Content area
Full Text
1. Introduction
The financial sector is required to operate within the anti-money laundering regulations in place in the country in which they are based. In the United Kingdom the regulations in force are the Money Laundering Regulations 2007.
These regulations are based on the Financial Action Task Force (FATF) International Standards on Combating Money Laundering and the Financing of Terrorism & Proliferation (often referred to as the FATF 40 Recommendations) as interpreted by the EU Money Laundering Directive (3rd and 4th Money Laundering Directives).
The Money Laundering Regulations 2007 set standards for identifying customers and beneficial owners, applying customer due diligence and identifying higher risk situations when enhanced levels of due diligence are required.
Firms are given guidance on implementing the Money Laundering Regulations by the Joint Money Laundering Steering Group guidance and the guidance issued by their regulator or supervisor, for example the Financial Conduct Agency Financial Crime Handbook.
FATF and UK guidance encourages firms to take a risk-based approach to countering money laundering and terrorist financing. Thematic reviews conducted by the Financial Conduct Agency have given examples of good practice and poor practice found in the control systems in the regulated sector of the United Kingdom. In parallel, the policy makers in the United Kingdom and around the world have been critical of firms, particularly banks, who have adopted policies of avoiding higher risk sectors, or de-risking.
Increasingly, banks are being challenged by their customers, supervisors, governments and FATF to identify and manage risk, whilst the financial and reputational penalties for getting their controls wrong are also rising to record levels.
To operate a risk-based system of controls, a firm has to, by definition, be able to recognise risk. This paper examines how this is done and suggests that a large part of the effort expended by firms looks backwards at known threats rather than protecting firms by looking forward to identify current and future threats.
This paper also suggests that the financial sector can employ predictive intelligence to identify and protect against current and future threats.
2. Know your customer, sanctions and politically exposed persons
The Money Laundering Regulations 2007 require all relevant businesses to know their customers. New customers are required to provide identification at the start of a...