Leveraging Technology and Analytics for Detection of cases “Trade

Seminar on
“Trade Based Money Laundering”
19 March 2015, New Delhi
Leveraging Technology and Analytics for
Detection of cases
M. ANANDAN*
General Manager/Practice Head
Regulatory Centre of Excellence
TATA Consultancy Services
* Views expressed by the author are his personal
Index
1
Regulatory Landscape and AML Cost – Industry Trend
2
AML/FCC Framework
3
Industry concerns and magnitude of risks in TBML
4
Red flags - Sources and Classifications
5
Importance of Technology to detect TBML
- Why Manual is not possible
- Sanction Interdiction Filtering
- Wire Stripping
- Trade Transaction Monitoring
6
Research, Intelligence and Analytics (RIA)
7
Important consideration for Systems
- Diagnostic Anatomy and Scoring
- Product Ranking
8
Summary
- Lesson Learned & Avoiding Reputational Risk
- Future State
2
Current Regulatory Landscape
Source: KPMG 2013 report
3
Compliance Costs & Liabilities – Industry Trends
COST
TOTAL ALLOCATION
 Estimated - USD 10bn/annum to combat ML
 HSBC spends USD 750-800mn/yr, increase of USD150200mn from last year
LIABILITY
INSTITUTIONAL
BNP
– USD 8.9bn
HSBC – USD 1.9bn
 Macquaire cost tripled in 3 years to A$ 320mn
SCB
 SCB is adding USD 100- 200mn /year
BOTM – USD 0.56bn
 JPMC to spend USD 2bn annually from 2014 onwards
Areas of Focus
COMMERZBANK – USD 1.45bn
 Significant Investments are focused in
AML & KYC
 Global Spending on AML Compliance
Operations and Technology will reach
USD 5.88bn globally including USD 1.4bn
of internal and external technology
pending
 Other significant costs for Resourcing /
Staffing
AREA OF FOCUS
– USD 1bn
 FINCEN (Dec 2014) -CCO of Money Gram –
Penalty
1mn,
applying
Fit and
Civil
FINCEN
(DecUSD
2014)
-CCO
of Money
Gram
Proper
criteria
–
cannot
participate
in
future
– Civil Penalty USD 1 mn, applying Fit
employment
and Proper criteria – cannot participate
in future employment
 FINRA (Feb 2014) fined former Global AML
Brown
Harriman
USD
officer
FINRAof(Feb
2014)Brothers
fined former
Global
25,000
for AMLoffailures
AML officer
Brown Brothers Harriman
USD 25,000 for AML failures
PERSONAL
4
Deep dive into TBML
5
FCC/AML Framework
FCC committee - Board Level & Policies and Procedures
(CDD /AML / Sanction / ABC)
KYC / CDD
On boarding
Sanction
interdiction
filtering
Customer
Screening
AML
Surveillance
Periodic
Review
Technology / Systems (CDD Platform, TXN monitoring, real time screening and
customer matches)
Resources (experienced and certified) and Training (mandatory e-learning,
specialized, refresher’s training etc.)
Financial Crime intelligence / Research/Analytics
FATF, BASEL, Wolfsberg, Egmont FIUs, APG, JMLG, EU Directives etc.
Independent testing (QA\Thematic reviews)
Governance / Oversight (SLA, Metrics and Risk
Assessments )
Home and Host country Regulations/ OFAC, HMT, UN etc.
Industry / Regulators concern…
FATF
 TBML is an important channel of criminal activity and, given the growth in world

trade, it represents an increasingly important money laundering and terrorist
financing vulnerability (2006)
ML and TF through trade in Diamonds – The specific characteristics of diamonds as a
commodity and significant proportion of transactions related to international trade
make the diamonds trade vulnerable to different laundering techniques of TBML in
general and over/under valuation in particular. This should be viewed in light of the
significant world annual trade volume which includes rough, polished diamonds and
diamonds jewels. (In 2011 trade in rough diamonds amounted to approximately USD
51 Billion and the polished trade in diamonds amounted to USD 214 Billion (2013).
FCA /FSA (2013)
 About half of the banks had no clear policy or procedures document for dealing with


trade-based money laundering risks. As a result, some banks failed to implement
adequate controls to identify potentially suspicious transactions related to TBML.
Many Banks were unable to demonstrate ML risk had been taken into account when
processing particular trade transactions.
In particular, trade processing staff in most banks made inadequate use of customer
due diligence information gathered by relationship managers or trade sales teams.
7
Industry / Regulators concern
Australian Crime Commission
 TBML and bulk cash smuggling are international concerns that have been identified as
emerging or possible threats in Australia (2011)
JMLG
 Given the nature of the business there is little likelihood that trade finance will be
used by money launderers in the placement stage of ML. However can be used in the
layering and integration stages of ML as the enormous volume of trade flows obscure
individual transactions and complexities associated with the use of multiple foreign
exchange transactions and diverse TF arrangements permit the commingling of
legitimate and illicit funds.
Magnitude of risk
 Global Financial Integrity (2013) estimated around 80% of illicit financial flows from


developing countries.
US State Department’s Bureau of International Narcotics and Law Enforcement Affairs
report said annual estimates of TBML reached into the hundreds of billions of dollars.
UN (2012) – The global merchandize export trade - USD 18.3 trillion business, challenge is
to identify the needle in haystack.
8
Major sources of Red flags
Global
 FATF report – TBML – June 2006.
 FATF report – Best practices on TBML – June 2008.
 FATF report on TBML typologies – July 2012
 FATF report – ML & TF through trade in Diamonds – Oct – 2013
Europe
 FCA Banks’ control of Financial Crime Risks in Trade Finance – July 2013.
Americas
 FINCEN – Advisory of FIs on filing suspicious Activity Reports regarding Trade Based
Money Laundering – February – 2010
 US Immigration and Customers Enforcement (US) – TBL
 Federal Financial Institutions Examination Council (US) – ML & TF Financing “Red
Flags”
 American Bar Association – Identification of ‘Red flags’ for the possible violations of
keys US Laws for Companies Operating Overseas.
APAC
 Australian Institute of Criminology – TBML: Risks and regulatory responses – 2011.
9
Classification of Red Flags
BPME /
Diamonds
Control /
Sanctions
misconduct
Third party
Shipment
Customer
Document
Transaction
Payment
10
Classification of Red Flags
BPME /
Diamonds
Customer
Control /
Importance
of
Technology,
Sanctions
Document
misconduct
Research/Intelligence
and Analytics ….
Third party
Shipment
Transaction
Payment
11
Fines for the banks that breached US Sanctions
Source: Thomson Reuters GRC01713/9-14
12
Why Trade AML Compliance is so complex?
400+ lists $ 14+ billion 20-30%
Sanctions, Regulatory and Law
Enforcement lists
Approx fines levied for sanctions
violations in recent years
6 hr -1 3-4 billion +
day
Average interval of list
updates
Possible fuzzy logic combinations
Increase in names and aliases
in last few years
3,000
New aliases in a single EU
update on 19 July 11
13
The Challenge (and costs) keeps growing
Source - SWIFT Operations Forum Europe
14
Challenges in TBML

TBML involves transferring of goods as a substitute to money and occurs outside the
Bank.

Banks must leverage all the information available to them to determine whether
their customers’ transactions are consistent with their businesses.

Trade finance brings its own unique challenges and whether the documents are
reviewed manually, or the information regarding the trade is input into a system and
alerts are thrown out properly.

There is a difficulty in detecting complex relationships between trading operations,
operators, and money movements. Three key barriers make it tough to detect tradebased money laundering:
1. The tremendous volume of trade makes it easy to hide individual
transactions;
2. The complexity that is often involved in multiple foreign exchange
transactions; and
3. The limited resources available to agencies wanting to detect the fraud.
15
Need for Technological Solutions…
Description of the letter of credit process
The process works like this:
1. On behalf of the importer, a letter of credit (LC) is opened by an issuing bank.
2. The issuing bank transmits the LC to the advising bank.
3. Once the advising bank receives the LC, the advising bank notifies the exporter.
4. Goods are delivered from the exporter to the importer, and shipping documents
are provided to the advising bank.
5. Upon receipt of the proper documents, the advising bank pays the exporter.
6. The advising bank then sends the documents to the issuing bank, and receives
reimbursement from the issuing bank.
7. The issuing bank delivers the shipping documents to the importer and debits the
importer’s account.
16
Need for Technological Solutions

This scenario assumes that there is only an advising bank and an issuing bank, acting
on behalf of both the importer and the exporter.

The reality of LC processing, however, could be more complicated with additional
parties involved. Those parties\entities could include:



remitting bank, 1st reimbursing bank, 2nd reimbursing bank, other intermediary
banks, 2nd advising bank, confirming bank, negotiating bank,
shipping agent, insurance agents, pre-carriage vessels, vessels, forwarding
agents, consignee, notifying parties,
Ports/ Flags etc.

This is where the picture becomes much more difficult. The core foundation
(importer, exporter, advising bank and issuing bank) is still there, but many other
elements are added. The addition of these elements, multiple financial
institutions, multiple agents, multiple ways to move the goods, etc., all add a level
of complexity to the notion of monitoring for money laundering

Manual is impossible – Technology plays a major role in Screening/ Surveillance
17
When to do screening
 New to Bank customers - Before
Account Opening/COB
 Existing customers - Periodically to
adhere to changes in the Sanction lists
 Front End - It is more operationally
effective to screen these data
elements before a MT700 is created
 Outward SWIFT Messages - Before
Screening against black list
database
 UN/ Local list
 OFAC (country sanction program, SDN,
SDT, SDNT list etc.,) FTO, etc
 BIS (Denied person, Un verified, Entity
list, de barred list)
 HMT, EU list, NCA, PEP etc.
creation of MT103
 Inward SWIFT Messages and
Remittances – Before credit of funds
to beneficiary
18
Voyage check - Shipping and Vessels





To manage AML risk (shipment exist) and sanction risk
(shipment route) Eg: ICC/IMB, Lloyd Intelligence,
TR/WC exclusive vessel check list, Carriers Website…
The Casablanca, Celtic, Cotty, Huntsland, Violet or West
or Rose Islands, Sand Swan, and the Ravens – All fly flag
of Cuba.
The pilot, police 1,2 or 3, sky sea and Antara… All fly the
flag of Iran.
Vessel - OFAC requests that banks screen against Vessel
data that can cause high rates of false positives
Ports - Where is the vessel stopping along the route, is
there a potential of supporting sanctioned countries
Critical vessel details includes






Current Name / All Former Names
International Maritime Organization (IMO) Number
Port of Registry/ Country of Economic Benefit
Vessel Type/ Group Beneficial Owner
Operator/ Registered Owner
Manager/ Technical Manager
What needs to be screened









Trade Documents – Bill of Lading/ Commercial Invoice ,
MT103/202, MT103/203, MT700/701,
MT710/711, MT711/721
Dual-Use Goods and Controlled Goods - What
are the goods carried by these vessels and do
they pose a threat for the development of
WMD
Payment Routing - SWIFT/BICs for all sanctioned
bank offices globally.
Companies and Organizations
Country Details - principle cities, towns,
airports and seaports of all fully sanctioned
countries.
People – PEPs, including family members and
associates, enhanced with unique identifiers.
Checking for suspicious patterns of characters in
originator or beneficiary fields, such as
sequences of digits, special characters or empty
spaces. (e.g., “AAAA”, “ “, “$%&#”)
Filters any message types including SWIFT,
FEDWIRE, SEPA, CHIPS, etc.,
19
You have to check too many tools?
Source: Accuity
20
What if… these checks done through single tool
Source: Accuity
21
Screening Process flow






Monitored from a single location
Centralized Oversight
Enterprise Risk Dashboard
Flexible KYC systems to integrate with multiple
systems
Global Customer Profile
Combination of Global and Regional Regulatory
Requirements
22
Wire Stripping ….
 Perform field level checks and detect common wire-stripping techniques
 Some typical red-flag checks that can be implemented against payment
transactions include:
 Checking for suspicious patterns of characters in originator or
beneficiary fields, such as sequences of digits, special characters or
empty spaces. (e.g., “AAAA”, “ “, “$%&#”)
 Checking for suspicious phrases usually used to conceal originator or
beneficiary identity (e.g., “No name,” or “On behalf o f a customer”)
 Deriving the country of the sending institution from the BIC code in
the SWIFT message and comparing it to the country code of the
originator’s address
23
Analytics for combating Wire Stripping
Source: CEB Tower Group Research
24
Automated Trade AML Operations
Industry Best practices model
Trade documents /
Trade Transactions
FP Management
RM / Trade Sales
Team
Based on
Matching
algorithm
Automated
Screening
Contact Customer for docs etc..
CARE: Without tipping off
FCC RIA Team (Analyze Price /
Weight / Link Analysis / Counter
Parties/ Share Intelligence)
If
Suspicious
Level 1 & 2
Investigation
Raise Report
Specialized Trade
AML Team
If
Suspicious
confirmed,
report SAR
Internal Watch list
Scenario Logic
- Pre / Real time check
- Post Check
Local regulator
25
Automated Trade AML Operations …
Industry Best practices model
Factors contributing Internal
Investigation
Reporting & External SARs
 Level 1 & 2 Investigation done by Trade  Goods not in line with customer



processing team with AML Knowledge.
4 eye checks
Level 3 by experienced FCC
professionals
Independent sample QA for level 1, 2
and 3







business.
Movement of goods to tax havens.
Payments to third party and unrelated
party
Round figure bills submission.
Mismatch in price details/ prices too
high or too low.
Mismatch in port of loading as per
IMB, based on vessel check.
Fraudulent bill of lading.
Withdrawal document after raising
queries.
26
How to balance system and Sanctions concerns?
Source - SWIFT Operations Forum Europe
27
Research Intelligence and Analytics (RIA)…
Data Analytics and Predictive Analysis
 Few Police Departments and Organizations are using data mining and predictive





analytics for a variety of law enforcement and intelligence applications,
 including tactical crime/Suspicious analysis
 risk and threat assessment
 behavioral analysis of unusual/suspicious, and proactive deployment strategies.
To discover hidden patterns and relationships in large amounts of information.
To make accurate and reliable predictions of future events, based on the identification
and characterization of these patterns and trends in historical data
Perhaps the most important required skill for data mining is domain knowledge
One of the biggest challenges is that most, if not all, data encountered was never
intended to be analyzed. Challenges associated with data form, content, reliability, and
validity
Traditional tactical suspicious analysis generally involves creating a model that
represents a suspicious or series of suspicious alerts, which can then be used to link
cases, identify and apprehend and prevent future .
28
Research Intelligence and Analytics (RIA)…
29
Research Intelligence and Analytics (RIA)…
Information Source: Goods gone bad - PwC Report Jan 2015
30
Research Intelligence and Analytics (RIA)
Unit price analysis
A RIA approach, using publicly available data and third party sources to
detect if unit prices exceed or fall far below global and regional established
thresholds
Unit weight analysis
Similar to the unit price analysis. Searches for instances where money
launderers are attempting to transfer value by overstating or understating
the quantity of goods shipped relative to payments
International trade and country profiling analysis
Uses publicly available and third party data to establish profiles of the
types of goods that specific countries import and export, flagging outliers
that potentially indicate TBML.
Network (relationship) analysis of trade partners and ports
Use RIA method to identify hidden relationships in data between trade
partners and ports, and between other participants in the trade lifecycle;
and can flag shell companies, tax havens or determine outlier activity
Information Source: Goods gone bad - PwC Report Jan 2015
31
Important considerations for the AML System








Algorithms and Scenarios
Data Management
Integrated Investigation and Alert Management
Enterprise Case Management
AML Optimization
Analytics
Monitoring and Regulatory Reporting
Product components
32
AML Diagnostic Anatomy
Source: CEB Tower Group Research
33
Anatomy Scoring Methodology
Source: CEB Tower Group Research
34
Product Rankings
Source: CEB Tower Group Research
35
Summary - You don’t always get a
second chance...
Lesson Learned – Commerzbank
Commerzbank fined by NY DFS in March 2015
 Commerzbank will pay a $1.45 billion penalty, terminate individual
employees who engaged in misconduct, and install an independent monitor
for Banking Law violations in connection with transactions on behalf of Iran,
Sudan, and a Japanese corporation that engaged in accounting fraud
 From at least 2002 to 2008, Commerzbank used a series of measures –
including stripping out information identifying clients subject to U.S.
sanctions (“wire-stripping”) – to process 60,000 U.S. dollar clearing
transactions valued at over $253 billion on behalf of Iranian and Sudanese
entities.
 Additionally, deficiencies in Commerzbank’s anti-money laundering
compliance program resulted in Commerzbank’s facilitation of numerous
payments through the Bank’s New York Branch that furthered a massive
accounting fraud by the Olympus Corporation, a Japanese optics and
medical device manufacturer.
37
Lesson Learned – Commerzbank
Commerzbank fined by OFAC in March 2015
 The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC)
announced a $258.6 million settlement with Commerzbank AG (Commerzbank) to
settle potential civil liability for apparent violations of U.S. sanctions.
 OFAC’s investigation into Commerzbank’s use of payment practices that interfered
with the implementation of U.S. economic sanctions by financial institutions in the
United States. Those practices included deleting or omitting references to Iranian
financial institutions and replacing the originating bank information with
Commerzbank’s name from payment messages sent to U.S. financial institutions.
 Commerzbank also created a process to route payments involving Iranian
counterparties to a payment queue requiring manual processing by bank employees
rather than routine, automated processing.
 Commerzbank utilized these practices in 1,596 financial transactions routed to or
through banks in the United States between 2005 and 2010 in apparent violation of
the Iranian Transactions and Sanctions Regulations.
38
Avoid Reputational Risk
39
Future State
i
TTU (Trade transparency unit)
ii
Information flow-structured - Between Banks, Between Countries
and Regulator and Banks, LE to banks etc
iii
Automatic Work Flow/Case Management
iv
Exclusive Trade AML team as part of FCC
v
Tool to Detect fake and Documentary fraud
vi
Exclusive RIA Units within Bank’s FCC
vii
Subscription of Trade Bulletins eg ICC/IMB
40
Author Profile
He had earlier worked with an International Bank based
out of Dubai as Senior Financial Crime Compliance
Advisory for MENAP and Africa Region covering 25
Countries Middle East, Pakistan and Africa. Before that,
he was Head of Financial Intelligence Unit, Head of
Detection Scenario & List Management and Vice
President of Global KYC / CDD hub for Wholesale Banking
Anandan M is a qualified Anti Money Laundering
Specialist with two decades of experience in Banking
with specialization in the areas of Financial Crime
Compliance (FCC) - Anti-money laundering (AML)
Advisory, KYC/ CDD/ Client on Boarding execution
& Remediation, Sanctions Research, Compliance
Assurance / Monitoring and other Regulatory
Compliance (FATCA / CRS / AEOI / Dodd Frank)
Domain.
Currently working in a Consultancy firm in a Leadership
role as General Manager /Practice Head to manage
Regulatory Compliance Centre of Excellence providing
strategic advisory and direction to Key regulations
covering CDD/ KYC, AML, FATCA, DFA, EMIR, MiFID II,
Basel etc.,
As a Head of Financial crime Intelligence Unit, Lead in
design and implementation of the FIU function to address
Financial Crime Compliance globally (Enhanced
background screening for complex/High Risk clients, AML
Country
Risk
Assessment,
Regulatory
Risk
reporting/analytics,
Reputational
Risk
analysis,
Maintaining “Hot lists”, Media monitoring & Sanction
researches)
Accredited with 15+ International Certifications in AML
(CAMS), Governance, Risk and Compliance, Anti-Bribery
and Corruption (ABC) from various international agencies
like ACAMS (USA), PRMIA (USA) and Basel II Compliance
Professionals Association (USA) etc.,
Speaker at International AML conferences and Guiding
PhD Students on Money Laundering/ compliance
Research/Thesis
42