Managing Monitoring Rules in Light of Indictments
October 14, 2020
Typically, institutions wait on indictments, which turn into negative news, to trigger them to potentially missed suspicious activity. But what if institutions were to learn how to use indictments as a way to build typologies to detect any current or future activity that may align with the public indictment?
Most indictments or announcements of arrests from national authorities, even if it is from a different country, can provide a basis for rule building including the design of red flags, parameters, keywords or even names.
In this first of three of our Community Bank webinar series, we review strategies that allow for dynamic management of emerging typologies and risks within the transaction monitoring process.
Topics covered during the webinar include:
- Recent indictments and arrests and potential typologies for detecting the same behavior
- How to ‘read between the lines’ and determine quickly if an indictment or arrest statement can
be utilized for
- Tips for evaluating if your monitoring system is able to handle dynamic rule requests
- Sample language for change control forms
Here are the questions and answers from the event.
Question: Is it true for effectiveness, and you are using third parties, that you need to have a way to check their effectiveness?
A: Yes. To me, the example that comes to mind is an audit firm, Audit is a pillar requirement. And if you think that a clean audit is a good one, then I have news for you. That’s not the case. You’d like your audit to be a good measure of an effective audit from the firm and what kind of issues they are bringing to light. If you do have some minor things on an audit, that doesn’t necessarily mean it wasn’t an effective audit.
Is that audit team looking at how effective your program is or are they saying, you forgot a date of birth on the CTR form or you transposed this person’s driver’s license number on this SAR form.
Those are all surface things that have nothing to do with your effectiveness. So to me, when you’re looking at third parties, especially as a customer or those third parties, you would want to make sure that their program is effective, their testing program and methodology are effective for sure.
Q: How would you handle searching Google for Chinese based entities, especially with the non- transparent information?
A: It is very difficult. You know, a lot of times, you get to a point where there is no more information, especially when you’re dealing with offshore funds out of Singapore, out of Hong Kong, as well, it’s not just China.
And you just get to a point where you say to yourself, well, this is just an LLC, or it’s ABC Investment, some generic name, and you can’t find any more information.
There’s really nothing more that you could do. When I come across those, when I do investigations for clients and I come across that type of limited information, that goes on the suspicious side of my brain.
The fact that this business, that I can find a whole bunch of stuff on them, they may be my customer and are now sending money to a business that I can’t find, to me adds to the level of suspicion.
So, I wouldn’t spend too much time on it. I think the first couple of searches that you do, make sure you Google everything in quotes. If you are looking for a full business name, you need to Google it with first and second names, the beginning and end of parentheses on those.
I usually just give up, because you just know that’s going to happen. Not all the time, because there are some Chinese businesses where you can find them online. And, you know, I just put that over on the suspicious side of my brain.
Q: Would you open the account if there are suspicions but if your client relations team is saying we have to open this account? How do you how do you manage those risks?
A: If I was the practitioner saying, yes or no to opening the account, I would be looking at what time, what rate, what resources I have internally in order to properly manage that client.
So it’s not always going to be a yes.
If I know that I have a really good team member who has a little bit of flexibility, but they’re really quick and they’re really fast and really good at what they do, especially when it comes to management of apparent shell companies or front companies or foreign businesses just as a whole, I might lean towards onboarding them depending on their source of wealth and their source of funds.
But if I’m looking at my maxed-out AML team and I’ve been asking for new people and they’re not giving me additional people, and I may not have a very efficient system, then I’m going to say No. Because to onboard something that you know is higher risk, that is going to need a lot more time to manage the risks, it’s setting yourself up for failure.