In this article, our regulatory affairs experts forecast three top issues that will shape compliance leaders’ in-trays in the year ahead:

1. Rooting out terrorist financing will drive greater scrutiny of transaction flows and alternative payment mechanisms

The war in Gaza, ongoing unrest in Nigeria, coups in West and Central Africa, and the military junta in Myanmar demonstrate that watchlists aren’t enough to cut off funding for terrorists and uprisings. More needs to be done to identify and stop the financing pipelines that are supporting violent and repressive regimes around the globe. The Financial Action Task Force (FATF) and the United Nations have identified cryptocurrencies and crowdfunding platforms as key sectors terrorists use to raise money, increasing the likelihood of regulatory oversight in the new year.

“The crowdfunding sector has created a fast and easy way for members of the public to raise money for everything from worthy causes to medical treatments and dream vacations. Unfortunately, these same platforms are also being used to channel money to some of the biggest terrorist organizations around the globe. Tech and financial services companies need to step up their efforts to accurately identify their customers and confirm where their money is really going,” said Alia Mahmud, Global Regulatory Affairs Practice Lead for ComplyAdvantage.

2. AI will move sanctions enforcement beyond watchlist screening to identify risk signals in the sanctioned individual’s network

Sanctions are one of the best tools governments have to deter financial bad actors, but enforcement needs to move beyond watchlist screening to implement enforcement based on connected risk signals. With ongoing conflicts in the Middle East and Ukraine, policymakers will re-examine the efficacy of their sanctions programs to increase the pressure on persons and entities connected to sanctioned officials who may be enabling them to evade restrictions. By looking at risk data points collectively – identity, business associations, transaction activity – banks and other financial institutions can identify a strong risk signal of suspicious activity. Solving financial crime isn’t just a screening problem; it is a network problem, and regulators will expect companies to leverage new technologies to treat it as such.

“With unlimited time and resources, financial institutions could uncover any and all risky connections a sanctioned person has. But that’s not realistic. Artificial intelligence (AI) combined with rich data, graph analytics, and oversight has the potential to create a defense network that would give sanctions the teeth to cut off the money that funds terrorists, wars, human trafficking, and other crimes,” continued Mahmud.

3. Discussion about AI will shift to managing bias, modeling, and transparency

The benefits AI brings to fraud and AML risk detection were such a focus in 2023 that adoption has grown significantly. As this continues through 2024, the conversation will shift to how and where these models are used, emphasizing training and transparency.   

“As we head into 2024, the question is no longer if companies invest in AI, but what kinds of skills their analysts need to ensure that the models they use are effective and that they can justify decisions that they make to auditors,” said Iain Armstrong, Regulatory Affairs Practice Lead for ComplyAdvantage. “Key skillsets such as data preprocessing, model performance monitoring and optimization, and experience in automated decision-making strategies will be in demand. Staff in existing anti-financial crime roles will benefit massively from gaining a base-level understanding of machine learning and AI. Companies that invest in staff training in this area will reap the dividends.”

The State of Financial Crime 2024

Sign-up for early access to our roadmap for the year ahead, built on a survey of 800 financial crime leaders and insights from our regulatory affairs experts.

Register Here

The post 2024 Financial Crime Predictions: From International Conflict to Emerging Technologies appeared first on ComplyAdvantage.

“Our research shows funds are being laundered faster than ever across multiple jurisdictions and sectors, leaving a trail of victims,” said FATF President T. Raja Kumar. “Left unchecked, this threat will only grow further in an increasingly digitalized world.”

The State of Cyber-Enabled Fraud

While the global scale of CEF is difficult to ascertain, it is estimated that 80 percent of all fraud in the UK is cyber-enabled. The report notes that the growth of CEF can be attributed to the increasing use of new technologies, smartphones, and remote financial transactions, which have made users more vulnerable to fraudulent activities. Additionally, anonymity-enhancing technologies like virtual private networks (VPNs) have made it easier for criminals to carry out illicit activities while remaining anonymous.

When highlighting common tactics used in CEF, the FATF highlighted the use of shell companies and individual money mules. In many situations, criminals will recruit money mules via job offers and social media and sometimes instruct them to act as strawmen or open corporate accounts to hide criminal ownership. In cases of online trading fraud, criminals may also use these shell companies to create virtual point-of-sale accounts with merchant services companies to process payments and transfers from victims.

According to the FATF, the following typologies are considered types of CEF: 

• Business email compromise (BEC) fraud.
• Phishing fraud.
• Social media and telecommunication impersonation fraud.
• Online trading/ trading platform fraud.
• Online romance fraud.
• Employment scams.

While illicit financing related to ransomware and other malware-enabled crimes are considered cyber-enabled crimes, these typologies are not within the scope of this report. For more information on these areas, the FATF points to its March 2023 guide on Countering Ransomware Financing.

Risk Indicators 

Drawing from experience and data received from jurisdictions across the FATF Global Network, the Egmont Group, and the private sector, the report highlights several risk indicators of CEF, including:

• Transactions that are rapid or high-value, soon after the account opening, which are not consistent with the account’s purpose.
• Large and frequent transactions that do not match the economic profile of the account holder.
• Small initial payments to a beneficiary, followed by larger payments to the same beneficiary in quick succession.
• Transaction requests marked as “Urgent”, “Secret”, or “Confidential”.
• Transactions directed to known beneficiaries but with different account information to what was previously used.
• Transactions with device time zone mismatches.
• Online behavior anomalies such as delays in entering data, hesitation, multiple failed login attempts, and signs of automation.
• Presence of negative news on customers or counterparties, such as being a known or suspected victim of a scam, mule, or identity theft.
• Abnormal activity of virtual assets from peer-to-peer platform-associated wallets with no logical business explanation.

While an indicator may be discovered in relation to a customer account or transaction, the FATF notes that a single red flag may not warrant suspicion of cyber-enabled fraud on its own. Nor will a single indicator necessarily provide a clear indication of such activity. However, should compliance staff identify any additional indicators, teams should undertake further monitoring and examination as appropriate.

Anti-Fraud Requirements and Controls

In light of these risk indicators, the FATF also provided examples of how anti-fraud measures can be adopted in parallel with anti-money laundering and combatting the financing of terrorism (AML/CFT) controls. Useful for financial institutions (FIs), virtual asset service providers (VASPs), and other financial and payment institutions, the ten measures listed by the FATF include:

1. Robust know your customer (KYC) and know your business (KYB) processes: This may include utilizing biometric features during onboarding and identifying a single mobile or secure device for authenticating online banking transactions.
2. Cooling-off periods: By introducing a cooling-off period for first-time enrolment of online banking services or secure devices, the full suite of banking services will not be immediately available on opening, and the number or value of financial transactions for the customer will be limited.
3. Definition of expected transactions: This could include the number of transactions, amounts, types of counterparties, and countries involved. This will help detect suspicious transactions and tighten fraud detection rules and triggers to block illicit transactions pre-emptively.
4. Verification of payee services: These services allow the originator/payer/debtor of a transfer order to check that the beneficiary/payee/creditor mentioned in the payment messages matches the name of the account holder.
5. Reducing communication: By reducing communication via email and social media with clients to general information only, customers should be better equipped to spot fraudulent communications and scam attempts.
6. Voice recognition and artificial intelligence: This could include adding voice recognition software and artificial intelligence support in communication with clients to ensure their true identity.
7. Multi-factor authentication mechanisms: These mechanisms could be used for customer verification and for performing financial transactions.
8. Client identification processes: Improving the reliability of the client identification process through methods like liveness tests can play a vital role in verifying the user’s identity during remote setup. It can also prevent criminals from accessing multiple accounts using the account information of money mules or victims. 
9. Expanding customer data: Additional information may include mobile phone numbers, IP addresses, GPS coordinates, device IDs, etc. As a result, analysts have more data to work from if and when anomalous behavior is detected.
10. Real-time transaction monitoring: By implementing a risk-based real-time transaction monitoring system, firms can ensure that any abnormal activity is swiftly detected, investigated, and, where relevant, reported through the filing of a suspicious transaction report. The sophistication of the monitoring system should be commensurate with the volume and nature of transactions handled by the FI.

Key Takeaways: What Should Compliance Staff Prioritize?

With cyber-enabled crimes expected to grow, the FATF concludes its report with three strategies to enhance risk mitigation efforts:

• Break down silos within compliance teams.
• Promote collaboration across the public and private sectors on a domestic and international level.
• Enhance detection and prevention measures by promoting awareness and vigilance and facilitating reporting of such crimes. 

To this end, firms should ensure their compliance teams are well-trained in recognizing the risk indicators highlighted in the FATF’s report. Organizations may also consider reviewing their ongoing monitoring measures to ensure their system can detect and prevent fraudulent transactions within specific cybercrime scenarios. This may include creating bespoke rulesets in their transaction monitoring and fraud detection solutions to better detect common patterns of fraudulent behavior they might be particularly exposed to. 

To learn more about the key takeaways from October’s plenary session, read our coverage here.

The post FATF Publishes Report on Illicit Financial Flows from Cyber-Enabled Fraud appeared first on ComplyAdvantage.

“Fraudulent health care billing drives up the cost of medical services for all those who need it. We will continue to aggressively investigate and prosecute those who take advantage of health care plans,” said US Attorney Breon Peace.

The International Telemedicine Scheme

Over a period of five years, Sutton and his co-conspirators operated from call centers in Utah before relocating to Russia. They targeted beneficiaries by offering prescription medications without required medical examinations. Sutton’s network, operating under aliases and utilizing encrypted communications, extended its influence by acquiring brick-and-mortar pharmacies in various states. To obscure their involvement, the group employed intricate money laundering tactics, funneling millions of dollars through shell companies and straw owners.

Upon securing the pharmacies, the fraudsters implemented pharmacy management software for remote reimbursement requests. Their team of “billers” submitted over $500 million in reimbursement requests for more than 50 pharmacies, leading to private insurers paying out over $280 million. 

While Sutton remains at large, his co-conspirators, Dela Saidazim and David Gary Bishoff, pleaded guilty in February 2023 and March 2023 respectively to health care fraud conspiracy. Both await sentencing. Three other defendants have been charged, and two more await arraigning. 

Health Care Fraud: Scenarios and Red Flags

According to the DOJ, health care fraud results in over one billion dollars in estimated losses each year from Medicare, Medicaid, and private insurance programs. In addition to this case of fraudulent marketing of services and misrepresenting charges, examples of health care fraud include:

• Billing for services or equipment that were never provided.
• Falsifying certificates of medical necessity.
• Billing for individual services that should be included in a single fee.
• Falsifying plans of treatment or medical records to justify payments.
• Misrepresenting diagnoses or procedures to maximize payments.
• Forgery of prescriptions and diverting prescription medication.
• Soliciting kickbacks for the provision of various services or goods.

To effectively prevent and detect these activities, compliance teams should familiarize themselves with the following transactional red flag indicators:

• Unusual cash deposits and withdrawals.
• The principal receiving payment from unrelated medical providers.
• Providers conducting business transactions that are not comparable to other similar businesses in terms of types, volumes, or velocity.
• Providers receiving payments from out-of-state insurers while allegedly treating local patients or local providers treating out-of-state patients.
• Transferring insurance payments through multiple accounts to avoid detection.
• False documentation to support transactions, such as sequential invoices or dates of service on holidays.

Key Takeaways

When filing a suspicious activity report (SAR) relating to potential health care fraud, the Financial Crimes Enforcement Network’s (FinCEN) Health Care-Related Fraud Advisory asks compliance staff to reference the guidance by including the key term “FIN-2021-A001” and select SAR field 34g (health care – public or private health insurance). 

While the advisory includes a lot of information specific to COVID-19 health insurance fraud, the guidance also includes two case studies that highlight the variety of methods criminals use to launder fraudulent funds. As these methods continue to evolve, compliance teams should ensure they keep up with emerging trends and calibrate their fraud detection software accordingly, taking a risk-based approach. 

The post Health Care Fraud and Money Laundering Conspiracy Members Charged in International Telemedicine Scheme appeared first on ComplyAdvantage.

“Close coordination and early information sharing are crucial ingredients in the successful fight against [terrorism],… and this is precisely what we expect to achieve by reinforcing the Counter-Terrorism Register,” said Eurojust President Ladislav Hamran.

Improving the Digital Exchange of Information

Launched in September 2019 in light of the 2015 terrorist attacks in Paris and Saint-Denis, the CTR is an operational tool that helps identify links between suspects and terrorist networks previously unknown to national authorities. Historically, information on judicial proceedings against suspects of terrorist offenses was transmitted to Eurojust on the basis of Council Decision 2005/671/JHA.

However, in December 2021, the European Commission proposed an amendment to the Eurojust Regulation to improve the digital exchange of information. The Commission proposed removing the Council Decision provision so information could be transmitted to the agency as soon as a case is referred to judicial authorities.

Specifically, the amendment sought to achieve the following objectives:

• Enhance Eurojust’s ability to identify links between prior and ongoing cross-border terrorism cases and other forms of serious cross-border crimes. 
• Establish a modern case management system (CMS) that provides a secure digital communication channel between Member States and Eurojust.
• Simplify cooperation with third countries by granting Liaison Prosecutors direct access to the CMS.

Following its formal adoption by the European Parliament and the Council, the legislative amendment of the Eurojust Regulation was published in the Official Journal of the European Union on October 4, 2023.

To further improve the EU’s information-sharing procedures, Eurojust is also setting up a new digital infrastructure that will include a CMS that integrates and enables the functionalities of the CTR. The system will be connected to national authorities through secure communication channels in accordance with the European Commission’s plan to modernize the EU justice systems.

FATF Recommendations for Responsible Information-Sharing

The Financial Action Task Force (FATF) emphasizes the importance of effective information sharing in its 2022 report on Data Protection, Technology, and Private Sector Information Sharing. In the report, the FATF outlines how timely information sharing can help financial institutions (FIs) develop innovative techniques to tackle money laundering and terrorist financing more effectively.

In light of the focus on enhanced information sharing to fight financial crime, compliance teams may consider exploring and assessing their own information-sharing protocols to help combat complex modern crimes. When doing this, the FATF recommends: 

• Conduct privacy risk assessments, data protection impact assessments (DPIAs), and human rights impact assessments (HRIAs).
• Ensure AML/CFT experts and technology providers are engaged in any discussions on information-sharing initiatives to help ensure the technical design and output of the initiative are in line with objectives.
• Make use of existing available data prepared in structured format (e.g., data fields used in SWIFT).
• Set clear performance indicators or metrics to assess results and measure success to ensure the information-sharing initiatives reach their goals. 
• Take into account local regulation and context.
• Take a phased approach.
• Introduce data cleansing initiatives prior to sharing.

The post EU Authorities Step Up Efforts to Combat Terrorism through Information Sharing appeared first on ComplyAdvantage.

Organized in light of the Hamas attacks in Israel on October 7, the Exchange included US financial institutions (FIs), technology firms, and social media companies.

Voluntary Information Sharing 

Established in January 2021 through the enactment of the Anti-Money Laundering Act of 2020 (AMLA), FinCEN Exchanges aim to “develop, deliver, and sustain innovative public-private information sharing” to help the private sector identify illicit finance risks more effectively. In a readout relating to November’s event, the regulator emphasized the importance of voluntary information sharing among all types of FIs to uncover networks of illicit activities that no single firm can detect alone. As of FY 2023, over 7,600 firms had registered to participate in this initiative.

The Role of Cryptocurrency in Terrorist Financing

According to the Financial Action Task Force’s (FATF) report on Crowdfunding for Terrorism, in 2022, there was a notable surge in the adoption of decentralized, blockchain-based operating systems by terrorist organizations and their affiliated fundraising campaigns. A significant number of these groups relied solely on this technology for their operations, and the vast majority received donations in the form of the stablecoin Tether (USDT).

While the true extent of how much crypto is used to fund terrorist activity is difficult to measure, in 2022, a senior legal officer at the United Nations Counter-Terrorism Committee Executive Directorate, Svetlana Martynova, said, “A couple of years ago, 5 percent of terrorist attacks were viewed as crypto-financed or linked to digital assets, but now we’re thinking that it may reach about 20 percent.” 

Crypto Terrorist Financing Activity Red Flag Indicators

To combat this trend, FinCEN highlighted several red flag indicators of potential suspicious activity related to Hamas’ terrorist financing activity in an alert dated October 20, 2023. Of the seven red flags listed, four referenced a nexus with virtual currencies, including:

• A customer conducting transactions with a money services business (MSB) that offers CVC services, operates in higher-risk jurisdictions tied to Hamas activity, and is reasonably believed to have lax customer due diligence (CDD) requirements.
• A customer that is a charitable organization or nonprofit organization (NPO) soliciting donations without appearing to provide any charitable services. In some cases, these organizations may post on social media platforms or encrypted messaging apps to solicit donations, including in virtual currency.  
• A customer conducting transactions with known or suspected virtual currency addresses tied to terrorism or terrorist financing donation campaigns.
• A customer or a customer’s counterparty conducting transactions that contain a nexus to identifiers listed for entities designated by the Office of Foreign Assets Control (OFAC), including email addresses, phone numbers, or virtual currency addresses. 

Since no single indicator can be conclusive of illicit or suspicious activity, FIs should take into account various factors and circumstances to determine whether a behavior or transaction is suspicious. These may include a customer’s financial history and the consistency of transactions with established business practices.

Key Takeaways for Compliance Staff

Firms looking to find out more about voluntary information sharing and how to register under USA PATRIOT Act Section 314(b) should review FinCEN’s December 2020 fact sheet, which highlights additional benefits of the initiative and explains the kind of information that can be shared.

Additionally, in relation to FinCEN’s alert to FIs to counter financing to Hamas and its terrorist activities, compliance staff should take note of the regulator’s request to include the key term “FIN-2023TFHAMAS” in SAR field 2 and the narrative to indicate a connection between the suspicious activity being reported and the alert.

The post FinCEN Hosts Discussion on Role of Digital Assets in Terror Attacks appeared first on ComplyAdvantage.

At present, MAS already utilizes machine learning and advanced data analytics to connect the dots across vast data sets to help detect fraud and other suspicious activities. However, according to Menon, a recent billion-dollar money laundering case highlighted the need for more to be done to strengthen “big-picture surveillance.”

Applying AI to COSMIC

One of the ways Menon suggested MAS could further utilize AI was in relation to the upcoming COSMIC digital platform, which is designed to facilitate the sharing of information on suspicious customers or transactions among financial institutions (FIs). Current confidentiality obligations prevent FIs from notifying each other about unusual customer activity. COSMIC, or Collaborative Sharing of Money Laundering/Terrorism Financing Information and Cases, aims to bridge this information gap when it becomes operational in the second half of 2024.

By integrating AI, and even potentially generative AI, into the platform, “additional insights” could be gained to create “a more comprehensive picture of the risks we face,” according to Menon.

The Use of AI in the Supervision of Financial Institutions

During a parliamentary session on October 3, 2023, Lawrence Wong, the Chairman of MAS, responded to a question about implementing AI in the supervision of FIs. The question related to whether AI has produced any positive outcomes for the regulator. Wong listed several benefits, including:

• MAS now has access to a wider range of tools and can better understand risk signals in the large amount of data it receives.
• Some manual tasks have been automated, resulting in increased efficiency and accuracy.
• Machine learning tools have made identifying outliers and suspicious networks easier, enabling closer scrutiny and more effective supervisory or enforcement action.
• Supervisors can now identify financial advisory representatives who present higher risks of illicit behavior.
• Natural language processing (NLP) technology has enabled supervisors to work more efficiently by analyzing texts and flagging issues for their attention.
• Social media and industry reports can be scanned by NLP-based tools, identifying news and developments that may require supervisory attention.
• Advanced data analytics, combined with AI and machine learning, can identify networks of suspicious activity in the financial system, allowing MAS to engage FIs and assess the robustness of their controls.
• These data analysis techniques and more powerful machine learning tools can help MAS sift out high-risk networks and transaction patterns more effectively.

Key Takeaways for Compliance Staff

As forward-thinking regulators like MAS continue to explore how advanced technology can help disrupt flows of illicit funds, other regulators are likely to follow suit. To keep ahead of the fast-changing regulatory landscape, savvy compliance staff may benefit from engaging with topics such as those due to be discussed at the 2023 Singapore FinTech Festival. Taking place from November 15 to 17, the agenda highlights the following sessions relevant to the topics of AI and machine learning: 

• Ten artificial intelligence global insights.
• AI and existential change.
• Where are the real AI use cases?
• Ethical considerations for AI.
• Hyper-personalized experiences fuelled by customer AI.
• Revolutionizing finance with generative AI.
• Navigating GenAI: An executive roadmap for financial institutions.

Firms looking for guidance on how to use AI responsibly can refer to MAS’ Fairness, Ethics, Accountability, and Transparency (FEAT) principles, which aim to help compliance teams contextualize and operationalize the governance of AI and data analytics in their business models. For firms that aren’t ready for a full overhaul of their legacy technology, an AI overlay may be a more realistic alternative. Such solutions can integrate with existing tools to help prioritize risks and identify similar clusters of behavior that might otherwise have remained unseen.

The post MAS to Explore the Full Potential of AI to Combat Money Laundering appeared first on ComplyAdvantage.

If a business remains unenrolled for a year, AUSTRAC says they will face fines of up to $1,370,940 or $6,854,700 for corporate groups. 

Which Entities Need to Register?

Entities operating in the financial, gambling, and bullion sectors are required by AUSTRAC to enroll as designated services. If a business offers more than one designated service and has a connection to Australia, AUSTRAC regards it as a reporting entity and imposes anti-money laundering and counter-terrorism financing (AML/CTF) obligations. While a full list of designated services can be found in Section 6 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act), examples include:

• Account and deposit-taking services.
• Remittance services (money transfers).
• Digital currency exchanges.
• Foreign currency exchanges.
• Investments or securities.
• Buying and selling bullion.
• Gaming machines (such as poker machines).
• Betting accounts and services.

Amendments to the AML/CTF Act 2006

The new way penalty units are accrued is a result of recent changes to Section 51B of the AML/CTF Act. These changes were set in motion after the Crimes and Other Legislation Amendment (Omnibus) Bill 2023 was passed by both houses of Parliament in September 2023. 

The amendments, effective from November 9, have been introduced to strengthen and clarify the civil penalty provisions for entities required to enroll with AUSTRAC within 28 days of commencing to provide a designated service. The amendments specifically state that a separate non-compliance penalty will be issued each day an entity fails to apply for enrolment rather than imposing a single penalty. 

The amendments also clarify that if an entity provides a designated service without applying to enroll within 28 days, they will be obligated to register even after the 28 days have ended until the person either enrolls or ceases to be a reporting entity. This will help AUSTRAC enforce compliance by issuing an infringement notice for each non-compliance in the preceding 12 months where a person or entity fails to enroll after the enrolment deadline while continuing to provide a designated service. 

In addition to non-enrollment penalties, other amendments to the AML/CTF Act include:

• Authorization for the AUSTRAC CEO to use a computer program, including automated programs, to control and automatically execute actions, make decisions, or exercise powers under the AML/CTF Act or the Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1) (AML/CTF Rules). 
• Clarification around the existing secrecy and access framework to ensure sensitive AUSTRAC information cannot be inappropriately disclosed in court or tribunal proceedings.

Key Takeaways

Designated services in Australia should use this time to ensure their AUSTRAC online account is up-to-date and reflective of the services they offer. Some helpful links may include:

• Manage an AUSTRAC online account.
• Update details.
• Update annual earnings.
• Renew registration.
• Adding a new business to an account.

The post Penalties for Non-Enrollment with AUSTRAC to Begin on November 9: What You Need to Know appeared first on ComplyAdvantage.

2023 Mid-Year Fraud Update

Standouts from the report include:

• 77 percent of authorized push payment (APP) fraud started online and accounted for 32 percent of total losses.
• 17 percent of cases originated in telecommunications but accounted for 45 percent of total losses.
• Card ID theft losses increased 57 percent to £33.1 million.
• The number of romance scams rose by 29 percent, and losses rose by 26 percent to £18.5 million.
• Banks prevented a further £651 million of unauthorized fraud from being stolen through advanced security systems.

Industry Responses

In addition to a number of sections relating to specific fraud typologies – including cheque fraud, counterfeit card fraud, and remote banking fraud – the report highlights eighteen industry responses to the growing threat of fraud in the UK. Notable responses include:

• Creating a National Fraud Database, which serves as a comprehensive data and intelligence resource on fraud risks.
• Establishing the Online Fraud Group, a public-private initiative that brings together senior representatives from the tech sector, financial services, and law enforcement to disrupt criminals.
• Sharing intelligence on emerging threats with law enforcement, government departments, and regulators through the National Economic Crime Centre.
• Creating the Dedicated Card and Payment Crime Unit (DCPCU), a fully operational police unit with a national remit, formed as a collaboration between UK Finance, the City of London Police, and the Metropolitan Police Service.

Other responses related to legislative amendments and new requirements for financial institutions that were announced throughout the year, including:

• January: Amendments to the UK Economic Crime and Corporate Transparency Bill, including a new “failure to prevent” fraud offense. 
• February: Fraud is reclassified as a UK national security threat.
• March: The Financial Conduct Authority’s (FCA) “Dear CEO” addresses a letter to payments firms instructing them to address weaknesses in their systems and controls to prevent fraud.
• May: UK publishes its new fraud strategy for 2023.
• June: The UK Payment Systems Regulator (PSR) announces new reimbursement requirements for APP fraud victims.
• August: HM Treasury proposes a ban on cold-calling to prevent investment fraud.

Key Takeaways: Emerging Technologies and Tips for Fraud Prevention

On the release of the report, the Managing Director of UK Finance said, “The financial services sector continues to lead the fight against these awful crimes. We are also currently the only sector that reimburses victims. However, it is impossible to reimburse the human impact of these crimes: we must prevent it from happening in the first place.” 

Technology can play a significant role in empowering fraud prevention teams to use their time and analytical capabilities efficiently. By reducing false positives and providing better insights, firms can benefit from artificial intelligence (AI) overlays, even if they are not ready for a complete technological overhaul. ComplyAdvantage’s AI-powered transaction screening and monitoring solution is such an example that can adapt to evolving fraud typologies. This adaptability can help firms update their fraud prevention strategy and keep it current with the latest risks. Additionally, ComplyAdvantage’s Fraud Detection solution can enhance fraud prevention strategies with one of the most powerful machine learning models available. This model not only detects fraud but also provides an explanation for each alert created, which can help firms understand why fraud occurs and how to prevent it in the future.

Additionally, when reviewing a firm’s fraud prevention policies, functions, and processes, compliance teams should consider the following five tips: 

• Protect your customers: Detecting fraud before it hits the headlines is crucial for a profitable and sustainable business. It is also important to keep customers informed when fraud is detected, particularly when taking fraud control measures such as stopping transactions or restricting their accounts. 

• Minimize your fraud losses: Criminals are creative and will keep evolving the tactics they use to perpetrate fraud. Therefore, firms should consider deploying insights-driven machine learning systems to detect and adapt quickly to evolving typologies.  

Optimize your fraud detection processes: Automation is key to reducing manual processes and freeing up analysts’ time so they can work more efficiently.

The post Fraud Losses Reach £580M in H1 2023 – New UK Finance Report appeared first on ComplyAdvantage.

We’ve summarized the key developments – read on or click below to jump to a particular section: 

• Changes to the grey list.
• Indonesia’s new FATF membership status.
• Improving asset recovery.
• Combating the abuse of non-profit organizations (NPOs) for terrorist financing.
• Crowdfunding for terrorism financing.
• Illicit financial flows from cyber-enabled fraud.
• Misuse of citizenship and residency by investment programs.
• Beneficial ownership and transparency.
• The recent joint mutual evaluation of Brazil.

#1: Bulgaria Added to the Grey List 

At the plenary, the FATF noted that Bulgaria had made progress on recommendations listed in its 2022 mutual evaluation report (MER) to improve international cooperation. However, the watchdog highlighted several areas of Bulgaria’s AML/CFT regime that required strengthening, leading to the country being subject to increased monitoring and a ten-point action plan. Standouts include:

• Implementing a risk-based supervision model for postal money operators, currency exchange providers, and real estate agents.
• Establishing market entry controls for virtual asset service providers (VASPs) and postal money operators.
• Ensuring beneficial ownership information (BOI) in its register is accurate and up-to-date.
• Implementing an automated system to automate the prioritization of suspicious transaction reports (STRs).
• Improving investigations and prosecutions of different types of money laundering in line with risks, including high-scale corruption and organized crime.
• Addressing gaps in the terrorist financing (TF) and proliferation financing (PF) targeted financial sanctions frameworks.

Bulgaria’s addition to the grey list follows a season of high-profile cases involving the misuse of EU funds by Bulgarian politicians, the implementation of Magnitsky sanctions on corrupt Bulgarian officials by the Office of Foreign Assets Control (OFAC), and a multi-billion dollar cryptocurrency pyramid scheme. Firms operating in Bulgaria may choose to conduct a thorough risk assessment to consider various factors, including: 

• Adverse media relating to politically exposed persons (PEPs). 
• The legal and regulatory environment.
• Political stability.
• Corruption levels.
• Economic conditions.
• The presence of high-risk industries.

#2: Albania, Cayman Islands, Jordan, and Panama Removed From the Grey List

Albania

In February 2020, Albania was added to the grey list and subjected to increased monitoring by the FATF due to deficiencies in its AML/CFT regime. The FATF recommended actions including:

• Conducting additional in-depth analysis to adequately understand money laundering and other financial crime risks.
• Improving the implementation of targeted financial sanctions through enhanced supervisory action. 
• Strengthening the powers of competent authorities to take necessary action.
  

Since 2020, Albania made commendable efforts to improve its AML/CFT framework, resulting in a significant increase in money laundering cases prosecuted, especially those involving foreign criminal proceeds laundered in Albania. As a result, Albania has been removed from the grey list. 

Cayman Islands

In February 2021, the Cayman Islands was added to the grey list due to deficiencies related to “sanctions on financial institutions for anti-money laundering breaches” and a lack of “up-to-date beneficial ownership information.” While the Cayman Islands’ Technical Compliance assessment in 2021 rated the jurisdiction as compliant or largely compliant with 39 out of the 40 FATF Recommendations, the evaluation also outlined 63 action points aimed at improving overall effectiveness. 

At the October 2023 plenary, the FATF highlighted the Cayman Islands’ substantial progress in enhancing the effectiveness of its AML/CFT framework, particularly in proportionately applying sanctions, resulting in the watchdog removing it from the grey list.

Jordan

In its 2019 MER, multiple deficiencies in Jordan’s AML/CFT framework were identified, including:

• Poor quality suspicious activity reports (SARs) resulting in an inconsistent amount of SARs being sent to the Public Prosecutor’s Office.
• Ineffective and disproportionate penalties served for money laundering offenses. 
• A lack of a clear, unified understanding of terrorist financing risks in the non-profit organization (NPO) sector.

While the country amended its anti-terror and money laundering law in June 2021, it came into effect after the FATF’s deadline, contributing to the body’s decision to subject Jordan to increased monitoring in October 2021. 

However, at the FATF’s October 2023 plenary, the watchdog highlighted the progress made by the country in addressing these deficiencies, leading to its removal from the grey list. 

Panama

Panama was originally added to the grey list in 2014 but removed in 2016 after amending its laws to address the deficiencies in its money laundering framework, including laws targeting designated non-financial businesses and professions (DNFBPs). However, the country found itself back on the grey list in 2019 when it failed to adopt key pieces of legislation, including criminalizing tax fraud and making tax crime a predicate offense for money laundering. Panama made significant efforts to address these deficiencies, leading to the FATF removing it from the grey list in October 2023.

#3: FATF Memberships: Indonesia and Russia

The FATF also welcomed Indonesia as its 40th member, placing the country on equal footing with other G20 countries and improving international trust in Indonesia’s financial integrity. Ivan Yustiavandana, Head of the Indonesian Financial Transaction Reports and Analysis Center (PPATK), said this membership will increase Indonesia’s economic credibility and positive perception of its financial system, which will influence economic growth through investment.

Discussions also centered around the Russian Federation’s suspended membership, which still remains in effect.

#4: Strategic Initiatives

The FATF also discussed multiple strategic initiatives ranging from improving asset recovery and BOI information to helping public and private sector entities better identify potential terrorist financing activity via crowdfunding.

Improving Asset Recovery

Echoing Kumar’s objectives presented at the June 2022 plenary, the FATF highlighted its aim to prioritize asset recovery to tackle money laundering and terrorist financing. Globally, countries recover only a fraction of the assets generated by criminal activity, fueling further criminal activity. The FATF has previously led efforts to strengthen legal and operational frameworks for asset recovery, including introducing non-conviction-based confiscation regimes. The revised standards aim to bring about a cultural shift to make asset recovery a core component of crime prevention. The FATF will adjust its assessment methodology to account for the changes in recommendations, and the updated Recommendations will be published in November 2023.

The FATF also announced that it has analyzed the Asset Recovery Inter-Agency Network (ARIN) model – international or regional networks that unite law enforcement and judicial practitioners who work towards tracing, freezing, seizing, and confiscating assets. In an upcoming report, the watchdog said it would outline recommendations for closer collaboration with ARINs to help investigators and prosecutors follow the money and recover assets in transnational crime cases. This report will also be published in November 2023.

Combating the Abuse of NPOs for Terrorist Financing

As part of the FATF’s focus on protecting NPOs from terrorist financing abuse, the watchdog revised one of its recommendations. The revisions clarify that recommendation eight only applies to NPOs that fall within the FATF definition. Countries must identify the types of organizations within the definition and assess their risks. The revised recommendation aims to prevent undue disruption or discouragement of legitimate charitable activities. Countries in the global network will be assessed against these revised standards without disrupting legitimate charitable activities. The updated recommendations will be published in November.

The FATF also updated its best practices paper to reflect the changes made to Recommendation 8 and help stakeholders implement the revised requirements more effectively. The paper serves as a guide for the non-profit sector, protecting NPOs from terrorist financing abuse without hindering legitimate charitable activities. With the revisions, the FATF has made its standards clearer and more aligned with the risk-based approach (RBA). The best practices paper will be published in November.

Crowdfunding for Terrorism Financing

Kumar also announced the release of a new report (published on October 31) that analyzes how terrorists exploit crowdfunding platforms. It discusses the challenges faced in detecting and preventing terrorist financing in the crowdfunding ecosystem, citing the complexity of crowdfunding operations, the use of anonymizing techniques, and the lack of expertise within the industry to detect suspicious activity.

The report suggests good practices such as:

• Including crowdfunding in national terrorist financing risk assessments.
• Outreach to the crowdfunding sector.
• Effective domestic and international information-sharing mechanisms. 

It also provides a list of risk indicators that can help public and private sector entities, as well as the general public, identify potential attempts at terrorist financing activity via crowdfunding. Some of these risk indicators include:

• Donations that are made through mechanisms designed to obscure the identity or source of funds or that are overly complex in their routing.
• A lack of information about the purpose, goals, or ultimate beneficiaries of the campaign.
• Crowdfunding platforms or intermediary organizations that host or enable other projects related to violent extremism or radicalism.
• Donation methods that make it difficult to trace the source of funds (SoF), such as unique donation links.
• Platforms that require payments through unregulated financial institutions.

Illicit Financial Flows from Cyber-Enabled Fraud

In partnership with the Egmont Group and INTERPOL, the FATF also identified strategies to combat cyber-enabled fraud, including: 

• Breaking down silos within compliance teams.
• Promoting collaboration.
• Enhancing detection and prevention. 

A report highlighting these strategies and risk indicators will be published in November.

Misuse of Citizenship and Residency by Investment Programs

Citizenship and residency by investment (CBI/RBI) programs are initiatives that grant citizenship or residency to foreign investors. Although they stimulate economic growth, they also come with significant risks of money laundering, fraud, and other misuse. A joint project by the FATF and the Organisation for Economic Co-operation and Development (OECD) highlights how criminals can exploit CBI programs and proposes measures to manage these risks. Due to be published in November, the report will emphasize the importance of multi-layered due diligence and clearly define the roles and responsibilities of all parties involved in RBI/CBI programs to detect fraudulent activities. 

Beneficial Ownership and Transparency

During the plenary, the FATF amended the methodology for upcoming mutual evaluations that guide assessment teams in determining the effective implementation of updated beneficial ownership and transparency requirements. 

The revised methodology will be published in November. The watchdog also announced the development of updated risk-based guidance on beneficial ownership and transparency of legal arrangements to help stakeholders assess and mitigate money laundering and terrorist financing risks. The plenary agreed to release the revised guidance for public consultation and expects to finalize this work during its February 2024 session.

#5: Results of Brazil’s Mutual Evaluation

Finally, the FATF approved Brazil’s MER for compliance with AML/CFT and counter-proliferation financing measures. According to the watchdog’s review, Brazil has shown improvement since the last assessment in 2010, with strong international cooperation, risk assessment, and policy coordination. However, cooperation and coordination between certain authorities were noted as still requiring improvement, and the prosecution of money laundering needs enhancement. A report on the subject will be published by December after completing the quality and consistency review.

The next FATF plenary is due to take place in February 2024.

Previous plenary coverage from ComplyAdvantage can be found here:

• FATF Plenary June 2023
• FATF Plenary February 2023
• FATF Plenary October 2022
• FATF Plenary June 2022
• FATF Plenary March 2022
• FATF Plenary October 2021
• FATF Plenary June 2021

The post FATF Plenary October 2023: Outcomes and Initiatives appeared first on ComplyAdvantage.

Thus far in the investigation, detectives have seized 300 kg of illegal drugs, $2.8 million in cash, and 15 firearms.

About Operation Phobetor-Enyo

Formed in 2022, Operation Phobetor-Enyo was established as a joint task force comprising the New South Wales Police Force (NSWPF), the Australian Federal Police (AFP), the Australian Criminal Intelligence Commission (ACIC), and the NSW Crime Commission (NSWCC). Under the operation, the NSWPF Organized Crime Squad executed six search warrants on October 19, spanning five areas, including Bankstown, Double Bay, Lane Cove, Parramatta, and Umina Beach. 

Four men aged were arrested in Double Bay and Parramatta. Each has been charged with assisting in transporting and laundering funds on behalf of the international syndicate. In Lane Cove, a 64-year-old woman was arrested and charged with coordinating the operation on behalf of the offshore Vietnamese ringleader. In Umina Beach, two women, aged 26 and 27, were arrested, and the younger woman was charged with seven offenses, including:

• Four counts of knowingly dealing with proceeds of crime.
• Two counts of supplying prohibited drugs greater than or equal to large commercial quantity.
• One count of failing to comply with digital evidence access order direction.   

The 27-year-old woman, known for her appearance on The Bachelors Australia, was charged with supplying a prohibited drug in a commercial quantity, possessing a prohibited drug, and breaching bail conditions.

All defendants were refused bail until a court appearance.

Money Laundering Through Cryptocurrency 

In 2022, criminals laundered around $23.8 billion through cryptocurrency exchanges, an increase of 68 percent on 2021 estimates. In Australia, it is also estimated that at least 70 percent of the country’s serious organized crime threats are “based offshore or have strong offshore links”. The crypto laundering trend has prompted a response from Australian regulators, which have moved to expand the range of digital asset-related services that are subject to anti-money laundering and counter-terrorist financing (AML/CTF) regulations in line with global Financial Action Task Force (FATF) Standards.

Separately, on October 16, 2023, the Australian Treasury announced that it plans to release draft legislation concerning licensing and custody regulations for crypto asset providers by 2024. Once the legislation is passed, exchanges will have a year to transition to the new regime.

Changjiang Currency Exchange

The scale of Australia’s crypto laundering trend was further brought to light on October 25, when the AFP made seven additional arrests following a 14-month investigation into Changjiang Currency Exchange, a retail money-transfer business. The police claim that the exchange helped criminals launder almost $230 million in illicit funds and tainted cryptocurrency over the past three years. Officers seized multiple luxury cars, including a $420,000 Mercedes-Maybach GLS, and a Balwyn North mansion valued at $10 million.

“The reason why this investigation was so unique and complex was that this alleged syndicate was operating in plain sight with shiny shopfronts across the country – it was not operating in the shadows like other money-laundering organizations,” said AFP Assistant Commissioner Stephen Dametto.

According to the police, the majority of Changjiang’s customers used their services for legitimate purposes such as foreign currency exchange and sending money overseas. However, the police also allege that Changjiang collaborated with criminals to conceal the proceeds of criminal activities, including online scams and trafficking of illicit goods, and transfers money in and out of Australia.

The AFP claims the gang had been coaching criminals on how to create fake paperwork, such as false invoices and bank statements, to hide the origins of their money. Additionally, the AFP alleges that criminals have been charged higher fees than ordinary customers.

Crypto Laundering Red Flags

To detect and prevent money laundering, compliance teams at cryptocurrency service providers should be vigilant for suspicious transactions and suspicious customer behavior. In 2020, the FATF published a report outlining the red flag indicators of crypto laundering, including:

• Transactional behavior: Cryptocurrency service providers should exercise caution when dealing with multiple transactions in small amounts, transactions that do not align with a customer’s risk or wealth profile, regular transactions that frequently result in losses, or frequent transactions of fiat to cryptocurrencies with no clear business justification. It is important to be vigilant and identify any suspicious activity to prevent potential fraud or illicit activities.
• Customer identity: It is common for individuals to attempt to exploit the anonymity benefits of cryptocurrency through customer identification measures. There are several red flags that may indicate such behavior, such as having multiple exchange accounts controlled from the same IP address, inconsistencies in identifying documents during account creation, or frequent changes in identifying information. These issues can serve as warning signs for potential exploitation.
• Money mules: Customers who make deposits that are inconsistent with their wealth profile or who are not familiar with the financial products they are using may be being used as money mules. 
• Source of funds (SoF): Cryptocurrency exchange service providers should also scrutinize the sources of cryptocurrency funds for indications of money laundering. Funds from sources linked to illegal activities, darknet sites, sites with inadequate AML controls, and sites located in countries known to present a high AML risk may be considered red flags.

The post Australian Authorities Dismantle International Money Laundering Syndicate appeared first on ComplyAdvantage.