Compliance officers in the financial world, take note: financial crime regulators may be edging a bit forward on their approaches to fighting terrorism funding.
At least, that’s one way to read this week’s statement from the Egmont Group, an affiliation of financial crime regulators trying to develop coordinated approaches to fighting money laundering and terrorism financing. More than 100 members, including FinCEN here in the United States, gathered in Monaco on Monday to discuss what those more coordinated approaches might look like. Among the recommendations they released:
- provide indicators of terrorism financing to industry partners to assist the identification of suspicious financial activity;
- examine the utility of cross-border wire transfer information in the context of combating terrorism funding;
- consider the reporting of couriers transporting cash or non-cash instruments across borders;
- identify the need to expand the range of reporting entities subject to Suspicious Transaction Reports (STR) reporting regime.
In theory, the first two points should be welcome news to compliance officers. For too long the regulatory world has lumped money laundering and terrorism into one bucket of risk that compliance programs should manage—but the two are different threats, requiring different procedures and controls. The compliance officers I know in banking circles would welcome any guidance they can get on how terrorist groups like ISIL or Al Qaeda manage their funding. That world is much more shadowy than drug cartels, and terrorists often deal in smaller amounts of money; you only need a few thousand dollars to build a good pipe bomb or buy a carload of machine guns, after all.
Likewise, a more comprehensive look at wire transfers might be a demanding chore now, that might potentially lead to more data collection responsibilities placed upon financial firms. But over the long term it could also bring clarity to a complicated process, and clarity of what regulators want financial firms to do is never a bad thing (for compliance officers, anyway; others in your firm will of course continue to gripe).
Take Deutsche Bank as an example. The New York Department of Financial Services fined the bank $258 million in November for various AML violations, including “wire stripping”—the act of removing some details from a wire transfer to mask who is sending what funds to whom. If you are the U.S. compliance officer of a foreign bank, you may well be the only person in the whole bank who cares that regulators in Washington and New York expect all employees to obey U.S. sanctions law. Employees back in the home office overseas don’t, and hence the wire-stripping to avoid that nuisance of telling some American agency you’re doing business with someone on a terrorism watch list.
A more coordinated policy on wire transfer data worldwide would, ideally, help to seal up some of that disregard that trips up banks too often. Of course in the real world this probably won’t happen until the sun goes red giant and incinerates the earth, but at least we’re pointing in the right direction.
Expanded suspicious activity reports are where I start to get a bit skeptical. The Egmont Group statement doesn’t specify what entities might face new SAR obligations, or whether the information on the SARs themselves could be increased. Over the years I’ve heard complaints in compliance circles about SARs in general. You notice something suspicious, you file it with the appropriate regulatory agency, and then… plenty of times, nothing. Or you might get a call from an FBI agent or some other investigator, but overall a company knows little about what happens to the SAR after it gets filed.
The process is certainly nothing as fraught as disclosing suspicions of bribery or other corrupt payments to the Justice Department or Securities and Exchange Commission—yet if we really want to elevate terrorism funding to a top concern in the C-suite (and I haven’t met someone yet who doesn’t), then SARs need to be taken as seriously as that. I’ll be curious to see what happens here.
Ditto for that idea of reporting couriers who transport cash or cash equivalents. Great idea, since those services can be a prime conduit for terrorism funding. How do you actually implement it in practice? We shall see.