What measures should firms have in place to counter money laundering in 2023? Regulation Asia and NICE Actimize jointly hosted a roundtable discussion at the InterContinental Sydney, bringing together about 30 practitioners from banks, asset managers and securities firms to discuss that and the capital market’s vulnerabilities to money laundering.
A key finding from the discussion was that there is often little attention being paid to money laundering risks by capital market practitioners in Australia, in part due to not fully understanding threats, challenges in mapping the threats to monitoring tools, insufficient guidance from regulators, and misaligned incentives in front office roles. Still, the roundtable participants expressed a desire to better understand where the threats and vulnerabilities lie and do more to bolster their safeguards and controls.
An area of concern
In 2019, the U.K. Financial Conduct Authority (FCA) released a report summarising its findings from a thematic review into the money laundering risks and vulnerabilities in capital markets. The report represented the first comprehensive attempt by a major regulator to try to understand how bad actors were using secondary markets to launder illicit proceeds.
Adam McLaughlin, Global Head of Financial Crime Strategy at NICE Actimize, spoke about some “money laundering through capital markets” typologies used to transfer what may have been criminal proceeds between countries. In some cases, bonds were transferred free of payment to accounts in other countries before being sold. In other cases, options premium payments were used to transfer wealth, where the options were left to expire even when they were in the money.
The findings of the FCA review prompted the major UK banks to commence their own internal risk assessments according to McLaughlin. Several banks also started to reduce the separation between their AML and capital markets teams, enabling them to learn from each other and build the experience and knowledge both teams needed to identify suspicious activity. McLaughlin said the cross-functional collaboration resulted in better quality and higher volume SAR reporting.
Donna Wacker, Co-Head of Clifford Chance’s Asia Pacific Regulatory Practice, said some Asia Pacific jurisdictions are likewise beginning to pay more attention to money laundering risks in capital markets, an area that has historically been considered low risk. In Singapore, Wacker noted that regulators have recently published AML/CFT guidance for independent asset managers and VCC funds, making it clear that money laundering in capital markets is an area of concern.
Wacker also pointed to recent enforcement actions against Hong Kong brokers who allowed clients to use trading software that permitted the creation of subaccounts under the main accounts maintained with the brokers. Clients allegedly used these subaccounts to solicit investment from Mainland investors. This gave investors access to the Hong Kong securities markets without undergoing the required KYC procedures and ongoing monitoring they’d typically be subject to.
Assumed to be low risk
In Australia, however, there is a general view that AML is not seen as a major priority for capital market activities. According to Alexander Graham, a partner at KPMG Australia and the co-lead of its Financial Crime Consulting practice, money laundering risks are often assumed to be low when dealing with typical customers who access wholesale capital markets. In most cases, these customers are from large-listed companies.
“When we start to question the assumptions and dig a little deeper, we generally find that there are a number of customers that create risk and should be a focus for financial crime risk identification and mitigation. For example, high net worth individuals, multilayered corporate structures, and entities with a geographically remote location to the financial institution—and no apparent reason for needing to access the capital markets products.”
Graham also noted that Suspicious Matter Report (SMR) filings from capital market participants are still very low, in part because many firms are using traditional transaction monitoring systems in the capital market space. Such systems are typically rules-based and calibrated to a retail environment, which results in significant alert volumes that yield low, if any, SMRs.
Indeed, in its latest risk assessment of the securities and derivatives sector, released in 2017, AUSTRAC found that 60 percent of market participants and 74 percent of CFD/FX providers did not submit a single SMR over a two-year sample period. The risk assessment said there was “considerable scope” for reporting entities to improve their AML/CTF systems and controls to be able to identify and submit SMRs.
According to Graham, bad actors will often open smaller positions to test their money laundering mechanisms to ensure they are “safe”. Then they gradually increase the size of their positions over time. On face value, that looks like normalised behaviour from a traditional transaction monitoring perspective. Graham noted that some of the more progressive organisations have started using more contemporary detective solutions in combination with human intelligence and deeper due diligence, but that this relies on a positive and progressive compliance and risk culture.
While there is currently still a big focus on progressing compliance culture in Australia, part of the challenge is that financial crime professionals are often operationally separate. And capital markets businesses are used to working with a high degree of decision-making autonomy, focused on achieving performance goals. This often results in financial crime risks being incorrectly assessed. In some instances, they’re actually higher than the board-approved risk appetite according to Graham.
“In a positive compliance culture, the organisational ecosystem, from board and senior management right through to the relationship manager, understands the risks and ensures appropriate resources are allocated to manage those risks. Teams are exercising professional curiosity, actually stopping to question why a transaction is happening, and willing to raise their hands to do the right thing. Your board and senior management would also have to buy in, show interest, and provide support to make sure people are empowered, rewarded, and remunerated in the right way.”
Firms should be on the lookout for suspicious transactions when riskier clients:
- Have complex ownership structures
- Access capital market products
- Perform off-market transfers to other jurisdictions
- Are based in jurisdictions that do not promote transparent beneficial ownership
- Execute trades which make no economic sense
- Activity is not in line with expected customer activity
In some cases, the transfer of wealth to an overseas counterparty can simply occur through the wind-down of collateral held against trades.
“Whenever you’re paying a counterparty money in a different jurisdiction, it’s important to ask whether this activity actually make sense,” Graham said. “You should really know who your clients are, understand your products and why the client is using them, and look a lot more curiously at things that appear strange or unusual.”
In particular, the roundtable participants said front-office traders need to have a good understanding of:
- Their products
- Who they’re trading with
- The customer’s strategy
- Why they’re trading in the first place
- What behaviour would seem unusual
AUSTRAC’s risk assessment had likewise highlighted that client-facing front-office staff “can sometimes be complacent” about AML/CTF due to their greater focus on retaining client business.
Front-office traders should be able to effectively spot situations that require further investigation, one roundtable participant said. “For example, large volumes of securities trades coming from an omnibus account with a small broker should result in SAR filings. Firms should not just rely on KYC and due diligence performed by counterparties when the underlying transaction flows are coming from third party customers.”
The roundtable discussed the difficulties front-office traders have in understanding money laundering typologies. This is due to a lack of education, case studies, and focus in this area. “It’s important to bring your compliance function and financial crime team close to your markets business and have them come up with scenarios for how suspicious trades can occur with different products,” said one participant. “That engagement is key and hasn’t been applied enough historically.”
“You can’t just trust that the trader or relationship manager will do the right thing. You need to have some checks and balances in place, and controls. Especially when traders are focused on deal-making, you need to have strong compliance and financial crime functions that sit with the traders and build rapport and trust, so that information can be shared both ways.”
On a positive note, the roundtable participants generally agreed that capital markets firms are maturing in terms of their understanding, and to some extent their controls. “AML systems and controls are still very much calibrated to the retail environment, but this is slowly changing with greater sophistication both in the ways transaction flows are monitored, as well as in the offerings vendors can provide,” one participant said.
“The engagement between the first- and second-line functions is improving, and business heads are held more accountable for owning risk and driving outcomes and cultural change. But there is more to be done on customer due diligence, understanding who is behind corporate structures and the source of their assets, and why customers are trading certain product offerings.”
The roundtable participants also pointed to increasing convergence between market surveillance and AML transaction monitoring tools, which have historically been designed in silos. In addition, communications surveillance software today provides helpful intelligence on context and what might be going on between traders and customers, they said.
Wacker said regulators expect firms to update their technology and have “much better systems” in place. They should also be educated on the risks they face in their sector and from business dealings with clients. “For the most part, the regulators really just want firms to get the basics right—get your KYC right, educate your people, and have meaningful monitoring.”
One roundtable participant noted that firms want to make sure they are taking a risk-based approach, and spending resources on the market segments that actually warrant greater attention. According to McLaughlin, equities, bonds, and FX products were identified as higher risk in the risk assessments conducted by U.K. banks, because of the ease of entering and exiting positions in these segments. More complex products such as swaps were found to be lower risk.
Public sector action
The roundtable participants expressed a need for more recent publications and guidance from regulators and the public sector generally, with some noting that AUSTRAC’s latest sectoral risk assessment was issued more than five years ago. One participant said: “We are prepared to work on what the government says is a high risk in a national risk assessment. If it’s low risk to the government, we’re not doing squat. And we’ve got to get the regulator to understand that.”
The industry also needs to understand new typologies and money laundering techniques that emerge over time—this requires greater communication and sharing between banks and other capital markets firms, like in the U.K. “There are all sorts of initiatives globally on private-private sharing. It’s out there, but you need political leadership, and willingness to drive it forward in the public sector,” one participant said.