Last year saw 58 Anti-Money Laundering (AML)-related penalties handed down globally, totalling $8.14 billion – double the amount and almost double the value of 2018 figures (29 penalties at $4.27 billion), suggesting that not only are regulators cracking down with more rigour, but the stringency of their sentencing is also increasing. In this punishing environment, effective and efficient AML controls are more important than ever – but with new risk assessments for technology now in force in the UK, firms must be careful what path they choose for protection.
“Since 2015, annual AML penalty figures have been steadily rising each year. Multi-million dollar fines have been commonplace for a while, but we are now seeing more penalties of one billion dollars or over, with two in 2019 alone,” says Wayne Johnson, Co-Founder and CEO of Encompass Corporation, which compiled the analysis.
Although 2014 still holds the record for the highest total value of fines at $10.89 billion, this is due to the anomalously large penalty of $8.9 billion handed to BNP Paribas for doing business with countries that face US sanctions. If this were to be removed, 2019 would take the lead.
The USA handed out the highest number of penalties last year at 25 – more than twice the amount of the UK, the country in second place. “Given that these two countries have transparent regulatory cultures and active regulatory bodies, we expect we shall continue to see the largest number of fines originate from here, but we are seeing activity from increasing numbers of jurisdictions as time goes on,” notes Johnson. “For example, in 2019, penalties were handed out by 14 countries, compared to just three a decade ago in 2009.” Other jurisdictions that handed down penalties included Belgium, Bermuda, France, Germany, Hong Kong, India, Ireland, Latvia, Lithuania, the Netherlands, Norway, and Tanzania.
We may also expect the UK to ramp it up a notch this year, following the introduction of its new AML legislation (MLR 2019), which went live last Friday. The reforms extend existing customer due diligence (CDD) obligations, increase reporting requirements for many businesses, and introduce new duties to carry out risk assessments, as well as imposing a regulatory imperative that individual senior managers ensure their firms comply with the regulations, and including new requirements for the use of electronic verification – which have left some firms scrambling to catch up.
“While the existing framework requires entities to examine the background and purpose of business relationships and transactions with customers established in high-risk third countries, the MLR 2019 imposes more prescriptive measures, including requirements to obtain additional information on the customer and its beneficial ownership, the customer’s source of funds, as well as implementing enhanced monitoring of the ongoing relationship,” says David Hamilton, Senior Associate at Pinsent Masons.
Crucially, the legislation also contains new provisions requiring companies to perform money laundering risk assessments prior to the launch or use of new products or business practices, including new technologies – which could inhibit or increase the cost of take-up. In this context, it is vital that firms identify any gaps in their AML defences and work immediately towards shoring these up with appropriate solutions, as well as introducing new AML filters to their procurement processes.
For capital markets firms such as traders and brokers there are additional challenges – the new legislation extends the ‘risky’ products category to include oil, arms, precious metals and tobacco, which will could mean a whole new review of trading portfolios to implement the required controls.
There are indications that the regulator plans an aggressive stance when it comes to compliance. Although HMRC has acknowledged the short lead-time that businesses have had to implement all the new requirements, and has promised to take this into account, in a statement on Friday it reiterated that “all firms must be fully compliant with the new requirements from 10 January,” noting that some firms, such as trust or company service providers and money service businesses, will not be allowed to operate at all until HMRC has approved their application under the new rules.“The undercurrent in this missive is that the UK is changing its tone when it comes to AML compliance, going from a country that “gold plates” regulations, but lacked enforcement bite, to a region that weights effectiveness and results much higher than technical compliance to laws on the books,” noted Brian Monroe, Director of Content and Business Development for the Association of Certified Financial Crime Specialists, in a January 10 briefing.