Q&A from Elements of Customer Risk – Products and Services

March 27, 2020

Here are the questions and answers from our attendees at our both recent webinars on Elements of Customer Risk – Products & Services.

Q: Could you please define “anonymity” as you need to do know your customer (KYC) at onboarding of new clients and you have their specimen signature on file?

A: It relates to online account opening where you are not sitting face-to-face across the desk with someone. That is a form of anonymity, more so in terms of the level or types of transactions that they can conduct.

Anonymity is something that is almost inherent in so many of our products and services today with online mobile banking. We are not coming into a branch where you know the teller, or the teller sees the same customers all the time as we used to do in the old days. We knew who our customers were.

Now, there is nothing face-to-face so you do not know who is actually making this deposit. You do not know who is doing this transaction and that could be from a money-laundering perspective or fraud.

Q: How should an FI update its customer risk scoring along with other activities such as fraud?

A: We actually had our fraud and AML people work together, even though some people were specializing in fraud monitoring and the others were in AML monitoring.

An outer pattern transaction might be flagged by the fraud monitoring system that was not flagged by the AML system. So, our fraud analyst and our AML analyst could work together.

If a customer had actual identity theft or account takeover activity, I do not think that makes them higher risk from a money laundering perspective.

It obviously does make them a higher risk from a fraud risk perspective and so within the fraud-monitoring tool there should be a way to set up controls on that account.

Q: Did you say an FI may not exit a relationship with a company with suspicious activities due to its size and volume of business? If so, it begs the question as to why have a risk rating if there is no action based on the results or ratings.

A: That is a huge challenge. In the example I provided we could not prove the activities were money laundering. It had all the hallmarks of a textbook case, but it is that classic case of the sales side of the house and the income-generating side of the house versus the client side of the house.

We could show the sales side that there were unusual things happening. But being a lender, these are long-term contracts and they do have the ability to call the loan.

They make hundreds of thousands of dollars for the bank every year. They pay their bills on time. They pay their interest. They purchase additional products and services. Unless law enforcement came and told us that these people were doing something illegal, there was no way they would do anything about that account.

Of course, law enforcement will never tell you what they are doing. Typically, they do not want you to close the account because they want to see if suspicious activity continues. If you close the account, you are just tipping off the customer and then they go somewhere else.

Q: Do you foresee AML requirements increasing for payment networks?

A: I would hope so, to be honest. It seems like right now the emphasis on cyber currency, Bitcoin and so forth, is getting the most attention because it can truly be anonymous and outside of all the banking regulations and controls.

But I am not sure what is going to happen. It is as if the product development is going faster and the regulatory environment is a slow process.

Q: What is the biggest risk associated to correspondent accounts? And how do you mitigate it?

A: That could be the subject for a whole webinar. In the United States, we have some specific USA Patriot Act sections around requirements for banks that have foreign correspondent accounts and relationships.

They are a higher risk for a number of reasons because essentially one bank is carrying out the financial transactions of another bank’s customers. When you have a foreign bank involved, a U.S. bank is giving access to the U.S. financial system to a foreign bank’s customers. There are many risks associated with it.

So U.S. banks move funds between each other on behalf of their customers through the Federal Reserve, but if a bank does not have access to the FED, like a foreign bank, they need a U.S. bank to run their transactions.

For a U.S. institution, a foreign correspondent bank account is especially risky because they create this relationship where a U.S. financial institution is giving foreign bank customers direct access to the financial system, and the American bank has zero information on these customers.

You cannot really detect suspicious activity because you do not know what is normal and expected and the amount of money that can flow through correspondent accounts can be huge.

Q: What leverage does a bank have to update know your customer (KYC) documents from a commercial loan customer?

A: We simply ask for them. Typically, if a customer does not have some reason to hide something, they will be willing to do so.

If somebody refuses to provide this, you suggest their business to another bank, but remind them that another institution is going to ask you the exact same questions.

Sometimes we would phrase and in terms that made it more palatable for the customer. We would say we want to make sure that we have current information about you and your activities so that we can make sure that no fraudulent activity occurs on your account.

We asked for anticipated- and normal-activity pattern information under the guise of protecting you against fraud – which is true. It also helps from the money laundering perspective as well.

Q: How would you describe the risk level of a financial advisor?

A: If you are a financial advisor, you can only be responsible for something that you have knowledge of. So, if you have the knowledge of what your customer is doing and you see suspicious patterns there, then you would have a responsibility to report those patterns of behavior.

The same thing if you are seeing the KYC information at onboarding and there are things that are left off or things that do not make sense.

Q: Is an account with a SAR automatically high risk?

A: I would say that is a matter of perspective. So sometimes you have one SAR and then what I would do is say OK, a SAR has been filed for something like one bizarre transaction, which makes them a high risk.

Then, over time, that transaction never happens again, so it may very well not have been something truly suspicious. It may have been an anomaly. It may have been something that was actually legitimate, but you could not determine that, so you filed a SAR.

If it never happens again and nothing else ever happens, then that risk score can be brought back down to wherever they were before on your risk appetite — maybe keep them medium-high at this point or medium, but it is all about what they are doing.

It is up to your institution and your risk perspective. If you feel more comfortable saying we filed this SAR, they are going to be high for the rest of their relationship, then go with that.

Q: You said that an average person could structure transactions to avoid the IRS finding out about the sale of his boat for $12,000. This is something we still need to report as structuring, right?

A: Yes. I was just giving that example of a person who is structuring, but he may not be a criminal so to speak. Ordinary people have many misconceptions about cash transaction reporting.

They just think they are protecting themselves from Big Brother or whatever. Therefore, the trick is to try to identify whether they are doing it on a regular basis and for what reasons.

There is also the possibility where this could be a funnel account or this person is acting as a money mule kind of a thing.

Q: Should you stop a transaction if there is a risk of money laundering?

A: No. In the money laundering case, you do not want to stop a transaction with the risk of money laundering.

For fraud, you absolutely stop it. If this is a fraud against your client, you absolutely want to stop the transaction, but money laundering; you want to let that go through because it is suspicious.

There is nothing in the regulations that say you have to close an account. However, it is up to every bank to decide what to do. Your responsibility as a bank is to report suspicious activity.

Q: How would you risk rate these types of services: bill pay, ACH and debit card activity?

A: You have to think like a money launderer. Think about how I could use these activities. Obviously, ACH risks would be in the integration, the layering or the integration phase, so it could be used for that purpose.

Q: What is your opinion around money laundering risks and brokerage accounts? What would you think should qualify as an unusual activity or a potential money laundering risks?

A: I guess that depends on individual brokerage accounts as they can have many different features. Typically, it is used to hold money that has not been invested already.

There are some specific behaviors and activities that can involve say churning — buying and selling stocks rapidly and putting money into the brokerage account and then taking it out. It is sort of the same thing as a checking account, but it is usually harder to do that than it would be for a checking account.
Therefore, it depends on the features.

Q: So are you thinking like the velocity of transactions would be a factor?

A: Yes. Usually you cannot deposit cash and there is no actual currency into a brokerage account. You have to move it from somewhere else or you are writing a check and sending it to be put into an account, so usually it does not have those cash placement risks.

It is more of a layering issue — the layering two-phase risk of money moving in and out of it. Is it being used for what it would normally be intended for or does it appear to be being used for something that was not intended for?

Q: There have been questions around changing behaviors and fraud around COVID-19 Could you provide some advice on areas that compliance teams should look into in terms of behaviors?

A: We have two things going on here. We have got potential fraud committed against the bank’s customer and we have the proceeds of fraud being laundered potentially through the bank.

The recommendation I would have from the fraud side of the house is to make sure that your fraud monitoring tools are looking for patterns of unusual or different behavior. Also, make sure that you follow up with your customer when you start to see things that look unusual.

If customers are paying for something that they are being coerced and/or fooled into making a big donation or whatever, that’s when you want to confirm with your customer that they have actually initiated this transaction.

On the money laundering side, look for unusual patterns in existing accounts or in new accounts, where you would be seeing money coming in and then immediately going out. Someone who is laundering the proceeds of fraud is going to put it into the financial system through depositing it into an account. Then they are moving it out immediately.

It fits all those same standard patterns or well-known patterns for money laundering. Red flags are going to be here, just possibly in greater volume.

Q: Many of the cash-based and intensive businesses are not deemed essential services under COVID-19 and they are closed. What do you think about monitoring their deposits because if they are closed they should not be having money coming in?

A: That is a very good point. Therefore, if you can tweak your systems, there may be a flag on all business accounts for large cash deposits. For cash based businesses that are still open, they are going to continue to have activity and potentially more activity.

Businesses like grocery stores and convenience stores are open and are typically cash-based. Therefore, you may even see kind of a spike in those types of businesses. It is worth a look.

Q: One more person said the risk scoring should not only consider the behavior of one financial institution. But what about focusing on a country. How could this be implemented?

A: There is all kinds of risk factors of a particular country that can make it at a higher propensity to facilitate money laundering. So look at all institutions in that country.

Watch Webinar

Try Alessa