Money laundering is the bland term used to portray the procedure by which lawbreakers mask the original ownership and control of the returns of criminal lead by making such continues seem to have gotten from a genuine source. There are three stages in money laundering. First, the placement, second is layering and last is integration.
a) Discuss the actions, if any, that Ali should take and identify the risks and issues, from a money laundering perspective, involved in the scenario
Risk and Issue
An unusual transaction is one of the measures for a high money-laundering risk. A high-risk customer, generally one who involves in business with very high physical cash, monetary instrument, requires wire transfer and huge amount of cash deposits. Aisha, pertinent to the scenario, is a high-risk customer as she conducts the business through cash intensive business by bringing the physical cash to the bank for deposit purpose. The main concern here is the sudden increase on the total deposits. Her average cash deposits on previous month was MYR 20,000 compared to the last two months which was MYR 250,000 shows unusual transaction amount. Then, the pattern of the transaction activities is inconsistent compared to the previous month.
Ali, as a processor of the money transaction, is required to conduct Enhanced Customer Due Diligence (ECDD) as to investigate further and have processes and procedures to take place. According to Section 16 of AMLATPFUAA, for any managing and account transaction including a sum identical to RM 50,000 or more, customer due diligence must be conducted for higher risk clients. The practical application of ECDD includes obtaining the customer latest profile, for example, probing on the source of wealth or funds, and additional information on the client’s volume of business assets, opening of new branches or having other business which involves high cash as well. Other than that, know the nature of the business. To most cases, collective descriptions are not sufficient. Street vendor is otherwise known as a person who is selling goods in the street with temporary stall without permanent built structure. The details descriptions of the business are required, as in this scenario, obtain the name of the product sold by the vendor, schedule of the business, operating hour and anticipate the volume of currency and total sales in order to know the nature and details of the business. Apart from that, understand the business activities, acquire is there any business division, who is the major clients of the customer, describe major suppliers, find out is there any competitor and know the main countries or regions where customer does the business. Subsequently, get the information regarding source of fund and the purpose of the incoming fund or transaction. Have better understanding regarding from which the incoming fund is derived, determine whether it is from the business activities itself or by sale of assets. Then, justify the purpose of the transaction being conducted which could be for personal saving or supplier payment. The reason of sudden increase on the transactions activities is the highlight of the scenario. Ali needs to get the information or any documentation from the customer regarding the different amount of cash deposit to be compared of the average monthly deposit previously. While performing in conducting ECDD, Ali should avoid the Tipping Off.
As indicated, Section 14A (1) of the AMLATFPUAA forbids the revelation to different person that an STR is being filed. Likewise, Section 14A (2) additionally precludes scattering of the revelation under section 14A (1). At that point, Section 35 of the AMLATPFUAA restricts the disclosure to different person that an examination into money laundering by any expert is led. This precludes any person from unveiling any data they have gotten from regulators or uncovering any conceivable examination methodology. This does also exclude revelation by a lawyer in association with offering exhortation to his customer in his expert limit. The above offenses which may make the individual be subject for a fine not surpassing three million Ringgit or a jail term no surpassing five years or to both.
Suspicious Transactions Report (STR):
After performing the enhanced CDD and the transactions seem to be suspicious, Ali should report to the Branch Manager or Assistant Branch Manager. Suspicious transaction here means when a customer does not want to elaborate further about the transaction specifically about the source of fund and purpose of the transactions. Or, if the transactions are not jive to the customer business nature. For example, in this case, upon conducting enhanced CDD for Aisha and it is found that her street vendor business is not equivalent to the amount of profit she might earn to be compared to the cash deposits she have been conducted. Thus, it signifies suspicious transactions. On top of that, customer does not want to provide any related documentation about the business, for example, business review report from the Company Commission of Malaysia (SSM). Branch Manager will later conduct the electronic STR to compliance officer and subsequently, the compliance officer investigates the transactions, and files the STR if deemed suspicious.
However, compliance officer should not do STR if customer seems not to be suspicious. Non suspicious fund transaction of high risk customer resembles when the transaction conducted is jive to the customer’s business nature and activities with known sources of fund. In addition, if customer can provide adequate and complete documents regarding her business, compliance officer should also take into consideration for any changes of the customer’s business. For example, if she has added up her vendor branches, set up new business or if the previous transaction was difference during festive session of the year like Hari Raya Aidilfitri, Chinese New Year or other celebrations.
As indicated, Section 14 of the AMLATFPUAA stipulates that detailing organizations are required to report transactions where they speculate money laundering or terrorism financing is included. Such Suspicious Transaction Reports (STRs), as they are ordinarily known, should be documented to the FIED of BNM. The individual rules by BNM, SC and LFSA additionally determine that such transactions incorporates attempted or proposed transactions, and ought to be accounted for in the event that it seems uncommon, has no reasonable monetary purposes, includes continuity from unlawful movement, or shows that the client is engaged with money laundering and terrorism financing.
Furthermore, Ali can also check the customer profile based on record keeping. Reporting institution is required to keep up records on exchanges and data acquired through the CDD measures. Such records must be adequate to allow reproduction of individual transactions to give, if essential, confirm for arraignment of criminal action. Data to be kept up incorporate those gotten through CDD measures, account documents and business correspondence, and furthermore, the aftereffects of any investigation taken. According to Section 17, AMPLATPFUAA, reporting institution is required to keep up such records for a time of no less than six years from the date the record is shut or the business relationship, transaction or action is finished or ended.
Risk-based approach to AML/CFT:
However, there are four risk-based approaches to AML involving the following aspects, such as risk identification, risk mitigation, risk monitoring and risk review. For risk identification, Ali needs to identify how the money laundering activity has been conducted and for risk mitigation is to control and devise methodology to alleviate the risks rising up out of the assessment. Then, for risk monitoring is conducting independent control testing to screen the sufficiency viability of the strategies, controls and techniques. And for risk review is to survey the assessment intermittently and regardless when their condition change or significant new dangers rise.
Money laundering risks:
In addition, there are many risks if the compliance officer fails to conduct STR if the transactions are suspicious. First is reputational risk. Reputational risk is defined as damage or danger to the good reputation of a bank or organization. Failing in conducting enhanced CDD despite of suspicious transactions would affect the company’s reputation which will be regarded less positively. On the other hand, the bank might get penalty or fine if ECDD is not applied upon suspicious fund transaction. Second is compliance risk. This can go up against an assortment of implications however regularly used to allude to the risk that a business will neglect to cling to its own particular compliance methods. The effect of such a risk can bring about both legitimate and administrative obligation and additionally offering ascend to the cost of remediation to redress any past business failures. The idea of compliance risk will turn out to be more noteworthy while working in a principles-based regime where more non-specific direction places expanding accentuation on organizations to devise internal compliance courses arrangements appropriate to the nature and unpredictability of their own exercises.
b) Explain the nature of, and relationship between, customer due diligence (CDD) and enhanced due diligence (EDD)
CDD, ECDD and KYC (Know Your Client) is a piece of any AML program. When performing KYC, one would do client due diligence affirming client’s identity, discovering the source of fund, nature of business and expected movement. EDD is done when certain parts of client’s action are esteemed high risk or are faulty, and require additionally audit. CDD and ECDD are the standard moderation measures, perceived and executed all around. Consider it a two layered insurance security control.
For the first layer is CDD. It is a direct and obvious assessment of the client character and profile. For the most part is procedural. Then, second layer is EDD. It is required only if the client is considered as higher risk after CDD has been directed, for example, political individual. Extra addressing and confirmation is basic to guarantee authenticity of the transactions and their monies.
After all the screening procedure is conducted, and something fishy appears going on and the red flags are up, at that point, simply present a suspicious transactions report to the FIU.
Client Due Diligence is a procedure of KYC which is utilized to assemble customer’s information about identity, address, and to assess the risk class of the customer. As a rule, it is a sort of essential examination about a customer.
The initial step to CDD is to acquire data from the customer. The accompanying focus layout is the most essential data that a financial institution will gather, such as customer profile (individual, entity and trust) and wealth profile.
The second step is to freely check the data gathered from the customer. These are authoritative documents that are issued by the independent reputable agency or government, for example, tax bills, government-issued passport, business profile and certificate of incorporation (SSM Report).
Name screening is the third step where a compliance officer plays out a ‘beware of a name-screening database’ or an interior blacklist to decide whether a customer represents a risk to the financial institution. Regularly, the goal is to discover if the customer is one of the accompanying profiles, such as Politically Exposed Persons (PEPs), criminals, terrorist and revealed in media to be engaged with any action that is antagonistic in nature.
A compliance officer would then be able to assess the customer on the risk it displays and proposes to the organization on the choice of establishing business relationship with the customer. Choices may include understanding the conditions of the customers, for example, source of fund and nature of their circumstance.
ECDD is the place the customer has been assessed to be at an uplifted risk to the entity. The Financial Action Task Force (FATF) 40 Recommendations propose that entity embraces a risk administration framework to decide whether the client exhibits a higher risk.
Some portion of the way toward directing ECDD acquires senior management endorsement previously setting up a relationship and taking sensible measures to build up the source of funds and the source of wealth. Cases of higher risk customers/transactions incorporate however not restricted to PEP, terrorist, customers who are decidedly distinguished to have antagonistic profiles on watch lists, non-face to face account opening, and customers situated in high-risk area.
The transactions activity ought to be investigated for suspicious action and that the conduct of the transactions is jive with the desire of the company, and the customer profile. This is a continuous obligation as customers’ risk profiles may change after some time. To better perform continuous checking, a compliance officer must mull over on the customer’s record action and guarantee that CDD records are stayed up with the latest profile.
Some portion of playing out a legitimate CDD is guaranteeing that all records are held according to the company’s retention policy. The correct time allocation to keep such records is generally commanded by law, and varies between nations. Record keeping will help to comprehend the company over the association with the customer. Record keeping will also help the arrangement with its detailing commitment in submitting reports to the FIU for suspicions on terrorist financing or money laundering.