Post on 08-Jul-2020
transcript
The Financial and
Risk business of
Thomson Reuters
is now Refinitiv.
Governance, Risk & Compliance
Developments in the fight against
Money Laundering & Financing of Terrorism
2
Agenda
08:00 Welcome coffee and Registration
09:00 Welcome note from Qatar Chamber & Refinitiv
09:15 Governance, Risk and Compliance – Context, Trends and Challenges
10:00 Proven good practices in KYC, Due Diligence and sanctions screening processing
10:30 Coffee break and networking
10:45 Business conduct, Ethical Business & Anti-Bribery /Anti- Corruption Program
11:00 Compliance Culture, compliance training and e-learning for Qatar Chamber
11:30 Overview of Qatar 2020 MENA-FATF Mutual evaluation approach
12:30 De-Risking and Financial Inclusion – The revolution of Digital financial services
1:30 Q&A Session followed by Lunch
3
REUTERS NEWS
REFINITIV
Financial Risk
RISK - GRCTools and services to help comply with Regulations & provide Best practices in Corporate Governance
FINANCIALComprehensive information solutionsfor financial market
professionals
Tools and services
for corporate counsel
legal research and
cost management
Leading solutions to
simplify tax
compliance and
optimize global trade
TRADE EXECUTIONTREASURY
MARKET INTELLIGENCE
COMPLIANCESANCTION
SCREENING ABC Program
LEGAL RESEARCHLEGAL BILLING &
MANAGEMENT
TAX COMPLIANCETAX & REPORTING
The Financial & Risk Business of Thomson Reuters is now
Thomson Reuters
Legal Tax
45%
55%
4
+ 300 Regulators + 50,000 external /
internal legal
+ 60,000
Compliance &
AML/CFT Officers
Thousands of
Risk & Audit
Specialists
Serving the GRC Business Community worldwide
6
Correspondent Banking Relationships (CBR): i.e. a bank is obliged to have a USD CCY
account in a US Bank if they want to trade in Dollar (In European Country to trade in Euro).
REGULATORBODY
Singapore
QNBCHF
CAD
JPY
Morocco
EURO
US $
GBP
USD
Correspondent
Bank
GBP Correspondent
Bank
EURO Correspondent
Bank
US Regulator
FSA
EU
7
MTO
Brokerages Insurances
Real-Estate
CBR’s
BANKS
AML / CFT Reputation Risk is a major Cascading Systemic Risk for non financial sector
Impact Impact
Impact Impact Impact
Impact
Re-Insurances
8 8
History – Foundation events
1. 9/11 & US Patriot Act
2. Financial Crisis 2008
9
Finance Risk versus Regulatory / Reputation Risk
10
Customer & Counterpart
y Risks
SanctionsScreening
e-learning
Compliance Learning
AML TMS
TRADE ABUSE
KYC SCORING
Payments Filtering
Payments TMS
KYC On-Boarding
Reputation / Regulatory Risk versus Financial Risk
11
FINANCIALRISK
AUDIT
e-learning
e-Learning
FRAUD
INTERNALCONTROL
OPS RISK
BUSINESSContinuity
BASEL II / BASEL III
Model Risk Mgt
Enterprise Risk Management – Financial Risk
12
AML / CFT Supervision / Control levels
13 13
History – 2 Level of Supervisions - Controls
1. Finance Institutions Levels – Correspondent Banking
2. Country Level – FATF Mutual Evaluation
14
What is FATF
The Financial Action Task Force is an inter-governmental body, which was
established in 1989. Its task is to ensure effective implementation of legal,
regulatory and operational measures to combat money laundering, terrorist
financing.
A policy-making body, FATF works to generate the necessary political will to
bring about national legislative and regulatory reforms in the area of AML/CFT.
FATF also monitors the progress of its members in implementing necessary
measures.• Regional sub-group APG (Asia-Pacific Group)
15
FATF & MENA-FATF Overview
▪ The Egmont Group is a united body of 159 Financial Intelligence Units (FIUs). The Egmont Group
provides a platform for the secure exchange of expertise and financial intelligence to combat money
laundering and terrorist financing (ML/TF). This is especially relevant as FIUs are uniquely positioned
to cooperate and support national and international efforts to counter terrorist financing and are the
trusted gateway for sharing financial information domestically and internationally in accordance with
global Anti Money Laundering and Counter Financing of Terrorism (AML/CFT) standards.
16
FATF High-risk and other monitored jurisdictions
Bahamas – Botswana – Cambodia – Ethiopia – Ghana – Pakistan – Panama – Sri Lanka – Syria -
Trinidad & Tobago – Tunisia – Yemen - North Korea – Iran.
1. Asia/Pacific Group on Money Laundering (APG)
2. Caribbean Financial Action Task Force (CFATF)
3. Eastern and Southern Africa Anti-Money Laundering Group (ESAAMLG)
4. Eurasian Group (EAG)
5. Council of Europe Select Committee of Experts on the Evaluation of AML Measures (MONEYVAL)
6. FTAF of Latin America (GAFILAT), formerly (GAFISUD)
7. Inter-Governmental Action Group against Money Laundering in West Africa (GIABA)
8. Middle East and North Africa Financial Action Task Force (MENAFATF)]
FATF Regional organizations
17
Financial Crime & Risk Compliance Challenges
18
Two main requirements:
1- Due Diligence & Know Your Customers
– Detection / Screening / Checking of known entities based on sanctions
lists OFAC, EC, UN, UK, PEP, etc.:
2- Detection of fraudulent transactions based on customer
behavior & transactions patterns – AML Transactions
Monitoring (including Trade surveillance & market abuse)
AML requirements
Known Entities
Unknown
Entities
19
Official Public Site versus Private Sanction / Regulatory lists +PEP
CB
CMA
UN
OFAC
ECUK
CB CBCB
Compliance Officer
20
Muhammad DAUD
Mohamad DAWUD
Muhammed DAHOUD
Mohamed DAOUD
Mhamad DAOOD
Muhamad DAWOOD
Name spelling detection issue
WC One
21
Muhammad Ibrahim DAUD
Mohamad Al Ibrahim DAWUD
Muhammed I. DAHOUD
Mohamed Eibrahim DAOUD
Mhamad Brahim DAOD
Muhamad Ebrahim DAWOOD
Filtrage
Names spelling & detection issue
22
KYC?Entity Check ? Due Diligence?
Payments
KYC
Sanction Screening AML CDD
Today most of organizations have some “AML” compliance processes, their existence is Not
the issue, their EFFECTIVENESS IS
EFFECTIVENESS IS THE MAIN FOCUS OF FATF MUTUAL EVALUATION
23
Sanctions and type of Sanctions
24
Five type of Sanctions & Blacklists
Sanctions
• Coverage of global sanctions
• 250+ sanctions lists covered
• 100% coverage of explicitsanctions
• Examples: OFAC, UN, DFAT, UKHMT, CANS
Law Enforcement
• Entities and individuals wanted, investigated or arrested by an official law enforcement body
• Examples: Interpol, FBI, SFO, CBBI
Regulatory Enforcement
• Individuals or entities against whom official regulatory administrative action has been taken
• World-Check crimes & related statutory offenses
PEPs,
• Coverage of politically exposed persons to the FATF & Wolfsbergstandards
• Includes primary PEPs and Relatives & Close Associates
• Flex to cover local PEP definitions where they exist
• State Owned Enterprises
• Sub-categorized
Negative media
• Individuals or entities reliably reported to be questioned,
25
US relevant Sanctions
UN relevant Sanctions
• Iran relevant Sanctions
• North Korea relevant Sanctions
• Venezuela Sectoral Sanctions
26
Not only applies to the individual / entity listed (explicit sanctions) also applies to an entity
not sanctioned by name or appearing on a blocked or restricted entity list but covered by a
narrative statement.
Where a national or international “sanctions”* listing states that –
• Export or Trade Embargoes
• Financial Restrictions or Economic sanctions
• Asset freezes
• Investment bans
*e.g.
Narrative Sanctions – 50 % Rule - Implicit versus explicit sanctions
27
Public Sanctions lists versus Private data such as World-Check
28
Categories in Sanction Lists
✓Terrorism / Terror Financing
✓Money Laundering
✓Aircraft Hijacking / Aviation Crimes
✓Narcotics Trafficking
✓Organized Crime
✓Arms Trafficking
✓Bribery & Corruption
✓Counterfeiting and Piracy of products
✓Currency counterfeiting
✓Cybercrime / Hacking / Phishing
✓Environmental Crimes
✓Extortion
✓Falsifying information on official documents
✓Forgery
✓Fraud / Embezzlement / Theft / Cheating
✓Tax evasion / Tax fraud
✓Hostage Taking / Kidnapping
✓Human Trafficking
✓Illicit trafficking in stolen and other goods
✓Migrant Smuggling / Slave Labour
✓Sexual Exploitation of Children
✓Pharmaceutical Product trafficking / Fake
medicines
✓Piracy (sea)
✓Price fixing / Illegal cartel / Anti-trust violations
✓Racketeering
✓Robbery (only high value)
✓Insider Trading & Market Manipulation
✓Securities Fraud
✓Smuggling (customs )
✓War Crimes
✓Politically Exposed People
✓Vessels Directory
✓Negative Media
29
CB
CMA
UN
OFAC
ECUK
CB CBMGA
Compliance
Officer
More than 300 blacklists issued by different internationals bodies & regulators that
have different categories, data overlapping & duplicated targeting different sanctions
Links and Networks part of Private sanctions database
30
Link
Associates Link
Sanctioned Relationship
Business Relationship
Entity Checked
Hidden Links and Intelligence for Private Sanctions Databases
31
Front Men
Advisors
AssociatesFamily
??
??
PEP’s - Politically Exposed Persons
32
Know your levels – filtering = screening to RBA
Regional OrganizationsPEP RO PEP RO-R PEP RO-A
National GovernmentPEP N PEP N-R PEP N-A
Sub-National GovernmentPEP SN PEP SN-R PEP SN-A
Local GovernmentPEP L PEP L-R PEP L-A
Non-GovernmentPEP NG PEP NG-R PEP NG-A
International OrganizationsPEP IO PEP IO-R PEP IO-A
PRIMARY PEP
IMMEDIATE RELATIVES
CLOSE ASSOCIATIVES
33
• There is no single definition of what a PEP
is:
– What positions?
– What level of seniority?
– For how long after they leave office?
– Domestic and foreign? Or only foreign?
• Default World-Check PEP inclusion
criteria follows FATF and Wolfsberg,
but many countries also have their
own definitions and legislation on
PEP monitoring.
PEP Sub-categorisation
PEP filtering by seniority and location
and by PEP sub-categories
34
CB
CMA
UN
OFAC
ECUK
CB CBMGA
Profiles
PEP
World-Check - Consolidated, de-duplicated, structured, standardized &
normalized data organized as unique profile to be access through smart API
WORLD-CHECK
Consolidated
Lists
35
Private Sanction Lists vs Public Official lists…
1. Used by 100 % of Correspondent Banks and majority of FUI / Regulators
2. A Highly Structured Sanctions related Information Categorization
3. Normalized & Standard Categorizations of International Lists (OFAC, UN, EU, UK, etc..)
4. With secondary Identifiers
5. De-duplicated single profile - reduce workloads false positive by 50%
6. Updated daily
7. Easy to download
8. Easy to access through Friendly Investigation tools
36
Sanctioned Names in Native language to reduce the volume of false positive
简体中文
繁體中文
Pyccĸий
العربية
Српски日本語
فارسی
ภาษาไทย
עברית
Ελληνικά
한국어 Tiêng Viêt
Українська
ქართული ენა
Български
Lietuviškai azərbaycan
Tϋrkçe
සංහල
čeština
Hrvatski
Română
БеларускаяSlovenčina
Հայերեն
босанскиLatviešu
Slovenščina
polski
Dholuo
Magyar
suomi
Français
Македонски
Eesti
اردو
Қазақ
ह िदी
Vessels Check
38
Screened Vessel: ‘Mercedes’
Matches with ‘ABYAN’ ranked the highest
IMO Number Ship Status Vessel Type Unique Call Sign Additional Identifiers
The Financial and
Risk business of
Thomson Reuters
is now Refinitiv.
MEDIA CHECK
40
3
• Takes days before the first pass of client engagement
• Want to turn prospects into clients quicker
Customer and third-party risk screening challenges
• 90%+ of the prospect names result in no matches
• Small compliance team compared to number of sales people and products offered
• Systems used for checking the prospects is disconnected from CRM
• Use various sources of information and need to scan through too many sources to get relevant information
Poor customer experience
during initial on-boarding process
Compliance overhead for
prospect verification
Resource constraints
Eliminating dual/ multiple entries across different
systems
Consolidated and reliable source of information for
screening
Simplify and accelerate your customer and third-party risk due diligence process
41
e-KYC Digital Identity enabling FI’ to KYC on-board new customers using smartphones
• On-Line e-KYC on-boarding technology
• Built-in ID and Selfie Verification with Digital identity verification
• Customize the form to perform CDD and EDD
• Screening Against Sanctions List + PEP
• Protect from stolen identities
• Device Fingerprinting
• KYC using Risk-based Approach
• High Straight Through Processing, Low manual reviews
• Pre-configured KYC rules & staged KYC with levels of workflows
• Support for multi-jurisdictional KYC rules with adaptable checklists
• Multiple algorithms and Machine Learning
42
ID Document
Database
World-Check
300 Lists + PEP
Call Center
Wireless
& PDA
Kiosk
Portal /
Browser
APISanctions
Screening
MLRO
DIGITAL KYC
WC-ONE
Payments
&
Remittances
GAMING /
&
CASINOS
FINTECH
APIIDV / IDP
• National ID
• Passport
• Driving License
• Utility Bills
Future Integrated ID Verification and Sanctions Screening with WC-1 API’s
Call Center
Wireless
& PDA
Kiosk
Portal /
Browser
43
FinTech & Names Screening Solutions
44
WorldCheck
Level 2
Customer’s Front System
Banking System, CRM, ERP, etc..
Level 3
Level 1
API
API
World-Check One
Deployed
Third Party Technology
45
On-Line & Off-line Sanctions ScreeningWorld-Check
Call Center
Wireless
& PDA
Kiosk
Portal /
Browser
Branches
E-KYC
MLRO
Compliance Help Desk
API
46
1 - Best Completed & Updated Private Sanctions Data
2 - EFFECTIVE SCREENING TECHNLOGY
3 = Effective Screening + Enabled workflow Automation
47
Due Diligence workflow for KYC On-Boarding Solution
48
▪ Cloud or Deployed solution to on-boarding new & existing clients
▪ Initial sanctions screening & subsequent On-going Screening
▪ On-going refresh for data / documents remediation / Vetting / Enriching
▪ Robust data model to capture client relational & ownership hierarchy structure
▪ Management of customer’s info / docs based on KYC policies & best practice rules
▪ Central Workflow to shared & re-used across Business units / jurisdictions
▪ User Multiple levels configuration of workflow processing and approvals
▪ Embedded strong Risk rating methodology for Client Risk Assessment / Risk Scoring
▪ On-going maintenance to ensure continuous compliance with regulations
▪ Powerful KYC Tracking tools and Analytics
▪ Regulatory Compliance – enforces policy through business rules and workflow
▪ Centralize / Transparent KYC data, real-time dashboard/reporting Analytics
▪ Strong Audit Log and Trail analysis
KYC Client On-boarding functionality
49
External Private / Public dataExternal Private / Public data
Typical Deployment of KYC On-Boarding & KYC Lifecycle platform
RequestPhase
Vetting &Enriching
Risk
Based
Engine
Processing Maintenance
Sales / Relationship Management
KYC Team
KYC or Maintenance
Team
KYC, Compliance, Legal, Credit, Ops
External Private / Public data
Users
KYC Solution
System Integration
Legal Documents
Doc ImagesOther
Digital Data
AML Transaction
Systems
UBOZAWYAAVOXCore
BankingWC
Data Warehouse or
Customer Register
FATCA /CRS
internal data baseExternal Public / Private data base
50
Strong Dependency on Data Quality
Business Solution Template
Complaints
Analysis
Dimensions
Measures
Product
Business Unit Geography
Line of Business
Customer Market Segment
Change Service
Product Access Service
Financial Engineering
Trading Services
Support Services
North
West
East
South
Trust
Retail
Commercial
Wholesale
Group Services
Large Commercial
Small/medium Commercial
High Net Worth Individuals
Individuals
Charities
Number of Complaints
Average Response time
Generate
Business Reports
51
Enhance Due Diligence (EDD) & Third Party Risk
52
Common uses of enhanced due diligence reports
▪ Security of supply Source of Funds for large investment
▪ When a transaction or customer is linked to a high risk country
▪ Before Merger or Acquisition (M&A)
▪ To safeguard against reputation or brand damage
Gathering detailed information is
fundamental to understanding
potential high risks
Before entering into a Partnership or
Significant Transaction
Before involving third-parties, customers or
business partners
It is important for organization to conduct Enhanced Due Diligence before
making critical business decision when reputation risk is high
Enhanced Due Diligence – Anti Corruptions & Anti-Bribery Compliance (ABC) program
53
To avoid hefty fines & loss of business and reputation damage, Organization must
comply with a number of AML / CFT national and International regulations
To EDD Reports offer auditable proof of due diligence and help
organizations to meet their regulatory obligations
Enhanced Due Diligence screening is a mandatory requirement for individual who are politically
Exposed from High Risk Jurisdictions
54
Knowledge & understanding of Third Party Risk protects Corporates and
Organizations from regulatory censure & reputation damage
55
• Before a merger, acquisition or joint venture
• When on-boarding high net worth or high profile clients
• When automated risk screening reveals high risk
• Response to geopolitical risk analysis flags related to a high risk country / jurisdictions
• To check labour practices in emerging countries / high jurisdictions
• When transactions is related to prominent Politically Exposed People
• Bribery and Corruption potential risk and transactions
• Key component of a compliance Anti-Corruption / Anti Bribery programme (FCPA, UKBA etc.)
Enhanced Due Diligence reports are used to mitigate potential risk
Common Uses for EDD Reports
56
Typical Types of Potential Conflicts of Interests
Employee’s Activities
▪ Personal Trading / Personal Account Dealing
▪ Gifts
▪ Entertainment
▪ Political Contributions
▪ Outside Business Activities
Trade Related Activities Specific to Investment/Securities Industry
▪ Best Execution / Order Routing
▪ Commissions and Fees
▪ Allocations to Portfolios
Other : Anti Corruption (e.g. doing business with PEP, use of intermediaries or introducers, lobbyists)
57
Drivers
Foreign Corrupt Practices Act (FCPA)
UK Bribery Act (UKBA)
OECD Good Practices Guidance
World Bank Integrity Principles
Transparency International Business Principles
Clients abiding by AML and ABC
requirements
High Risk due diligence
programmes
Remediation's
Enhanced Due Diligence Analysis & Report
Thank you