Michael S. Edwards VP & General Counsel - PowerPoint Presentation

Slide1

Michael S. Edwards

VP & General Counsel

AML/CFT Information Sharing – Enabling Financial Inclusion

June 2018

World Council of Credit Unions

Advocacy & Legal Departments

Trade Association

Advocacy

Education & Networking

Resources for Strengthening & Growth

Advocacy & Governmental Affairs

Basel Committee on Banking Supervision

Financial Action Task Force

International Accounting Standards Board

Financial Stability Board

European Union (via the European Network of Credit Unions)

The Monitoring Group

Organisation for Economic Co-operation and Development

International Monetary Fund

World Bank

United Nations

Represent

credit unions worldwide before international standard setters:

Key International Standard Setting Bodies

Financial Action Task Force (FATF) & Caribbean Financial Action Task Force (CFATF)

Basel Committee on Banking Supervision (BCBS) &

the Global Partnership for Financial Inclusion (GPFI)

What is “Financial Inclusion”?

The Financial Action Task Force’s (FATF) definition of “Financial Inclusion”:

“Financial inclusion involves providing access to an adequate range of safe, convenient and affordable financial services to disadvantaged and other vulnerable groups, including low income, rural and undocumented persons, who have been underserved or excluded from the formal financial sector.

“Financial inclusion also involves making a broader range of financial products and services available to individuals who currently only have access to basic financial products.

“Financial inclusion can also be defined as ensuring access to appropriate financial products and services at an affordable cost in a fair and transparent manner.

“For AML/CFT purposes, it is essential that these financial products and services are provided through financial institutions subject to adequate regulation in line with the FATF Recommendations.”

Electronic Payments & Financial Inclusion

Electronic Payments & Financial Inclusion

Electronic Payments & Financial Inclusion:

Providing electronic payments services to members is essential to promoting financial inclusion in today’s financial marketplace (e.g., WOCCU “Field Officer Banking” projects):

Affordable access to electronic payments products is necessary today for nearly all persons to make purchases or send/receive funds to/from relatives and friends (and

FinTechs

also provide them);

Payments services and other mobile banking products are critical to providing services to unserved areas, such as rural districts, where placing a branch office would not be economically sustainable; and

Credit unions using electronic payments and mobile banking to reach underserved individuals have successfully promoted financial inclusion in many jurisdictions because:

Electronic payments give credit unions opportunities to bring in new members and cross-sell them savings products (e.g., savings accounts) and loan products (e.g., agricultural loans, micro-loans), as well as to provide the new members with financial literacy education; and

Electronic payments generate fee income (e.g., interchange fees paid by merchants processing transactions).

Electronic Payments Networks for

Financial Inclusion:

2014 State of the Industry

Financial Action Task Force/

Groupe d'action financière

The Financial Action Task Force (FATF) is based in Paris, France at the headquarters of the Organisation for Economic Co-operation and Development. ↓

FATF Financial Inclusion Guidance

Key Financial Action Task Force (FATF) Guidance on AML/CFT and Financial Inclusion:

Anti-Money Laundering and Terrorist Financing Measures and Financial Inclusion

(November 2017)

Available at:

http://www.fatf-gafi.org/publications/fatfgeneral/documents/financial-inclusion-cdd-2017.html

Alternative ID/Simplified CDD

For Customer Due Diligence (CDD) “a distinction needs to be made between the pure identification and the verification steps. A [Risk-Based Approach] RBA can be introduced to carry out the CDD requirements.”

Alternative ID/Simplified CDD Examples:

Alternative forms of ID for ID verification must be “reliable, independent source documents”, for example:

In Canada, ID can be verified through a sworn statement from any member of the community in good standing who can attest to the identity of the person in question, under Canada’s Access to Basic Banking Services Regulations.

In Mexico, mobile phones can be used as a form of ID (because SIM card ownership is recorded in a government registry).

In the USA, consular documents are acceptable as ID (e.g., a Mexican citizen with a “Matricula Consular” instead of a passport) and ID can also be verified through alternative means such as phone and utility bills, payroll records, tax certificates, etc., under the USA PATRIOT Act.

Alternative ID/Simplified CDD (cont.)

“FATF allows for simplified – though neither an absence nor an exemption from – [Customer Due Diligence] CDD measures where there is a lower risk of [Money Laundering/Terrorist Financing] ML/TF.”

“Simplified CDD standards can be:

“[D]

ecided

at country level, based on risk or

“[A]t financial institution level, the principle remaining that each financial institution must know who customers are, what they do, and whether or not they are likely to be engaged in criminal activity or be conduits for proceeds of crime.”

Ongoing Monitoring and Documentation Requirements

Inferring Account Purpose:

“In an [Risk-Based Approach] RBA it would be acceptable to infer the purpose and intended nature of the business relationship from the type of transaction or business relationship established.”

Ongoing Due Diligence:

“Ongoing due diligence and business relationship monitoring must be performed through manual or electronic scanning. An RBA is allowed, with the degree of monitoring based on the risks associated with a customer, an account, and products or services used.”

Ongoing Monitoring:

“Monitoring to detect unusual, potential suspicious transactions is required, with any actual suspicion leading to the removal of any threshold or exception. Simplified CDD could be mitigated by closer transaction monitoring . . .”

Keep Documents for at Least 5 Years (in electronic form):

“It is required that financial institutions keep at least the information on identification documents for a minimum of five years. Options available are scanning of documents, or keeping electronic copies, or merely recording reference details.”

Key Elements of FATF’s Financial Inclusion Guidance

Suspicious Transaction Reporting: “

An RBA is usually not applicable to suspicious activity reporting. But an RBA could be appropriate for the purpose of identifying suspicious activities. Transactions with vulnerable groups are usually not subject to separate or specific monitoring, but some financial institutions have developed specific indicators to identify suspicious activities.”

Use of Agents for CDD:

“Agents may be permitted, in effect or practice, to perform identification and verification obligations, the prevalent rule being that financial institutions hold the business relationship and are accountable for it, and ultimately liable with respect to agents’ compliance with AML/CFT requirements.

It is recommended to balance regulatory concerns about agents with the financial inclusion objective

.” [Emphasis added]

Financial Inclusion, Electronic Payments & “De-Risking”

“De-Risking”:

When correspondent banks cease to do business with a category of institutions—such as credit unions or money transfer organizations—because the perceived compliance, enforcement and/or reputational risks outweigh the financial benefits of the customer relationship.

Key International Standards Intended to Reduce “De-Risking”:

FATF,

Private Sector Information Sharing

(2017).

FATF,

Correspondent Banking Services

(2016).

Basel Committee on Banking Supervision,

Guidelines: Sound management of risks related to money laundering and financing of terrorism

(2017).

FATF

Private Sector Information Sharing

(2017)

FATF,

Private-Sector Information Sharing

(2017) (

http://www.fatf-gafi.org/fr/publications/recommandationsgafi/documents/guidance-information-sharing.html

)

I) AML/CFT Information Sharing Within the “Financial Group

:”

Meaning of “Financial Group” for Credit Unions:

For credit unions, “Financial Group” will generally be all of the credit union’s branch offices (domestic or foreign) as well as any majority-owned subsidiaries of the credit union, such as a credit union service organization or a bank (domestic or foreign, e.g., Desjardins Bank of Florida).

Prohibition on “Tipping-Off”:

Financial institutions are not allowed to “tip-off” a member/customer that a Suspicious Transaction Report (STR) has been filed.

Sharing within the Group Domestically:

Sharing AML/CFT red flag information within the Financial Group does not usually pose operational challenges

unless

the institution operates in more than one country

and

the laws of one country do no allow sharing AML/CFT with the institution’s offices in another country.

Criteria for AML/CFT Information Sharing Within the Group: “

Financial institutions should determine appropriate criteria for sharing such information for the purpose of group compliance.

This need not be the same criteria as for reporting of STR

. . .

" [emphasis added]

FATF

Private Sector Information Sharing

(2017)

II) AML/CFT Information Sharing Outside the Financial Group

:

In the context of correspondent banking relationships

In the context of Money or Value Transfer Services (MVTS)

In the context of wire transfers

In the context of third party reliance for customer due diligence (such as members recruited through an indirect lending program)

In the context of regulation and supervision of financial institutions

In the context of “Know Your Customer (KYC) Utilities” or Associations (e.g., Australia’s “Banking KYC Utility,” USA PATRIOT Act § 314(b))

Purpose of the FATF Guidance on

Private Sector Information Sharing outside the Financial Group:Help resolve “Red Flags,” especially with respect to electronic payments, using a “Request for Information.”

Improve Customer Due Diligence.

Make it harder for criminals to move to the “bank down the street.”

UN Vienna International Centre, →

HQ of UN Office on Drugs & Crime

FATF

Correspondent Banking Services

(Oct. 2016)

FATF “Interpretive Note” to Reduce “De-Risking” in Correspondent Banking:

FATF,

Correspondent Banking Services

(2016)

(

http://www.fatf-gafi.org/publications/fatfrecommendations/documents/correspondent-banking-services.html

).

No “KYCC:”

“The term [Know Your Customers’ Customers] KYCC has created a lot of confusion. To clarify, the FATF Recommendations do not require financial institutions to conduct customer due diligence on the customers of their customer (i.e., each individual customer).”Monitoring by Correspondent: “In a correspondent banking relationship, the correspondent institution will monitor the respondent institution’s transactions with a view to detecting any changes in the respondent institution’s risk profile or implementation of risk mitigation measures (i.e. compliance with AML/CFT measures and applicable targeted financial sanctions), any unusual activity or transaction on the part of the respondent, or any potential deviations from the agreed terms of the arrangements governing the correspondent relationship.”“Request for Information” (RFI) Protocol: “In practice, where such concerns are detected, the correspondent institution will follow up with the respondent institution by making a request for information (RFI) on any particular transaction(s), possibly leading to more information being requested on a specific customer or customers of the respondent bank. There is no expectation, intention or requirement for the correspondent institution to conduct customer due diligence on its respondent institution’ customers.

”

[emphasis added]

Request for Information (RFI) to Resolve Red Flags

Example RFI Questions

:

Duration of customer “X” relationship with the respondent institution and whether the respondent institution classifies the customer as a high risk customer.

Purpose of the account(s) maintained by customer “X” (business, personal, other).

Details of customer’s “X” parent company and the name(s) of the beneficial owner(s).

Source of the funds of customer “X”.

Consistency between the transactional history in the account profile of customer “X”, and his or her KYC data, or with any other information available to the bank.

Rationale of the transaction between customers “X” and a counterparty.

Nature of the relationship between customers “X” and a counterparty.

Possible affiliation of customers “X” with a third-party.

Additional details regarding the goods/services being exchanged by the customers “X” and third-parties that are not found directly in the payment details of the transaction that may explain it.

If possible, location of customer or third-party as originator/beneficiary and/or,Status of the bank account of customer “X” (opened/closed).See Financial Action Task Force,

Correspondent Banking Services

(2016).

Due Diligence on the Respondent Institution

Due Diligence Prior to Opening Account:

AML/CFT due diligence requirements be met in all cases before the correspondent institution can being providing services to a respondent institution.

Cross-Border Relationships are Higher Risk:

A higher level of due diligence required with cross-border correspondent relationships.

Verification Using Corporate Registries and Other Third-Party Info:

“The correspondent institution should identify and verify the identity of the respondent institution, using reliable, independent source documents, data or information” such as through: “corporate registries, registries maintained by competent authorities on the creation or

licencing

of respondent institutions, registries of beneficial ownership . . .”

CU’s Board Generally Treated as the “Beneficial Owners”:

For a credit union, correspondent institutions typically treat the credit union’s board of directors as the “beneficial owners” for due diligence purposes.

↑ Inside the UN Vienna International

Centre in April 2018 representing

credit unions at a FATF Private

Sector Participation Group meeting

BCBS

Correspondent Banking Annex

(2016)

BCBS,

Guidelines: Sound management of risks related to money laundering and financing of terrorism

(June 2017) (

https://www.bis.org/bcbs/publ/d405.htm

):

No New Correspondent  Banking Requirements from the Basel Committee Beyond those Already Established by the FATF:

The final version of the Basel Committee standard adopted World Council’s request to clearly cross-reference the Financial Action Task Force’s October 2016 guidance on correspondent banking, and the Basel standard also states that it is not intended to set forth any new regulatory requirements that are not already included in the FATF’s standard.  This should help limit regulatory burdens because the Basel standard states expressly that it does not establish any new compliance requirements.

“Request for Information” Protocol to Resolve Payments Red Flags: 

Also as urged by World Council’s comments, the final Basel standard expressly incorporates the FATF’s Request for Information protocol to resolve ambiguities in remittance information and red flags.  This should help standardize the process of resolving AML/CFT red flag.Carveout for Domestic PEPs:  The Basel Committee’s final standard limits the high-risk treatment of Politically Exposed Persons (PEPs) to foreign PEPs only (i.e. those that do not live in the jurisdiction where the credit union is located, even if they are not citizens of the local jurisdiction).

Michael S. Edwards

VP & General Counsel

Thank You

Follow me on Twitter!@WOCCUadvocacy