What role should the financial industry play in the fight against money laundering and terrorist financing?
Its primary role is prevention. Therefore, one of the challenges for financial players is to fully understand their obligations and, above all, to transpose them adequately, by implementing policies, procedures and controls that are proportionate to their size and the nature of their activity.
This implies first and foremost that financial players must assess the money laundering and terrorist financing risks to which they are exposed, define their level of risk appetite with regard to their clients, markets and products, and implement a risk-based approach in order to be able to categorise all their business relationships.
Financial players therefore have an obligation to know each of their clients and to ensure that they are reputable.
They are obliged to adopt customer vigilance measures in line with the level of risk identified. The law establishes three levels of vigilance: simplified, standard or enhanced. When financial players enter into a business relationship with a client, they have an obligation to identify and verify the identity of their clients and to ensure that they are reputable and respectable, so as not to enter into a business relationship or be involved in a transaction with a person, entity or state that would be subject to restrictive measures in financial matters. This knowledge goes beyond simple identification and requires analysis on the part of the professional in order to understand the client and the purpose of the business relationship. The aim is to establish an overview and obtain information/documentation based on the level of risk allocated. Who is my client? How did he/she amass his/her fortune? Where does the money invested come from? Are the transactions he/she is considering in line with his/her wealth? These vigilance measures must be carried out at the time of entering into the business relationship and on an ongoing basis, with regular reviews/updates of the client’s information and documentation according to the level of risk defined or following certain triggering events. Client knowledge is not fixed in time. Moreover, vigilance is not only about the client, but also about monitoring and understanding operations and transactions to ensure their consistency against the KYC profile.
What is important, and what is still lacking, is the proper formalisation of all of this knowledge by the financial players and the implementation of suitable processes and systems, which make it possible to formalise and monitor all this client knowledge over time.
What do you consider to be good practice in this area to prevent the risk of money laundering and terrorist financing?
In the current context, any player must be able to show that it is fully aware of its risks and that it has put in place all the appropriate measures to mitigate these.
This implies giving oneself the means and resources necessary to achieve this and to clearly define the roles and responsibilities within the different lines of defence, to harmonise the processes and channels of communication internally, to avoid working in silos and in a bureaucratic manner. The important thing is to allocate an adequate number of resources where needed, especially within the compliance function. This needs to take account of the size and activity of the financial player, their complexity and risks, and to put in place an adequate control plan between the first and second lines of defence.
While the resource aspect is crucial in the prevention process, it will not be effective without implementing systems, integrated tools and automation that allow for the proper management and filtering of KYC data and information as well as for the control of transactional flows.
The quality, management and updating of data is an essential element that should not be underestimated; many players are still faced today with poor data quality, with data/information spread over different systems that do not allow them to use and monitor it effectively and thus to manage their risks.
Finally, the use of good governance, of a “tone from the top”, which clearly defines its risk appetite and contributes to developing and maintaining a compliance culture within the entity by giving priority to effective risk management, particularly for operational risks, to the observation of solid controls, and the establishment of channels enabling any employee to report a problem in complete confidentiality, remains instrumental in preventing any risk of money laundering and terrorist financing.
Listen to the podcast Arendt We Live #7 The challenges of Economic and Financial crimes: prevention, investigations, remediation .