In AML Surveillance

Current events have brought to the spotlight the implications of having limited or minimal information on beneficial owners of an account. The leak this week of more than 11 million records from the Panamanian law firm, Mossack Fonseca, has led to a global uproar that prompted Iceland’s prime minister to step aside. An international consortium of journalists has reported that documents tie the firm, which specializes in shell companies that can be used to conceal assets, to Russian oligarchs, former heads of state and world soccer’s scandal-plagued governing body.

The abuse of legal entities to disguise involvement in illicit financial activity remains a longstanding vulnerability that facilitates crime, threatens national security, and jeopardizes the integrity of the financial system. Criminals have exploited the anonymity that can be provided by legal entities to engage in a variety of financial crimes, including money laundering, corruption, fraud, terrorist financing, and sanctions evasion.

The matter of “beneficial ownership” is not limited to governmental corruption or tax evasion. This problem also affects individuals that may be deprived from their rightful assets, such as when spouses use these entities to hide assets from their wives in preparation for a divorce or family members use these legal subterfuges to avoid dividing an Estate with an estranged sibling. Even corrupt companies use these mechanisms to deceive their employees of profits that otherwise are required by law or regulation to be shared with them.

Other examples of the effect of poor customer due diligence may have passed under the radar. In the booming high-end real estate markets of Los Angeles, New York and Miami, ownership is commonly hidden under layers of shell companies, most of them domestic LLCs. So it was no surprise to compliance professionals that on January 13, 2016 the Financial Crimes Enforcement Network (FinCEN) issued a Geographic Targeting Orders (GTO) that will temporarily require certain U.S. title insurance companies to identify the natural persons behind companies used to pay “all cash” for high-end residential real estate in the Borough of Manhattan in New York City, New York, and Miami-Dade County, Florida. FinCEN is concerned that all-cash purchases – i.e., those without bank financing – may be conducted by individuals attempting to hide their assets and identity by purchasing residential or commercial properties through limited liability companies or other opaque structures. To enhance availability of information pertinent to mitigating this potential money laundering vulnerability, FinCEN is requiring certain title insurance companies to identify and report the true “beneficial owner” behind a legal entity involved in certain high-end residential real estate transactions in Manhattan and Miami-Dade County. With this action, FinCEN is seeking additional information to understand the risk and track corrupt foreign officials or transnational criminals that may be using premium U.S. real estate to secretly invest millions in dirty money.

These concerns are not new neither surprising. Compliance professionals know that appearances can be deceiving. Current or prospective customers may appear to be legitimate, but in reality they may be attempting to conduct illicit activities through the financial institution.

Beneficial ownership is addressed in various manners by the international bodies, like FATF-GAFI. For example, under Recommendation 10 which addresses the Customer Due Diligence (CDD) measures that are expected from financial institutions, FATF-GAFI specifically states that “identifying the beneficial owner and taking reasonable measures to verify the identity of the beneficial owner, such that the financial institution is satisfied that it knows who the beneficial owner is. For legal persons and arrangements this should include financial institutions understanding the ownership and control structure of the customer.” This is particularly important because this Recommendation also states “Financial institutions should be required to verify the identity of the customer and beneficial owner before or during the course of establishing a business relationship or conducting transactions for occasional customers.”

Federal regulators have also been dealing with this issue for a long time. FinCEN has proposed additional rules under the Bank Secrecy Act to clarify and strengthen customer due diligence requirements for banks; brokers or dealers in securities; mutual funds; and futures commission merchants and introducing brokers in commodities. The proposed rules contain explicit customer due diligence requirements and include a new regulatory requirement to identify beneficial owners of legal entity customers, subject to certain exemptions. Requiring financial institutions to perform effective CDD so that they know their customers—both who they are and what transactions they conduct—is a critical aspect of combating all forms of illicit financial activity, from terrorist financing and sanctions evasion to more traditional financial crimes, including money laundering, fraud, and tax evasion.

For FinCEN, the key elements of CDD include: (i) identifying and verifying the identity of customers; (ii) identifying and verifying the identity of beneficial owners of legal entity customers (i.e., the natural persons who own or control legal entities); (iii) understanding the nature and purpose of customer relationships; and (iv) conducting ongoing monitoring to maintain and update customer information and to identify and report suspicious transactions. Collectively, these elements comprise the minimum standard of CDD, which FinCEN believes is fundamental to an effective AML program. The first element, identifying and verifying the identity of customers, is already included in the existing regulatory requirement to have a customer identification program (CIP). The remaining elements are the ones that keep most of compliance professionals from getting a full night sleep.

According to the FinCEN proposal, strong CDD practices that include identifying the natural persons behind a legal entity—i.e., the beneficial owners—help defend against these abuses in a variety of ways. Armed with beneficial ownership information, financial institutions can provide law enforcement with key details about the legal structures used by suspected criminals to conceal their illicit activity and assets. Moreover, requiring legal entities seeking access to financial institutions to disclose identifying information, such as the name, date of birth, and social security number of a natural person, will make such entities more transparent, and thus less attractive to criminals and those who assist them. Even if an illicit actor tries to thwart such transparency by providing false beneficial ownership information to a financial institution, law enforcement has advised FinCEN that such information can still be useful in demonstrating unlawful intent and in generating leads to identify additional evidence or co-conspirators.

The following indicators of potentially suspicious activity may be commonly associated with shell companies:

  • Insufficient or no information available to positively identify originators or beneficiaries of funds transfers (using Internet, commercial database searches, or direct inquiries to a respondent bank).
  • Payments have no stated purpose, do not reference goods or services, or identify only a contract or invoice number.
  • Goods or services, if identified, do not match profile of company provided by respondent bank or character of the financial activity; a company references remarkably dissimilar goods and services in related funds transfers; explanation given by foreign respondent bank is inconsistent with observed funds transfer activity.
  • Transacting businesses share the same address; provide only a registered agent’s address, or other address inconsistencies.
  • Many or all of the funds transfers are sent in large, round dollar, hundred dollar, or thousand dollar amounts. Unusually large number and variety of beneficiaries receiving funds transfers from one company.
  • Frequent involvement of multiple jurisdictions or beneficiaries located in higher-risk OFCs.
  • A foreign correspondent bank exceeds the expected volume in its client profile for funds transfers, or an individual company exhibits a high volume and pattern amount of funds transfers sporadic activity that is inconsistent with its normal business activity patterns.
  • Multiple high-value payments or transfers between shell companies with no apparent legitimate business purpose.
  • Purpose of the shell company is unknown or unclear.

We can expect to see a resurgence of this issue. In the meantime, the following recommendations can assist your institution in avoiding the headlines:

  • Make sure that your current policies and procedures address the minimum regulatory requirements for CIP and enhanced due diligence for high risk customers.
  • Make sure that procedures require obtaining a disclosure or certification on beneficial ownership of the entity from the individual(s) opening an account on behalf of the legal entity customer (at the time of account opening). This certification should be signed and dated and kept as part of the customer’s record. Industry standards usually require customers to provide the names of the natural persons that are ultimate beneficial owners of legal persons or entities that own more than 10% of the shares of the entity.
  • If there are other entities listed as beneficial owners, document about the purpose of single and/or multiple layers of corporate names to better understand the corporate structure and the business reasons behind complex configurations.
  • Ensure that the beneficial ownership records are kept updated. Establish a monitoring process for current customers whereby relationships are reviewed on regular intervals based on the risk presented by the customer. For example, while high risk customers should be reviewed more frequently (e.g. every twelve months), low risks customers can be reviewed with less frequency (every 24 or 36 months).
  • Consider using online sites and subscription services, such as database solutions used to screen against special lists, and verify if names provided by customers appear on PEP lists or other sanctions lists. These services may also provide affiliated names and adverse media references that are helpful in identifying additional parties that may be related to or have an ownership interest in the entity. Consider outsourcing the screening process to a specialized company for those cases involving parties located in jurisdictions with no information available from online sources or when enhanced due diligence information is not accessible.
  • Ongoing account monitoring is critical to ensure that the accounts are reviewed for unusual and suspicious activity. Higher-risk transactions in these accounts, such as activity that has no business or apparent lawful purpose, funds transfer activity to and from higher-risk jurisdictions, currency intensive transactions, and frequent changes in the ownership or control of the non-public business entity, should be monitored and reviewed. As necessary, ensure that any suspicious activity is promptly reported.

 

mm
Mr. Dominic Suszek is an experienced and successful executive with broad experience in bank operations, audit, information technology, and regulatory compliance. As a senior executive involved in all aspects of regulatory compliance, with more than 25 years of banking expertise in operations, technology, security, fraud and compliance, he has acquired extensive knowledge of the requirements from many regulatory agencies in the US, the Caribbean, along with Central and South America.
Recommended Posts