Upload
bovill
View
474
Download
0
Embed Size (px)
Citation preview
Financial Crime Hot Topics -Singapore
Correspondent Banking and DPAs
March 2016
David Brain & Colin Darby
2
Agenda
• Correspondent Banking
o Correspondent relationship money laundering risks
o MAS requirements and guidance
o Correspondent banking compliance challenges
o Wholesale ‘de-risking’
o Changing EU requirements
o Effective correspondent banking operating models
• DPAs
o Evolution of UK DPAs
o Pros and cons of self-reporting
o Pros and cons of entering into a DPA
o The UK’s first DPA
o Monitors
4
Overview
“Correspondent Banking” means the provision of banking services by a
correspondent bank to an overseas financial institution.
Other than payment settlement systems, the only way for funds to cross-
borders electronically.
5
Correspondent Relationships
Customers
Respondents
Correspondent Bank X
Bank Y (customer of Bank X)
Bank A Bank B
Bank Z (customer of Bank X)
End Customers
Direct access
products
Nested / Downstream
CB
6
Correspondent Banking is a high risk activity
No direct relationship with underlying parties
Limited information on underlying transactions
Non-face to face business
Reliant on respondent’s possibly inadequate controls
Exposure to respondents with higher risk appetites
Exposure to less robust regulatory regimes
‘Hidden’ exposure through downstream or nested activity
7
MAS Notice 626
• Fully understand the nature of the respondent’s business
• Determine respondent’s reputation and quality of supervision
• Assess effectiveness of respondent’s AML/CTF controls
• Clearly document respective AML/CTF responsibilities
• Obtain senior management approval
• For payable-through accounts, ensure the respondent has
undertaken appropriate initial and ongoing CDD
• Decline or terminate relationships when respondents:
have inadequate AML/CTF controls;
are not effectively supervised; or
are shell institutions
• Gain satisfaction that respondents do not permit shell institutions
to use their accounts
8
MAS Guidance on CB AML Controls
• CB ML/TF risks included in enterprise-wide risk assessment
• Assess adequacy of centrally performed respondent due diligence
• Assess adequacy of respondent’s financial crime controls – Wolfsberg Questionnaire alone not enough
• Qualitative assessments include: discussions with respondent’s management, compliance and home regulator; review of policies and procedures
• PEP and Sanctions screening on respondent’s beneficial owners, senior management and key officers
• FI due diligence committee and site visits
• Identify nested or downstream activity - additional due diligence on downstream respondent FIs
• Due diligence on affiliates
• Risk-based periodic reviews include review of account activity
• Adverse media screening on respondents
• CB-specific transaction monitoring detection scenarios
9
CB Compliance Challenges
Defining CB Relationships
Respondent risk assessment
Risk-sensitive due diligence
Regulated Status of Respondents
Interaction with Respondents
‘KYCC’
Transaction Monitoring
Qualitative Assessment
Wire Transfers
Maintaining Profitability
11
Changing European Landscape
4MLD definition of ‘correspondent relationship’ – broad and may capture
relationships between NBFIs.
Removal of ‘equivalent jurisdictions’ in favour of identification of high risk
third countries – Singapore was considered to be equivalent
Less prescriptive, more risk-based approach to SDD – CB due diligence
likely to become less polarised, more risk sensitive.
12
Effective CB Operating Models
Policy and
procedures
• CB specific AML policies and procedures
• CB product/service risk assessments
• Multi-factor respondent risk assessment
models
• Risk-based CB due diligence
People
• CB due diligence in front line
• CB AML training for RMs
• Dedicated CB TM and AML Advisory personnel
Technology
• Use of KYC utilities and LEIs
• Data analytics (e.g. SWIFT Traffic Profile)
• Dedicated CB TM rules
• Payment data algorithms
• Development of payment messages
13
Key messages
CB remains vital
Sustainability through
collaboration
Risk-Based Approach
Authorities remain
interested
More technology
15
What is a deferred prosecution agreement (DPA)?
• Official Wording:
A DPA is an agreement between a designated prosecutor
and an organisation which could be prosecuted, under the
supervision of a judge. (SFO)
• Practical Terms:
DPAs are designed to encourage companies to self-report
wrongdoing in the hope of more lenient treatment.
16
Why DPAs are relevant to Singapore
International firms
Extra-territoriality of legislation
Attractive enforcement tool
17
UK Background
Introduced in Schedule 17 of the Crime & Courts Act 2013
DPAs came into force on 24 February 2014
Bribery and Corruption focus
Prosecutor charges a company with a criminal offence – but proceedings are automatically suspended
Company (never an individual) agrees to a number of conditions
If all conditions are met, the DPA is lifted, and no prosecution
18
Why are DPAs gaining popularity?
• Historic issues Corporate crime is difficult to
investigate and prosecute
Law Enforcement agencies desire
for more tools to combat corporate
crime
Costs
• DPAs Save time
Allow victims to be compensated quickly
Save costs in relation to investigation
and prosecution
Allow a corporate to take remedial
action
?
19
DPAs - UK vs US
Judicial
involvement
Predictability
Who
Scope
Prosecutor’s tone
Additional
responsibilities
Limited, if any
Corporates and
individuals
DoJ has broad discretion
as to the types of crimes
DoJ provides guidance,
more educatory
Only cash reporting
requirements
More so
Judicial approval
throughout negotiations
Corporates only
Scheduled offences
Seemingly more
aggressive
POCA obligations
Less so
USUK
20
The DPA Process
Invitation to negotiate
Negotiation period
Terms of the DPA
Financial penalty MonitorFirst hearing
(public)
Second hearingFinal hearing
(public)
Breach/variation/ termination of the
DPA
21
What a DPA may entail
• Terms must be fair, reasonable and proportionate
• May include the following:
o Payment of a financial penalty
o Payment of compensation to victims
o Disgorgement of profits
o Implementing a compliance program (or making changes)
o Co-operating with any investigation
o Appointment of an independent monitor
o Paying reasonable costs of the prosecutor
22
Pros and Cons of Self Reporting
• Uncertainty as to whether a prosecution will follow
o No guarantees of a DPA
o Other public interest factors other than self
reporting
• Risk of prosecution from another jurisdiction
• Reputational damage
• Do not leave yourself open to an unexpected
knock on the door
• May enable a company to escape debarment
• Potentially avoid conviction
• Limited reputational damage
• Possibility of reduced penalty with open co-
operation
23
Pros and Cons of entering into a DPA
• Potential lack of incentive
o Fines will be broadly the same
o Discount will be broadly the same
• Full disclosure and cooperation may unearth other
irregularities
• Work of a Monitor can be disruptive to the business
• Save time and costs of a lengthy investigation
• Swifter restitution and rehabilitation
• Reduced collateral damage to innocent
employees, stakeholders
• Positive reform agenda
24
UK’s first DPA
• Payment of $6m USD to third party (EGMA) in March 2014
• EGMA’s chairman and a director were government officials
• Intention of inducing government officials
• Placement successful generating fees of $8.4m USD
• Terms of the DPA with the SFO:
o Fine totalling c. $36m USD
o Cooperate with ongoing and future investigations
o Review and upgrade AB&C policies in accordance with independent
recommendations
• DPA means that the bank will not be prosecuted under s.7 of the 2010
Bribery Act for failing to prevent bribery
25
UK’s first DPA - Overarching Takeaways
• Purpose of the Bribery Act
• Extra-territorial reach of the SFO
• The importance of self-reporting
• The importance of a robust internal investigation
• Adequate procedures not a defence
26
Key Compliance Takeaways
• Unclear policies – e.g. Introducer and Consultants policy
• Implementation and assurance is keyPolicies and Procedures
• Involvement of a third party
• Government transaction in a high risk jurisdiction Lack of EDD
• No ABC due diligence undertaken on EGMA
• Appreciation of the due diligence differencesABC due diligence
• Failed to identify a PEP at EGMA
• Therefore failed to implement commensurate controlsPEP identification
• EGMA were classified as high risk, but no explanation why
• Corruption red flags not identified, documented, considered
Identification and documentation
• ABC policies not “reinforced effectively…through communications and/or training”Training
27
Role of the Monitor
• A Monitor’s primary responsibilities are to:
o Assess and monitor internal controls
o Make recommendations for improvements
o Report specific misconduct to the prosecutor
o To report on the satisfaction of the DPA
• Appointed by the prosecuting authority
• Independent - although firm pays expenses of the Monitor
28
Monitor Appointment Process
Firm responsible for shortlisting three
Indicate a preferred candidate
Firms should carefully consider their Monitor selection
29
Monitor Relations and Output
Working with the Monitor
• Obtain an insight into how the Monitor will work
• Foster a relationship
• Consider the practicalities
• Advisory?
Reporting
• Series of interim reports
• Responding to findings
• When does a Monitorship end?
30
Conclusion
• DPAs are here to stay
• Moved into an enforcement era regarding ABC
• The importance of an effective compliance programme
• Joined up financial crime controls