and international economic systems. So, the organizations that work with determination to fight money laundering always have to work harder and be alerted to detect and deter criminals and prevent them from being successful in committing financial crimes.

Relying on AML software that considers the unique business requirements should be the way to fight financial crimes. Nowadays, the software is embedded with several advanced features that help detect any suspicious activity early and prevent financial crimes from taking place in the first place.

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article UAE

Know Your Business: An critical element of Customer Due Diligence

The regulated entities deal with clients of different natures – individuals or legal persons. Further, the legal person could be of a different legal structure, engaged in different activities, with various beneficial owners running the business operations, etc. These factors impact the level of risk these corporate customers pose to the business.

Here comes the need for the Know Your Business process to identify this ML/FT risk associated with business relationships established with corporate customers and suppliers.

What is Know Your Business?

Know Your Business (KYB) is a critical component of the AML program, which generally gets missed out under the cover of Know Your Customer. KYB is a specific terminology for the identification process for the business entities the regulated organizations are dealing with.

The KYB process requires the Financial Institutions and Designated Non-Financial Businesses and Professions (DNFBPs) to verify corporate customers’ and suppliers’ identity, including the nature of the business activity, business profile, persons making the business decisions in the name of such business entity, etc. It is an integral component that enables regulated organizations to determine whether the legal person with whom they are conducting business activities is genuine and not just a mere structure used as a veil to obscure the identity of launderers and other financial criminals.

Often, shell companies are used for money laundering, and they become the most commonly used vehicles for running unlawful money through the legal financial system and passing it as money obtained via legitimate activities. The KYB process lets the regulated entity know if the company is legitimate and exists in real rather than merely existing on paper. The KYB will let the regulated organization know about the company’s background and know if the goods traded are legal, transactions are made, and the source of the funds and financial status of the company.

KYB will strengthen the organization’s AML Program, ensuring that the AML regulations are followed in the true spirit, protecting their business against financial crimes, and preventing non-compliance penalties.

What are the elements of the KYB Process?

The KYB process establishes a business’ identity by verifying corporate documents that help establish the company’s name, place of business, legal structure, and information about the top management and stakeholders. The regulated entities can verify the business’s identity and know if it’s legitimate and is not associated with any money laundering and financing of terrorism activities by including the following measures in the KYB process.

Identification and Verification of the business entity:

The KYB process focuses on the due diligence aspect of AML compliance, wherein information about the business, ultimate beneficiaries, the purpose of the transaction, and allied information are collected. Further, to verify the information about the corporate entity, the corporate documents must be obtained, such as a certificate of incorporation, Unique Entity Number, Memorandum of Association, Articles of Association, etc.

Identification and Verification of the Beneficial Owners:

Investigating the beneficial ownership is a critical component of the KYB process that will enable the regulated entities to know who the ultimate beneficiary of the financial transactions is. Often, criminals use shell companies and set up companies in countries with lax regulatory disclosure requirements, breeding grounds for money launderers who escape the AML/CFT scrutiny and successfully launder money. The regulated organization must seek the shareholder register, senior management register, or extract from the company registry to determine the beneficial owners.

Once the beneficial ownership structure is determined, identification information such as names, nationality, shareholding in the business entity, association with Politically Exposed Persons, place of residence, contact details, etc., must be obtained for all the beneficial owners.

Further, such information must be verified using reliable, independent sources like government-issued ID cards, utility bills, third-party databases, etc.

Screening – Sanctions, PEP and Adverse Media:

The KYB process lets businesses know if the entity has been listed on the sanctioned list. It is essential to know about the sanctioned entities to make decisions regarding terminating or denying the business relationship with them. Not just entities, the beneficial owners and the senior management must also be screened to understand their connection with sanctions.

Further, KYB requires the regulated entities to screen the corporate customers/suppliers and their beneficial owners to determine if they have any connection with Politically Exposed Persons, as generally, association with politics increases the risk of corruption and financial crimes.

Under KYB, the regulated entities should also scan the corporates and the beneficial owners to check the presence of any adverse media. The known connection with money laundering, terrorism financing, or other financial crime increases the risk of being exploited by the corporate. Thus, the regulated entities must conduct adverse news screening for the business entity and their beneficial owners.

Risk Classification:

The risk classification of the business entity is highly dependent on the risk classification of the beneficial owners.

With the outcome of the identification and verification and the screening, including the results about the beneficial owners, the regulated entity must develop a risk profile of the business entity. It will enable the regulated entities to adopt a risk-based approach and decide whether Enhanced Due Diligence is required.

Enhanced Due Diligence:

If the business entity is classified as posing an increased risk to the regulated organization, then additional information must be obtained to determine the entity’s source of funds and wealth and rigorous checks must be performed for verification of the identities and obtaining management approval before establishing the business relationship. Moreover, the source of wealth of the beneficial owners must also be sought, if the facts warrant so, to protect the organization against money laundering attempts and safeguard the overall business interests.

In conclusion, though not popularly mentioned in the laws, KYB is vital to the anti-money laundering program. It enables in-depth insights into a corporate or legal person associating with the business. The KYB process helps to correctly assess the ML/FT risk and make an informed decision to establish a business relationship with the legal structure.

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article Singapore

A Quick Guide to AML Compliance

Money Laundering is a global concern, and governments are trying to combat financial crimes. Criminals try to generate proceeds by carrying out illegal activities, concealing the origin of the illicit money, and transferring the same into the legit financial system.

Criminals have become innovative and are using new ways to launder money. The digital space is evolving fast, and criminals are using it to launder their illicit money and fund criminals and terrorist activities. The global and local AML laws and regulations lay down the provisions that financial institutions and businesses should adopt to ensure their business is AML compliant and follows the best AML compliance practices. Adherence to the AML laws helps prevent money laundering activities or minimizes the exposure and the impact it could have on the business.

The global business landscape is changing, and businesses must proactively combat compliance challenges with AML laws. Moreover, the pandemic has forced enterprises to rethink their AML compliance strategy and keep pace with the evolving threats and strict AML regulatory compliance. There are various processes involved in AML compliance laws, such as Know Your Customer (also known as ‘KYC’), sanction screening, identification of UBOs, and many more. In addition to managing the business and keeping the company profitable in a competitive marketplace, the firm must stay AML compliant and avoid the risk of being exposed to financial crimes.

Financial institutions and designated non-financial entities are responsible for preventing money laundering by deterring criminals from misusing the legal system to infuse illicit money into the mainstream economy. With a robust AML compliance framework and assistance from an AML consultant, these companies can effectively comply with the AML rules and regulations.

We have highlighted vital compliance elements under the AML/CFT compliance program.

KYC

KYC details help businesses verify the authenticity of customers’ profiles and detect any suspicious transactions designed for carrying out money laundering activities. It enables the companies to understand their customer base and decide the risk exposure associated with each customer or client. These verification task makes the identification of suspicious transaction easy, guiding businesses as to carry out a transaction with a customer or not.

When a legal person has to carry out a transaction, it has to submit company information such as registration number, name, address, management composition, etc. While in the case of a customer being a natural person, complete data such as name, date of birth, and government issues unique identification number must be sought and verified.

Screening

Businesses should have a strict program to screen customers against the sanctions list (local and international). Further, screening should also be carried out to understand the customer’s status as a politically exposed person or previous history of any involvement in financial crimes. Basis the screening outcome, the decision is made to report the person, freeze the funds, or continue the business transaction.

Risk profiling and Enhanced Customer Due Diligence

Businesses use Customer Due Diligence (‘CDD’), which offers an in-depth analysis of the customers’ data and verifies whether the documents submitted are genuine. Basis this analysis, the customer’s risk categorization is done, and additional measures are carried out if needed. For example, in the case of high-risk customers, enhanced due diligence is to be performed, where specific details regarding the source of funds are obtained.

Continuous monitoring

It is essential to continuously monitor the customers’ profiles and keep the same updated with the latest information. Basis the monitoring of the profiles and updates therein, the risk categorization of the customer should be changed and kept aligned with the latest profile. Further, businesses should constantly verify the transactions to keep a close eye on the customers’ financial patterns and transactions suggesting money laundering involvement. Here, it is recommended to rely on robust AML software that can automatically schedule a periodic verification of the customer’s profile.

Businesses need to monitor the volume and value of transactions involving a series of transactions or a large sum of money. In collation of the data and watching the same, an advanced technology, such as Blockchain, can be used to ensure timely and accurate AML compliance. Such technology will help businesses detect financial crimes instantly and eliminate the chances of criminals laundering money.

AML Training

With thorough AML training, organizations can empower employees with updated knowledge and skills to detect suspicious transactions. It would ensure compliance with AML regulations and minimize the organization’s vulnerability to the risk of money laundering.

Getting the AML/ CFT Policy, Controls, and procedures documentation complete and creating an in-house AML compliance Set up are some steps towards becoming AML compliant.

About the Author

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Article UAE

Navigating the Sanctions and PEP Screening under Singapore AML Laws

The Financial Institutions and the Designated Non-Financial Businesses and Professions (DNFBPs) must apply appropriate due diligence measures when establishing a business relationship. This includes identifying the person as a Politically Exposed Person (PEP) or a close associate or relative to it and checking whether the person is designated under any sanctions list. This identification assists the regulated entities in adopting the risk-based approach.

Understanding the Sanctions Screening in Singapore

Sanction lists help deter financial crime by boycotting a country, a group of countries, business organizations, or individuals for the illegal acts they have committed or are suspected of committing. The sanctions list will help businesses lower the risk of creating or maintaining a business relationship with the sanctioned entities.

The regulated entities in Singapore are required to follow the below-mentioned sanctions lists:

A. United Nations Security Council Committee (UNSC) Designations

ISIL (Da’esh) & Al Qaida Sanctions List
United Nations Taliban List

B. Domestic Designations under the Terrorism (Suppression of Financing) Act (issued by Singapore’s Inter-Ministry Committee on Terrorist Designation (IMC-TD))

Sanctions screening assists the regulated entities in identifying if any customers or prospects are designated under any sanctions lists or relate to the sanctioned persons.

The Singapore AML/CFT regulations mandate the entities to apply the freezing measures and immediately terminate the business relationship, as there is a restriction on providing financial aid or services to the sanctioned person. Further, the entities are also required to report the sanctioned matches with the Commissioner of Police and the Monetary Authority of Singapore (MAS), as the case may be.

Understanding the PEP (Politically Exposed Person) Screening in Singapore

PEP is defined as a person entrusted with a prominent public responsibility in a domestic or foreign country, for example, senior politicians or heads of country. They are people who can influence government contracts or have the power to control them owing to their public position and the powers they exercise because of their prominent public role, paving the way for corruption and other malpractices.

To detect the potential financial crime risk posed by the PEPs, the Singapore AML regulations mandate the regulated entities to screen the customers and prospects to determine their status as PEPs or closely connect with the PEP.

Please note that there is no restriction under the law on dealing with PEPs, but the obligation is to adequately manage the financial crime risk (owing to the possibility of indulging in corruption and bribery) posed by the PEPs. Generally, PEP should be considered as PEP, and Enhanced Customer Due Diligence measures must be adopted, including identifying the customer’s source of funds and wealth.

Significance of PEP and Sanctions screening

PEP and sanctions screening allow the regulated entities to identify and mitigate the ML/FT risks posed by high-risk individuals.

Preventing illicit entry of corruption and bribery money:

The PEPs bear a high risk of being associated with corruption and bribery. Screening for PEPs and conducting enhanced due diligence helps the regulated entities monitor these individuals and manage the risk of being exploited by PEP to conduct money laundering using the regulated entity’s business. Further, PEP screening also helps entities detect suspicion of financial crime and timely report the same to the authorities.

Preventing Terrorism and Proliferation Financing:

Sanctions screening results in uncovering the identity of the persons or organizations subject to economic sanctions owing to their known connections with terrorist organizations, proliferation of weapons of mass destruction, etc. Timely identification of sanctioned or designated persons helps the entity refrain such persons from accessing the financial system and executing terrorism or proliferation financing activities.

Complying with Regulatory Obligations

AML/CFT laws prevalent in Singapore mandates the regulated entities to implement adequate systems and controls to detect and prevent money laundering and terrorism financing. These measures prescribed by the law include mandatory identification of the PEP to deploy adequate risk management measures and sanctions screening to restrict business relationships with designated persons. Non-compliance with sanctions and PEP screening leads to substantial administrative fines and penalties on the entities, including reputational loss and loss of public trust and confidence.

Leveraging technology to strengthen the PEP and Sanctions Screening compliance

It is crucial to conduct the PEP and sanction screening process accurately. With disparate reliable data from different sources worldwide, identifying PEP and sanctions is the way forward for any organization that wants to be AML compliant and avoid non-compliance with the AML/CFT legislative landscape.

AML software helps monitor the customers continuously, syncing it with the latest updates in the sanction lists. Automating the screening process using emerging technologies like Artificial Intelligence (AI) or Machine Learning helps to screen customers and the Ultimate Beneficial Owners (UBOs) effectively. The accuracy of the screening outcome improves with automated tools, reducing false positives.

One-time screening is not sufficient as the person who is not a sanctioned or PEP today will not necessarily be so in the future. Thus, an ongoing automated screening is required to identify the change in the person’s status from non-PEP to PEP or non-designated to sanctioned person. With tools and technology, any change in the status of a person’s circumstances would be immediately alerted or flagged to the entity to take appropriate actions to prevent any case of money laundering.

With the help of AML software, businesses can automate the identification and screening process to detect the change in the risk posed by the customers and promptly deploy adequate risk mitigation measures, including reporting to the authorities.

With the help of technology, businesses can improve the process and make it more cost-efficient, reducing false alerts and warranting the intervention of the compliance team only in genuine potential hits. The AML software is nowadays embedded with advanced capabilities that assist in streamlining the AML compliance process—extracting information from different sources and screening customers intelligently helps businesses stay ahead of the curve and mitigate the AML compliance risks.

How can AML Singapore assist you in fostering your PEP and Sanctions screening requirement?

Sanctions and PEP screening are an integral part of the AML compliance process. With the proper AML software selection, companies can efficiently screen customers against PEP and sanctions. Here we are – AML Singapore – to assist you with identifying the right AML tool for reducing the number of false positives and infusing more efficiency into the AML compliance process.

About the Author

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Article Singapore