AML & KYC

Agenda

In this session, you will learn about:

• Background of AML/KYC
• Case Studies in Money Laundering
• The Three Stages of Money Laundering
• Methods of Money Laundering
• Know Your Customer
• Risk Based Approach
Money Laundering – What is It?

Money laundering is the process by which criminals disguise the original

ownership and control of the proceeds of criminal conduct by making such
proceeds appear to have derived from a legitimate source.

Private and Confidential 3

Key Elements to a Money Laundering Offence

There are two key elements to a money laundering offence:

1. The necessary act of ‘laundering’ itself i.e. the provision of financial services
2. A requisite degree of knowledge or suspicion (either subjective or objective)
relating to the source of the funds or the conduct of a client

Private and Confidential 4

Money Laundering v/s Terrorism Financing

Money Laundering
Terrorism Financing

• Money laundering is the • Terrorist financing is the

process of concealing the collection or the provision of
illicit origin of proceeds of funds for illicit purpose -
crimes. terrorism.

• In the case of money • In the case of terrorist financing,

laundering, the funds are funds can stem from both legal
always of illicit origin. and illicit sources.
How Did This Happen?

Corporate structure
allowed the bank to
operate virtually
without regulation all
over the world.

HOW DID THIS HAPPEN?

• The organisational web consisted of dozens of The End
shell companies, offshore banks, branches and 5 July 1991:
subsidiaries in 70 countries Regulators persuaded
• The bank's complex organisation and unique a court in Luxembourg
method of accounting make it unlikely that most to order BCCI
of the missing money will be traced liquidated on grounds
• Its affairs were extraordinarily complex of insolvency

Private and Confidential 6

Banks in the News

Laundered USD 7 – 9 Billion

Fined USD 1.9 billion in 2012, USD 43 million

Private and Confidential 7
Banks in the News

Fined USD 300 million in 2014, USD 340 million in 2012

Fined USD 8.9 billion

Private and Confidential 8

Banks in the News

Private and Confidential 9

Wasn’t just Banks!

Laundered > 6 billion USD

Laundered at least 10 billion USD

Laundered over 70 billion USD

Private and Confidential 10
Biggest Data Leak

Private and Confidential 11

Sources of Money Laundering

Drug Terrorism
Illegal
money immigration
Capital-flight Prostitution
money
Sale of
Tax-evading nuclear tech
Move money anywhere
without a trace
Arms
Bribery of Money trafficking
officials Laundering
Private and Confidential 12
Anti Money
Laundering

Private and Confidential 13

Anti-Money Laundering: Objectives
1. Hit (organised) criminals where it hurts the most (their wallet!)
2. Contribute to the prevention of (organised) crime by reduction of
the incentives
3. Protect the integrity of the financial system by preventing use and
abuse by criminals and launderers
What would help achieve this?

Effecting provisions on
Criminalising money
confiscation / forfeiture KYC and CDD regulations
laundering
of criminal proceeds

Creating a reporting
Enhancing international
system to enable
cooperation and mutual
reporting on unusual /
assistance
suspicious transactions

Private and Confidential 14

Anti-Money Laundering: Focus Areas

Effecting provisions on
Criminalising money
confiscation / forfeiture KYC and CDD regulations
laundering
of criminal proceeds

• Drug-trafficking related Crime should not pay • Know Your Customer

• Serious crimes • Customer Due Diligence
• All crimes • Legal vs. Beneficial Ownership
• Politically Exposed Persons

Creating a reporting system to Enhancing international

enable reporting on unusual / cooperation and mutual
suspicious transactions assistance

• Mandatory record-keeping and reporting • Financial Intelligence Units

• Monitoring ‘Suspicious Activity’ • Egmont Group
• Defining reporting criteria • Supervision and Monitoring

Private and Confidential 15

Consequence of not Complying with AML/CFT

The possible consequence if an organization fails to manage the risk of money laundering:

Legal and regulatory sanctions The Penalty could affect the

and penalty: bottom line
Organizational and individual
sanctions are now the norm
for those who fail to comply.

Damage to corporate reputation

Negative publicity
and loss of goodwill

o ng
Wr x
 Three Stages of
Money Laundering
Three Stages of Money Laundering

The three Stages of Money Laundering are:

Placement Layering Integration

Placement

Involves placement of bulk cash into the financial system without the appearance of
being connected to a criminal activity.

• The simplest way to place cash

is to deposit cash into a financial
institution.

• It is one of the riskier ways to

get caught laundering money.
Placement - Methods Adopted (Contd.)

To avoid notice, banking transactions involving cash are likely to be

Structuring conducted in amounts under the CTR reporting thresholds.

Placement poses the greatest risk to our businesses:

• Transactions may be structured to avoid recordkeeping or

reporting thresholds.

• False identification and/or information may be provided.

Layering – Second Stage

It is the process of moving and manipulating funds to confuse their sources and
complicating, or partially eliminating, the paper trail.

May involve moving funds in various

forms through multiple accounts at
numerous financial institutions,
both domestic and international, in a
complex series of transactions.
Layering - Methods Adopted

Exchange cashier’s cheques &

Interbank transfers
Transfer of funds by other monetary instruments for
between accounts owned or
cheque or monetary other cashier’s cheques (larger
controlled by common
instrument or smaller), adding additional
individuals
cash

Wire transfers to accounts Exchanging cashier’s cheques & Performing interbank

under customer and other monetary instruments for transfers between accounts
business names at other other cashier’s checks, adding owned or controlled by
financial institutions additional cash common individuals

Transfer of funds outside Obtaining certificate of deposit

Depositing a refund cheque
and back into the U.S. secured loans and depositing the
from a canceled vacation
(wire transfers, through loan disbursement cheque into
package or insurance policy.
“secrecy haven” countries) an account
Integration of Money into the Economy

Integration is the third stage of money laundering and can be accomplished

simultaneously with the placement of funds.
After the funds are placed into the financial system, and insulated through the
layering process, integration is used to create the appearance of legality
through additional transactions such as loans, or real estate deals.

These transactions provide the

criminal with a plausible
explanation about the funds
gathered to purchase assets and
shield the criminal from any type of
recorded connection to the funds.
Integration of Money into the Economy

During the integration stage, the funds are returned in a usable format to the criminal source.

This process can be achieved through various schemes, such as:

Inflating business Establishing a phony

receipts. Creating false charitable
Overvaluing and invoices and organization with
undervaluing shipping documents Establishing foreign
invoices trust accounts

In class activity - Can we use gold to launder money?

These schemes are just a few examples of the integration stage;

the possibilities are not limited.
Suspicious Activities – Common Indicators

Refusal or reluctance to proceed with a transaction, or abruptly

withdrawing a transaction.

Customer refusal or reluctance to provide information or

identification.

Structured or recurring, non-reportable transactions.

Multiple third parties conducting separate, but related, non-

reportable transactions.

Even dollar amount transactions.

Methods of Money Laundering (Contd.)

1
Transactions structured to lose the paper trail.

Significant increases in the number or amount of transactions.

2
3 Transactions which are not consistent with the customer’s business,
occupation, or income level.

Transactions by non-account holders.

4
Popular Methods of Money Laundering

Investing in Legitimate
Overseas Banks Shell Companies
Businesses
Anti-Money Laundering:
Who’s Who

Private and Confidential 28

 Regional / Country Global Bodies
Global Bodies
level responsibility which facilitate
dedicated to AML
for AML AML efforts
Overview

Private and Confidential

29
AML Regulation: USA

Money Laundering
Bank Secrecy Act
Suppression Act

Money Laundering and

Money Laundering
Financial Crimes Strategy
Control Act
Act

Anti-drug Abuse Act PATRIOT Act

Annunzio-Wylie Anti- Intelligence Reform &

Money Laundering Act Terrorism Prevention Act

Private and Confidential 30

AML Enforcement

GCL is a company specific list of potential threats.

Private and Confidential 31

AML Regulation: UK

Proceeds of Crime Act*

Money Laundering
Regulations

Terrorism Act**

* As amended by the Crime and Courts Act 2013 and the Serious Crime Act 2015)
** As amended by the Anti-Terrorism, Crime and Security Act 2001, the Terrorism Act 2006 and Proceeds of
Crime Act 2002 (Amendment) Regulations 2007

Private and Confidential 32

AML Enforcement: UK

Private and Confidential 33

Risks
High-risk and Sanctioned Jurisdictions
1. Afghanistan
2. Algeria
3. Angola
4. Bosnia and Herzegovina
5. Democratic People's Republic of Korea
6. Guyana
7. Iran
8. Iraq
9. Lao People's Democratic Republic
10. Myanmar
11. Panama
12. Papua New Guinea
13. Syria
14. Uganda
15. Yemen

Private and Confidential 34

Financial
Sanctions

Private and Confidential 35

Financial Sanctions

Travel Bans Asset Freezes Arms Embargoes

Foreign Aid
Capital Restraints Trade Restrictions
Reductions

Private and Confidential 36

Financial Sanctions
Global Sanctions Regime

Source: www.cfr.org

Private and Confidential 37

Financial Sanctions
US Sanctions Programs

Source: www.cfr.org Private and Confidential 38

Financial Sanctions - Events Triggered by 9/11

EO 13224 provided Treasury Department officials with far-reaching

Sep 23, authority to freeze the assets and financial transactions of individuals
2001 and other entities suspected of supporting terrorism.

The Treasury’s powers were soon extended (under the PATRIOT Act) to designate foreign
jurisdictions and financial institutions as ‘primary money laundering concerns.

Source: www.cfr.org Private and Confidential 39

Activity

Review these cases and determine if there are any sanction violations:

Requests for money transfers through Orange Money, a Miami-based bank for a
recipient is in Havana, Cuba.
1

Funding for a construction project in Beirut, Lebanon. A former Executive Director

of the company leading the project is a distant relative of Ayman-al-Zawahiri.
2

Continual facilitation of letter of credit shipments for a domestic client sending GPS
satellite components to Iran.
3

New account openings for individuals linked to the Eastern Turkistan Islamic
Movement.
4

Private and Confidential 40

AML: Risk Based Approach
Risk-based Approach – Pros and Cons

BENEFITS CHALLENGES
• Better management of • Identifying appropriate
risks and cost-benefits information
• Financial institution focus • Addressing short term
on real and identified transitional costs
threats, and • Greater need for more expert
• Flexibility to adapt to staff
risks that change over • Regulatory response to
time potential diversity of practice

Private and Confidential 42

Assessing the Risk of Money Laundering

Customer

CUSTOMER
Risk
Assessment
Geography RISK
RATING
Product /
Service

Private and Confidential 43

Activity
Review the following and assess if they pose any risk. If yes, rate them
as ‘High’, ‘Medium’ or ‘Low’
If you have answered ‘Yes’,
Potential please rate:
Factor Risk?
[Yes / No] High Medium Low

A large and growing customer base in a wide and diverse

geographic area
No electronic banking or the web site is informational or
non-transactional
The bank offers limited domestic private banking services or
trust and asset management products or services over
which the bank has investment discretion
High turnover, especially in key personnel positions

A limited number of funds transfers for customers, non

customers, limited third-party
transactions, and no foreign funds transfers
Large number of international accounts with unexplained
currency activity
Private and Confidential 44
AML Compliance: Risk-based Approach

Countering risks at the national level Critical Success Factors

Financial institutions and regulators should have access to reliable and
1
actionable information about the threats

Must be emphasis on cooperative arrangements among policy makers, law

2
enforcement, regulators, and the private sector

Authorities should publicly recognise that the risk-based approach will not
3
eradicate all elements of risk

Authorities have a responsibility to establish an environment in which

financial institutions need not be afraid of regulatory sanctions where they 4
have acted responsibly & implemented adequate internal systems & controls

Supervisory staff must be well-trained in the risk-based approach, both as

5
applied by supervisors and by financial institutions

Requirements and supervisory oversight at the national level should be

6
consistent among similar industries
Private and Confidential 45
AML Compliance: Risk-based Approach

Guidance for implementing a risk-based approach

Public Authorities Financial Institutions

Five high-level principles: 1. Identify the criteria to assess potential

1. National risk assessment money laundering risks:
2. Legal/regulatory framework that supports a. country / geographic risk
the application of a risk-based approach b. customer risk
3. Design of a supervisory framework to c. product/services risk
support the application of the risk-based 2. Assign weights to each risk criteria
approach
3. Identify ‘variables’ that can impact risk
4. Identifying key stakeholders
4. Identify appropriate measures to
5. Information exchange between the public mitigate potential risks of those
and private sector customers that are determined to be
‘higher risk’

Private and Confidential 46

AML Compliance: Risk-based Approach

What should form part of a financial institution’s control

framework around money laundering?

Customer Due Diligence / Monitoring of

Know Your Customer Customers / Transactions

Independent Review Training and Awareness

Private and Confidential 47

AML Compliance: Components

To sum up…

• Formal AML / KYC policies

• Appointment of an AML Compliance Office

Poli
cy
• Periodic Risk Assessment
• Independent Testing and Review
• Monitoring / Escalation procedures / systems
Monitoring

• Documented KYC / CDD procedures

• Transaction Monitoring
• Staff Training and Awareness
Operations

Private and Confidential 48

KYC Program
Overview

Among the ‘banking scandals’ discussed earlier, which do

you think triggered the need for ‘KYC’ norms?

Are KYC requirements only restricted to the

banking and financial services industries?

What should constitute a comprehensive

KYC process?

Private and Confidential 50

The Need for KYC

The objective is to prevent banks from being used by criminal elements for money
laundering activities.

KYC enable banks to know/understand their customers and their financial

dealings better.

The Basel Committee states the need to implement effective ‘know-your-

customer’(KYC) standards as an essential part of risk management practices.

Inadequate KYC risk management programme may lead to significant risks,

especially legal and reputational ones.
Essential Elements of KYC Standards

Banks should have adequate policies, practices and

procedures in place that promote high ethical and
professional standards.
Essential Elements of KYC Standards
The elements essential for a robust KYC program:

Customer Identification

Customer Acceptance Policy

On-going monitoring of high risk

accounts

Risk Management
Essential Elements of KYC Standards (Contd.)
KYC to be a core feature of banks’ risk management and control procedures
where a bank should:

Determine those
transactions that do not
conform with the normal or
Establish Monitor expected transactions.
the identity their
of their account
customers activity
Essential Elements of KYC Standards (Contd.)

Sound KYC policies and

procedures contribute to a bank’s They reduce the likelihood of banks
overall safety and soundness, and becoming vehicles for money
protect the integrity of the laundering, terrorist financing and
banking system. other unlawful activities.

The initiatives to reinforce actions against terrorism have underlined the importance of banks’
ability to monitor their customers wherever they conduct business.
KYC Process: Components

Customer Identification

Customer Acceptance Customer Verification

Transaction Monitoring

Risk Management

Private and Confidential 56

KYC Process: Steps Involved
Customer Onboarding

KYC / Compliance
Front Office
Team

Information required for

Prospective
KYC collected from
customer
customer and forwarded
to KYC / Compliance team

CDD
CIP Customer Risk EDD
Risk Assessment
Rating

Required for
Account will be opened only after all checks have been conducted High risk
and approval from AML Compliance Officer has been obtained customers
Private and Confidential 57
KYC Process: Steps Involved
Maintenance of Relationship
A structured and comprehensive
CDD process helps predict KYC / Compliance
expected behaviour and ‘flag’ Team
unexpected behaviour

Unexpected behaviour by the customer

will require increased scrutiny

SAR Update
Filing CDD

Suspicious behaviour (activity) to be If behaviour is legitimate,

reported through Suspicious Activity CDD needs to be updated
Report

Are any checks required when ‘off boarding’ a customer?

Private and Confidential 58
KYC Process: Customer Acceptance

Lays down the policy of who to accept as a customer

– links to customer identification

Private and Confidential 59

Customer Identification
Procedure
Introduction to Customer Identification Procedure

Banks should establish a

systematic procedure for
identifying new customers
and should not establish
relationship until the
identity of a new customer
is satisfactorily verified.
Customer Identification Procedure

Customer identification procedure should identify:

The beneficiaries of transactions

conducted by professional
intermediaries.

The person or entity that maintains an

account with the bank or those on Any person or entity connected with a
whose behalf an account is maintained financial transaction who can pose a
(i.e. Beneficial owners). significant reputational or other risk to
the bank.
KYC Process: Customer Identification

Risk-based Formally documented Part of AML Program

Provide adequate notice to new

customers on information required
Notify to verify their identities. Such
Customer notification must be given before the
account is opened.

Minimum requirement
Firms should
of CIP information to
retain any Maintain Gather be collected for
information and records information individual & non
data obtained for
individual customers.
identifying
customers.

A firm need not establish the

accuracy of every element of
Firms should screen information obtained from the
their new customers customer, but must verify
against OFAC and Conduct enough information to form a
Verify
other sanctions lists Sanctions reasonable belief that it knows
information
and databases. Screening the true identity of the
customer.
Private and Confidential 63
KYC Process: Customer Identification
Verification of information

Involves comparing information provided by the customer

Documentary against official government-issued, state-issued or reputable
agency-issued documentation, registration, and licenses.

Involves validating the customer’s identity using third parties or

Non-documentary other non-document reports

Private and Confidential 64

Customer Identification Procedure - Documentation
Special attention The bank know why
should be exercised the customer has
in the case of non- chosen to open an
resident customers. account in a foreign
The best documents jurisdiction.
for verifying the The extent & nature
identity of customers of the information
are those most depends on the type
difficult to obtain of applicant
illicitly and to (personal, corporate,
counterfeit. etc.) & the expected
size of the account.

After opening an account, if a problem of verification arise, which cannot be resolved, then
the bank should close out the account.
Customer Identification Procedure – Remember
Banks should never agree to open an account or conduct ongoing business with a customer
who insists on anonymity or who gives a fictitious name.

Confidential numbered accounts should A numbered account can offer additional

not function as anonymous accounts but protection for the identity of the
they should be subject to exactly the accountholder, the identity must be
same KYC procedures as all other known to a sufficient number of staff to
customer accounts, even if the test is operate proper due diligence.
carried out by selected staff.

Such accounts should in no circumstances be used to hide the customer identity from a bank’s
compliance function or from the supervisors.
Customer Identification Procedure – Do’s & Don’ts (Contd)

A bank should follow the

same customer
identification procedure
even if the account of a
customer is transferred
from another bank
which has a robust KYC
program in place.

If the bank has any reason to believe that an applicant is being refused banking facilities by
another bank, it should apply enhanced diligence procedures to the customer.
On-boarding Checks: Identification vs. Verification

Customer Identification

Adverse
Customer Verification Sanctions
Media
Screening
Check

Customer Due Diligence

Beneficial
PEP Status
Ownership
Check
Check
High
Risk?

Enhanced Due Diligence

Private and Confidential 68
 Customer
Acceptance Policy
Customer Acceptance Policy (CAP)

Banks should have a

Factors considered in the CAP
customer acceptance
are:
policies and procedures
(CAP).
Customers’ Background

Country of origin

Public / High profile position

Linked accounts

Business activities

Other risk indicators

Customer Acceptance Policy (CAP)

1
The customer acceptance policies and procedures should be
commensurate to the level of risk of the customer.
2

A high risk customer, such as a high net worth individual, whose

source of funds is unclear, typically would have a more extensive due
diligence procedure.
3

Care should be taken to ensure that the customer acceptance policy

does not become restrictive that it results in a denial of access for
people who are financially or socially disadvantaged.
Customer Acceptance Policy (CAP) (Contd.)

#01 #02
Decisions to enter
into business
A bank should
relationships with
establish a risk-based
higher risk
systematic procedure
customers, such as
for verifying the
politically exposed
identity of new
persons, should be
customers.
taken at senior
management level.

Relevant information A bank should obtain

should be accessible appropriate
for purposes of identification
information sharing information and
among the banking maintain such
group’s head office, information in a This may also
branches and readily retrievable fulfill any local
subsidiaries. format. reporting
requirements.
#04 #03
Customer Due
Diligence
KYC Process: Customer Due Diligence
Overview
Information to
assess customer
risk profile Determine
Conduct AML Risk
CIP Assessment
Customer Risk
Rating

High Risk – Escalated to AML Compliance Officer

To determine the relevant risks, information is needed on the customer’s:

EDD • Nature of business
• Purpose of account
• Expected pattern of activity (volume, nature of transactions, amounts)
• Origination and destination of funds
• Basic business documentation
• Customer’s customers and creditors
• Nominal and beneficial owners of the account
• Business reputation and references
• Other business and personal business interests
• Location of business in relation to bank

Private and Confidential 74

KYC Process: Beneficial Owner
Focus Area: Beneficial Owner
“The natural person(s) who ultimately owns or controls a customer
and/or the person on whose behalf a transaction is being
conducted. It also incorporates those persons who exercise ultimate
effective control over a legal person or arrangement.”

Why bother with such ‘Beneficial Owners’ in the first place?

Should we not simply look at ‘Legal Ownership’?

What is meant by ‘Effective Control’?

Private and Confidential 75

KYC Process: Requirements on Beneficial Ownership
Focus Area: Beneficial Owner
Recent changes in CDD requirements on Beneficial Ownership

The beneficial owner “shall at least” include, for corporate entities,

the natural person who “owns or controls a legal entity through
direct or indirect ownership or control over a sufficient percentage of
the shares or voting rights.”

A percentage of 25% plus one share constitutes sufficient evidence of ownership or control
For other legal entities, (not companies) the beneficial owner would be the natural person(s) who:

a b
Control 25% or more of the Is the beneficiary of 25% or more
property or entity of the property or entity

Private and Confidential 76

Fourth Directive

The Fourth Directive mandates these CDD measures:

Identifying and verifying the

Identifying the beneficial owner
customer’s identity based on
and taking reasonable measures
data from a reliable and
to verify his identity
independent source

Assessing and obtaining Conducting ongoing monitoring

information on the purpose and of the business relationship and
intended nature of the business ensuring that data maintained is
relationship kept up-to-date

Private and Confidential 77

KYC Process: Customer Due Diligence
Focus Area: Beneficial Owner
Recent changes in CDD requirements on Beneficial Ownership
Advance Notice of Proposed Rulemaking (ANPR) proposes the beneficial owner definition as:

Each of the individual(s) who, directly or

indirectly, through any contract, If there is no individual who satisfies (a),
arrangement, understanding, then the individual who has at least as
relationship, intermediary, tiered entity, great an equity interest in the entity as
or otherwise, owns 25 percent of the any other individual
equity interests in the entity.

The individual with greater responsibility than any other individual for managing or directing
the regular affairs of the entity”

• Determination of ‘who bears the greatest management responsibility’ for an entity may
introduce a subjective analysis into the equation.
• The ANPR also seems to suggests that legal entity customers that are exempt from CIP rules
may be exempt from beneficial ownership identification.

Private and Confidential 78

Activity
Review the following cases and determine if there is a beneficial owner(s).
If yes, who?

• Acme Ltd. is directly owned by an individual, Mr. Kent who owns 75% and Gizmo Inc. which
owns 25%. Gizmo Inc, is also a private company, owned equally by two individuals – Ms.
Prince and Mr. Grayson.
• Omega Ltd. has five direct owners each being private companies, owning an equal share in
Omega’s capital. Two of these five direct owners (Alpha Ltd. and Beta Ltd.) are wholly owned
by Mr. Queen.
• Mr. Allen holds majority of the voting rights for Star Inc. His wife, Mrs. West-Allen also holds
a position of Senior Advisor to the CEO at the company.
• Gizmo Inc. is a manufacturer of key components for an advanced tracking system. It
operates on a contract basis with corporate customers, who are manufacturers of defence
equipment. Gizmo’s largest customer is Wayne Enterprises. Contracts with Wayne
Enterprises constitute almost 65% of Gizmo’s annual revenue.

Private and Confidential 79

KYC Process: Customer Due Diligence
Focus Area: Politically Exposed Persons

“An individual who is or has been entrusted with a prominent public function.”

• The potential risks associated with PEPs justify the application of

additional AML/ CFT preventive measures with respect to business
relationships with PEPs.
• To address these risks, FATF Recommendations 12 and 22 require
countries to ensure that financial institutions and designated non-
financial businesses and professions (DNFBPs) implement measures
to prevent the misuse of the financial system and non-financial
businesses and professions by PEPs, and to detect such potential
abuse if and when it occurs.

A politically exposed person does not always mean an individual who directly
holds public office, it also includes their immediate family members, close
business associates, as well as any senior executives of state owned enterprises.

Private and Confidential 80

KYC Process: Customer Due Diligence
Focus Area: Politically Exposed Persons

Members of Parliament • Heads of State • Supreme Courts High-Ranking Officers

• Ministers • Constitutional Courts
• Assistant Ministers • High Level Judicial Bodies

• Ambassadors Senior Executives of • Courts of Auditors International Sports

• Chargé d'Affaires State-run enterprises • Boards of Central Banks Committee Members

• Parents and Children • Close business relations / joint

• Siblings beneficial ownership of legal entities
• Spouse / Partner or legal arrangements with PEP
• In-Laws • Sole beneficial ownership of legal
• Uncles and Aunts entity which is known to have been
set up for benefit de facto of PEP
Private and Confidential 81
KYC Process: Customer Due Diligence

Focus Area: Politically Exposed Persons

PEP’s position or
PEP attempting to shield
Behaviour of the PEP involvement in
his / her identity
businesses

Industry with which PEP Business Relationship /

Product / Service
is involved Transaction

Country-specific

Private and Confidential 82

KYC Process: Customer Due Diligence
Focus Area: Designated Non-Financial Businesses and Professions (DNFBP)

Any business or profession that poses a money laundering risk but cannot be
classified as a financial institution.

Private and Confidential 83

KYC Process: Customer Due Diligence

Focus Area: Correspondent Banking

The provision of banking-related services by one bank (Correspondent) to an
overseas bank (Respondent) to enable the Respondent to provide its own
customers with cross-border products and services that it cannot provide them
with itself, typically due to a lack of an international network.

What can go wrong?

Private and Confidential 84

KYC Process: Customer Due Diligence
Focus Area: Correspondent Banking

Responsibility & Risk-based

Oversight Due Diligence

Geographic Risk Customer Base

Branches, Subsidiaries Products and Services

and Affiliates offered

Ownership and Regulatory Status and

Management Structures History

Business AML Controls

Private and Confidential 85

KYC Process: Customer Due Diligence
Focus Area: Correspondent Banking

Shell bank means a bank that has no physical presence in the country in which it is
incorporated and licensed, and which is unaffiliated with a regulated financial group that is
subject to effective consolidated supervision. Physical presence means meaningful mind
and management located within a country.

Private and Confidential 86

KYC Process: Customer Due Diligence
• Enhanced due diligence (EDD) for higher-risk customers is especially critical in understanding
their anticipated transactions and implementing a suspicious activity monitoring system.
• Higher-risk customers and their transactions should be reviewed more closely at account
opening and more frequently throughout the term of their relationship with the bank.

Enhanced Due Diligence

Trust, Nominee and Certain Corporate
Introduced Business
Fiduciary Accounts Accounts

Accounts opened by Politically Exposed Non face-to-face

intermediaries Persons customers

Correspondent
Banking

Private and Confidential 87

Due Diligence Policy

Banks should have adequate

controls and procedures in Adequate due diligence on new
place so that they know the and existing customers should
customers with whom they be a key part of these controls.
are dealing.

Inadequate due diligence can stake a bank to:

Operational
This can
result in
significant
Reputational Concentration
financial loss.

Legal
Due Diligence Policy

Financial institutions should be required to undertake customer due diligence

(CDD) measures when:

1 2 3 4
The financial
institution has
Carrying out There is a doubts about the
occasional suspicion of veracity or
Establishing
transactions money adequacy of
business
beyond a laundering previously
relations
designated or terrorist obtained
threshold financing. customer
identification
data.
Simplified and Enhanced Due Diligence

Customer Due
Diligences shall be
conducted according
to a Risk-Based
Approach.
Simplified and Enhanced Due Diligence

The meaning of a Risk-Based Approach is that Customer Due Diligences should be adapted
to the Anti-Money Laundering and Counter Financing of Terrorism (AML/CFT) risk level of
the customer, and therefore should be:

When the AML/CFT risk When the AML/CFT risk of

of the customer is low the customer is medium

Simplified Standard

Enhanced
When the AML/CFT risk of
the customer is high

The purpose of a Risk-Based Approach is to adapt the setup of the bank in order to identify,
assess, monitor, manage and mitigate money laundering and terrorist financing risks.
Simplified and Enhanced Due Diligence

The Relationship Manager, who is in charge of the business

relationship should complete the Know Your Customer (KYC) policy
requirement.
The objectives of the program should be:

1Before the entry into the business relationship

2 During the business relationship
3 Protect the Relationship with the customer
Simplified and Enhanced Due Diligence

Customer due diligences involves:

Identifying the customer and Know the purpose and intended

verifying their identity nature of the business relationship

Conducting ongoing monitoring of the business relationship to ensure that the

transactions are consistent with the institution's business and risk profile.

The determined risk level will lead to an adaptation of the level of

Customer Due Diligences.
Customer Risk Rating

Private and Confidential 94

Customer Risk Rating
Remember this?

Identifying risks Assessing risks Managing risks

Due
Identification Risk Rating Diligence

Risk Management Policy

Compliance Culture
Private and Confidential 95
Case Study: Orange Money
• Orange Money is a Miami-based, foreign-owned bank. It serves customers
situated throughout the state of Florida, the Commonwealth of Puerto Rico, as
well as Central and South America
• Orange Money provides both traditional retail banking services as well as
wholesale banking services to corporations, small businesses, a small
population of charities and NGO customers, and two foreign banks located in
South America
• Orange Money completed its annual BSA/AML Risk Assessment and was able to
define multiple customer types. Their AML Risk Management team has decided
that the existing customer risk models, which were designed for individuals and
small businesses, were not adequate, and there is a need to design more
granular risk models to reflect the various customer types

Determine how the bank should design its Risk Assessment and
Risk Rating for each customer type

Private and Confidential 96

Levels of Risk

Simplified and
Enhanced Due L3
Diligence: High Risk

L2
Medium Risk

L1
Low Risk

Private and Confidential 97

Risk Classification – Low Risk

LOW RISK:
L1 L2 L3 Individuals (other than High Net Worth)
and entities whose identities and sources
of wealth can be easily identified and
transactions in whose accounts by and
large conform to the known profile.

The illustrative examples of low risk customers could be:

Salaried employees whose salary structures are well

defined
People belonging to lower economic strata of the society Only the basic
whose accounts show small balances and low turnover requirements of
verifying the identity
Government Departments & Government owned companies and location of the
customer shall be met.

Regulators and statutory bodies

Risk Classification – Medium Risk

L1 L2 L3

Customers that are likely to pose a higher than average risk to the bank may be categorized as
medium or high risk depending on customer’s background, nature and location of activity,
country of origin, sources of funds and his client profile etc.

Persons in business/industry or Where the client profile of the

trading activity where the area of his person/s opening the account,
residence or place of business has a according to the perception of the
scope or history of unlawful branch is uncertain and/or
trading/business activity. doubtful/dubious.
Risk Classification – High Risk

The branches may apply enhanced due

L1 L2 L3 diligence measures based on the risk
assessment, thereby requiring
intensive ‘due diligence’ for higher risk
customers, especially those for whom
the sources of funds are not clear.

The examples of customers requiring higher due diligence may include:

Non Resident Customers Companies having close family

shareholding or beneficial ownership
Trusts, charities, NGOs and
organizations receiving donations High Net worth individuals

Firms with ‘sleeping partners’ Politically Exposed Persons (PEPs) of

foreign origin
Those with dubious reputation as
per public information available Non-face to face customers
BSA/AML Legislative History - APPENDIX
A group of laws designed to assist the government in its efforts to monitor, prevent, and
prosecute money laundering and other financial crimes.

Financial Crimes Money

Bank Secrecy USA PATRIOT
Enforcement Laundering
Act Act
Network Suppression Act

1970 1990 1994 2001

1986 1992 1996

Annunzio-Wylie The Development of

Money Laundering
Anti-Money the Suspicious
Control Act
Laundering Act Activity Report

Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept

and Obstruct Terrorism
Private and Confidential 101
 AWARDS:

Learn more:
https://imarticus.org/corporate/

Email us:
info@imarticus.com

Connect with us:

www.linkedin.com/company/imarticuslearning

ACCREDITED TRAINING PARTNER:

Watch us:
www.youtube.com/ImarticusLearninginstitute

Visit us:
Mumbai | Thane | Pune | Bangalore | Delhi - NCR |
Hyderabad | Chennai | Coimbatore

Private and Confidential 102