PROCESSING...

Anti-Money Laundering
Consulting Services & Strategies

0 Items - Total: $0.00 CAD

Sanctions This Week: April 18th-24th, 2016

Outlier3_036

OSFI

On April 20th, 2016, the Office of the Superintendent of Financial Institutions (OSFI) released the United Nations Security Council’s (UNSC’s) Al-Qaida and Taliban regulations update to the sanctions list, adding five individuals.

The individuals are subject to the assets freeze, travel ban and arms embargo set out in paragraph 2 of Security Council resolution 2253 (2015) adopted under Chapter VII of the Charter of the United Nations.  He individuals listed hold the following titles:

  • Head of religious compliance police and a recruiter of foreign terrorist fighters for Islamic State in Iraq and the Levant (ISIL);
  • lead oil and gas division official of Islamic State in Iraq and the Levant (ISIL);
  • Leader of an Indonesia-based organization that has publicly sworn allegiance to Islamic State in Iraq and the Levant (ISIL);
  • Leader and armed groups in Gaza using money to build an ISIL presence in Gaza; and
  • Served as the acting emir of Jemmah Anshorut Tauhid (JAT) since 2014 and has supported Islamic State in Iraq and the Levant (ISIL).

All of these individuals are of different nationalities, but all have connections to ISIL and have been designated as such.

See the update on the United Nations (UN) website.

Go to the OSFI lists page.

OFAC

The U.S. Department of Treasury’s Branch, The Office of Foreign Asset Control (OFAC), released two updates last week.  One update was related to the addition of an individual to the Libya Sanctions list.  The second update was the publication of new Cuba-related Frequently Asked Questions (FAQ), related to the recent changes made to the sanctions that had previously been placed on Cuba.

OFAC administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals.  The sanctions target countries, regimes, terrorists, international narcotics traffickers, the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the U.S.  The changes to the Libya sanctions list included the addition of the Prime Minister and Defense Minister of the National Salvation Government, who has been added due to contributions to the situation in Libya.

See the Cuba-related FAQ update on OFAC’s website.

See the Libya sanction list update on OFAC’s website.

See OFAC’s recent actions page.

Need A Hand?

We would love to hear from you.  If there are subjects in this post that you would like to know more about, or if you need assistance with your compliance program, please contact us.

Sanctions This Week: April 4th-10th, 2016

OSFI

There were no updates released from OSFI this week.

Go to the OSFI lists page.

OFAC

The U.S. Department of Treasury’s Branch, The Office of Foreign Asset Control (OFAC), released two updates to four sanction lists last week.  The lists that were updated include the following:

  • Counter Narcotics Designations;
  • Iraq-related Designations;
  • South Sudan Designations; and
  • Counter Terrorism designations.

OFAC administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals.  The sanctions target countries, regimes, terrorists, international narcotics traffickers, the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the U.S.  The changes to the Counter Narcotics list included the removal of Caesar’s Park Hotel in Lebanon, and updates to numerous related entities and individuals.

See the Counter Narcotics, Iraq-related and South Sudan Designation updates on OFAC’s website.

See the Counter Terrorism update on OFAC’s website.

See OFAC’s recent actions page.

Need A Hand?

We would love to hear from you.  If there are subjects in this post that you would like to know more about, or if you need assistance with your compliance program, please contact us.

Sanctions This Week: March 28th-April 3rd, 2016

 

OSFI

On March 29th, 2016, the Office of the Superintendent of Financial Institutions (OSFI) released the United Nations Security Council’s (UNSC) ISIL (Da’esh) and Al-Qaida sanctions update to the sanctions list, adding a single individual.

The individual is subject to the assets freeze, travel ban and arms embargo set out in paragraph 2 of Security Council resolution 2253 (2015) adopted under Chapter VII of the Charter of the United Nations.  The individual added is Saudi Arabian and holds a Qatari passport.  He is currently residing in Afghanistan and has led an Al-Qaida battalion in Afghanistan since at least mid-2010.Rodney_Money_Clothesline4

See the update on the United Nations (UN) website.

Go to the OSFI lists page.

 

 

OFAC

The U.S. Department of Treasury’s Branch, The Office of Foreign Asset Control (OFAC), released two updates last week.  One was related to the removal of the Highly Enriched Uranium (HEU) Agreement Assets Control Regulations, and the second, was adding three individuals and two entities to the Counter Terrorism Designations Lists.  OFAC also released the 3rd Quarter FY2014 Report for licensing activities undertaken pursuant to the Trade Sanctions Reform and Export Enhancement Act of 2000 (TSRA).

OFAC administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals.  The sanctions target countries, regimes, terrorists, international narcotics traffickers, the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the U.S.  The additions mentioned above, related to the Counter Terrorism Designations update, were included due to the fact both the individuals and entities are linked to Al-Qaida and the Taliban.  They are all Pakistani nationals, with Saudi Arabian ID, and are reported to be currently residing in the UK.

See the Counter-Terrorism update on OFAC’s website.

See OFAC’s recent actions page.

Need A Hand?

We would love to hear from you.  If there are subjects in this post that you would like to know more about, or if you need assistance with your compliance program, please contact us.

Sanctions This Week: March 21-27, 2016

Rodney_Money_Clothesline4OSFI

There were no updates released from OSFI this week.

Go to the OSFI lists page.

OFAC

The U.S. Department of Treasury’s Branch, The Office of Foreign Asset Control (OFAC), released two updates last week, related to the Zimbabwe, Counter-Terrorism and Non-Proliferation Designation Lists.  A total of three individuals and six entities were added to the respective lists.  OFAC also released the publication of Iran-related General License I and related FAQs.

OFAC administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals.  The sanctions target countries, regimes, terrorists, international narcotics traffickers, the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the U.S.  All of the additions mentioned above were related to aviation, the names added were either connected to an avionics regime, or were the entity under which they were operating.  As for the Iran-related updates, in order to allow for more efficient processing of applications under the Statement of Licensing Policy for Activities Related to the Export or Re-export to Iran of Commercial Passenger Aircraft and Related Parts and Services, OFAC has issued General License I: Authorizing Certain Transactions Related to the Negotiation of, and Entry into, Contingent Contracts for Activities Eligible for Authorization Under the Statement of Licensing Policy for Activities Related to the Export or Re-export to Iran of Commercial Passenger Aircraft and Related Parts and Services.  OFAC also updated the Frequently Asked Questions Relating to the Lifting of Certain U.S. Sanctions under JCPOA.

See the Zimbabwe update on OFAC’s website.

See the Counter-Terrorism and Non-Proliferation update on OFAC’s website.

See OFAC’s recent actions page.

Need A Hand?

We would love to hear from you.  If there are subjects in this post that you would like to know more about, or if you need assistance with your compliance program, please contact us.

 

Sanctions This Week: February 29-March 6, 2016

OSFI

On March 2nd, 2016, the Office of the Superintendent of Financial Institutions (OSFI) released the United Nations Security Council’s (UNSC) Al-Qaida and Taliban Regulations (UNAQTR) update to the consolidated list, underscoring recent information updates on 11 individuals and one entity.

The 11 individuals are subject to the assets freeze, travel ban and arms embargo set out in paragraph 2 of Security Council resolution 2253 (2015) adopted under Chapter VII of the Charter of the United Nations.  The individuals all have different nationalities, locations and expertise, but they have been tied to Al-Qaida.  The entity included is a Moroccan-led terrorist organization formed in August 2013, and were last known to be operating in the Syrian Arab Republic.

See the update on the United Nations (UN) website.

Go to the OSFI lists page.

OFAC

The U.S. Department of Treasury’s Branch, The Office of Foreign Asset Control (OFAC), released one update last week, related to North Korea and Non-Proliferation Designation Lists updates.  A total of 11 individuals and five entities were added to both lists.  OFAC also released two updates where information related to two entities was changed.

OFAC administers and enforces economic and trade sanctions based on U.S. foreign policy and national security goals.  The sanctions target countries, regimes, terrorists, international narcotics traffickers, the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the U.S.  The North Korean five entities added are all state-owned entities, who all have North Korean national defense objectives.  The 11 individuals are all high ranking persons within the five organizations.

See the update on OFAC’s website.

See OFAC’s recent actions page.

Need A Hand?

We would love to hear from you.  If there are subjects in this post that you would like to know more about, or if you need assistance with your compliance program, please contact us.

Sanctions This Week: February 22-28, 2016

OSFI

On February 23rd, 2016, the Office of the Superintendent of Financial Institutions (OSFI) released the United Nations Security Council (UNSC) ISIL (Da’esh) and Al-Qaida Sanctions Committee’s update, underscoring recent information updates on five individuals.

The five individuals are subject to the assets freeze, travel ban and arms embargo set out in paragraph 2 of Security Council resolution 2253 (2015) adopted under Chapter VII of the Charter of the United Nations.  All of the updates relate to their most recent known location, 4 of which being, prison.  The final was a ‘last known address’ update for a Tunisian individual, though he was reported as ‘in detention’ in Tunsia, as at December 2009.

See the update on the United Nations (UN) website.

Go to the OSFI lists page.

OFAC

The U.S. Department of Treasury’s Branch, The Office of Foreign Asset Control (OFAC), released two updates last week, but both related to settlement of alleged enforcement actions, or civil penalties related to alleged violations of the Cuban Assets Control Regulations (CACR).  The enforcement actions were on two entities, CGG Services S.A., formerly known as CGGVeritas S.A. (CGG France) and Halliburton Atlantic Limited (HAL) on behalf of itself and its affiliate, Halliburton Overseas Limited (HOL).

See OFAC’s recent actions page.

CGG France has agreed to pay $614,250 USD for numerous alleged violations of Cuban Sanctions, when they exported spare parts and other equipment from the United States to M/V Amadeus while the vessel operated in Cuba’s territorial waters.

See the update on OFAC’s website.

The enforcement actions against HAL were for alleged violations of Cuban Sanctions, by dealing in property in which Cuba, or a Cuban national, had an interest when they exported goods and services in support of oil and gas exploration and drilling activities within the Cabinda Onshore South Block oil concession in Angola. HAL knew, or should have known, they were dealing in property in which Cuba had an interest. HAL issued 19 invoices to the Consortium operator Cupet, a company with headquarters in Angola, related to these goods and services, and HAL primarily performed the services which were invoiced. OFAC determined that the alleged violations were voluntarily self-disclosed and constituted a non-egregious case. The total transaction value of the alleged violations was $1,189,752 USD. The statutory maximum civil monetary penalty for the alleged violations was $1,235,000 USD and the base penalty amount for the alleged violations was $423,202 USD.  HAL has agreed to pay $304,706 USD.

See the update on OFAC’s website.

Need A Hand?

We would love to hear from you.  If there are subjects in this post that you would like to know more about, or if you need assistance with your compliance program, please contact us.

AML “Clearance Certificates” are a Scam

If you’ve received an email, letter or call telling you that a larger than usual sum of money is headed your way, but before it can be delivered to your bank, you are required to get a clearance certificate, you are being set up for a scam.

SCAM

The Setup

The scam goes by many names, but the setup is almost always the same…

Step 1: The Sexy Promise

The scammers need you to want to talk to them. To pique your interest, they’ll promise something that they think you will want. In most cases, it’s not a crazy sum of money that will be sent to you – most people would immediately recognize that as a scam. Instead, it will be a reasonable sum that is nonetheless attractive for your business.

In the most sickening cases that we’ve seen, the scammers have focused on charities by posing as potential donors. Outlier has even received a request for a clearance certificate from a “prospective client overseas.”

Step 2: The Legitimate Power

The scammers will claim that the certificate is being requested by a legitimate organization. Some of the scams that we’ve seen have said that certificates are required by:

  • Financial Transactions and Reports Analysis Centre of Canada (FINTRAC),
  • Financial Crimes Enforcement Network (FinCEN),
  • Office of the Currency Controller (OCC).
  • Securities Exchange Commission (SEC),
  • S. Department of Homeland Security,
  • International Monetary Fund (IMF), and
  • Financial Action Task Force (FATF).

None of these agencies issue, require, or have any other involvement with clearance certificates. In fact, if you call any of these agencies to ask about clearance certificates, they will tell you that you are likely the victim of a scam.

Step 3: The Real Threat

The type of “clearance certificate” that the scammers will ask for varies, but it’s usually something that most businesses have at least read about in the news, like “anti-money laundering” or “anti-terrorism.” It’s always something that sounds like it could be a real threat, although definitely not the type of threat that you would pose. Sometimes the requests will be phrased in a way that’s meant to make you feel a little bit indignant (“Why would this person think I’m a money launderer or a terrorist?!?)…

This is all part of the scam. If you’re emotional, you may not be thinking clearly, and it helps the scammer to build rapport with the victim. The scammer may offer consolations like, “Of course, I know that you’re not a criminal, but according to the * insert the authority from step 2 here * we must take these precautions…”

Step 4: Solving the Problem

The scammer is trying to collect as much information (especially financial information) as possible. The scammer will ask for your details directly (all for the purpose of obtaining the certificate, of course) or helpfully suggest a site for a “company” that can help you get your certificate.

Generally, this site requires a credit card payment (these may range from a few hundred to several thousand dollars). In more sophisticated scams, the site’s fine print states that the certificates are “not authorized by any government or international body” and that there are absolutely no refunds. This means that even if the victim reports the scam to their credit card company, they may not be able to issue a refund.

Step 5: Profit

At this stage, the scammers have the victim’s banking and/or credit card information. They may use this to conduct transactions (like draining the bank account or paying for things with the credit card), or simply sell the information on the dark web to other scammers.

Don’t Get Caught Up

It can be hard to believe that someone that you’ve been corresponding with, someone that seems like they could be good for business, is really just a scammer. It’s difficult, and embarrassing – but the sooner you exit the situation, the better off you are.

While you should report the incident (more about that below), it can be dangerous to attempt to bait the scammer to get more information about them (and the information that they provide is likely to be false in any case). Do collect as much information from your existing correspondence with the scammer (including screen captures and/or links to any websites that the scammer has provided you with), as these will be helpful in reporting the scam.

But if You Did, Protect Yourself

If you have already provided some, or all, of your financial details, it’s in your best interest to act quickly.   Contact your financial institution(s) and let them know what’s happened. They will be able to close your existing accounts, issue new accounts and review your recent transaction history with you.

Report It

At any point, you can report the scam to the Canadian Anti-Fraud Centre either online or by phone (1-888-495-8501).

Need A Hand?

While Outlier is not a law enforcement or investigative agency, we do conduct staff training sessions, including training related to common scams and how to recognize them. You can get in touch with us at info@outliercanada.com or by using the online form.

Above And Beyond What?

It seems that every time I’m at a conference or event related to compliance, I hear people talking about going “above and beyond” the requirements. Something about this statement has always seemed wrong to me. It wasn’t until recently that I understood why: most of us aren’t getting the basics right.

FINTRAC Examination Data

 

Most Of Us Are Failing At The Basics

This is not an indictment of Compliance Officers and the tremendous effort that goes into compliance. It’s a simple statistical fact.

We crunched some numbers by industry for anti-money laundering (AML) compliance in Canada based on information obtained from the regulator through an access to information request in 2014. The rate of examinations for which there were no deficiencies (across all reporting entity types) was 17 percent. While we congratulate the savvy few that met this bar, that leaves 83 percent of reporting entities that failed to meet the basic requirements in some way.

While these results are specific to examinations conducted by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), it’s not unreasonable to assume that the results can be generalized to compliance more broadly.

Shift The Focus

Before anyone can go “above and beyond” the fundamentals should be solid. One of the most painful reviews (like an audit for compliance) that I’ve conducted was a classic case of going above and beyond while completely missing the mark on baseline compliance. The reporting entity had great technology and related risk ranking metrics. The methods that they used to understand customer behavior involved machine learning and geo-location data at each login, analyzed over time. It was a great risk management strategy, except that they hadn’t identified a single customer in accordance with the law. Not a single one…

Ironically, in working to design measures that went beyond the basic compliance requirements, they found themselves so far outside of what was allowable under the law that had an examination been conducted by a regulator at the time, they could have been facing a very hefty penalty (as was the case for Ripple Labs in the USA).

Rework

Consequently, they spent a good deal of time and money updating their systems and identifying customers. In some cases, customers were lost. The (re)identification process was frustrating for people that believed that they had already completed everything that was needful in order to transact freely. There were updates to process documents and IT systems that took place over the course of months, and a good deal of frustration at the rework involved.

A competent third party or in house expert can be useful in assisting with system and process design, provided that they are able to understand your business model, basic compliance requirements and how to achieve these in the most elegant way possible.

Keep It Simple (Seriously)

At a recent conference, I was listening to a speaker whom I consider a model for what not to do, both functionally and ethically. As he sweepingly gestured towards an overly complex chart, he stared into the blank faces of his audience and proclaimed “It’s ok if you don’t get it. That’s not the point. The point is that I should look impressive. Are you impressed?” I was not.

Which model fits your needs?

Which model fits your needs?

Remember that the people that are usually fulfilling your compliance requirements are your frontline staff. Would they be able to use the model to the left to risk rank your customers?

While it can be tempting to create complex rating systems, it’s important to understand that your compliance program should be functional. If the system that you’ve created is too complex for your staff to understand and adhere to, it will fail. Whether you’re hiring someone external or creating your program in-house, remember to keep it as simple and easy to follow as possible.

Ask, Check, Test

One of the many arguments that I’ve heard for going above and beyond is that this is helpful when dealing with regulators and banking service providers. While I agree that this can certainly be the case, it’s a moot point if the basic requirements are not met.

In my experience, both regulators and bankers are candid – when asked – about where their expectations are set. There is no real appetite on the part of either to create a set of secret standards related to going above and beyond. From a practical perspective, this means that reporting entities should be focused on understanding the basic requirements, and seeking clarification as needed.

Effectiveness reviews can also be a useful tool in this regard, provided that the reviewer or auditor is well versed in local compliance requirements. Similarly, internal testing should be geared towards baseline requirements to ensure that these are being met.

Opportunities & Innovation

Going above and beyond for its own sake (in terms of compliance) is neither required, nor particularly good business.

This is not to say that reporting entities should avoid innovation. Rather, these efforts should be focused and prioritized on finding the most cost-effective and efficient ways to meet baseline compliance requirements, and mitigating risk.

Changing compliance legislation can also provide opportunities for innovation, in particular where there are public consultations. This type of dialogue with lawmakers allows stakeholders to suggest alternatives that may mitigate risk in new and innovative ways. It provides an opportunity to showcase new technologies and processes that solve common compliance problems with greater efficiency (although they may not fit into the current regulatory paradigm).

Need A Hand?

We believe that good compliance is good business. If you have questions, please feel free to contact us.

Proposed PCMLTFR Updates

Screen Shot 2015-07-08 at 4.03.31 AM

We’ve created a marked-up version of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLTFR) that reflects the draft amendments posted in the Canada Gazette on July 4th, 2015.

Here’s a printable and downloadable PDF file: PCMLTFR Mark-Up (July 4, 2015 Draft Amendments)

If you would like a copy of the file in Microsoft Word, please contact us.

Need A Hand?

At Outlier, we believe that it is important to participate in decisions that affect you and your business.  If you would like someone to look over your submission before you make comments to the Department of Finance, you can get in touch with us free of charge.  We will look over your submission and make suggestions, without any cost to you.  If you need a hand, please feel free to contact us.

Suspicious Transaction Reporting in 2015

Preparing for a FINTRAC examination

At the Canadian Institute’s 14th Annual AML Forum, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) reviewed its expectations for suspicious transaction reporting. FINTRAC emphasized that suspicious transaction reports (STRs) are vital to the agency’s mandate as Canada’s financial intelligence unit (FIU) and ongoing collaboration with law enforcement agencies. While reporting entities (REs) in Canada have been required to report transactions for quite a few years, we’ve had many questions from REs about what FINTRAC expects and looks for in examinations. FINTRAC’s most recent guidance is useful in tuning your technology, enhancing your processes, and asking the right questions at industry association meetings.

What is FINTRAC Looking for in STRs?

When FINTRAC conducts compliance examinations, they will be applying three tests to STR data, including:

  1. Entity Practitioner: FINTRAC will look for transactions that are similar to those involved in STRs that you have reported. If there are similar transactions or transaction patterns that have not been reported to FINTRAC, there should be an explanation for the difference. Where possible, this explanation should be documented.
  2. Sector Practitioner: FINTRAC will compare the number and type of STRs submitted by similar entities. The size and type of business are taken into consideration.
  3. Reasonable Practitioner: FINTRAC will analyze a sample of reported STRs and unreported transactions against relevant guidance. In this case, relevant guidance means the suspicious transaction indicators from FINTRAC’s Guideline 2 that are applicable to your business.

These are terms that we’re likely to hear more about over the coming months, and there are compliance program adjustments (most of them relatively simple) that can be made to ensure that you’re meeting this standard.

Tune Your Technology

Amber looking at laptop FINTRAC screen

Most REs use software solutions to detect potentially suspicious transactions. Almost all transaction monitoring software uses some type of rules-based system to determine when alerts should be generated. These rules should, at minimum, reflect the indicators that are applicable to your business. Not all of the indicators from FINTRAC’s Guideline 2 will be applicable to your business. Where possible, you should document the decisions that you make about your transaction monitoring rules, including the rationale for those decisions.

The most sophisticated software platforms have machine learning functions. These can take the decisions that have been made about previous alerts and use this information to refine how the program works. For example, if a particular pattern of transactions was deemed to be suspicious, the program may look for similar patterns.

If you’re not using software that does this on its own, don’t panic. You can review the STRs that you’ve submitted to FINTRAC to determine whether your transaction monitoring rules are tuned to reflect the types of money laundering and terrorist financing threats that you’ve previously encountered. This should be done on a regular basis (for example, as part of your Risk Assessment updates). If you have an STR that is related to a pattern that you don’t have a rule to cover, you may want to do this sooner, rather than waiting for the next scheduled update.

Train Your Staff

Training

Over the years, I’ve heard many Compliance Officers express frustration about not knowing whether or not STR data has been useful to FINTRAC or law enforcement. To close this gap, I’ve looked for articles and speakers from FINTRAC and law enforcement that could provide meaningful information about the type of information that is most useful. The same principle applies to your staff.

You can use existing cases (you’ll want to remove any personal information for training purposes) to demonstrate the type of transactions that you want your staff to escalate to compliance for review. Existing cases from the media, and end to end cases provided by training companies like TAMLO, are also excellent resources. Keeping your annual training fresh is a challenge, and using your STRs as cases is one way to do that, while also meeting FINTRAC’s expectations.

Refine Your Audits & Effectiveness Reviews

AML Compliance Effectiveness Review

Are your auditors and/or reviewers using the same tests that FINTRAC is using to assess your compliance? If you’re not certain, ask.

If you perform self-assessment testing, you may want to include these tests as well.

As of 2015, all AML Compliance Effectiveness Reviews performed by Outlier will use these three key tests to assess STR data.

Ask Your Industry & Working Groups for More

Hanshake

Most REs have excellent industry associations and working groups such as the Canadian Banker’s Association (CBA), Canadian MSB Association (CMSBA) or the Canadian Jewellers Association (CJA). These groups are excellent resources and can help you understand STR trends across your industry. If you’re not a member, you may still be able to attend regular conferences or events.

Need A Hand?

We would love to hear from you. If there are topics that you would like to know more about, or if you need assistance with your compliance program, please contact us.

Return to Blog Listing