KYC AML Guide

How #AntiMoneyLaundering solution providers are navigating the challenge of providing high-quality data to help with vigorous tech-powered #compliance to financial institutions? Creating a data solution to comply with #AML regulation is not as easy as pie. Just take the case of the PEPs #data and evaluation of associated #risk levels. A #PEP doesn’t always continue to have the same risk levels.  The Individuals  who serve in a particular position also change. The data needs to reflect changes in designations and names for particular designations Similar is the case with sanctioned entities. The volatility of the global geopolitical landscape evolves and so the requirements to comply with sanctions. A good Anti #moneylaundering and #sanctions compliance tool has to be agile enough. And then there are other problems like false positives which arise because there are not enough strategies in place to identify the true positive from thousands of common names or identify the true hit by resolving transliteration errors. So, how do anti-money laundering compliance solutions come up with fool-proof strategies to avoid these problems? And how financial institutes and innovative payment service providers are keeping up with stringent AML/CFT compliance requirements by implementing those solutions. The upcoming KYC AML Guide webinar “Mitigating False Positives: The Significance of Data Quality in AML Compliance Tools” will bring into the limelight the perspective of representatives of compliance and fintech industry on this issue. Hear from Alia M. Regulatory Affairs Practice Lead, ComplyAdvantage and Charlie Patterson, Group Head of Risk Revolut on how anti-money laundering data compliance tools are providing reliable and updated data on PEPs, #sanctions, global watchlists and adverse media and whether #FinTechs can use those tools optimally or not. Stay tuned to attend the insightful webinar on Wednesday, 5th June 13:00 to 14:00 GMT.

Microsoft outage caused by CrowdStrike faulty software update gives a field day to cyber and financial scammers looking to capitalize on this opportunity. A faulty Falcon Sensor content update led to the Blue Screen of Death, disrupting Microsoft applications and bringing the operations of banks, hospitals, and even airlines to a grinding halt. According to CrowdStrike, the IT team has identified, isolated, and remediated the issue. The tragic and comic nature of the outage is evident from the consequent disruption in services and hilarious memes that have served as a coping mechanism. Tragic consequences aren’t merely limited to disruptions but have materialized through scams. Various reports have emerged about cybercriminals targeting desperate IT workers and offering their services to remediate the issue by portraying it as a malicious cyberattack. As per CrowdStrike intelligence, threat actors were conducting the following malicious activities: 🔹 Impersonating CrowdStrike staff in phone calls. 🔹Posing as independent researchers, claiming a cyberattack link to the technical issue and offering remediation insights. 🔹Selling scripts claiming to automate recovery from the content update issue. 🔹Sending phishing emails posing as CrowdStrike support to customers. CrowdStrike also provided the names of the domains that could be impersonating CrowdStrike. A few of these domains could have future intents to support social engineering tactics. IT workers in large organizations may steer clear of these social engineering tactics by malicious actors. The problem is likely to exacerbate for less tech-savvy citizens who may lose money to scammers selling the remediation. Rachel Tobac, Chief Executive Officer of SocialProof Security, highlighted this challenge and provided accurate assertions on it. “How will this hit everyday folks at home? Please tell your family and friends: If you receive a call from ‘Microsoft Support’ about paying to prevent a blue screen on your computer, do not give that person your passwords, money, etc. A criminal may ask for payment to ‘fix’ or ‘prevent’ the blue screen for you—hang up.” Organizations and individuals must do the due diligence about unsolicited support providers amid such outages to avoid falling trap to #scams. #Crowdstrike #Fraud #phishingscam

Identity mules could make it easier to create #moneymules as people sell their selfies and pictures for as low as 20 bucks. These selfies are then used to bypass #KYC checks on crypto exchanges and other services. Journalist Joseph Cox from 404 media, revealed how underground factories were selling videos of people turning heads right and left and buyers could choose to get the headshots of their choice only for $ 30. Cybersecurity firm SentiLink revealed to 404 Media that individuals travel to places such as Serbia and pay locals as little as $5 to $20 to take selfies and videos of themselves, which are then sold. The news story also reported that one site, called Fotodropy Store, lists images associated with a single person for 1,390 Russian rubles ($16). The site provides various demographic options, allowing customers to specify the gender and age of their face model. Protos also uncovered a collection of 100 photographs featuring men and women from Spain, Peru, and Mexico. The image set of 100 was being sold for $40. As the Identity verification industry strives to build solutions to detect fraud, the challenge of identity theft and even identity mules makes it even harder to use identity verification for tracking identity mules and subsequent money laundering through money mules. The idea of getting paid for selling one’s biometric information is very compelling for those, on the look-out for bucks to ensure survival. No wonder why OpenAI founder Sam Altman’s WorldCoin also fell a trap to such fraudulent schemes in Africa as irises scans of many Africans made their way to the Chinese black market. The question is with biometric information of relentless folks almost freely available, is it even possible to securely verify the identities for smooth financial services? #KYC #AML #MoneyLaundering #IdentityVerification

Financial Conduct Authority Publishes findings for its review on treatment of #PEPs by FCA-regulated firms. FCA guidance advises firms to use a risk-based and proportionate approach to PEPs regarding #moneylaundering risks. The regulator contacted over 1,000 UK PEPs and received 65 responses, followed by data gathering and analysis from firms in 5 retail sectors, eventually narrowing down to 15 firms for detailed review. Here are the key findings from FCA's review: 🔹 Some firms included definitions for PEPs and RCAs that are not in line with the regulations and our Guidance 🔹Some firms did not have effective arrangements in place to review PEPs and RCAs to ensure the PEP classification remained appropriate after the PEP had left public office 🔹A small number of firms did not effectively consider the customer’s actual risk in their assessment and rating 🔹Despite the need to improve the firms’ policies and procedures, customer file testing did not show firms regularly applying excessive enhanced due diligence measures (EDD) for customers 🔹All of the 15 firms were clear that they would not decline products or services to UK PEPs or their RCAs simply because of PEP status 🔹Firms need to improve the clarity and detail of communications with PEP and RCA customers 🔹Most of the 15 firms needed to improve staff training 🔹Ten of the 15 firms had made changes and improvements following the recent amendment to Regulation 35 (which sets out firms’ AML obligations on PEPs under the Regulation) but some needed to update their policies to reflect this legislative development. FCA's review also found that none of the 15 firms had implemented changes to any policies and procedures specific to PEPs in light of the Consumer Duty. However, 3 firms had updated their wider policies and procedures which positively affected all customers, not just PEPs. #MoneyLaundering #AML #RiskAssessment #FCA #PEP

What are the most used #moneylaundering methods for #terroristfinancing in Australia? AUSTRAC has recently released "Terrorist Financing in Australia - National Risk Assessment. The report highlights that terrorists and their financiers continue using established methods for fundraising, including personal funds, individual contributions, and charity. Social media and crowdfunding platforms are integral for recruitment and fundraising. Preferred methods for moving funds remain banking, remittances, and cash exchanges. Although digital currency use is increasing, it is unlikely to surpass traditional methods in the next three years. Banking systems, remittance service providers, non-bank online payment service providers, and digital currencies are the high-risk channels/methods used to transfer funds. Cash smuggling, foreign exchange providers, luxury goods, precious metal traders, stored value cards, non-bank lenders and financiers, pubs and clubs, casinos, betting agencies, other gambling entities, stockbrokers, and securities dealers are some of the high-risk sectors. Some of the high-risk impacts of terrorist financing in Australia include: 👉 🔹 Terrorism financing typically supports terrorist acts, weapons, vehicles, explosives, training, foreign fighter travel, or funding for recognized foreign terrorist groups. 🔹Terrorism financing undermines trust in the Australian government and causes significant social discord. 🔹Terrorism financing harms Australia's financial performance, reputation, and the broader financial system.

Will BitMex face any fines for violating United States #AML and #KYC regulations> HDR Global Trading Limited, also known as Bitcoin Mercantile Exchange or BitMEX, has pled guilty to violating the Bank Secrecy Act by failing to establish, implement, and maintain an adequate anti-money laundering (AML) program. This announcement was made by Damian Williams, the U.S. Attorney for the Southern District of New York, and Christie M. Curtis, the FBI Acting Assistant Director in Charge of the New York Field Office. The case is assigned to U.S. District Judge John G. Koeltl. BitMEX, a leading cryptocurrency derivatives platform operating from 2015 to 2020, was founded by Arthur Hayes, Benjamin Delo, and Samuel Reed, with Gregory Dwyer as its first employee and later Head of Business Development. As per Press Release by United States Attorney’s Office, Southern District of California, Despite its operations in the U.S. and servicing U.S. customers, BitMEX did not implement a meaningful AML program, which opened the platform to large-scale money laundering and sanctions evasion schemes, posing a significant threat to the financial system's integrity. The company's lax requirement of only an email address for service access ignored essential AML and "know your customer" (KYC) requirements. Furthermore, BitMEX lied to a bank about a subsidiary's purpose to process millions of dollars through the U.S. financial system. In response to proceedings, BitMEX responded that the charge had no impact on the exchange’s operations. The statement further read, “This charge isn't new – it dates back to 2020 and relates to BitMEX’s operations up to September 2020. Our founders were sentenced in 2022, and BitMEX has since fully remediated its operations and control program. We’ve accepted the BSA charge and will seek an expedited sentencing hearing. We'll argue against further fines, given the substantial amounts already paid by our founders and the settlements with the CFTC and FinCEN in 2021.” #KYC #AML #Crypto

Which sectors pose the highest in Singapore after the city state’s mega #moneylaundering scandal a year before? On June 20, Singapore released its updated Money Laundering (ML) National Risk Assessment (NRA), aiming to sustain the effectiveness of its anti-money laundering regime amidst changing risks. This revision incorporated observations from local supervisory and law enforcement agencies, including Singapore’s Financial Intelligence Unit, the Suspicious Transaction Reporting Office, along with feedback from the private sector and international authorities. Since the previous assessment in 2014, Singapore has intensively monitored ML risks, conducting thematic assessments on the misuse of legal entities, #virtualassets, and #environmentalcrime to enhance targeted risk mitigation efforts across stakeholders. Key points of Singapore's updated Money Laundering National Risk Assessment. 🌐 Global Financial Hub at Risk - As a pivotal financial and trading center, Singapore's openness invites risks of illicit fund movements and asset laundering. 💼 Common Laundering Strategies - Criminals leverage bank accounts, shell companies, and investments in high-value assets like real estate and precious metals to clean dirty money. 🚨 Top Threats Unveiled - Watch out for cyber-enabled fraud, organized crime, corruption, tax crimes, and sophisticated trade-based laundering tactics. 🏦 Sector Under Spotlight - With its voluminous transactions and high-risk clients, the banking sector remains highly vulnerable. Corporate Service Providers, real estate, and others like casinos and precious stones also face significant risks. 💡 Emerging Dangers - Rising misuse of Digital Payment Tokens (DPT) and cross-border transactions highlight growing areas of concern. 🔐 Firm Commitment to Safety - This crucial update directs Financial Institutions and DNFBPs to bolster their defenses, ensuring a safer economic environment for all. In August 2023, the mega #moneylaundering scandal bust had raised questions on how the South-East Asian financial hub is scrutinizing the flow of capital from emerging economic superpowers in neighboring countries. This has even led to drawing comparisons between Singapore and Dubai as recently highlighted by Ives Tay "Singapore is at a tipping point. Will we become another Dubai, welcoming all shades of gray, or will we uphold our values and ensure that our growth does not come at the expense of our global standing?" #AML #MoneyLaundering #FinancialSecurity #Singapore #RiskAssessment #Compliance #FraudPrevention

UK Bank uses Bank-verified digital identity to on-board customers in Sweden, Finland and Norway for its leasing business. NatWest Group has partnered OneID® to facilitate customers of its structured finance business in Nordics. Last year in March, NatWest also launched a Customers Attribute Sharing Service through its Bank of APIs. The switch to a bank-verified digital identity came after the bank reviewed the existing verification process for its leasing business in Nordics. Natwest’s bank-verified digital identity will enable a smooth business process reducing onboarding time. Simon Jacobson NatWest Nordisk Renting said in press release, “Through allowing signatories from across the Nordics and UK to verify their identity with their Bank with OneID and Adobe® Acrobat Sign®, the business process is being reduced from days to hours, while also allowing us to improve against our commitment to sustainability.”   OneID®’s CEO Paula Sussex said, “NatWest’s partnership with OneID exemplifies their commitment to deliver innovation and security in its identity verification processes.” Digital Identity for performing #KYC in the financial sector requires much more than a government-verified identity in digital format. Hence, the bank-verified digital identity is likely to be more instrumental in authenticating comprehensive #KnowYourCustomer information which is necessary to validate a potential customer's access to complex financial products. Recently, debate around digital identities in the UK has intensified followed by ex-UK Prime Minister Tony Blair’s statement about the use of digital identities in controlling immigration. However, proponents argue that instead of national digital IDs, private sector digital identities such as bank-verified digital identities are likely to give users greater control over their identities while enabling access to multiple global and private sector services. #BankID #DigitalID #KYC

Newly released FATF report reveals the status of #AntiMoneyLaundeirng and #CounterTerroristFinancing Compliance by Virtual Asset Service Providers in different countries. Financial Action Task Force (FATF) has released Targeted Update on Implementation of FATF Standards on VAs and VASPs. Here are key highlights. As per FATF’s report some jurisdictions have made progress in complying with #aml #cft compliance for virtual assets service providers but global progress is still lagging. Based on 130 FATF Mutual Evaluation and Follow-up Reports, 75% of jurisdictions are only partially or non-compliant, showing negligible improvement as compared to April 2023. Jurisdictions continue to struggle with implementation of fundamental requirements of R.15, particularly undertaking a risk assessment and conducting supervisory inspections. Number of jurisdictions with registered or licensed VASPs in progress have also increased. Nearly one third of the survey respondents have not yet passed legislation implementing #TravelRule. Even among jurisdictions that have passed legislation, implementing Travel Rule, supervision and enforcement remains low 𝐒𝐡𝐨𝐫𝐭𝐜𝐨𝐦𝐢𝐧𝐠𝐬 𝐨𝐟 𝐓𝐫𝐚𝐯𝐞𝐥 𝐑𝐮𝐥𝐞 𝐂𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐓𝐨𝐨𝐥𝐬 While there has been an increase in Virtual Assets Transaction volume using VA Travel Rule compliance tools, these tools have some shortcomings which could delay transactions' transmission. FATF report also mentions some of the additional questions that VASPs should consider for Travel Rule Providers. Questions are summarized below. 🔹Does the tool use an embedded data format meeting ISO 20022 standards to enhance VASPs' sanction screening and transaction monitoring  🔹Does the tool allow a VASP to submit and obtain securely Travel Rule information in sufficient time for originating, beneficiary, and intermediary institutions, (i.e., simultaneously or before the transaction is executed on the blockchain, with no exceptions)? 🔹Does the tool enable ordering VASPs to submit Travel Rule information to beneficiary VASPs? 🔹Does the tool allow VASPs to submit Travel Rule data to specific beneficiary VASPs or enable originator VASPs to automatically/pre-programmed opt out of sending TR data to certain counterparty VASPs to avoid sanctioned jurisdictions, high TF/PF risk areas, or regions with lower data privacy protections?  🔹 Does the tool provide VASPs with a secure communication channel to help follow up with a counterparty VASP to seek information on the counterparty VASP to allow the VASP directly to conduct required counterparty due diligence; and to request information on a certain transaction to determine if the transaction involves high-risk or prohibited activities #VASP #CASP #Crypto #VirtualAssets #FATF #Compliance #R16

China, United States, and Australia lag behind in Meeting FATF AML Standards in DNFBP Sectors Financial Action Task Force (FATF) recently released the report Horizontal Review of Gatekeepers Technical Compliance Related to Corruption. As per report the countries like U.S., China, and Australia are fuelling illicit finance by not subjecting key “gatekeeper” professions such as attorneys and real estate agents to anti-money laundering (AML) requirements.   The review found positive findings, with over half of FATF members receiving scores above 80%. However, the records also raise important issues. Seven FATF members with scores below 50% account for almost half of the global GDP, rendering significant threats to global compliance. The reports underscore the urgent need for FATF members to enhance gatekeeper coverage in line with FATF recommendations, focusing on essential obligations such as customer due diligence, implementation of internal controls, and risk-based supervision. 1. Key findings from the FATF Horizontal Review Global compliance with FATF regulations for designated non-financial companies and professions (DNFBPs) has improved throughout the last twenty years. When adopting FATF criteria for gatekeeper professions, major financial centers like the United States, China, and Australia received a zero percent score. In contrast, Portugal and Luxembourg excelled, meeting 100 percent of FATF’s technical recommendations for DNFBPs, with Malaysia, Turkey, and Singapore also performing well. Over half of the surveyed nations scored above 80 percent, with an average score of 74%. Customer due diligence is severely lacking, especially for Trust & Company Service Providers. How can we identify suspicious clients without thorough background checks? Supervisory authorities often lack the necessary powers to impose dissuasive sanctions. Time for Urgent Action ✅Close the loopholes and ensure that all gatekeepers are fully covered under the AML umbrella without any exceptions. ✅Provide sufficient resources and empower supervisors to monitor compliance and address violations effectively. ✅Engage constructively with gatekeeper sectors to enhance understanding and implementation of rules. ✅Implementing aggressive investigations and prosecutions for a minority of "professionals" who knowingly facilitate money laundering. The report's findings are giving rise to multiple questions. And, few of the hard-hitting ones are about whether sector's compliance actually matters are not. As Phil Mason OBE questioned, "Perhaps more alarming than the total failure to comply of some major players, is that two of the most active offshore centres for illicit finance actually receive compliance ratings of 100% (Luxembourg) and 97% (UK). So does it matter if jurisdictions 'comply'? What does this say about the real world value of 'effectiveness' under FATF assessments?" #moneylaundering #realestate #DNFBP