Anti-Money Laundering - The Basics
Before we get into how AML policies work - and what they require organizations to do to remain compliant - it is helpful to understand what this term means.
What does Anti-Money Laundering mean?
Anti-Money Laundering, or AML, refers to the laws enacted to keep criminals from disguising illicit funds as legitimate. It encompasses a broad range of policies and procedures designed to detect and prevent money laundering, as well as terrorist financing.
AML initiatives became prominent after the Financial Action Task Force, or the FATF, was formed in 1989. This international organization aimed to fight money laundering and standardize global practices against it, and in 2001 this mission expanded to include combating terrorist financing.
Corruption of public funds, market manipulation, tax evasion, and trading in illegal goods are other areas that anti-money laundering practices address. In other words, AML is designed to prevent financial crimes and identify the funds derived from them.
You may be wondering, what exactly is money laundering? Money laundering is a serious financial crime where a perpetrator works to hide the nature, source, and act of a crime. Likewise, they may launder money to make the crime look legal.
How Money Laundering works
First, money launderers must put the illegal funds into a legitimate financial system. This step is called placement. Next, they will use layering – which conceals the source of the funds through accounting tricks and several transactions – to hide the money. The last step is called integration. At this point, the money has been laundered and is withdrawn to a legitimate account.
As you can see, this poses a serious threat to the financial systems around the world. Anti-Money Laundering regulations help reduce the damages caused by these crimes and ensure that the criminals are identified and sanctioned appropriately. What Does the AML Process Include?
Now that you understand what Anti-Money Laundering is, let's review what the process looks like. We can break the framework down into three distinct areas: Know-Your-Customer, Due Diligence, and Ongoing Monitoring.
Each of these steps allows organizations to prevent money laundering and must be followed to remain compliant.
Know Your Customer
One of the most vital aspects of the AML process is to know your customer. Before you establish a business relationship with a new client, you must take steps to identify them and understand the risks associated with doing business with them.
For example, your customer identification program might include collecting data like their name, address, date of birth, and more. Depending on the type of services you provide, you might need even more in-depth documentation to onboard them properly.
Other valuable information like their occupation, detailed financial information, and expected transaction pattern will help you assess their risk level further.
Based on the information you compile, you can determine whether a transaction is suspicious or not. Likewise, the customer profile you develop will guide your ongoing monitoring and additional due diligence measures that we will discuss further on.
Part of the Know-Your-Customer process also includes Sanctions Compliance. Organizations must validate that a potential client is not a person that is prohibited from conducting business in their country. OFAC - the U.S. Office of Foreign Assets Control – and other international regulators publish Sanctions Lists to identify these individuals, companies, and organizations.
If a customer appears on one of these Sanctions Lists, you will either need to increase your due diligence measures or stop the onboarding process completely. Much of this is done electronically – all you need to do is use an online sanctions screening solution like sanctions.io to boost your efficiency and accuracy.
Customer Due Diligence
Customer due diligence measures are a key component of the AML process. This involves understanding the risks associated with each client so that you can appropriately monitor their activity.
Consider an individual that appears on a PEP (Political Exposed Person) screening, which makes them a politically exposed person. These individuals have higher risks since they have government influence and could be involved with corruption or other financial crimes.
As such, you will need to implement enhanced due diligence measures. Again, this will vary based on each unique circumstance but may consist of steps like gathering additional documentation or increasing your monitoring efforts.
The Know-Your-Customer steps performed at onboarding are not the only time you must monitor your customers. On the contrary – you must implement a framework that allows you to monitor clients, transactions, and accounts so that you can flag unusual or suspicious activity.
Each time something falls out of range, your rule system should trigger alerts so that you can address them. The risk or compliance department should pause the transaction and examine it in detail, notifying the appropriate regulatory authorities when necessary.
In the U.S, a large Currency Transaction Report must be created each time a transaction exceeds $10,000. It is called a CTR for short and includes all transactions made by a single customer during the day. Suspicious Activity Reports (SARs) are submitted when a transaction that has no apparent business purpose or appears to be fraudulent is detected.
The Importance of AML Compliance
Why is it so important for organizations to comply with AML regulations?
For starters, money laundering – and failing to follow AML regulations – can be very expensive. Between the cost of losses and potential fines, your organization may be faced with some major expenses.
There are other reasons that AML compliance is vital – aside from the costs associated with money laundering and non-compliance. For example, you must also consider reputational risk, constantly evolving threats, and the client experience.
Non-Compliance is Expensive
Financial crimes are a major issue for the entire world. According to the UN, it is estimated that money laundering costs anywhere from $800 billion to $2 trillion each year. That’s between 2% and 5% of the world’s GDP!
Without AML regulations, these numbers would continue to skyrocket – and businesses and governments alike would be left to deal with those staggering losses.
If that is not enough of a reason to recognize the value of AML compliance, consider the fact that regulators can enforce hefty fines and penalties for organizations that do not cooperate. Since 2009, more than $32 billion in AML fines have been imposed globally, so banks, financial institutions, and other regulated entities must implement the required anti-money laundering procedures.
Complying with anti-money laundering laws is also important to limit reputational risk. If it becomes known that an organization did not take the appropriate steps to prevent money laundering, it can damage its reputation and encourage customers to go elsewhere.
Similarly, when you demonstrate a strong foundation of compliance, you build trust with your clients and build brand awareness. Think about it this way – you do not want to make headlines with any news of corruption, money laundering, or terrorist financing!
Constantly Evolving Threats
Another reason that AML compliance is essential is that financial crimes are always evolving. Even with banks and other organizations taking steps to combat money laundering and corruption, it has not gone away – and it will not anytime soon.
Likewise, criminals are continuously leveraging technology to improve their efforts and be more discreet. These perpetrators can take advantage of any weak point in your technology or AML platform, so you cannot afford to let your guard down. In other words, enforcing AML policies is more important now, than ever!
The client experience should be at the forefront of your business strategy. Although Anti-Money Laundering regulations require you to obtain identifying information and assess the risk of each customer, it also presents an opportunity to enhance their experience.
Compliance does not have to be slow and cumbersome. Properly investing in your AML process can ensure that you do not push customers away with inefficient onboarding practices. The goal should be to make AML-related communication seamless and user-friendly.
How do Companies Comply with AML Requirements?
There is a lot that goes into creating an AML program and complying with all legal requirements. So, what do companies do to ensure they are following all laws and regulations – especially when they are constantly evolving?
The Five Pillars of Anti-Money Laundering
A first step is to address the five pillars of anti-money laundering: Internal policies and controls, employee training, customer due diligence, the appointment of an AML officer, and independent testing.
Internal policies and controls
Internal policies and controls refer to the framework you have in place to conduct customer due diligence and ongoing monitoring. Without these aspects, you will not be able to successfully prevent money laundering and financial crimes.
In addition, organizations must have a documented employee training program. All employees should know what to do when they come across red flags, how to submit CTRs and SARs, what personal identification is required to onboard a client, and more.
The compliance officer will direct the training program, and they should have a specific background in anti-money laundering. This individual will also manage the organization's AML procedures and ensure that they meet the most current standards and best practices. The goal is for them to protect the organization from financial crimes.
Customer Due Diligence
Since there are many watchlists, sanctions lists, and ways to screen your customers, it is unreasonable to expect this to be done manually. This is where technology comes in – most companies rely on automated checks and scanners to onboard their customers more quickly and effectively.
The same goes for transaction monitoring – you can't do this manually since it must be done timely and without error. Instead, companies rely on automated systems that can look through large amounts of data and identify key red flags.
These systems should identify and flag things like a spike in activity, a transaction that occurs in an unusual location, or a transfer to someone that appears on a sanctions list. The compliance team will file a suspicious activity report or document any other findings based on this data.
Internal Audit and Testing
This audit trail is an essential aspect of AML compliance. If something illegal does occur, you can pinpoint what happened and where the funds went.
Best Practice in AML
The Risk-based Approach
The risk-based approach is the best practice in AML compliance. It ties together the five pillars and is the only way to truly comply with Anti-Money Laundering regulations.
What does the Risk-based Approach involve?
In simple terms, it is the process of assigning a risk score to each client so that you can implement the right level of monitoring and due diligence. It is not reasonable to scrutinize every transaction and customer at the same level, so the best alternative is to focus the bulk of your efforts on the areas with the highest risk.
As you determine the risk score, consider things like geography. Does the individual live in a high-risk country or conduct business with those who do? If so, then you should apply additional due diligence measures.
The risk-based approach also requires your organization to look internally. There may be aspects of your business that are more vulnerable to threats than others. If there are internal weaknesses that could allow money laundering and other illicit activities to flourish, then those who use those services should be assigned a higher risk score as well.
Your ability to implement this approach is dependent on the KYC (Know-Your-Customer) process. The more information you collect during client onboarding, the better you can assess the likelihood of money laundering occurring.
Another reason this is the best practice is that it takes a proactive approach. Rather than waiting for suspicious activity or an illegal transaction to occur, it gives you the tools to stop them before they ever happen!
sanctions.io is a comprehensive Anti-Money Laundering solution with a simple to integrate API which companies can use to continuously scan their clients and business partners against the most important Sanctions & Crime Lists. Start your 7 Day FREE TRIAL right here.
Photo by Alexander Schimmeck on Unsplash