Anti-Money Laundering Risks for Global Companies (Part I of III)
Non-financial institution companies operating in the global marketplace face ever-increasing risks of money laundering. Sophisticated criminal organizations have developed their own mechanisms and strategies to skirt money laundering rules and regulations.
The Justice Department has targeted transnational organized crime for investigation and prosecution. As a consequence, non-financial institutions have to examine their policies and procedures to protect against handling proceeds of criminal activity or otherwise facilitating money-laundering operations.
Money Laundering Statutes
The complex set of money laundering statutes and regulations apply to “financial institutions,” as defined under Title 31 of the United States Code. However, non-financial institutions are subject to two basic AML criminal statutes, 18 United States Code Sections 1956 and 1957. The Department of Justice can initiate criminal and/or civil actions under 18 USC §1956. In view of these requirements, companies need to conduct an AML risk assessment to tailor its AML program; and adopt KYC best practices as part of its AML compliance program.
The Bank Secrecy Act (“BSA”) and the USA PATRIOT Act are the two primary U.S. AML laws that apply to “financial institutions.” The BSA was designed to deter secret banking activities abroad and to provide an audit trail by establishing regulatory reporting and recordkeeping requirements for financial institutions. The USA PATRIOT Act enhanced requirements for AML Programs and expanded the coverage of AML laws to certain non-banking financial institutions.
U.S. businesses are subject to two basic AML statutes, 18 USC §1956 and §1957.
Under Section 1956, it is unlawful to “conduct or attempt to conduct” a financial transaction with proceeds known to be derived from illegal activity. The statute sets forth a variety of predicate illegal acts for purposes of the money laundering statute, including FCPA violations.
Under Section 1957, it is illegal to conduct a monetary transaction in an amount greater than $10,000 with property known to be derived from criminal activity.
Violations of Section 1956 are punishable by imprisonment for not more than 20 years; Section 1957 carries a maximum penalty of imprisonment for 10 years.
Under the civil forfeiture statute, any property “involved in” a money laundering transaction, or “traceable” to property involved in such a transaction, may be subject to forfeiture. Civil forfeiture may also be sought with respect to proceeds derived from or traceable to any offense that the money laundering statute defines as “specified unlawful activity” – a category that includes felony violations of the FCPA.
These two money-laundering statutes have broad application and can apply to companies and individuals who knowingly, or with “willful blindness,” conduct a prohibited financial transaction. It is not necessary for the person or entity to know the specific unlawful activity that generated the illegal proceeds or facilitated the illegal activity.
Key Elements of an AML Compliance Program
A risk assessment should be the first step to design an AML compliance program. Once a risk assessment has been performed, a company should design its compliance program to target resources toward the highest risks. Key elements of a compliance program are:
- Board and senior management support and reinforcement
- Customer risk assessments
- Know Your Customer (“KYC”) program
- Designated AML compliance officer with appropriate resources
- Dedicated, skilled resources including technology
- AML training customized to different audiences
- Robust reporting requirements that includes metrics to measure and monitor risks
- Ongoing monitoring and periodic independent testing of the effectiveness of the program
Customer risk assessments are intended to identify the level of inherent risk in different types of customers. The Federal Financial Institutions Examination Council’s BSA/AML Examination Manual cautions not to “define or treat all members of a specific category of customer as posing the same level of risk.”
Customer risk assessments are usually conducted at the inception of a new client relationship and should be re-evaluated when new, relevant information is learned, or when a customer expands into a new high-risk area, or adverse media is discovered.
Financial institutions are directed to consider the following when assessing money-laundering risks of customers:
- Occupation or nature of business
- Method/ channel of account opening (e.g. face-to-face, mail, Internet)
- Length of relationship with client
- Prior experience with and knowledge of customer and his/her/its transactions
- Source(s) of income
- Type(s) of product(s)/ service(s) provided
- Expected pattern of activity and actual activity in terms of transaction types, dollar volume and frequency
- Geographic considerations (e.g. residency or principal place(s) of business, incorporation, citizenship, origination/ destination of funds, location of primary customers)
- Status as or relationship with other high-risk individuals/ entities (e.g. PEPs).
Non-financial institution companies have unique anti-money laundering risk profiles. Global companies do not process as many financial transactions as a financial institution. However, global companies conduct financial transactions with third parties and their vendors and suppliers. In the second part of this posting, we will examine these risks and mitigation strategies.