Full text

1. Introduction

The Hong Kong and Shanghai Banking Corporation, (HSBC) is an international banking conglomerate with subsidiaries across multiple jurisdictions. Unfortunately, the pan-jurisdictional nature of banking can also easily be manipulated for the purposes of money laundering. To thwart any efforts to launder money, banks adopt internal practices and procedures to identify customers and to also detect any unusual activity which may indicate possible money laundering. However, there is always a possibility that a bank’s anti-money laundering (AML) controls fall short of the required standard. For HSBC, these AML control failings were recounted by a US Senate Permanent Subcommittee on Investigations report on US Vulnerabilities to Money Laundering, Drugs and Terrorist Financing (US Senate HSBC Case History Report, hereinafter HSBC Case History Report). The Permanent Subcommittee report outlines several AML failings across a number of HSBC’s subsidiaries from Mexico to Bahrain, and the USA. For the purposes of this paper, the AML deficiencies uncovered in HSBC Mexico (HBMX) will be examined (HSBC Case History Report at 49). These failings include:

• inadequate customer due diligence (CDD) measures for high risk accounts;

• AML responsibilities performed by relationship managers;

• maintaining high risk client relationships;

• ineffective remedial plans; and

• information system shortfalls.

The aim of this paper is not to provide a detailed account of the issues facing HBMX as already provided for in the HSBC Case History Report but instead to summarise the key findings of this report and comment on these findings with reference to industry standards and best practices. While the HSBC Case History Report remains a key guide for any compliance officer, this paper should provide a succinct alternative while also placing the issues uncovered in HBMX in a wider AML context.

2. Cayman Island accounts: from Bital to HBMX

Before the acquisition of Bital, now HBMX, was concluded, HSBC undertook an audit of the institution which uncovered multiple compliance shortfalls. The audit’s findings highlighted the institution’s failure to perform sufficient CDD in up to 41 per cent of Cayman Island accounts (HBMX, 2002, p. 847). CDD “is necessary to ensure that the financial system is not exploited to transmit criminal proceeds of crime” this measure entails undertaking “reasonable efforts” to “determine true identities of all customers” (Mugarura, 2014, p. 80). An IMF report into...