Best Practices for AML Compliance Department Setup in 2025

Best Practices for AML Compliance Department Setup in 2025

Best Practices for AML Compliance Department Setup in 2025

Anti-Money Laundering (AML) Compliance is a team effort, and having the right set of minds on the team can make a big difference in regulatory compliance.

This article explores the best practices that a regulated entity can adopt when setting up an AML compliance department.

AML Compliance Department Composition

An AML compliance team is typically composed of:
  • KYC Analyst
  • Screening Analyst
  • Risk Analyst
  • Compliance Analyst
  • Subject Matter Experts
  • AML/CFT Compliance Officer

Why Having an AML Compliance Department Is a Necessity

Regulated entities in Singapore are required to fulfil all the Anti-Money Laundering/Countering Financing of Terrorism (AML/CFT) stipulated in the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act 1992. An AML compliance department takes care of a range of compliance functions:
  • Enterprise-Wide ML/TF Risk Assessment
  • Developing Internal Policies, Procedures, and Controls (IPPC)
  • Know Your Customer, Business, and Transactions (KYC, KYB, and KYT)
  • Name Screening
  • Customer Risk Assessment
  • Risk-Based Due Diligence
  • Ongoing Monitoring of Transactions and Business Relationships
  • Regulatory Reporting
  • AML Training for Other Employees and Staff Members
  • Engagement with Industry Bodies and Regulatory Authorities

Best Practices for Setting Up AML Compliance Department

1. Assessing the Entity's Compliance Requirements

As the first and foremost step, consider the regulatory expectations for AML compliance for your sector, common industry practices, the regulated entity’s specific compliance objectives, and the gap that the entity seeks to cover.

A background check on the entity’s compliance requirements can give the entity a better idea of its personnel requirements.

2. Recruiting Individuals with the Right Skillset

Professionals who are engaged in financial crime compliance should be equipped with the following set of skills, among others:
  • Knowledge about AML regulations
  • Problem-solving mindset
  • Analytical skills
  • attention to detail
So, entities that want to set up an AML compliance department should look for these qualities when hiring for their team.

3. Leveraging New Technologies for AML Compliance

There are many technological solutions available in the market that can overcome the challenges of human intervention in compliance, like delays and human errors.
AML software can ease many AML compliance processes while complementing the work of compliance team members by automating the following aspects:
  • Filing KYC
  • Name Screening against sanctions list, PEP database and adverse media information
  • Customer Risk Assessment and Risk Profiling
  • Ongoing Monitoring of Transactions and Business Relationships
  • Regulatory Reporting like Suspicious Transaction Report (STR), Cash Transaction Report (CTR), etc
  • Case Management
Therefore, when developing an AML compliance team, regulated entities can also look into software solutions that can aid the functions performed by the team.

4. Allocating Budget to Fulfill the Team's Resource Requirements

When hiring talent or purchasing new technologies, it is important for regulated entities to ensure that they set aside an adequate budget that is sufficient for the compliance team’s sustenance, like salary and other incentives and day-to-day operations.

Setting a proper budget ensures that the entity’s compliance goals are aligned with the entity’s financial goals.

5. Keeping the Team Independent but Unified

Although, the AML compliance team should work in close collaboration with other teams, like front line staff, to have an effective compliance culture. Their independence is also equally important to ensure that their findings and opinions are honest and unbiased.

The relationship between an AML team and other teams of a regulated entity can be equated with the relationship between different organs of government. While there is separation of powers and responsibilities, there still needs to be a system of checks and balances.

6. Ensuring a Smooth flow of Communication

The best way to ensure cross-team collaboration is to open up channels for communication. A well-defined organisational structure can be a great starting point.

Since every team in an organisation has its own set of goals to achieve, constant and consistent communication can be helpful in ensuring that any conflicts of interest are resolved amicably.

7. Providing Access to All Relevant Data and Information

Since AML compliance is a very dynamic field, the AML department must be given access to all relevant, accurate and updated information regarding the customer and their transactions to ensure that the department can fulfil the regulated entity’s reporting and other AML compliance obligations and guard off the risks of money laundering.

8. Reporting Arrangement with the Senior Management

An AML compliance department is headed by an AML/CFT compliance officer who is incharge of fulfilling all the AML regulatory obligations. The compliance officer should report directly to the senior management.

This ensures that any critical matter relating to AML compliance is resolved promptly and transparently. This position is in line with Singapore’s AML norms, which state that an AML/CFT compliance officer should have the necessary seniority and authority to perform his/her duties.

9. Conducting Regular Training and Awareness Sessions

Since money laundering activities and their related risks are changing very quickly, all employees, but especially those working in the compliance department, should be imparted with regular training on subjects like:
  • A general background on money laundering, terrorism financing, and proliferation financing
  • Case studies and recent examples related to Money Laundering/Terrorism Financing (ML/TF) activities
  • ML/TF Red Flags
  • The laws and regulations governing AML compliance
  • Entity’s Enterprise-Wide ML/TF Risk Assessment
  • Internal Policies, Procedures and Controls (IPPC) of the regulated entity
  • Risk management strategies
  • Technologies and systems relating to AML
Regular awareness ensures the compliance team is aware of the risks of financial crimes and the gravity of the functions they perform. Periodic training equips them with the right set of knowledge and skills to perform their functions efficiently.

10. Ensuring Senior Management's Buy-in

If a regulated entity is looking to create and maintain a culture of compliance, then it needs to set the tone from the top. A common point of conflict between management and compliance teams stems from the cost-benefit ratio. Thus, senior management’s buy-in for the compliance program can be a step in the right direction in ensuring that compliance enables the regulated entity’s business, not bar it.

11. Staying Informed with Regulatory Updates

Regulated Entities in Singapore periodically update regulatory information through electronic medium. Here’s a list of non-exhaustive resources that a regulated entity’s AML compliance department can subscribe to to stay updated with regulatory requirements in Singapore:
  • Collaborative Sharing ML/TF Information & Cases (COSMIC): It is a digital platform for collaboration between financial institutions
  • MAS Mail List Subscription: Financial institutions can subscribe to the mail list managed by the Monetary Authority of Singapore (MAS) for all AML related news, regulations, and developments for their specific business sector
  • ACRA News Alert Service: It is an email service provided by the Accounting and Corporate Regulatory Authority (ACRA) for disseminating regulatory information
  • Inter-Ministerial Committee-Terrorist Designation (IMC-TD) Updates: IMC-TD updates on the terrorist designation and requirements for countering the financing of terrorism
Apart from the above-mentioned resources, compliance department professionals can visit sector-specific regulatory authority’s websites for fresh regulatory updates or guidance.

12. Defining a Code of Conduct

A well-defined code of conduct is the skeletal on which the team’s overall organisational functions can be structured. Including the following aspects in the code of conduct assures that an employee’s behaviour meets the entity’s expectations:
  • Entity’s ethical standards
  • Compliance with the laws and regulations
  • General guidelines on communication and collaboration
  • Health, safety, and environmental norms
  • Hierarchical Code

Final Thoughts on Best Practices for Setting Up an AML Compliance Department

All regulated entities wish to implement the best AML controls. However, it is also important to focus on the on-ground personnel who implement those controls. With the best practices outlined in this article, regulated entities can set up an AML Compliance Department that is well-equipped to tackle complex money laundering challenges.

About the Author

Linkedin

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Updated list of FATF high-risk countries and countries under increased monitoring: 21st February 2025

Updated list of FATF high-risk countries and countries under increased monitoring: 21st February 2025

FATF List of High Risk Countries

In the latest plenary, which concluded on 21st February 2025, Philippines was removed from the Financial Action Task Force (FATF) Grey List, Nepal & Laos were added to the Grey List. The FATF Grey List is also known as the Jurisdiction under Increased Monitoring list. This list includes countries that are actively working with the FATF to address strategic deficiencies in their regimes to counter money laundering, terrorist financing, and proliferation financing.

The FATF an international body that establishes intercontinental standards to combat money laundering, counter-terrorism financing and combat financing of proliferation of weapons of mass destruction, updates the list of jurisdictions under increased monitoring thrice annually.

List of Jurisdictions under Increased Monitoring (Grey List) as of 21st February 2025

1. Algeria 2. Angola 3. Bulgaria 4. Burkina Faso 5. Cameroon 6. Côte d’Ivoire 7. Croatia 8. Democratic Republic of Congo 9. Haiti 10. Kenya 11. Laos 12. Lebanon 13. Mali 14. Monaco 15. Mozambique 16. Namibia 17. Nepal 18. Nigeria 19. South Africa 20. South Sudan 21. Syria 22. Tanzania 23. Venezuela 24. Vietnam 25. Yemen

Jurisdictions under Increased Monitoring - Grey List

Which publicly recognizes jurisdictions that have committed to, or are actively working with, the FATF to resolve strategic deficiencies in their anti-money laundering, combatting of terrorism financing as well as combatting of proliferation financing (AML/CFT/CPF) regimes within agreed timelines. This list is commonly known as the “grey list.”

FATF Grey List and Blacklist Update History:

In the latest plenary, which concluded on 21st February 2025, Philippines was removed from the Financial Action Task Force (FATF) Grey List, and:

  • Laos
  • Nepal
were added to the Grey List.

In the plenary that concluded on 25th October 2024, Senegal was removed from the Financial Action Task Force (FATF) Grey List, and:

  • Angola,
  • Algeria,
  • Côte d’Ivoire
  • Lebanon
were added to the Grey List.
In the plenary that concluded on 28th June 2024, Jamaica and Türkiye were removed from the FATF Grey List and:
  • Monaco
  • Venezuela
were added to the Grey List.

In its plenary, which concluded on 23rd February 2024, the FATF removed UAE, Barbados, Gibraltar, and Uganda from the Grey List, whereas:

  • Kenya
  • Namibia
were added to the Grey List.
In October 2023, the, while the following countries were removed: Albania, Cayman Islands, Jordan. and Panama and:
  • Bulgaria
were added to the Grey List.

The FATF established two statements as part of its listing and monitoring procedures to assure consistency with its international standards.

To learn more about the difference between FATF-blacklisted countries and greylisted countries: Checkout What are FATF Blacklist and Grey list countries?

High-Risk Countries Subject to a Call for Action - FATF Blacklist

FATF categorises certain countries as “Blacklist” countries. This “Blacklist” identifies jurisdictions with substantial strategic weaknesses publicly in their AML/CFT/CPF regimes and calls on all FATF members to conduct enhanced due diligence and, in the most severe cases, implement countermeasures to protect the international financial system from money laundering, funding of terrorism and proliferation risks stood by the identified nations. This list is commonly referred to as the “Blacklist.”

Recently, the FATF has added Myanmar to this list of High-Risk countries subject to a Call for Action. Accordingly, with effect from 21st October 2022, the FATF “Blacklist” stands as under

  • Iran and the Democratic People’s Republic of Korea (subject to FATF call on its members/jurisdictions to apply countermeasures),
  • Myanmar (subject to FATF call on its members/jurisdictions to apply enhanced due diligence measures proportionate to the risks arising from Myanmar).

AML Compliance pertaining to grey-listed and blacklisted countries

All Financial Institutions (FIs) and Designated Non-Finance Businesses and Professions (DNFBPs) are required to have appropriate risk-based AML/CFT protections in place to limit the potential of money laundering and terror financing posed by countries subject to increased monitoring or listed as high-risk jurisdictions subject to a “Call for Action” by FATF.

As a result, FI and DNFBPs must screen customers against the FATF Jurisdictions under Increased Monitoring and High-Risk Jurisdictions Subject to a Call for Action while onboarding and continuously monitor their transactions throughout their business relationship. DNFBPs should ensure that their customer due diligence measures verify their customer’s residence in, or business with, listed countries and that their transaction monitoring measures can examine the size, frequency, and pattern of transactions involving high-risk countries to determine the possibility of occurrence of financial crimes such as money laundering.

FIs and DNFBPs must file suspicious transaction/activity reports (STR/SAR) to the Financial Intelligence Unit (FIU) when red flags are observed so that enforcement actions can be conducted.

Further, FIs and DNFBPs are obligated to report the transaction or activity with high-risk countries subject to a “Call for Action” to the FIU by filing High-Risk Country Transaction Report or High-Risk Country Activity Report (HRC/HRCA), as the case may be

Role of AML UAE

AML UAE is a leading AML compliance services provider in UAE. We help you with fulfilling all the requirements for AML and CFT in UAE. Our spectrum of AML compliance services is not restricted to national boundaries, but we also make sure that you comply with the global regulations of AML.

We can help you with:

  • Creating firm-specific AML policies, procedures, internal controls, best practices, and guidelines for your smooth business operations
  • Setting up an expert AML compliance department for your firm that can handle all AML-related activities
  • Selecting the most effective and appropriate AML software for your business needs to ensure AML compliance
  • Helping you in filing and submitting annual AML/CFT risk assessment reports with the UAE government
  • Conducting training for your employees in handling KYC, screening, risk profiling, CDD, EDD, and filing of STRs

About the Author

Linkedin

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

What is Placement in Money Laundering?

What is Placement in Money Laundering?

Money Laundering is a global threat that is challenging the integrity of financial systems. The process involves three stages: Placement, layering, and integration. Out of these three stages, the placement stage is the most critical, as it involves placing illicit money into the legal financial system. In this article, we understand Placement in Money Laundering in detail with examples, and identify businesses prone to Placement of illegal funds under Australian regulations.

Additionally, the article highlights the best practices to counter Placement and how AML Australia can assist in detecting and preventing such activities effectively.

What is Placement in Money Laundering?

Money laundering is the process of disguising the proceeds of a crime and its origin to give it a mask of legitimately earned money. Placement is the process of moving funds derived from criminal activities into the financial system. It is the initial stage where money laundering is most vulnerable to its detection. The goal is to put dirty money into the legal financial system.

Placement is the physical disposal of cash or other assets derived from criminal activity. In other words, placing the “black money” into the financial system as white money.

Some common examples of Placement are:

  • Depositing cash into the banks
  • Buying expensive assets or even real estate to disguise the origin of funds, i.e. hiding that the money was derived by illegal means and introducing it as clean money.

Stages of Money Laundering

Money laundering is a series of complex transactions wherein money is moved in circulation by involving multiple entities and people, making it difficult to trace the origin with the intention of making it look “clean” or legal money. However, it can be described in three stages:

1. Placement: The first stage of money laundering is called Placement. At this stage, the illegal/ dirty money derived from criminal activity enters the legal financial system. The two main goals of this stage are

To free criminals from having proceeds of crime
To place the money into the regular financial system.
For example, they purchase value cards, buy foreign currency from illegal money, break large amounts of money into smaller amounts, and deposit it in banks.

2. Layering: This is the second stage of money laundering, where layers of complex transactions are created. The goal here is to move money multiple times, which makes it difficult to trace the origin of funds.

Oftentimes, at this stage, the money is moved internationally to create confusing trails. For example, money can be moved into different bank accounts in different countries through transactions involving different entities.

3. Integration: This is the final stage of money laundering. Till now, the illicit funds were placed into the legal economy and were layered through multiple transactions to hide it from its source. By integration, the criminal wants to get it back by making it appear legal or clean money. Some common examples of integration are the purchase of high-value assets, Jewellery, buying legal businesses, etc.

These three stages of laundering money can be overlapping (layering can start at the placement stage). However, each stage serves a different purpose to make illegal money appear legal.

Techniques of Placement in Money Laundering

Placement techniques can vary depending on the nature and circumstances of criminal activities. Some common examples of Placement techniques in money laundering include:
  1. Using Casino Chips: Launderers may buy casino chips from their illicit cash funds and cash out the winnings, making them appear to be legitimate earnings.
  2. Structuring: Structuring is done to evade detection of a transaction and record-keeping requirements. Smurfing is a common structuring technique in which individuals are hired to deposit small amounts of cash in different banks to keep the transaction under the threshold and avoid reporting and recordkeeping.
  3. Mingling Funds: Criminals mingle dirty money with clean business money by creating various transactions, such as mixing business and personal expenses.
  4. Purchasing Assets in Less Regulated Industries: Launderers buy and sell assets in less regulated industries in certain jurisdictions. Investing in real estate, cryptocurrency, and precious metals.
  5. Fake Invoices: False invoices are created to show the movement of money, such as inflated sales receipts or the sale of goods that do not exist. This is done to create the illusion of having legitimate funds.
  6. Repaying a Loan: Dirty money can be used to repay loans taken from legitimate financial institutions.

Businesses Prone to the Placement of Illegally Obtained Money

Businesses that attract launderers to place illegally obtained money usually generate high cash inflows, which makes it easy to mingle black money in the economy.

Thus, reporting entities that provide designated services which are susceptible to ML/TF activities are required to undertake AML/CTF compliance under the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006. Such reporting entities include:

  • Entities providing financial services
  • Entities in the bullion dealing business
  • Entities providing gambling services
  • Entities providing professional services
With the effect of the AML/CTF Amendment Act 2024, there is a set of Tranche-II entities that are also subjected to AML/CTF obligations, which include:
  • Entities dealing in precious metals, stones, and products
  • Entities providing real estate services
  • Entities providing professional services
The AML compliance obligations set under the AML/CTF Act 2006 aim to overcome the vulnerability of the above-mentioned entities against the risk of financial crimes.

Why It Is Easier for Businesses to Detect Money Laundering at Placement Stage

Out of all three stages of money laundering, the Placement stage is easier to detect. A criminal has illicit funds, and at this stage, the funds are introduced into the financial system for the very first time.

For example, large sums of dirty cash are deposited in small amounts in different banks. With scrutiny and transaction monitoring systems, these transactions are visible to financial institutions and authorities.

When the funds are still illicit, the money laundering red flags or links to criminal activities are easy to detect. This can be achieved with strict AML compliance programs, Transaction Monitoring tools to detect unusual patterns, and regulatory reporting mechanisms in place.

Best Practices to Counter Placement in Money Laundering

Reporting entities can implement the following best practices in countering money laundering at the placement stage:
  1. KYC & CDD – Establish strong Know Your Customer (KYC) and Customer Due Diligence (CDD) procedures to identify and verify the customers before starting a business relationship and even on an ongoing basis before executing a fresh transaction.
  2. Transaction Monitoring – Using transaction monitoring tools to see unusual patterns, large cash transactions inconsistent with the nature of business, and alerts for identifying transactions that reach just below the threshold can help in investigating suspicious transactions.
  3. AML Training – Training the team members on the latest trends and case studies of money laundering and staying up to date on laws and news in the AML industry to make the right decisions in a timely manner.
  4. Adopting Advanced Technology – Use the latest and most secure technology to optimise compliance when handling large amounts of data, etc.
  5. Reporting and Information Sharing – Report suspicious activities and transactions to the FIU, collaborate and share information with other institutions and law enforcement agencies for better prevention of the Placement of illegal funds.

The First Stage of Money Laundering and How to Detect It

In simple terms, the placement stage of money laundering is the first step where illegal money is introduced into the financial system. To protect against these risks, businesses need to adopt a strong Anti-Money Laundering (AML) program. This includes checking the identity of their customers (called KYC and CDD), keeping an eye on unusual transactions, and providing staff with proper training.

How can AML Australia Assist You in Detecting and Preventing Placement in Money Laundering?

AML Australia provides complete services to help businesses follow the rules for preventing money laundering across Australia. We work with businesses to help them understand and manage the risks of money laundering.

Our goal is to make sure your business is ready to spot, reduce, and handle these risks. We help businesses stay safe from financial crimes by making sure they follow all the necessary laws and regulations set by the regulatory authorities.

Frequently Asked Questions about Placement in Money Laundering

What is Placement in money laundering?

Placement is the first step in money laundering, where criminals try to introduce their illegal money into the financial system. It’s like taking “dirty money” and trying to make it look like “clean money.”

What is the difference between Placement and layering?

Placement is when criminals first get their illegal money into the financial system. This may include depositing cash or buying valuable assets. Whereas, at the Layering stage, criminals try to hide where the money came from by moving it around in complex transactions. They may transfer it between different accounts or countries to make it harder to trace.

What are some common methods used for Placement in money laundering?

Common methods include depositing small amounts of cash into banks (structuring), buying casino chips and cashing them out, mixing dirty money with legitimate business funds, and purchasing valuable items like real estate or jewellery. These methods help hide the original source of money.

About the Author

Linkedin

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

AML Compliance for Charities in Singapore: A Panoramic View

AML Compliance for Charities in Singapore: A Panoramic View

AML Compliance for Charities in Singapore: A Panoramic View

Charities are social institutions that offer invaluable services to humanitarian causes to complement governmental and international efforts. However, their noble work can be misused or exploited by illicit actors for raising or moving funds for the purpose of Money Laundering (ML), Terrorism Financing (TF), or Proliferation Financing (PF).

This blog discusses the AML compliance requirements for charities in Singapore and the corresponding regulatory framework while also highlighting the ML/TF/PF red flags commonly associated with charities.

It goes on to address the challenges in combatting ML/TF/PF risks and suggests best practices to overcome the challenges with the inclusion of evolving technologies.

Charities that are Subject to AML/CFT Compliance Obligations

Institutions such as Companies Limited by Guarantee, Body Corporates, Societies or Trusts operating under Singapore laws can register themselves as charities under the Charities Act 1994.

However, such institutions must fulfil the following criteria:

  1. The institution must have a charitable purpose as recognised by Singapore’s regulatory framework
  2. The institution must promote public benefit through its activities
  3. The institution must be wholly and exclusively charitable
Singapore laws recognise the following causes as charitable purposes:
  • Poverty alleviation or reduction
  • Development of education or religion
  • Other purposes that benefit the community at large, including the commonly recognised charitable purposes such as:
    • Awareness and assistance through health initiatives
    • Assistance with citizenship woes, community development, environmental protection, animal welfare
    • Aid for needy and destitute with severe illnesses, disability, financial difficulties, or disadvantage due to youth, age, or any other constraints
    • Encouragement of sports and physical activities that promote health
    • Promotion and awareness in the fields of science, arts, cultural heritage
Thus, all charities working for charitable purposes are subject to Anti-Money Laundering, Countering Financing of Terrorism, and Counter-Proliferation Financing (AML/CFT/CPF) compliance requirements.

Why Charities Must Adhere to AML/CFT Compliance Requirements

Charities are vulnerable to ML/TF/PF risks due to a variety of reasons, such as:
  • Higher public trust
  • Wide networks
  • Cross-border operations
  • Unregulated funding channels
  • Weak internal controls
These factors are misused by charities through various means:

Means of Misuse of Charities

Charities may be abused by illicit actors for ML/TF/PF purposes through various means that can be classified into the following categories.

Funding through Charities

Criminals seek to exploit by raising funds in the name of a charity and then diverting such funds for terrorist activities or financial crime at the stage of collection or funds or transfer of funds between the stakeholders. Charities are also vulnerable to being used as a front by illicit actors for the movement of funds.

Misusing Resources Belonging to Charities

Charities are highly dependent on their human resources to execute their cause. However, this dependency makes them vulnerable to the risks of financial crime if a staff member or a board member exploits the charity’s resources to support terrorist activities or financial crime instead of providing for the charity’s beneficiaries.

Misusing the Name of a Legitimate Charity

Illicit actors often adopt a registered charity’s credentials, such as name, contact information and address, to mislead the donors and ultimately divert funds for ML/TF/PF purposes in the guise of charitable work.

Establishing Sham Charities

Instead of using a legitimate charity’s identity, criminals also resort to creating a sham institution altogether that functions like an ordinary registered charity, raising funds and promoting causes on paper to ultimately support ML/TF/PF activities.

Conducting Recruitments

The facilities used by charities and their activities are misused by terrorist organisations and illicit actors for carrying out recruitment for their activities.

Manipulating Charitable Programs

Parasitic use of legitimate charitable programs by illicit actors for carrying out illegal activities. For instance, shelters built by charities and used by beneficiaries may also be misused as a hub for ML/TF/PF activities.

Association with Terrorism Financing or Proliferation Financing Actors

Terrorist organisations may associate themselves with charities through a variety of means, including individual relationships with employees or senior management personnel or formally established partnerships with charities for furthering terrorism or proliferation-related activities.

Common Red Flags for Charities to Beware of

Charities must be aware of the following common red flags that can indicate ML/TF/PF activities:
  • If a donor insists on using the money for a specific purpose that is not related to the charity’s work domain.
  • If the amount of donations made does not match with the donor’s financial profile or their commercial activity.
  • If a donor makes donations using virtual assets but the charity is unable to determine that virtual asset’s ownership pattern.
  • If a donor relies on third parties to execute transactions without any apparent reason.
  • If a charity notes unusual behaviour on the part of a donor, such as requests for rerouting parts of donations to a third party that is not known to the charity and does not align with the charity’s purpose.
Criminals are constantly finding new ways of ML/TF/PF. Thus, charities must scrutinise any unusual behaviour or transactions beyond this non-exhaustive list of red flags.

AML Framework for Charities in Singapore

Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act, 1992 and the Terrorism (Suppression of Financing) Act, 2002, are the primary legislations combating money laundering and terrorism financing in Singapore.

In congruence with the recommendations of the Financial Action Task Force (FATF), preventing the abuse of Non-Profit Organisations (NPOs) and the overarching AML/CFT laws in Singapore, the Office of Commissioner of Charities (COC) sets out AML/CFT obligations for charities in Singapore.

AML Compliance Processes that Charities Need to Follow

AML Compliance for Charities needs to be built upon the foundation of a Risk-Based Approach

When managing the identified risks, charities must follow a risk-based approach, i.e. prioritising the management of critical risks by applying higher controls and resources and then moving on to lower risks. Charities can define the following risk management strategy:

The risk management strategy can help charities develop clear guidelines on avoidance, reduction, sharing, and acceptance of risk based on the risk level, quantification of loss, cost of mitigation and the burden of risk management.

The AML compliance process listed in this section guard charities against ML/TF/PF risks:

Charity Risk Assessment

Charities must be aware of the kinds of risks that they may be exposed to and identify the inherent ML/TF/PF risk factors affecting charity operations. These factors include:

Risks Associated with Donors, Beneficiaries, Partner Organisations, Employees, and Volunteers

Charities must determine the risks that arise out of their interaction with their donors, beneficiaries, partners, employees, or volunteers. For instance, charities must evaluate if they accept donations that come with specific requests, such as requests for utilising the donation for specific groups of individuals or organisations.

Risks Associated with Charity Operations

Charities must analyse if any potential illicit activities can arise out of their daily operations. For example, charities must analyse whether their funds are disbursed through non-regulated or high-risk financial channels.

Risks Associated with Geographical Locations

For charities conducting global operations, charities must determine if they are at a higher risk of ML/TF/PF threats if they work in high-risk jurisdictions or deal with donors or partners belonging to high-risk jurisdictions, such as FATF blacklist or grey list countries or conflict-affected zones. Charities having multi-jurisdiction operations are at a higher risk of ML/TF/PF threats arising out of geographical locations.

The above-mentioned risk factors would help charities determine the likelihood of ML/TF/PF risks and their impact when adopting a Risk-Based Approach.

Establishing Internal Policies, Procedures, and Controls (IPPC)

Based on risk identification and assessment exercise, charities must develop and periodically update a customised IPPC that addresses risk management, disbursements, utilisation of donations, monitoring the delivery of their programs and initiatives, and reporting of suspicious activities or transactions that come to notice during the course of their operations.

The IPPC must clearly define the control measures, from due diligence and risk profiling to record keeping, following a risk-based approach while also defining the role of employees and staff members, including all three lines of defence.

Additionally, charities must ensure a transparent AML governance framework with clear communication and commitment from the stakeholders in the implementation of risk mitigation measures.

Role of Governing Board Members and Key Officers in Ensuring AML Compliance

The governing board and the key officers of a charity are the persons who are ultimately responsible for implementing the compliance measures in accordance with the charity’s Internal Policies, Procedures, and Controls and ensuring that the ML/TF/PF risks to the charity are effectively mitigated.

Due Diligence

Charities must perform independent due diligence measures against a donor or beneficiary or other stakeholders such as representatives, partners, agents, contractors, employees, suppliers, vendors and volunteers.

Due diligence should be undertaken by charities in the following instances:

  • Before accepting funds from a donor, extending support to a beneficiary, or establishing a working relationship with a stakeholder
  • If the charity suspects a donor, beneficiary, or stakeholder is involved in ML/TF/PF activities
  • If there is any veracity in the documents or information shared by the donor, beneficiary, or stakeholder.

Know Your Donors, Beneficiaries, and Stakeholders

Charities are required to identify and verify the identities, credentials and good standing of their potential donors, beneficiaries, and stakeholders.

Charities are required to:

  • Obtain relevant information about not just the donors but also their agents, connected persons, or beneficial owners, and
  • Verify their background, reputation, financial stability, source of wealth and source of funds against independent and reliable information

When dealing with partner organisations, charities should have clear written agreements concerning the activities conducted and resources utilised under the charity’s name.

Sanctions Screening, PEP Screening and Adverse Media Screening

Charities must screen their donors, beneficiaries, partners, employees, and volunteers against the list of designated individuals and entities set forth by the United Nations Security Council (UNSC) and the Inter-Ministry Committee on Terrorist Designation (IMC-TD) and the Targeted Financial Sanctions imposed by Monetary Authority of Singapore.

If the sanctions screening results in a positive hit, charities are obligated to terminate onboarding of or collaboration with the donor, beneficiary, or stakeholder and file a Suspicious Transaction Report (STR).

Charities must also screen their donors, beneficiaries, and stakeholders to check if they, their agents, or their beneficial owners are Politically Exposed Persons (PEPs), immediate family members or close associates of a PEP.

Charities must screen the names of their donors against adverse media reports, internet records, and database subscriptions to check if there are any public concerns raised about the donor, such as to check if the donor has been declared insolvent.

Charities must also perform searches on the government register to determine if there have been any regulatory actions against the donor, beneficiary, partner, employee or volunteer.

Donor, Beneficiary and Stakeholder Risk Assessment

Charities must evaluate the risk posed by every potential donor, beneficiary and stakeholder and classify them into low, medium and high-risk. Such risk assessment can be made based on the following factors:

Donor, Beneficiary, and Stakeholder Risk:

  • PEP status of the donors, beneficiaries, or stakeholders and their agents, close associates, or family members
  • Existence of Adverse Media
  • Unusual ownership structure
  • Criminal convictions involving fraud.

Products and Services Risk

  • Understanding donor and stakeholder services, products, and activities vulnerable to ML/TF/PF risks.

Geographical Risk

Pertaining to the location where the stakeholder is placed or routes transactions or conducts most business with
  • If the jurisdiction is on FATF’s blacklist or grey list
  • If the jurisdiction is subject to UN sanctions
  • If the jurisdiction is infamous for significant levels of corruption.

Other Risk

  • Non-face-to-face relationships
  • Unusual involvement of third parties.
Based on the stakeholder risk assessment, the charity must classify its stakeholders as high-risk, medium-risk, and low-risk and apply adequate risk mitigation measures in accordance with a risk-based approach. For example, when dealing with high-risk stakeholders, charities must perform Enhanced Due Diligence.

Enhanced Due Diligence

If establishing a working relationship with a donor, beneficiary, or partner belonging to high-risk jurisdictions or high-risk stakeholders as per the criteria defined in the IPPC, charities must perform additional checks as a part of Enhanced Due Diligence (EDD). For instance,
  • Charities must seek to ascertain the legitimacy of the source of funds when receiving a substantial amount of donation from an unknown donor
  • Engagement or work relationship establishment with a high-risk donor, beneficiary or stakeholder must be conducted with the approval of the governing board members
  • Placing additional checks on the activities of the donor, beneficiary or stakeholder
  • Conducting enhanced ongoing monitoring of transactions by elevating the frequency and nature of transactions.
EDD helps in identifying and avoiding ML/TF/PF risks to a great extent.

Ongoing Monitoring of Projects and Transactions

For all the ongoing projects or programs under which charities conduct their activities, charities must put in place to ensure that their funds or services are delivered in accordance with the charity’s objectives. Charities must monitor the following aspects of a project in a structured, regular and ongoing way:
  • Conduct of the stakeholders involved in a project
  • Performance of the project stakeholders
  • Proper delivery of charity services
  • Expenditure is incurred for legitimate purposes
  • Transactions with the donors, beneficiaries, and stakeholders are in accordance with their respective financial profile.

Audit and Review

Charities must accomplish dual audit and review process:
  1. Audit and review of the financial records
  2. Audit and review of the AML program

The Charities Act 1994 and subsequent regulatory framework require charities to ensure independent audit or examination of their financial records in accordance with the relevant financial reporting standards. Hence, charities must ensure proper accounting of their funds, auditing of their services, and employee training to analyse the performance of their projects and activities.

Additionally, charities must review the quality and effectiveness of their AML controls to ensure that their AML program does not become irrelevant or outdated over time in comparison to the evolving criminal typologies and AML/CFT regulatory framework. There may be specific instances which trigger the need for reviewing risk mitigation measures:

Charities must accomplish dual audit and review process:

  1. Audit and review of the financial records
  2. Audit and review of the AML program

The Charities Act 1994 and subsequent regulatory framework require charities to ensure independent audit or examination of their financial records in accordance with the relevant financial reporting standards. Hence, charities must ensure proper accounting of their funds, auditing of their services, and employee training to analyse the performance of their projects and activities.

Additionally, charities must review the quality and effectiveness of their AML controls to ensure that their AML program does not become irrelevant or outdated over time in comparison to the evolving criminal typologies and AML/CFT regulatory framework. There may be specific instances which trigger the need for reviewing risk mitigation measures:

As and when required, charities must update their documents and information sources if:

  • There are any regulatory updates, e.g. updates in FATF lists or local or UN sanctions lists.
  • There are material changes in the working changes with a Donor, Beneficiary or Stakeholder.
  • Changes in the availability of resources.
Charities must determine the time and frequency of the audit and review process in accordance with their Internal Policies, Procedures, and Controls.

Reporting

If charities encounter suspicious activities or transactions in the course of their day-to-day operations, they are obligated to file a Suspicious Transaction Report (STR) with the Suspicious Transaction Reporting Office (STRO) using the STRO Online Notices and Reporting (SONAR) Platform as per the AML/CFT obligations set out in the Corruption, Drug Trafficking, and Other Serious Crimes (Confiscation of Benefits) Act and the Terrorism (Suppression of Financing) Act.

By implementing the above-mentioned compliance measures, charities can ensure that their activities and services are not misused by illicit actors for ML/TF/PF purposes.

In addition to filing STR, charities are also required to submit a governance evaluation checklist as a part of their annual submission to the COC. The governance compliance checklist explains the charity’s extent of compliance with the Code of Governance. It is to be filed through the charity portal within a period of six months from the end of each financial year through the Charity Portal.

Training

Charities must provide adequate training to governing board members, key officers, employees and representatives regarding AML topics and issues relating to their roles and functions to ensure proper implementation of the charity-specific ML/TF/PF risks.

In addition to role-specific training, a general overview of ML/TF/PF activities, AML/CFT laws applicable to the charity and consequences of non-compliance should also be included in the employee training and awareness component so that the employees, operations personnel, volunteers and other staff members become equipped in identifying ML/TF/PF red flags and filing STRs, and other regulatory reports.

Record-Keeping

Charities must record all relevant information concerning a project, donor, beneficiary, or stakeholder during the course of the working relationship and for a minimum period of five (5) years after the end of the working relationship. The records include but are not limited to:
  • Documents under in identification and verification of identities
  • Information regarding the purpose and nature of the working relationship
  • Charity’s findings about the PEP status and other high-risk factors in writing
  • Nature of EDD measures taken by the charity in relation to high-risk donors, beneficiaries or stakeholders
  • Any STRs filed or any ML/TF/PF suspicions raised before the governing board members
  • All written agreements relating to projects, ongoing monitoring of projects and transactions
  • All receipts or disbursement of funds
  • Any incidental matters prescribed in the charity’s internal policy
  • All AML training records
  • Outcome of charity risk assessment
  • All financial records

Conducting Due Diligence on Anonymous Donors

Charities often receive donations from persons who do not wish to reveal their identity in good faith. However, this guard of anonymity can also be used by criminals to circumvent due diligence checks.

Thus, it is important for charities to conduct due diligence and seek to identify any red flags associated with ML/TF/PF activities like involvement of third parties or unusual requests for refunds. However, it is also important for charities to be mindful of the donor’s confidentiality.

Consequence of Non-Compliance with AML/CFT Obligations

The Corruption, Drug Trafficking and Other Serious Crimes Act, 1992, mandates every person to file an STR if the person knows or has reason to believe that any property may be connected to criminal activity. Failure to do so constitutes a criminal offence.

Exceptions: However, with regard to identification and verification requirements. Charities are allowed to accept funds from a donor, disburse funds to a beneficiary or establish working relationships with stakeholders even when they are unable to complete identity verification despite their best efforts, subject to the following conditions:

  • The activity is essential for not interrupting the day-to-day operations of the charity
  • The charity is in a position to effectively manage the ML/TF risks
  • The charity has specific criteria and risk management policies and procedures in order to back the charity’s decision, taking into consideration reputational and legal risks.
  • The charity must document the deliberation, decision, and rationale of its decision in writing
However, charities must consider if they should file an STR if they are unable to complete any of the due diligence measures.

Challenges in Ensuring Effective AML/CFT Compliance

  • In cases where a large donor who is known to the charity changes the pattern of donation, it may be challenging for charities to perform due diligence while maintaining cordial work relationships with such donors. In such scenarios, it is important for charities to really know their donor beyond the regulatory pen and paper requirement to circumvent frictions.
  • Charities operating at a small scale may not have adequate infrastructure to identify complex ML/TF/PF patterns
  • Inadequate AML training may lead to human error that can pose a significant risk to the charity’s operations.
  • Charities adhering to AML compliance regulations are required to maintain records of each compliance measure and incidental information and documents. Thus, charities are required to manage large volumes of data that can be difficult to process and analyse.

CharityTech as an Effective AML/CFT Solution for Charities

In the era of digitisation, charities have the option to rely on digital solutions to automate labour-intensive compliance tasks, such as regulatory reporting and record keeping, to reduce the manual workload and associated costs, allowing charities to focus on their core missions while ensuring compliance with AML regulations.

CharityTech relies on advanced statistical modelling, machine learning, and real-time data aggregation to enhance risk assessments. By employing techniques like fuzzy logic and text analytics, RegTech can identify potential risks and suspicious activities more effectively than traditional methods.

Digital solutions can thus help charities overcome logistical challenges and financial crunch problems.

Best Practices to Ensure a Foolproof Implementation of AML/CFT and CPF Program within Charitable Organisations

  • Creating a checklist for internal periodic review
  • Identifying personnel and designating them as risk owners to mitigate, manage, and monitor sources of risks in which they have relevant knowledge, expertise, and authority. For example, Treasurers of the charity, as risk owners, can be entrusted with the responsibility of managing risks associated with the disbursement of funds or designating a senior board member as a single point of contact for all AML-related matters.
  • Charities can create risk registers defining the likelihood of the occurrence of such risk, its impact, and risk mitigation action plans for effective risk management.
  • Reviewing the effectiveness of compliance measures regularly and periodically based on a risk-based approach (RBA), i.e., once a year for high-risk stakeholders and once every three years for stakeholders not assigned high-risk rating.
    • Through RBA: Once a year for high-risk stakeholders and once every three years for stakeholders not assigned high-risk rating
    • When Situation Warrants: Such as updates to Relevant Sanctions lists or watchlists, change in nature of relationship with stakeholder, when additional information required due to inadequacy in existing information, changes in ownership structure of stakeholder (legal entity or legal arrangement).
  • Subscribing to the MAS and IMC-TD mailing lists to stay updated with the lists of designated persons and entities.
  • Charities should be cautious about maintaining donors’ confidentiality when performing due diligence measures in alignment with applicable data privacy laws
  • Charities can rely on advanced technologies such as CharityTech to overcome the challenges of human error and data management.
  • Having in place, workflows and personnel to fulfil Regulatory Reporting Requirements such as:
    • STRs with STRO
    • Annual Report that includes Financial Statements and Governance Evaluation Checklist with the Commissioner of Charities (COC).

Conclusion

ML, TF, and PF risks to the charity sector have far-reaching impacts. Thus, it is important for charities to put in place effective AML/CFT controls and governance practices to prevent erosion of trust for legitimate institutions working for public benefit.

About the Author

Linkedin

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Roadmap to AML/CTF/CPF Audit Readiness

Roadmap to AML/CTF/CPF Audit Readiness

An independent Anti-Money Laundering / Counter-Terrorist Financing / Countering Proliferation Financing (AML/CTF/CPF) audit helps businesses evaluate the effectiveness of their AML/CTF/CPF Program and ensure compliance with AML/CTF/CPF laws and regulations of India.

It identifies potential vulnerabilities in the AML/CTF/CPF program of the business and offers suggestions to overcome these gaps. Here is your roadmap to AML/CTF/CPF audit readiness, guiding your way to counter financial crimes and stay compliant with legal obligations.

The Meaning and Significance of an Independent AML/CTF/CPF Audit

What is an Independent AML/CTF/CPF Audit

An independent AML/CTF/CPF audit refers to the regular assessment of the quality and effectiveness of the internal AML/CTF/CPF policies, procedures and controls adopted by entities and resultant records and regulatory compliance thereof. It involves systematically examining the different components of the AML/CTF/CPF program of the Reporting Entity, such as the Know Your Customer(KYC) process, Sanctions Screening, Customer Due Diligence (CDD), Record Keeping, etc.

Significance of an Independent AML/CTF/CPF Audit

Ensures Compliance with Indian AML/CTF/CPF Laws

India’s AML regulations mandate independent AML audits. For example, the Guidelines issued for Dealers in Precious Metals and Stones, Real Estate Agents and Virtual Digital Assets under the Prevention of Money Laundering Act 2002 (PMLA) require regular AML audits. The International Financial Services Centres Authority (Anti Money Laundering, Counter-Terrorist Financing and Know Your Customer) Guidelines, 2022 (IFSCA Guidelines) also mandates the same.

Assesses AML/CTF/CPF Program Efficiency

AML/CTF/CPF audit evaluates the effectiveness of the AML/CTF/CPF program and ensures that it aligns with the latest AML/CTF/CPF laws of India and the Enterprise-Wide Risk Assessment (EWRA) of the Reporting Entity.
Provides Unbiased Suggestions to Combat the Identified Vulnerabilities
AML/CTF/CPF audit recognises vulnerabilities in the AML/CTF/CPF program and includes suggestions to overcome them and mitigate money laundering (ML), terrorism financing (TF) and proliferation financing (PF) risks.

Strengthens AML/CTF/CPF Compliance Culture

Regular AML/CTF/CPF audits strengthen the AML compliance culture of the Reporting Entity by demonstrating the commitment of senior management towards AML/CTF/CPF compliance.

Builds Positive Reputation

AML/CTF/CPF audit improves the reputation of the Reporting Entity amongst its customers, investors, as well as AML/CTF/CPF regulators by demonstrating its commitment to AML/CTF/CPF compliance and combating ML, TF and PF risks.

After discussing the meaning and significance of an independent AML/CTF/CPF audit, let us understand when an independent AML/CTF/CPF audit is to be conducted.

When Should AML/CTF/CPF Audit be conducted?

To ensure that the AML/CTF/CPF program is effective against ML, TF and PF risks and up to date with the latest AML/CTF/CPF compliance requirements, AML/CTF/CPF audit should be conducted periodically. The best practice is to conduct the audits annually. Such periodic audits should assess both the individual business practices of the Reporting Entity as well as the overall entity-wide AML/CTF/CPF program.

However, the frequency of the AML/CTF/CPF audits depends on the nature and size of the Reporting Entity’s business. Its customer base, the products and services it offers, the geographies it serves, and the level of ML, TF, or PF risks it is exposed to as assessed under its Enterprise-Wide Risk Assessment (EWRA). For example, if the reporting entity provides services that are exposed to higher ML, TF, or PF risks due to their nature, the reporting entity needs to conduct the AML/CTF/CPF audit process more frequently.

Now that we know when an independent audit should be conducted, let us turn the discussion towards what an independent audit entails, and the various components of an AML/CTF/CPF program that should be examined in an independent audit.

Scope of an independent AML Audit

For an independent AML Audit to be comprehensive, it should evaluate the efficacy of the following components of the Reporting Entity’s AML program:
  • The EWRA of the Reporting Entity, taking into account its nature, size, and complexity of the business operations
  • The AML/CTF/CPF program and controls and its adequacy in countering ML, TF and PF risks
  • The robustness of the AML/CTF/CPF program against the dynamic ML, TF and PF risks evolved since the last EWRA
  • Red flags to recognise ML, TF and PF risks
  • Changes made to AML/CTF/CPF program since the last audit, including the implementation of the suggestions made in the last audit
  • Employee training on the AML/CTF/CPF program and AML/CTF/CPF regulatory requirements in India
  • KYC and CDD procedures, including Enhanced Due Diligence (EDD) procedures, Politically Exposed Persons (PEP) screening and adverse media screening
  • Sanctions screening procedures
  • Transaction monitoring systems and their adequacy considering the ML, TF and PF risk exposure of the company
  • Procedures for submitting Suspicious Transaction Reports (STR) and other required reports both internally to the AML Principal Officer and externally to the Financial Intelligence Unit of India
  • Record-keeping practices and their alignment with AML/CTF/CPF regulatory requirements, including the quality, adequacy, and comprehensiveness of the records maintained
  • AML/CTF/CPF software adopted by the Reporting Entity, including its functioning and whether it is up to date with the latest regulatory requirements
  • Customer acceptance policy, customer onboarding process and customer exit policy
  • Periodic reports related to AML/CTF/CPF measures submitted by the AML Principal Officer or Designated Director of the Reporting Entity to the senior management or Board of Directors and the action taken on these reports
  • AML Principal Officer’s implementation of the directions or feedback received from the AML/CTF/CPF supervisory authorities
  • Correspondence or outcome regarding any AML/CTF/CPF inspection or review conducted by the AML/CTF/CPF supervisory authority
  • Responses of any AML/CTF/CPF related survey submitted
  • Status of remediation measures adopted to fill the gaps identified by the AML Principal Officer, the latest AML/CTF/CPF audit or inspection conducted by the AML/CTF/CPF supervisory authorities
  • Policy related to AML/CTF/CPF data access and archival
  • Status of compliance with other regulatory requirements, such as sector-specific Guidelines for Dealers in Precious Metals and Stones, Real Estate Agents and Virtual Digital Assets
As discussed in this section, an AML/CTF/CPF audit assesses a wide range of components, so it is crucial for entities to take proactive preparatory measures to streamline the auditing process. The following section provides a comprehensive guide on preparatory measures Reporting Entities can take for a smooth independent AML/CTF/CPF auditing process.

Roadmap to AML/CTF/CPF Audit Readiness

The preparatory measures for an independent AML/CTF/CPF audit involve two essential steps. First, the Reporting Entity must finalise its list of requisites for the AML/CTF/CPF audit and an independent AML/CTF/CPF auditor. Second, it must gather and finalise all necessary information and documents to be reviewed during the auditing process. These steps have been discussed in detail.

Finalisation of Requisites for an Independent AML Auditor

Reporting Entities need to prepare and approve their own list of requisites they expect from an independent AML/CTF/CPF auditor and the auditing process to ensure that the auditing process is aligned with their needs. Deciding on these requisites makes sure that the auditing process is smooth without any hiccups. This list should take into account the following components:

Period to be included for review

Reporting Entity needs to specify the timeframe for which the auditor will review and assess the AML/CTF/CPF program.

Scope of Audit: Limited or Full Scope

Limited scope audit involves an evaluation of identified areas rather than a comprehensive examination of the entire AML/CTF/CPF program of the Reporting Entity. For example, a Reporting entity may choose to audit only its CDD process or its KYC process. On the other hand, a full scope audit involves an auditing process covering all components of the AML/CTF/CPF program.

The Expected Outcome

The reporting entity needs to decide and list the expected outcomes of the auditing process. For example, if the Reporting Entity requires so, it can specify that the auditing process should be followed by practical action plans to combat the vulnerabilities found.

The Budgeted Cost

Reporting Entity needs to outline the range of budget it aims to allocate to the auditing process. This depends on the scope of the audit that it has decided to opt for.

Time Estimation

The Reporting Entity needs to specify the time period in which it expects the auditing process to be completed.

Preparation of Information and documents

To streamline the AML/CTF/CPF audit process and avoid delays, the Reporting should prepare the following information and documents in advance:

1. Business Profile: This includes a comprehensive overview of the Reporting Entity’s nature and size of business, the products and services it offers, its customer base, the geographies it serves, its delivery channels, etc. This profile helps auditors understand the business and identify potential ML, TF and PF risks.

2. Certificate of Incorporation, Memorandum and Articles of Association: These documents provide information regarding the Reporting Entity’s establishment and its operational and ownership structure

3. Organisation Structure: This includes information about the hierarchy in the organisation to help auditors understand the management and decision-making process in the Reporting Entity

4. Annual Financial Statements: This includes financial statements of the entity for the immediately previous financial year.

5. Enterprise-Wide Risk Assessment: As a part of AML/CTF/CPF compliance, all Reporting Entities must have an EWRA in place. Assessing the EWRA helps auditors examine the ML, TF and PF risk exposure of the Reporting Entity, the actions it has taken to address these risks and the effectiveness of these actions.

6. AML/CTF/CPF Program: AML/CTF/CPF Program includes all policies, procedures and controls in place to comply with the AML/CTF/CPF regulatory obligations of the Reporting Entities and combat ML, TF and PF risks.

7. Red Flags Applicable to the Reporting Entity: Depending on factors such as the nature and size of the business, the products and services it offers, its customer base, the geographies it serves and its delivery channels, all Reporting Entities may have different red flags in place to identify any potential ML, TF and PF risks during its business operations. This list needs to be examined by the auditor.

8. AML/CTF/CPF Governance: This includes details on the oversight and management of AML/CTF/CPT activities within the Reporting Entity, and its adequacy needs to be examined by the auditor.

9. AML Principal Officer’s Profile: All Reporting Entities need to appoint an AML Principal Officer to oversee the AML/CTF/CPF compliance in the entity. Auditors need to be provided with the profile of the Principal Officer, which should include information about their qualifications, experience, responsibilities, powers, etc.

10. KYC, CDD, Customer Onboarding Procedures and Templates: This outlines the procedure of a Reporting Entity’s customer onboarding, identity verification and Customer Risk Assessment (CRA) process.

11. Procedures for Submitting Various Regulatory Reports: These reports include Cash Transaction Report (CTR), Counterfeit Currency Report (CCR), Property Transaction Report, Non-Profit Organisation Transaction Report, Cross Border Wire Transfer Report (CBWTR), and Suspicious Transaction Report (STR) to be submitted to Financial Intelligence Unit of India.

12. AML/CTF/CPF Record Keeping Policy: This policy outlines the procedure for maintaining and storing AML/CTF/CPF related records, including customer identification documents, transaction records, etc, as required under AML/CTF/CPF regulations of India.

13. AML/CTF/CPF Training Logs and Training Material: Training materials and logs should document the AML/CTF/CPF training provided to staff, including the regularity of such training, topics covered, participant details, etc.

14. Details of Targeted Financial Sanctions Program and Systems: This includes information on how the Reporting Entity implements and manages targeted financial sanctions, such as screening against various sanctions lists.

15. Customer and Supplier Registers: This includes a comprehensive list of all customers and suppliers of the Reporting Entity, including their details and ML risk profiles

16. Register for the AML/CTF/CPF Reports Filed with the Financial Intelligence Unit of India: This helps auditors examine the AML/CTF/CPF compliance function of the Reporting Entity as well as the accuracy of the reports submitted.

17. Employee Register: This includes a list of all employees and their roles and responsibilities in the AML/CTF/CPF program.

18. List of Countries Identified as High-Risk Countries: This list contains countries considered high-risk from AML/CTF/CPF perspective. Information given must also include the Reporting Entity’s association with customers from such high-risk countries.

19. The Procedures to Identify and Establish a Business Relationship with PEPs: Procedures for identifying Politically Exposed Persons (PEPs) and establishing business relationships with them should be shared with the AML/CTF/CPF auditor. This includes EDD measures in place for PEPs to mitigate any potential ML, TF and PF risks.

20. Previous Years’ Independent AML/CTF/CPF Audit Reports: These reports help auditors evaluate the effectiveness of past measures taken to improve past AML/CTF/CPF programs.

21. Information About the Inspection or Review Conducted by the Supervisory Authorities and Guidance Received from Them: This includes information regarding any inspections or reviews conducted by supervisory authorities, as well as action taken on any instructions provided by them.

22. Information About Administrative Fines and Penalties Imposed on the Reporting Entity: Under the PMLA or IFSCA Guidelines, penalties related to AML/CTF/CPF non-compliance may be imposed on Reporting Entities. This information should be given to the auditor to help the auditors assess the entity’s AML/CTF/CPF compliance culture and its response to regulatory supervision.

23. Periodic Report Submitted by the AML Principal Officer to the Senior Management: This report should summarise the AML Principal Officer’s observations and suggestions regarding the entity’s AML/CTF/CPF program.

24. Access to Staff Members and Senior Management: AML/CTF/CPF auditors should have access to relevant staff members and senior management involved in the AML/CTF/CPF program of the Reporting Entity to discuss and assess compliance practices, collect required information and address any concerns.

25. Access to Files and Various AML/CTF/CPF Compliance Records: Auditors should be given access to all relevant files and records related to AML/CTF/CPF compliance.

26. Disclosure of all Known Instances of Statutory Non-Compliance: Any known instances of non-compliance with AML/CTF/CPF statutory requirements under the PMLA, IFSCA guidelines or any other AML/CTF/CPF regulations should be disclosed to the AML auditor. This transparency helps the auditors understand the compliance issues that the Reporting Entity faces.

Conclusion

An independent AML audit is important because it helps assess and improve the effectiveness of a Reporting Entity’s AML program. For a comprehensive and smooth AML auditing process, preparing for the AML audit is indispensable. By finalising requisites for the AML auditor and auditing process and gathering all relevant information and documents, Reporting Entities can streamline the independent AML audit process.

Niyeahma – Your Trustworthy AML Compliance Consultant

  • Conducting the Enterprise-Wide Risk Assessment to assess the ML/Ft exposure to your VDA activities
  • Developing and implementing an AML program for managing the ML/FT risks
  • Appointing an AML Principal Officer and assisting in setting up an AML compliance department
  • Creating transaction monitoring rules to detect suspicious VDA transfers timely
Thus, you can find all kinds of support related to AML compliance at Niyeahma.

About the Author

Linkedin

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

The role of shell companies in money laundering

The role of shell companies in money laundering

Shell companies are a preferred avenue for financial criminals to hide their crimes. These include money laundering, fraud, evading sanctions, escaping taxes, and many others. To protect yourself from these risks and prevent shell companies from exploiting your business, you need to apply proper AML measures. In this article, let’s understand the role of shell companies in money laundering and other financial crimes.

The world of shell companies is based on committing the crime and staying undetected. Shell companies are also known as ghost companies. That means they are the vehicles used in the second stage – layering – of money laundering. Layering allows criminals to disguise the origin and place of dirty money. Thus, you must have enough AML measures to prevent the risks of shell companies in money laundering.

What are the risks of shell companies in money laundering?

What is a shell company?

A shell company is a company without any physical presence and assets. It is not active in business operations. No services provision. No sale of goods. Moreover, it does not have any significant assets. That is why it is a great technique to hide a firm’s ultimate and real beneficial ownership. Criminals form shell companies to conduct illicit business transactions.
Shell companies are characterised by:
  • Lack of physical presence
  • No income
  • No employees
  • Occasionally hold bank accounts and investments
  • Inactive
  • Complex ownership structure
  • Nominee directors and shareholders

Are shell companies legal?

Yes, shell companies are legal even if they are inactive. An individual can form a new company to hold some assets. The newly formed company holds the asset, and that’s its only purpose. It remains inactive and does not conduct sale or purchase transactions.

What are the legitimate and illegitimate uses of shell companies?

Shell companies and their legitimate use cases

  • To invest in various countries
  • To raise funds from the international market
  • To prevent tax lawsuits on assets
  • To hold funds
  • To hold assets like bonds, real estate, stocks, etc.
  • To protect intellectual property rights
  • To employ tax planning strategies
  • To facilitate mergers and acquisitions

Shell companies and their illegitimate use cases

  • To hide dirty money earned from illegal activities
  • To conceal the identities of beneficial owners
  • To evade taxes by hiding income in a shell company in a different jurisdiction
  • To conduct fraud, scam, or a crime
  • To store washed funds in the shell company’s accounts
  • To hide assets during mergers and acquisitions or divorces to avoid sharing with others
  • To finance and exchange dual-use goods with other shell companies, leading to the proliferation of financing
  • To provide phantom services by raising invoices for services that were never rendered

The impact of shell companies

  1. Money laundering, terrorist financing, drug trafficking
  2. Tax evasion
  3. Market manipulation
  4. Unfavourable conditions for legitimate businesses
  5. Fraud
  6. Corruption
  7. Illegal payments

What is the difference between shell, shelf, and front company?

Shell companies have no business activities, significant assets, or employees. They exist on paper but not physically. They are not illegal corporations, but companies use these structures to conduct illicit transactions like money laundering, tax evasion, and concealing beneficial ownership, as well as for legitimate purposes. Trust companies use shell companies as trustees. Companies use shell companies to evade taxes through transfer pricing strategies.

Shelf companies are incorporated companies. They can or cannot have customers but stay dormant for years with no business activities. The secretaries, shareholders, and directors of a shelf company are inactive.

A front company is a legal business – a fully functioning company. However, criminals use front companies to hide their illegitimate financial transactions.

Why are shell companies vulnerable to money laundering?

Shell companies’ vulnerability to money laundering is due to the following reasons:

Anonymity

The most significant characteristic of shell companies is their anonymity. It keeps the identity of beneficial owners secret and private. This is possible because shell companies are constructed in less-regulated or tax-haven countries. These countries have no mandatory requirements for the disclosure of structure, and shareholding. You can move funds from one country to another without divulging any transaction and ownership details. This is the feature that money launderers leverage to conduct crimes.
Low cost and easy company formation procedure
Another characteristic that makes shell companies susceptible to money laundering is the low cost and ease of formation. You don’t need to spend much money on its establishment and operations. Moreover, their setup does not involve many steps or hassles of approvals and documentation. Such ease and less-costly company structuring enable money launderers to opt for shell company formation.
No physical presence
Shell companies do not have a physical presence. They exist only on paper. So, you will find it challenging to trace the company’s whereabouts. This is also one of the reasons why their vulnerability to financial crimes is high.
Relaxed regulatory rules

Offshore destinations with relaxed rules are preferred destinations for shell companies. These jurisdictions do not restrict a business’s and its owners’ confidentiality, privacy, and anonymity. Strong bank secrecy rules, strict privacy laws, and relaxed regulatory standards make a country a preferred hub for shell companies.

Superrich use such shell structures to hide their wealth because of relaxed regulations. Also, the creation of shell companies involves fewer regulatory investigations and checks. The absence of or minimal reporting requirements attracts criminals who use shell companies to commit crimes. Even low or no corporate tax rates make a jurisdiction a preferred destination for shell companies.

A confusing network of several shell companies in different jurisdictions
The network of multiple shell companies in different jurisdictions benefits money launderers. Such a complex network lets one create a chain of several transactions. This structure makes tracing funds’ ownership, source, and destination difficult. Regulatory and investigating authorities have to handle too many jurisdictions and their laws. Also, collaboration between authorities in so many jurisdictions is a big concern. Some jurisdictions might have a vested interest in such schemes, so they don’t help in investigations.

How do shell companies launder money?

Criminals set up a shell company, invest their proceeds of crime into it and then move funds to their own account by using fake invoices.

Red flags of financial crimes by shell companies to exploit your business

Since shell companies’ risk in money laundering is high, you must be vigilant about their activities. One way of doing that is learning about the red flags of customers’ illicit behaviour. These are the warning signs of suspicious transactions using shell companies. So, you must be aware of these red flags to spot suspicions at the right time and stop the transaction. These red flags include the following:
  1. Atypical directorship in companies
  2. Dubious addresses of companies
  3. Mass registration of many directors, shared names, or addresses indicates the involvement of many shell companies.
  4. Dormancy of a company for a few years and a sudden rise in presence with a spike in revenues
  5. Too young or too old beneficial owners like five years or more than 100 years
  6. Circular ownership of several companies with each other to hide beneficial ownership
  7. Dubious addresses as address proof of entities
  8. A mismatch between the company’s registration jurisdiction and the directors’ residency or nationality, specifically involving high-risk jurisdictions
  9. The home jurisdiction of the shell company is a sanctioned or terrorist country or one with weak AML and other regulatory controls
  10. Some odd financial anomalies
  11. Ultimate beneficial ownership is significantly different from the expected
  12. The company has not undertaken any real business activities
  13. The formal nominees mentioned for the company are nominated agents for many shell companies
  14. The nominees are generally the spouses, children, or relatives who do not contribute to the enterprise’s operations
  15. The shell company conducts many transactions, but none generates income
  16. It does not contribute to taxes, social benefits, and employee benefits
  17. One party is the origin and destination of financial benefits in the case of international funds transfer, or the transaction is between two different businesses, but they have the same registration address
  18. The unnecessary creation or involvement of representative offices or similar delegation services
  19. Cash transactions, different from the usual payment mode used
  20. Account signatory executes a large transaction but with no controlling interest in the assets or company
  21. Involvement of family members in business transactions with no legal business purpose
  22. Private third parties provide loans, but there is no supporting agreement, interest repayments, or collateral
  23. Doubtful and questionable relations between parties with no clear explanation by the customer
  24. Unusual transactions considering the client’s profile, business model, or previous transactions
  25. The origin and destination of transaction funds involve a foreign jurisdiction with no justified linkage with the client
  26. The business account used for a transaction is also used for personal transactions like buying assets or other reasons with no linkages to the client’s profile
  27. Involvement of two or more parties in a transaction with no apparent reason or legal rationale
  28. Finance from a lender – an individual or a company – without any commercial reason or justification
  29. Goods or services transacted do not correspond to the sender or receiver’s business profile
  30. The unwillingness of the party to disclose information on the transaction
  31. Transactions involving beneficiaries from offshore or high-risk jurisdictions
  32. Transactions with fake invoices having a shell company’s name as the seller of products
  33. Complex transactions with multiple layers of buying and selling
  34. Large volume or value transactions with other ghost companies
With so many red flags and others, you must keep an open eye on all incoming and outgoing transactions. All these are obscuring the illicit behaviour of the transactions, which you must be aware of. It makes tracing of money laundering and criminals challenging for investigators. However, with proper AML measures and transaction monitoring, you can identify the legal, fair transactions from the illegal, unfair ones.

How do you prevent shell companies from exploiting your business?

So, now you understand that shell corporations are risky for your business. You must safeguard yourself from these risks to reduce the likelihood of involvement in money laundering activities. You need to be proactive in your efforts to build a resilient business. To protect your business from the risks of shell companies in money laundering, you must apply the following measures:

KYC

Know your customers. It is a critical way to prevent shell companies from exploiting your business. You must know all the details about your customers, such as:
  • Business name
  • Registered business address or residential address
  • Email address and contact number
  • Business license number
  • Nature of business
  • Business type and structure
  • Business details like board of directors, date and place of establishment, and annual report
You must collect proof of all these details. The documentary proof helps you verify your client’s identity. You can identify if your customer is a shell company or not.

Due diligence

KYC is a fundamental way of knowing your customers. Due diligence involves more intense scrutiny. You must investigate your customers’ funds and wealth further. This will help you detect any linkage with illegal activities.

Investigate the following about your customers:

  • Source of funds
  • Source of wealth
  • Beneficial ownership (name, address, relation with the firm, national identity, and other details)
  • The business structure
  • Payment methods used
  • Financial statements
  • Geographical presence
All these data points help you understand the customer’s background. You can get confirmation on the authenticity of the company’s business operations and business owners, customers, and suppliers. Investigating beneficial ownership and background helps you understand whether the client is a shell company created for illicit reasons. Once you know the beneficial owners and risks associated with them, you can examine any probable involvement of shell companies.

Customer Risk Assessment

Once you manage to conduct KYC and CDD, you have a decent amount of information on your customers. Now, you can manage to create risk profiles of your customers. Based on this risk profiling, you can categorise customers as high, medium, and low risk.

The risk profile includes rating your customer based on the risks from their products/services, geographical presence, delivery channels, and transactions. If the customer is high-risk, you need to be more cautious.

Transaction monitoring

Monitoring shell company transactions is necessary to spot suspicions. By checking transactions, you can spot any shell company’s participation in financial crimes. For this, you must look at the transactional patterns or irregularities in customer behaviour. Also, keep a check on the value and volume of transactions. Lack of transparency or unwillingness to disclose identity or transaction details is a typical red flag of shell companies.

So, awareness of the red flags of shell companies’ involvement in money laundering is essential. The section above contains warning signs you must be wary of when detecting shell companies’ involvement in illicit transactions.

Technology solutions

Use technology solutions to perform your business’s AML and risk management strategies. These solutions have the latest advanced technologies, such as the following:
  • Artificial intelligence
  • Data Analytics
  • Blockchain technology
  • Machine learning
  • Data mining

All these technologies help you with accurate sifting and analysis of data. They help you analyse loads of data to verify customers’ identities. These technologies can identify patterns and behavioural characteristics matching potential red flags. Thus, you can identify suspicious transactions and customers linked to shell companies.

The best part about AI is that it adapts over time to new rules. When new money laundering tactics emerge, or risks evolve, you can update your solution to these new rules. Thus, you can put up an intense fight against money laundering through shell companies. You can devise strategies against the risks of shell companies in money laundering and prevent them from exploiting your business.

AML compliance program

To prevent shell companies from exploiting your business, you must take a risk-based approach to your AML compliance program. You must develop specific policies, procedures, and internal controls for your business. This framework depends on industry-specific risks and shell companies’ role in money laundering.

Your framework must include KYC, CDD, and transaction monitoring. It involves continuous monitoring of risks from customers and their transactions. Knowing the risks allows you to take relevant action and stop your business’s exploitation. You must also monitor these AML programs on an ongoing basis to make improvements that bring you closer to AML compliance in UAE.

Training

Training of frontline employees and compliance teams goes a long way in countering ML/TF risks emanating from shell companies. The training programs should revolve around the identification of UBOs, known red flags, and known ML/TF typologies.

All these measures help you know who you are dealing with. Thus, you are aware of the risks from your customers and suppliers. Based on your risk appetite, you can decide whether to form a business relationship and transact with them. These measures help you stay vigilant against the risks of shell companies in money laundering.

If you apply these proactive AML efforts, you can detect the illegal network of shell companies that launder dirty money. Thus, these measures help you prevent shell companies from exploiting your business. You can improve the financial system’s integrity and comply with AML regulations.

AML UAE – your partner for professional AML consulting services

AML UAE can help you design and implement customised solutions to prevent shell companies from exploiting your business. Our AML initiatives strengthen your fight against shell companies and reduce their threats. We can help you:
  • Know your clients better
  • Conduct due diligence checks on them
  • Monitor their transactions on an ongoing basis
  • Assess risks from shell companies
  • Design appropriate AML compliance programs
  • Select and implement the right technology solutions for your business
  • Conduct training to strengthen your team against ML/TF risks posed by shell companies
All these measures reduce the risks of shell companies to your business. Thus, with AML UAE’s help, you can prevent shell companies from misusing your business to conduct money laundering activities.

About the Author

Linkedin

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Global Warriors: International Organisations Battling Financial Crimes

Global Warriors: International Organisations Battling Financial Crimes

Globalisation has made it easy for criminals to move illicit funds across the borders. It is essential that global standardised policies, procedures and practices exist to combat Money Laundering, Terrorist and Proliferation Financing (MLTPF). In this blog, we will discuss the international organisations involved in battling financial crimes and protecting the world’s economy. These global warriors work tirelessly to combat MLTPF and provide a safe international financial system. The top international organisations working towards combating MLTPF crimes are as discussed below.

Financial Action Task Force (FATF)

The Financial Action Task Force (FATF) is an inter-governmental body formed in 1989 by the G-7 countries, which aims at the development and implementation of international policies and procedures to prevent and combat MLTPF.

The FATF promotes and recommends international standards and effective legal, regulatory and operational measures to combat financial crimes and threats to the integrity of the international financial system.

It publishes research to raise awareness of the movement of illicit funds to ensure the prompt detection and mitigation of MLTPF risks.

It also monitors the progress of countries around the world in implementing Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF), and Counter-Proliferation Financing (CPF) measures. More than 200 countries have committed to implementing FATF’s recommendations, leading to a collective and global response against financial crimes. UK has been a member of the FATF since 1990.

Committee of Experts on the Evaluation of Anti-Money Laundering Measures (MONEYVAL)

MONEYVAL is a part of FATF’s global network. It is a monitoring body, tasked with assessing and evaluating compliance with AML/CFT/CPF international standards as well the effectiveness of such compliance for Council of Europe countries. Through this, MONEYVAL aims to improve the capacities of countries to fight against financial crimes. Presently, UK is a member of MONEYVAL.

Egmont Group of Financial Intelligence Units

Egmont Group comprises 177 FIUs around the world. It acts as a platform for the secure exchange of expertise and financial intelligence between the FIUs to help in the fight against financial crimes across borders.

Organisation for Economic Cooperation and Development (OECD)

OECD is an international organisation that aims to encourage and promote sustainable development and economic growth.

It helps countries fight international tax evasion, money laundering, and other financial crimes.

It works with governments to develop evidence-based standards, implement best practices and have access to data that helps improve the economic and social well-being of people around the world.

It aims to facilitate collaboration between member countries on economic issues and financial crimes.

Transparency International (TI)

Transparency International (TI) is another global organisation that aims to fight against corruption financial crimes, and promote transparency.

It works to identify and remove the loopholes in the global financial system that lead to corruption and the stolen money to be laundered.

It also advocates transparency in beneficial ownership and works with governments to help set up systems that aim to disclose the real owners of companies so they are not used for conducting illegal activities.

Sharing Electronic Resources and Laws on Crime (SHERLOC)

SHERLOC is a knowledge management portal. It has been developed by the United Nations Office on Drugs and Crime (UNODC).

It aims to disseminate information on the United Nations Convention against Transnational Organized Crime and its three Protocols.

Its scope includes resources concerning crimes such as money laundering, terrorism, corruption, etc.

Stolen Asset Recovery Initiative (StAR)

StAr is a partnership between the World Bank and UNODC that works to help countries recover stolen public assets and end safe havens for corrupt money.

It assists in international collaboration and cooperation to promote the mitigation of MLTPF through asset recovery and accountability.

It plays an important role in recovering assets that are obtained through bribery, embezzlement, or other corrupt conduct and thus restoring confidence in the rule of law.

It also focuses on tackling the misuse of legal structures for moving illicit funds through Beneficial Ownership transparency.

International Consortium of Investigative Journalists (ICIJ)

ICIJ is a non-profit independent global network of investigative journalists and media organisations across the world with the aim of exposing international social and financial crimes and corruption.

Their explosive work has led to various reforms. It has published some of the biggest cross-border investigative projects highlighting how illicit funds flow globally.

In 2021, ICIJ was nominated for the Nobel Peace Prize for reporting that made it difficult for arms dealers and human traffickers to launder their dirty money.

International Compliance Association (ICA)

ICA is a body that provides professional qualifications and training in subject areas like AML, governance risk and compliance, financial crime prevention, customer due diligence, cyber risk, and managing sanctions risk.

It aims to educate the international compliance community to perform better and empower compliance and financial crime prevention through support, education and advocacy.

Association of Certified Financial Crime Specialists (CFCS)

ACFCS is an international organisation that provides training and certifications to professionals who work in the detection and prevention of financial crimes.

Many countries recognise the certification provided by ACFCS. CFCS certification aims to equip financial crime specialists with tools, resources and knowledge on subjects like AML, corruption, crypto, tax evasion, cyber risk, data analytics and security, compliance and regulation, etc. and help them to fight, prevent and detect any financial crimes.

Anti-Money Laundering and Financial Crime (AMLFC) Institute

AMLFC is an institute that provides certification and programs in collaboration with various universities relating to AML and other financial crimes.

It also conducts academic research to advance knowledge in the field of AML/CTF/CPF and financial crime prevention. Its aim is to provide professionals globally with high standards of ethics and knowledge to fight against financial crimes.

Association of Certified Anti-Money Laundering Specialists (ACAMS)

ACAMs is a global organisation that provides training, certifications, and ongoing support to AML and anti-financial crime specialists.

Over 175 countries have professionals who are members of ACAMS and support various organisations to build robust Anti-financial Crime readiness mechanisms.

It also creates networking platforms and hosts conferences for sharing best practices, publishing information and imparting continuing professional education to various professions internationally.

Association of Certified Fraud Examiners (ACFE)

ACFE is an internationally recognised organisation that imparts anti-fraud training, is instrumental in setting industry standards, and offers credentials to anti-financial crime specialists.

CFE certification demonstrates expertise in fraud detection, prevention and investigation.

By offering the CFE credential and fostering a global community of anti-fraud professionals, the ACFE helps in combating fraud and financial crimes worldwide.

Organisations Battling Financial Crimes: Final Words

The financial systems and economies of the countries are affected globally by financial crimes like money laundering as networks of financial criminals spread worldwide. To prevent and detect such financial crimes, it is crucial to have best practices and internationally recognised standards in place. Therefore, Relevant Persons in UK can enhance their AML/CTF/CPF Program by adopting the international standards, best practices, recommendations, etc, of these global warriors that work to combat financial crimes

About the Author

Linkedin

Pathik Shah

FCA, CAMS, CISA, CS, DISA (ICAI), FAFP (ICAI)

Pathik is a Chartered Accountant with more than 26 years of experience in governance, risk, and compliance. He helps companies with end-to-end AML compliance services, from conducting Enterprise- Wide Risk Assessments to implementing the robust AML Compliance framework. He has played a pivotal role as a functional expert in developing and implementing RegTech solutions for streamlined compliance.

Reach Out to Pathik

Top Organisations Combatting Money Laundering: The Powerhouses of AML

Top Organisations Combatting Money Laundering: The Powerhouses of AML

Money Laundering (ML) is typically a transnational crime. This means that persons who commit crimes such as money laundering are more often than not located in different parts of the world. This is why it is important for countries to come together to fight the risks of money laundering. There are various international organisations working toward this goal. Here’s a list of the top organisations combatting the risks of money laundering.

Top Organisations Combatting Money Laundering

Financial Action Task Force (FATF)

FATF is an intergovernmental organisation. It sets international standards for combatting money laundering, terrorist financing, and proliferation financing (ML, TF, and PF).

The FATF has published 40 recommendations and 11 immediate outcomes for implementing its standards. It is done by conducting a mutual evaluation of the country’s Anti-Money Laundering (AML) efforts.

Australia is a founding member and an active member of the FATF.

Asia/Pacific Group (AGP) on Money Laundering

While FATF provides an overview of the global money laundering trends, the AGP on Money Laundering is a regional FATF-style body that facilitates regional cooperation between its member nations through technical assistance, training, mutual evaluation and active engagement in the global AML/CFT policy development.

Australia serves as the permanent co-chair of the AGP on Money Laundering with the AGP secretariat formally established in Sydney.

Bank for International Settlement (BIS)

The Basel Committee on Banking Supervision at BIS is an important organisation setting regulatory standards for central banks worldwide, including the Reserve Bank of Australia and the Australian Prudential Regulation Authority.

The guidance issued by the Basel Committee on “sound management of risks related to money laundering and financing of terrorism” gives financial institutions insights on how to improve their AML compliance measures in line with the FATF recommendations.

The Egmont Group of Financial Intelligence Units (FIUs)

The Egmont Group is a common forum for FIUs from 177 countries and observers for exchanging financial intelligence and international cooperation to counter the risks of ML, TF, PF, and their predicate offences.

The Australian Transaction Reports and Analysis Centre (AUSTRAC) is a founding member of the Egmont Group.

Organisation for Economic Cooperation and Development (OECD)

OECD, for its member countries, works with policymakers and other stakeholders to make policies for tackling common environmental, economic and social issues faced by its member countries.

Fighting financial crimes, such as money laundering and terrorist financing, is one of the focus areas in which the OECD works.
Australia is a member nation of the OECD.

Transparency International

Transparency International primarily works against corruption. The Australia chapter of Transparency International works to prevent illegal money from entering the country’s financial system.

It works to close the gap in Australia’s AML regulations that leave out the scope for illegal activities.

Association of Certified Anti-Money Laundering Specialists (ACAMS)

ACAMS offers professional certifications and also hosts international conferences which focus on Anti-Money Laundering (AML) compliance and their regulatory frameworks.

Individuals who want to build a career in AML compliance can improve their credentials by getting a Certified Anti-Money Laundering Specialist (CAMS) qualification.

Pacific Financial Intelligence Community (PFIC)

The Pacific Financial Intelligence Community (PFIC) is a platform for 15 Pacific FIUs. Member nations of the PFIC can collaborate on subjects like operational capabilities, research results, tech-sharing and capacity building.

The PFIC meets virtually and in person every two months on an annual basis. These meetings are co-chaired by AUSTRAC and Papua New Guinea’s FIU- Financial Analysis and Supervision Unit (FASU).

The Financial Intelligence Consultative Group (FICG)

FICG is a regional forum for FIUs from Australia, New Zealand, and Southeast Asia. The purpose of FICG is to promote, enhance, and strengthen AML/CFT collaboration for its members.

AUSTRAC is the permanent co-chair for FICG. Other partner country’s FIUs assume chairmanship position on a rotating basis.

Association of Certified Financial Crime Specialists (CFCS)

CFCS offers many solutions around training, membership, and professional certifications to combat financial crimes. More than 80 countries consider these certifications and training as a benchmark of excellence.

Anti-Money Laundering and Financial Crime (AMLFC) Institute

The AMLFC institute conducts partnerships with universities and professional organisations to counter financial crimes. It provides a range of certifications for AML, counter-terrorism financing, cybersecurity, fintech, and other regulations related to these subjects.

The institute also supports research programs which seek to improve AML practices and AML compliance frameworks.

International Money Laundering Information Network (IMoLIN)

IMoLIN is an online platform set up by the United Nations Office on Drugs and Crime (UNODC).

It gives access to online learning materials, training courses, and case law databases to improve law enforcement across the world.

Stolen Asset Recovery Initiative (StAR)

StAR is funded jointly by the United Nations and the World Bank.

It assists victims of fraud and other financial crimes in recovering their stolen assets. It also helps countries fight corruption and increase accountability.

International Consortium of Investigative Journalists (ICIJ)

ICIJ has a global network of investigative journalists in more than a hundred countries. ICIJ is known for its investigation into many high-profile financial crimes like the Panama Papers scam.

Association of Certified Fraud Examiners (ACFE)

ACFE gives Certified Fraud Examiners (CFEs) credentials to people who want to build a career in fighting financial fraud. It also trains them and gives them many online resources like courses, statistical data, case studies, etc.

Top Organisations Combatting Money Laundering: In Summary

It is important for countries to work together to fight financial crimes. These international organisations give governments a platform and opportunity to collaborate.

About the Author

Linkedin

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Client Offboarding Best Practices to Strengthen AML Compliance

Client Offboarding Best Practices to Strengthen AML Compliance

Client offboarding involves strategically terminating business relationships with a client. In the context of Anti-Money Laundering (AML), Countering the Financing of Terrorism (CFT) and Counter Proliferation Financing (CPF) compliance, client offboarding becomes necessary when the business relationship with the client is incompatible with the AML/CFT/CPF processes of the Regulated Entity. Timely offboarding helps the Regulated Entity in protecting itself against Money Laundering (ML), Terrorism Financing (TF), and Proliferation Financing (PF) risks.

This Blog discusses the importance of client offboarding in the context of AML/CFT/CPF compliance, the circumstances that necessitate it, the best practices of client offboarding and the step-by-step procedure to ensure smooth client offboarding as a part of the Regulated Entity’s AML/CFT/CPF Program.

What is Client Offboarding?

Client offboarding is the strategic termination of a business relationship with a client conducted with the objective of protecting the Regulated Entity from ML/TF or PF risks. The decision to offboard a client is taken in accordance with the Regulated Entity’s internal Client Acceptance and Exit Policies. These policies are made while keeping in view the AML/CFT/CPF law and regulations in Singapore, which facilitates the effective compliance of the Regulated Entity’s AML/CFT/CPF obligations.

Circumstances Necessitating Client Offboarding

The following circumstances necessitate Regulated Entities to make the decision to offboard a client:

Compliance with AML/CFT/CPF Regulations

Compliance with Targeted Financial Sanctions

Under Singapore’s sanctions regime, Regulated Entities are required to conduct Sanctions Screening on their customers to detect if a customer is a ‘Designated Person’ under the United Nations Act, 2001 and UN Regulations or a terrorist or terrorist entity under the Terrorism (Suppression of Financing) Act. 2002. If the Regulated Entity suspects that a client is sanctioned, it needs to undertake the following steps:

  • Decline to enter into or terminate any transactions with the customer
  • Freeze the customer’s funds and other financial or economic assets
  • File a Suspicious Transaction Report (STR) with the Suspicious Transaction Reporting Office (STRO) or inform the Monetary Authority of Singapore if the Regulated Entity is a Financial Institution

Therefore, AML/CFT/CPF laws require Regulated Entities to terminate business relationships and transactions with a customer suspected to be sanctioned.

Amendment in AML/CFT/CPF Regulatory Regime

When AML regulations in Singapore are amended, there may be a need to offboard certain categories of customers as required under the amendments. For example, if the Singapore authorities introduce an amendment in the law restricting the engagement with countries subject to the Financial Action Task Force (FATF) ‘Call for Action’, then Regulated Entities would be mandated to offboard the clients from these countries.

ML/TF and PF Risks Posed by Customer Exceed Risk Appetite of the Regulated Entity

Risk appetite is the amount of ML/TF and PF risks Regulated Entities can effectively manage through their internal risk management and control practices. When the ML/ TF or PF risks posed by customers exceed the risk appetite of a business, offboarding may become inevitable.

Derisking

Derisking is a process adopted by businesses to end or restrict business relationships with a client to avoid ML/TF and PF risks posed by them. When ML/TF and PF risks cannot be managed or mitigated, derisking becomes necessary. However, Regulated Entities should not adopt blanket derisking to avoid issues such as reputational damage, exclusion of legitimate customers, etc.

Client’s Failure in Know Your Customer (KYC) and Customer Due Diligence (CDD)

Another reason for client offboarding is if the client does not provide requested documentation or fails a background check at the time of KYC and CDD processes. These can raise suspicions, leading to a deeper investigation, requiring additional information or documents from the client or termination of a business relationship, depending on the Internal Policies, Procedures and Controls (IPPC), which are tailored to specific risks of every business.

For example, the client is assessed as high-risk, and the Regulated Entity has requested the necessary information and documents pertaining to the client’s source of funds and wealth. However, the client is hesitant to share these documents. In the absence of completion of the Enhanced Due Diligence process as part of the CDD process, the Regulated Entity must offboard the client, as required under the IPPC, to ensure compliance with AML regulations.

Increased Costs Associated with Know Your Customer (KYC) and Customer Due Diligence (CDD)

Client off-boarding also becomes necessary when the cost involved in adequately completing the KYC and CDD is higher than what Regulated Entities can effectively manage, given their available resources.

Why Is Client Offboarding Essential in Certain Circumstances?

Client offboarding is necessary in the above-discussed circumstances for the following reasons:
  • Preventing exposure to ML/TF and PF risks
  • Complying with AML/CFT/CPF regulatory requirements and reducing the cost of non-compliance
  • Building a positive reputation as a law-abiding and compliant business
  • Effective ML/TF and PF risk management
  • Maintenance of the Regulated Entity’s integrity, transparency, and financial health
After discussing the essential questions with respect to client offboarding, the blog now details the best practices to be adopted for a smooth and effective client offboarding process.

Best Practices of Client Offboarding Process under AML Compliance

Defining Risk Appetite

As a part of the Regulated Entity’s AML/CFT/CPF compliance, it is required to conduct an Enterprise-Wide Risk Assessment (EWRA). EWRA involves a thorough assessment of the ML/TF and PF risks a Regulated Entity is exposed to, as well as the likelihood and impact of such risks. This is the inherent risk or gross risk that the Regulated Entity faces. Based on the risks assessed, the Regulated Entity can adopt appropriate and proportionate risk control measures. This is the foundation of a risk-based approach.

Based on the EWRA, Regulated Entities can define their risk appetite. Risk appetite is the amount of ML/TF and PF risks Regulated Entities can effectively manage through their AML/CFT/CPF IPPC. It differs for each business and varies as the business of the Regulated Entity changes and grows.

Client Offboarding Best Practices to Strengthen AML Compliance
With a defined risk appetite, Regulated entities can take informed decisions regarding client’s offboarding in a timely manner.

Since risk appetite keeps changing, it also helps Regulated Entities decide to offboard a client if customer’s risk profile changes, or risks emanating from them become unacceptable after some time.

Defining and Implementing Robust Client Acceptance and Exit Policy

As a part of their IPPC, Regulated Entities should form and implement robust Client Acceptance and Exit Policy. These policies must specify the procedures for client acceptance and onboarding, including Customer Due Diligence (CDD) and Know Your Customer (KYC) procedures. Regulated Entity should also define the circumstances that would warrant a review of the relationship with the customer and the procedure to offboard a customer when required. The Client Acceptance and Exit Policies must align with the overall AML obligations and risk appetite of the Regulated Entity.

Reviewing the Decision to Offboard a Client

Whenever a Regulated Entity comes across a circumstance that would necessitate client offboarding, it should investigate the business relationship with the client and make an informed decision as to whether client offboarding is necessary. Client offboarding without due consideration of customers’ risk profiles, can be an excessive measure indicating ineffective ML/TF and PF risk management.

Record-Keeping of Client Offboarding Process

When the Regulated Entity decides to offboard a client, it should maintain records pertaining to the business relationship with the customer for at least five years from the end of the business relationship. The documents that need to be maintained include the following:
  • Suspicious transactions related to the client reported to Suspicions Transaction Reporting Office (STRO)
  • KYC and CDD records collected
  • Documents capturing the reason for offboarding the customer
  • Client communication related to the offboarding
  • Offboarding procedure followed
  • Any other document that seems necessary

Ensuring Privacy and Confidentiality of Customer Data

While offboarding a client, the Regulated Entity must ensure that customer data remains secure. The regulated Entity needs to ensure that there is no risk to the privacy and confidentiality of any information related to the customer. It must not be made accessible to any unauthorised person.

Employee Training Regarding Client Offboarding Process

Client offboarding is a significant part of the AML/CFT/CPF IPPC of a Regulated Entity. Employees of the Regulated Entity need to be trained to carry out the client offboarding process to ensure that it is conducted in a smooth manner. The employees need to be trained in the following aspects:
  • Knowledge of the Regulated Entity’s business’s risk appetite
  • Awareness of AML/CFT/CPF regulations in Singapore related to client onboarding and offboarding and associated compliance requirements
  • The AML/CFT/CPF EWRA of the business
  • Transaction monitoring procedures
  • Red flags indicating ML/TF and PF risks
  • Customer Risk Assessment and risk profiling
  • Soft skills pertaining to effective communication with clients
  • Client Acceptance and Exit Policies, including templates for documenting the decision to offboard, communication with the client, etc

Step-by-Step Client Offboarding Process

The blog now provides a step-by-step procedure that can be followed to ensure a smooth and professional client offboarding process. These steps are as follows:

Detect Circumstances that Warrant Client Offboarding:

Circumstances such as matches found during sanctions screening or ML/TF and PF risks beyond the risk appetite of the Regulated Entity. Regulated Entities should be vigilant in detecting these circumstances in a timely manner. However, the Regulated Entity needs to be mindful of not offboarding a customer right away if doing so would result in “tipping-off” such a customer

Review the Business Relationship with the Client by Conducting a Customer Risk Assessment:

If the customer’s name does not appear in the sanctions list, not requiring immediate offboarding, then the next step is to conduct a proper analysis of the business relationship to assess the ML/ TF and PF risks posed by the client by conducting a Customer Risk Assessment. Customer Risk Assessment is the process through which Regulated Entities assess the ML/TF and PF risks posed by a customer and categorise them into low, medium, or high-risk categories based on the degree of ML/TF and PF risks they pose to the Regulated Entity.

Compare the ML/TF/PF Customer Risk Assessment with the Risk Appetite of the Regulated Entity:

The Regulated Entity should compare the risks posed by the client assessed through the Customer Risk Assessment with the risk appetite of the business, to assess whether the risks can be managed by the Regulated Entity effectively.

Take the Decision Regarding Client Offboarding:

After conducting risk assessment and comparing it with risk appetite, the Regulated Entity will be able to take informed decision regarding offboarding.

Seek Senior Management Approval if Necessary:

There may be situations where senior management approval is necessary for offboarding. For example, if the client is an important customer or regulatory reporting and offboarding are necessary. Such approval should be sought promptly.

Record-Keeping of all Documents Related to Client Offboarding:

Records should be kept for all documents related to the business relationship with the client and the decision to offboard the client, including the rationale that necessitated offboarding for at least five years as required under AML/CFT/CPF regulations of Singapore.

File Suspicious Transaction Report When Necessary:

When a match is found during sanctions screening, or the Regulated Entity detects suspicious activity or transactions, a Suspicious Transaction Report (STR) should be filed.

Communicate to the Client Regarding Offboarding Without “Tipping Off”:

The client should be informed regarding offboarding in a professional and timely manner, without tipping them off regarding filing of the STR, so that the investigation process is not impeded.

Conclusion

Imbibing the above best practices and step-by-step procedures while terminating business relations with a client offboarding ensures a professional and smooth client offboarding process.

About the Author

Linkedin

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti

Behind the Veil: Common Methods of Money Laundering Uncovered

Behind the Veil: Common Methods of Money Laundering Uncovered

The methods used to launder money are constantly evolving with the use of technology. In India, it is necessary to keep up with the common typologies used in money laundering to develop measures for curbing them. This article uncovers the common methods and channels used by money launderers to make their illicitly gained money seem legitimate.

Money launderers exploit various channels to ‘clean’ their ‘dirty’ money. These channels are used in all three stages of money laundering, i.e., placement, layering and structuring. These channels along with the methods money launderers employ to exploit them are discussed below.

Banking Companies and Financial Institutions as Channels for Money Laundering

Structuring, Smurfing and Micro-structuring:

These typologies involve the breaking of large amounts of illicit funds into smaller amounts to make sure that the funds don’t appear to be suspicious.

  • In structuring, after breaking the funds into smaller amounts, the funds are then placed in different bank accounts to avoid detection.
  • In smurfing, multiple individuals or ‘smurfs’ are deployed to deposit the broken-up funds into multiple bank accounts.
  • Micro structuring is similar to structuring but done at a much smaller level, and larger funds are broken up into very small amounts.

Electronic transfer of money:

Money launderers use electronic transfer of money services to move funds between accounts, banks, and jurisdictions with the aim of creating multiple layers of transactions. This obscures the source of funds and makes detection by law enforcement difficult.

Private Banking:

Private Banks often provide specialised services to individuals with high net worth. Private banks are also known for adopting high-level of measures to ensure client confidentiality and have limited transparency provisions. This environment is exploited by money launderers as private banks may not adopt rigorous client due diligence methods due to their close and personal relations with the clients.

Correspondent Banking:

Correspondent banks act as agents of other banks located abroad and provide correspondent banking services to the customers of such banks. This is done by banks when they don’t have a presence in a particular jurisdiction but wish to provide international banking services to their clients.

The indirect nature of correspondent banking relationships implies that the bank offers services to individuals and entities relying on the due diligence performed by correspondent banks, and many times, it turns out to be non-existent or inadequate. This vulnerability is exploited by money launderers.

Offshore Banking:

Money launders often employ services of banks located abroad in jurisdictions with strict privacy laws, lax anti-money laundering regulatory regimes or tax havens.

Non-Banking Financial Companies as Channels for Money Laundering

Money Laundering through Credit Card:

Credit cards are used in the layering or integration stage of money laundering. For example, illicit funds already placed into the banking system are routed to pay for credit card services, enabling the obscuring of the source of funds. Or, after placing the illicit funds in an offshore bank with lax anti-money laundering policies, the funds are accessed through credit cards

Money Laundering through Payment Service Providers:

Third Party Payment Processors (TPPPs) offer domestic and international payment processing services to merchants and business entities. The type of merchants the TPPPs serve can significantly increase their exposure to money laundering risks. For example, TPPPs working with internet merchants may be at a high risk of money laundering due to the high susceptibility of these merchants to financial crimes.

Money Laundering through Virtual Digital Assets Service Providers (VDA SPs):

Virtual Digital Assets Service Providers (VDASPs) such as cryptocurrencies, offer high levels of privacy and anonymity. Criminals use these platforms to convert illicit funds into cryptocurrency, which can then be laundered or spent anonymously. Similarly, virtual assets such as Non-Fungible Tokens (NFTs) are brought and traded through illicit funds to layer the laundered money.

Money Laundering through Money Service Businesses:

Money Service Businesses (MSBs) provides money transmission or conversion services. MSBs are often exploited to convert illicit funds into different currencies, further layering the transactions and complicating anti–money laundering detection.

Money Laundering through Securities or Insurance service providers:

Brokers can be used to invest illegally gained funds into securities, bonds, insurance or other financial products. These investments can then be claimed or pledged to generate legitimate returns on the funds, facilitating the layering and integration of the laundered money. Top of Form

Designated Non-Financial Businesses and Professions as Channels for Money Laundering

Real Estate:

Illegally gained money can be used to purchase real estate, which can then be resold or rented to generate seemingly legitimate income. Further, overvaluing real estate or using shell companies to make real estate purchases is used to obscure the source of the funds. Therefore, real estate agencies need to be careful and adopt AML measures to avoid these risks.

Dealers in Precious Metals, Precious Stones and other High-value goods:

In India, the high-value goods market may be exploited by money launderers to buy and resell these items, thereby disguising the source of the funds and blending them into the financial system. Therefore, for Dealers in Precious Metals and Precious Stones, adopting AML measures becomes very important.

Accountants and Lawyers:

Accounting and legal services are used to create complex financial structures or to provide legal cover for illicit transactions. They may facilitate the movement of funds or help to establish shell companies. Due to client confidentiality obligations, it may become difficult for law enforcement agencies to detect money laundering.
For more information, check out our article on common mistakes by Chartered Accountants in AML Compliance

Trusts and Company Service Providers:

Trusts and company service providers are exploited to create complex legal structures and corporate vehicles that obscure the true ownership of funds.

Trade-Based Money Laundering

Over-invoicing and under-invoicing:

Money launderers use over–invoicing to mix legitimate and illegitimate funds. For example, they invoice for goods or services at inflated prices, allowing them to move excess funds across borders. Similarly, under–invoicing involves declaring the value of goods or services as lesser than their actual value. The objective is to transfer value to the goods seller (in over–invoicing) or the customer (in under–invoicing). In simple terms, the difference between the actual price and the altered price is used to transfer illicit money.

Over shipping, short shipping or ghost shipping:

In these typologies, the quantity of goods exported or imported is misrepresented to the authorities to move the illicit funds under the guise of import-export trade payments. Both the importer and exporter are involved in this scheme.

Black Market Trades:

Using black market trade allows money launderers to undertake transactions that are not reported to authorities and are therefore difficult to detect.

Money Laundering through Corporate Vehicles

Shell Companies:

Shell companies are set up and used to transfer and disguise the source of illicit funds. These companies have no significant business operations or assets of their own but are used to create a facade of legitimacy for transactions. These are created in tax havens and other high-risk jurisdictions with minimal anti-money laundering oversight.

Shelf Companies:

A shelf company is an already registered company that is currently inactive or “put on the shelf.” This corporation is then sold to buyers who may engage in money laundering by activating these shelf companies.

Trusts:

Arrangements of trusts are exploited to hold and manage assets while disguising their true ownership. By placing illicit funds into a trust, money launderers obscure the source of these funds and integrate it into legitimate financial structures. Since trusts are private structures, there is often less anti-money laundering scrutiny for its members.

Other Typologies

Money Mules:

Money mules are individuals that knowingly or unknowingly facilitate money laundering. They may be recruited to receive, transfer or withdraw the illicit funds through their bank accounts.

Cyber Money Laundering:

Cyber money laundering involves using digital technologies and online platforms such as the dark web markets or online black markets, to transfer illegally gained funds. Advanced technologies such as encryption, anonymisation, tumblers, etc are also used to avoid detection.

Commingling:

Commingling is the process in which illicit funds are mixed with legitimately sourced money to obscure the origin of the illegally gained funds. Commingling makes it difficult to separate and detect the laundered money from the legitimate money.

Informal Value Transfer Systems (IVTFs)

IVTFs are informal services that enable the transferring and remittance of funds through persons who receive the funds and facilitate payment of an equal value to a third party located in another country. This is a form of alternative banking system which operates underground through established networks. Examples of such systems include Hawala and Hundi. IVTFs enable money laundering by transferring illicit funds from one jurisdiction to another through underground networks.

Conclusion

The money laundering typologies described in this article explore different aspects of the financial system and various types of institutions. Understanding these methods is the first step towards designing effective anti-money laundering program, including rigorous regulatory oversight, advanced monitoring systems and reporting, and effective international cooperation.

Niyeahma – Your Trustworthy AML Compliance Consultant

Niyeahma has been leading from the front in AML compliance. We help clients understand the requirements of AML regulations and comply with them. Together with you, we aim to prevent money laundering and terrorism financing threats to your business. So, we take a customised approach to make you AML compliant and protect you from financial crimes.
  • Conducting the Enterprise-Wide Risk Assessment to assess the ML/Ft exposure to your VDA activities
  • Developing and implementing an AML program for managing the ML/FT risks
  • Appointing an AML Principal Officer and assisting in setting up an AML compliance department
  • Creating transaction monitoring rules to detect suspicious VDA transfers timely
Thus, you can find all kinds of support related to AML compliance at Niyeahma.

About the Author

Linkedin

Jyoti Maheshwari

CAMS, ACA

Jyoti has over 9+ years of hands-on experience in regulatory compliance, policymaking, risk management, technology consultancy, and implementation. She holds vast experience with Anti-Money Laundering rules and regulations and helps companies deploy adequate mitigation measures and comply with legal requirements. Jyoti has been instrumental in optimizing business processes, documenting business requirements, preparing FRD, BRD, and SRS, and implementing IT solutions.

Reach Out to Jyoti