-
Receiving Wide Coverage ...StanChart Update: Standard Chartered is trying to settle New York state regulators' allegations it laundered money for Iran, ahead of a hearing scheduled Wednesday on whether the U.K. bank should keep its local license, the FT reports. However, there is a sizable bid-ask spread in the negotiations, as it were: Benjamin Lawsky's Department of Financial Services wanted $500 million, and StanChart came back with an offer of $5 million, which the regulator rejected. Although the U.S. Department of Justice was unsure whether to even bother pursuing a case against StanChart ("the conduct was less egregious than what investigators found at other banks," an anonymous source tells the British paper), Lawsky's agency "could intervene because it need only decide whether the bank meets safety and soundness standards to have a banking licence and does not have to prove the merits of the allegations." In an op-ed in the FT, Kishore Mahbubani, a Singaporean academic, writes that Benjamin Lawsky has become "a Lawsky unto himself." His unilateral decision to go after the U.K. bank "appears to have been driven by domestic political considerations, not by the merits of the case," Mahbubani writes. "In the strange political climate of the US, anyone who stands up to Iran is a hero." Lawsky could go public with his charges without the cooperation of nominally more powerful federal agencies because "it would be political suicide to take on a brave crusader battling against Iran. ... The big question that US regulators face now is whether their overall system will work to deliver a fair and balanced judgment on StanChart." For U.S. bankers, Lawsky's actions could have long-term consequences, Mahbubani warns: "Would another regulatory authority someday similarly retaliate against an American bank?" However, in the Journal's opinion pages (which are usually skeptical of regulatory and prosecutorial zeal), columnist L. Gordon Crovitz compares StanChart's alleged actions to the Bank of England's "appeasing Hitler" by transferring gold reserves to Germany's central bank in 1939. "Any bank that helps Iran's nuclear ambitions by undermining sanctions deserves all the harm done to its reputation," Crovitz writes. And for those who are just getting back from vacation and want to get up to speed on the developing StanChart story, this feature from the weekend FT is a good place to start.
August 13 -
The HSBC money laundering case demonstrates the difficulties institutions face when it comes to preventing crooks from using them to launder the money used to fund crime. Some are turning to new case management and broader cross department data analysis to avoid being taken to the cleaners.
July 31
Nothing like a couple of high-profile money laundering cases to bring the entire industry into regulators' crosshairs.
As the Standard Chartered money laundering investigations pick up steam, close on the heels of HSBC's debacle, the government is now looking closely at how banks are preventing the practice. Simply deploying technology that electronically identifies possible money laundering transactions isn't enough. Experts say the entire culture of how banks vet business partners and flag activity to prevent fraud and money laundering is being called into question.
"The tech staff only exists to enable business. There needs to be a continuous process from the back office to the front," says Doug McKibben, a research director at Gartner.
Anti-money laundering technology typically uses electronic tracking of transaction processing to flag suspicious payments or transfers, either by size or destination, against the history or profile of a customer. The job of the technology is to spot unusual activity or relationships with third parties that are counter to the banks' business rules and compliance mandates. "Know your customer" provisions of anti-money laundering laws can include ties to firms or governments on terrorism watch lists.
Where these tech-heavy strategies can stumble is when the bank's business line people are part of the money laundering scheme or aren't fully aware of the laws and regulations governing money laundering. Additionally, these staff members may not be communicating properly with other bank departments that store or process transfers, vet business partners, or monitor other financial transactions.
At many banks, a chief information security officer is charged with protecting the bank from money laundering risks, though that still places responsibility in the hands of a piece of software or a policy based on identifying suspicious transactions, rather than an enterprise-wide system of checks and balances that examines who is accessing transactions and data and how staff or departments at a bank are using that data.
McKibben suggests a course of action that provides greater context to the rules and the investigation of suspicious activity, making reporting of transactions, internal and external behavior broader and more transparent to more people.
That could mean extra staffing for compliance or AML prevention, or a change in strategy and culture to make more business lines responsible for checking to make sure the tech reports are being followed up by broader investigations into possible money laundering, and corrective actions.
"Compliance can't be managed in isolation. A lot of companies are looking at AML as an IT or a business rule, but are not contextualizing the rules, or looking at whether they have controls in place or processes that are being ignored or controls that failed," McKibben says.
David Kwan, director of AML product management for NICE Actimize, contends that the recent spate of AML incidents, as well Congressional accusations that the Department of Treasury didn't take more proactive actions against Barclays in the LIBOR fraud case, will lead to more government scrutiny as the government seeks to improve its own performance. The government has faced heat over poor oversight of systemic money laundering risk in the past,
Kwan also says this trend takes AML beyond compliance and into banking soundness, looking at issues such as corporate processes, and company culture. "Much of what financial institutions know about what they need to do about issues such as money laundering comes from enforcement actions, where the regulators say there were shortcomings at a particular bank," Kwan says, adding that that can inform corrective measures at other banks.
In the recent cases, Kwan says the direction is pointing toward a corporate culture that centralizes vetting to spot and prevent possible money laundering across departments via rules or best practices that the entire organization must follow.
Kwan recommends a group compliance unit that's empowered to standardize processes across a bank's departments and the various national or regional jurisdictions that are inside an institution's footprint. In theory, this would create centralized and standardized oversight of activity in a region such as Asia or the Middle East, where money laundering concerns are higher than other regions.
Jeroen Dekker, a senior product manager of financial crime risk management for Fiserv, argues for a more dynamic approach that determines whether a bank's activities make sense, rather than simply checking against a list of barred activity.
He says technology can enable a broad risk-based approach, by using automated monitoring as a blanket that checks all transactions, rather than leaving some categories considered to be "lower risk" completely unchecked, which can create maneuverability for money laundering. Instead, all categories are checked, but with tolerance levels dependent on an institution's enterprise wide policy.
"Next to that, systems should be able to flag transactions for review even if there is no hit against a sanctioned entity, [such as] the countries involved, the cumulative amounts involved or a lack of valid customer information. Compliance departments should be looking to prove that large money flows make sense, instead of just assuming that they do if the individual transactions do not contain the names of sanctioned entities," he says.