No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

The Trouble with Weak AML & CFT Compliance Programs

The Real Cost of Noncompliance, Part 1

by Timur Mussin
December 1, 2020
in Featured, Financial Services
illustration of businessman sitting on leaky piggy bank

Timur Mussin, CCO at ForteBank, discusses the importance of a strong ethics and compliance program and explores some of the chief reasons to develop a culture of compliance.

Once upon a time, financial organizations functioned without a compliance control system; functions similar to parts of compliance were carried out by full-time lawyers, internal auditors or other employees, and that was considered enough. But as realities changed, organizations faced new challenges. In response, compliance officers and other units responsible for compliance control issues began to appear in many organizations.

Depending on the specifics of the work, size or location of the organization, the compliance “vision” varies. Various international standards – such as the recommendations of the Basel Committee on Banking Supervision, ISO 19600 for banks’ and financial organizations’ compliance management systems, the Occupational Safety and Health Act (OSHA) for employee safety, the Bank Secrecy Act (BSA) or General Data Protection Regulation (GDPR) for bank secrecy and data protection respectively and others – help to form a unified vision of how compliance should look and what it should do, taking into account the activities of the organization. Different jurisdictions rely on such standards and in some part supplement them with legislative acts relevant or specific to a particular country.

A system that adequately takes into account the current market situation, strategy, size and complexity of company operations is vital for the effective management of compliance issues.

In some countries and organizations, the attitude toward compliance control can vary from relatively neutral to extremely negative due to the fact that the implementation of a compliance control system requires certain costs (salaries, special software, etc.). Fortunately, the number of professionals who take a negative attitude toward compliance control is fewer every day.

Scandals and investigations shocking the financial market show how negatively the gaps and shortcomings in a compliance control system can affect an organization’s activities. The result may not only be financial or reputational losses, but also the closure of the business or the opening of criminal cases against its employees. The task of compliance is to prevent or minimize these threats and events. This is even more relevant given the current situation with COVID-19 in the world.

Let’s look at situations when compliance – including the responsible employee or unit and the system built by them – was not properly managed or was completely absent. It is worth noting that this list applies only to those areas where compliance control is objectively needed, and it is potentially far from exhaustive for organizations working without a compliance control.

An Ineffective Compliance Risk Management System

Whether in financial, mining, pharmaceutical or other industries, the organization’s activities are usually governed by various legislative requirements, which are closely monitored by regulators. Ever since the Babylonian law of Hammurabi, the perpetrator of a crime was punished; in our time, violations of the law result in punishment in the form of fines or other penalties by the regulator.

An important task of the compliance risk management system is identification of threats and compliance risk, as well as coordinating how to effectively address them. Thus, organizations are struggling with single violations and systemic limitations from within. An assessment of the organization’s level of exposure to compliance risk allows us to understand the significance of its existing deficiencies and violations. Lack of visibility into the organization’s current risk situation and its exposure to compliance risk can adversely affect the organization’s decisions – to its own detriment.

Compliance costs increase as the regulation standards in the industry increase and as the company expands globally. Compliance costs are also rising for businesses as more stringent measures are being implemented to prevent fraud, money laundering, terrorism financing, loss of data privacy, etc.

The lack of a compliance risk management system leaves the organization defenseless in matters of compliance, leaving the organization with a heavy price to pay. Market analyses show that the amount spent on implementing and maintaining a compliance control system is many times lower than possible fines.

Take, for example, when Google was charged a massive fine of $2.7 billion in 2017 for manipulating search results and violating antitrust laws. You may also recall when VimpelCom was fined $795 million for violating FCPA requirements in the process of conducting business in Uzbekistan. After these events, the company pledged to introduce “rigorous internal controls” to prevent a recurrence of the situation.

Many companies have long recognized the need to create reliable risk management and internal control systems, and they employ the appropriate employees (the so-called compliance officers) responsible for managing compliance risk effectively.

Organizations should pay considerable attention to the compliance risk management system, including appointing responsible persons or units and allocating the resources necessary for them to solve problems and promote compliance.

In turn, compliance officers should keep the system in working condition, including implementing tools to identify violations and systemic shortcomings in the organization’s activities, as well as building an effective system of interaction with the organization’s management to take timely preventive or corrective measures.

It is important that compliance officers constantly develop and learn so as to be prepared for new challenges and trends (laws and technologies), as well as to continually improve the system.

A Lack of a Compliance and Ethics Culture

As a rule, what is not prohibited in the organization is allowed.

The lack of processes for familiarizing employees with the basic requirements of internal documents or legislation can lead to negative consequences for the organization.

The creation of a compliance and ethics culture is an important element of the compliance control system; it helps prevent or minimize violations committed by employees in the course of their activities. A compliance and ethics culture is part of the corporate culture and aims to ensure that there is no ignorance of the requirements among employees.

The lack of a compliance culture – coupled with the lack of clear distinctions in the functionality of employees – can adversely affect the organization’s processes, reducing their quality and efficiency.

It is worth recalling the situation with FIFA when it became known that the organization was suffering from institutional corruption. Subsequently, a series of charges were brought against FIFA leadership for receiving millions of dollars in bribes.

Compliance culture is understood as a behavior model introduced and/or acquired by an organization in the process of implementing the requirements of applicable laws and internal documents in order to observe them, with the commitment to doing so shared by all employees. At the same time, ethics is a combination of ethical principles and norms of business communication, which all employees of the bank and its subsidiaries (if any) are obliged to follow in their activities. As part of the implementation, compliance officers should do the following:

  • develop a usable and affordable code of conduct that will be a high standard for all employees, starting with top-level management;
  • ensure regular education and training for new employees, enabling the employee to understand the organization’s high standards;
  • provide attention to this issue from senior management. In this case, the tone from the top is intended to show leadership’s commitment to compliance and ethics culture issues;
  • provide rights, guarantees and motivation to employees (potential whistleblowers), who may subsequently become an important source of information about possible violations and deficiencies.

The above will keep employees from being afraid to report violations and internal injustice, and it will also help to promptly reveal shortcomings and violations so that they may be eliminated in a timely manner and so that consequences can be minimized. It is important to create a culture that recognizes that saying nothing means being an accomplice.

Becoming a “Laundromat”

Issues pertaining to anti-money laundering/combating the financing of terrorism (AML/CFT) are extremely important for countries’ further development. The events of the beginning of the 21st century marked the beginning of global efforts to counter and prevent such criminal phenomena as money laundering and the financing of terrorism. International organizations and lawmakers from various countries have been tightening their policies on AML/CFT issues.

If at the dawn of the fight against money laundering, it was enough for a financial institution to establish fairly simple procedures, with the process of financial monitoring mainly carried out manually, then the development of high technologies dictates its own conditions.

The financial market needs new tools; therefore, the market is in a stage of active growth. Unfortunately, new products (services) are of interest not only to customers, but also to individuals whose activities do not always comply with the law. Thus, the modern AML/CFT system should also change.

The absence of effective processes can introduce criminals to the organization’s client base – and with that, all the ensuing negative consequences, including the organization becoming part of “the laundromat.” The same applies to counterparties of the organization.

These requirements do not always take into account the organization’s resources and the volume of its operations; accordingly, the most important task for the organization itself is the maximum digitalization of AML/CFT issues.

Without a sufficient level of automation, the effectiveness of the AML/CFT system may be hampered by ineffective controls, a lack of operational information and excessive resources for technical work.

Accordingly, the creation of an automated system that works with big data is necessary to analyze customers and their operations, and constant monitoring is key to the ensure the AML/CFT system is operating effectively. AML/CFT processes should be periodically evaluated to identify and eliminate deficiencies and to identify opportunities for further improvement.

In turn, AML/CFT specialists will be able to focus more on analytics and better analysis and identification of suspicious clients and transactions.

AML/CFT is a constant struggle. In this struggle, the organization should have a good “weapon” in the form of an effective compliance control unit armed with sufficient resources and powers to carry out its tasks.

In another case…

According to open sources, the total global amount of fines in terms of AML/CFT for 2019 amounted to more than $8 billion, most of which came to the United States and Europe. The AML/CFT requirements are very stringent. The multimillion-dollar fines shaking the U.S. and EU financial sector are a great example. In world practice, such fines can reach hundreds of millions of dollars and threaten a financial institution’s licensure.

In 2017, fines totaling $200 million were imposed on Deutsche Bank for the lack of customer due diligence. And in 2018, Danske Bank was embroiled in a major money-laundering scandal in its Estonian branch. This scandal has become one of the largest in Europe and entailed large financial and reputation losses.

Read further in Part 2.


Tags: AML
Previous Post

Fintech Pressure on Internal Audit

Next Post

10 Takeaways from the SEC’s Mutual Fund Derivatives Rule

Timur Mussin

Timur Mussin

Timur Mussin is CCO of ForteBank JSC. He is an expert in ethics, compliance, AML/CTF and fintech. Timur is a speaker and author of more than 100 articles on compliance and fintech aimed at popularizing and improving these issues. He can be reached on LinkedIn at www.linkedin.com/in/faceman.

Related Posts

Phaxis 100 dollars

AML & KYC: Addressing Key Challenges for 2023 and Beyond

by Alex Roberto
March 16, 2023

(Sponsored) In today’s world, financial criminals are often a step ahead of regulators and financial institutions who struggle to effectively...

Paul Weiss Economic Sanctions and AML Developments 2022_f

Economic Sanctions and AML Developments

by Corporate Compliance Insights
March 15, 2023

Sanctions start high and stay high 2022 Year in Review Economic Sanctions and AML Developments What’s in this report from...

money laundering concept

It Takes a Village: Preventing FinCrime Means Everybody Needs Skin in the Game

by Samar Pratt
March 15, 2023

Banks bear the brunt of consequences for financial crimes amid a huge increase in anti-money laundering fines in 2022, making...

russia sanctions

Why Russian Sanctions Require Compliance Teams to Take a Fresh Look at KYC Procedures

by Rory Doyle
February 15, 2023

The Russian invasion of Ukraine continues with no signs of a resolution, and along with the protracted conflict, the U.S....

Next Post
10 Takeaways from the SEC’s Mutual Fund Derivatives Rule

10 Takeaways from the SEC’s Mutual Fund Derivatives Rule

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT