non face-to-face transactions: risks and challenges richard parlour financial markets law...
TRANSCRIPT
Non Face-to-Face Transactions:
Risks and ChallengesRichard Parlour
Financial Markets Law International
© FMLI 2006
Outcome
• Risks of non face-to-face (NF2F) transactions
• Regulation of NF2F transactions
• Psychology of NF2F transactions
• Developing solutions for challenges of NF2F transactions
Handout Survey
• Ten statements
• Select which response closest to you
• No right or wrong answers
• Be as honest as possible
• Self marking
Background for NF2F
• Desire to be Offshore Financial Centre
• Growing industrial, financial, tourism, IT sectors
• 5-6% annual growth since 1968
• >10,000 offshore entities• Banking sector
investment > $1 billion• India, South Africa• Internet banking
Local Background Risk
• Minor consumer and trans-shipment point for South Asian heroin
• Small amounts cannabis produced and consumed locally
• Low terrorism risk and experience• Significant offshore financial industry creates ML
potential • Corruption levels low (TI level 4.1)• Government committed to regulation, moderate
country risk
Related Offshore Risk
India• Major ML centre• Major drug transit,
precursors• Largest number terrorist
incidents• Terrorist risk severe• Hawala• TI level 2.8• Medium country risk
South Africa• ML centre of concern• Not major drug centre• Organised crime• Terrorism risk elevated• TI level 4.6• Medium country risk
Non Face-to-Face Transactions
Medium• Post• Telegraph• Telephone• Fax• Email• Internet• SMS• Instant messaging• Dealing system• Electronic banking
Risks
• “Physicalities loss”
• Privacy
• Hacking
• Cracking
• Spyware
• Data loss
• Ease of access
• Depersonalisation of contact
• Transaction speed
NF2F Loss/Gain
Losses• Gender check• Age check• Body language• Dress signals• Signature• Likeness• Forensics
Gains• Speed• Reach• Reduced costs• E tracing• E matching• Better psychographic
profiling?
International Experience on NF2F
• FATF recommendation 8 – policies and procedures to address any specific risks with NF2F business relationships or transactions
• BIS BCBS CDD paper 2001 2.2.6:– Apply equally effective ID procedures– Specific and adequate measures to mitigate higher
risk
• EU MLD 3 Art 13.2• Wolfsberg 1.2.5 - specifically address measures
to establish ID of NF2F customers satisfactorily
BCBS NF2F Risk Mitigation
• Certification of documents presented• Requisition of additional documents over
F2F clients• Independent contact with client by bank• Third party introduction (subject to
conditions)• Requiring first payment through account in
client’s name subject to same CDD standards
EU Third Money Laundering Directive Art 13.2
Where customer not physically present for ID, take specific and adequate measures for higher risk:
• ensuring customer ID established by additional documents, data or information;
• extra measures to verify/certify documents supplied, or confirmatory certification by MLD 3 financial institution;
• ensuring first payment through account in customer’s name with a credit institution.
FATF Suggestions
• Reinforce no anonymous accounts
• KYC over life of relationship
• Uniform standards worldwide
• Develop IT to detect suspicions
• Limit online services or amounts
• On line accounts only if opened off line
• Online services only where licensed
• Home and host state oversight
UK on F2F
• Nothing in primary legislation
• MLRs – ID procedures to take into account greater potential for ML when applicant for business not physically present when being identified
• FSA removal of ML sourcebook, emphasis on senior management principles, JMLSG
• JMLSG
JMLSG on F2F
• Risk based approach
• Risk increasing factors:– Ease of access despite time, location– Ease of multiple fictitious applications– Absence of physical documents– Speed of transactions
• Verify electronically or by documents
• Care over impersonation fraud
Psychology and the fraudster
• Average fraud 3½ years before detection
• 51% uncovered by accident
• 19% uncovered by audit
• 10% uncovered by management controls
• 20% disclosed by disgruntled mistress
• Police no better at detection than public
• 20: 60: 20 rule
The Financial Psychopath – Common Myths and Traits
• Don’t look shifty• Do maintain eye
contact• Don’t gesture a lot• Speak more slowly• Motivation not so
much greed, as fear of failure
• Work hard • Easily bored • Take risks • Creative • Charming • No remorse • Impulsive• Self confident• Competitive
Uncovering the Financial Psychopath – Key Difficulties
• High flyers/gurus most prone
• Not in your interest to uncover
• They move faster on loopholes
• Junior staff understand system better than senior staff
• Would have to display own ignorance to uncover
• Would have to own up to being not a good supervisor
• Cost of checks• Couldn’t happen here• Outcome oriented• Lose objectivity
Internet psychology
• Informal language as more isolated from consequences of behaviour
• Productivity/addiction• Lose inhibitions – increased emotional
intensity• Increased social isolation• Different impression formation/creation• NJ teenager manipulated stock market
through chat rooms – fined $273k by SEC
Scoring
• Add up total As and Bs
• The more Bs, the more likely you are to be a financial psychopath or more prone to fraud
• If more than 7 Bs, likely you have already committed fraud
• Also means you are likely to be a high flier
Equivalence
• SDD for equivalent jurisdictions
• EDD for non-equivalents• Highly political
• FATF members?• Others deemed
equivalent by non-FATF members?
• GCC members?• ESAAMLG members?• Other FATF style
members – EAG, APG, MENAFATF?
• Egmont members?• Risk based?• Effectiveness?
NF2F Tools
Specific• VISIT THE RISK • VTC/webcam?• EDD/lifestyle report• Limit service/level• Only if F2F a/c opening• Official documents• Information security• Encryption, comms choice, e
monitoring• Backup• Privacy policy
General• Risk assessment• Added documentation• Database/ Internet searches• Document certification• References/3rd parties• Credit checks• Sanctions checks• Regular KYC• Transaction monitoring IT• First payment through client
account at third bank• Disaster recovery plan