In December 2017, the Cayman Islands Government, with support from industry groups recently underwent a review of its Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) regulatory regime by the Caribbean Financial Action Task-Force (CFATF), which will be followed by an International Monetary Fund (IMF) review in 2018.
NEW AML REGULATIONS AND REQUIREMENTS
In Cayman, AML regulatory regimes are in place for both financial services and non-financial services entities registered in the jurisdiction. As a result, companies must implement formal AML/CTF programmes and can expect to face inspections and examinations, focusing on governance, roles and responsibilities (ie. Money Laundering Reporting Officer – MLRO), policies and procedures, KYC documentation, reporting activities (ie. suspicious activity reporting – SAR) and controls that ensure the entities programme is designed and operating effectively.
In addition, new AML regulations and requirements are proliferating around the world, including the Cayman Islands. The Anti-Money Laundering Regulations (2017) were gazetted on September 20, 2017, in response to recommendations previously made by the CFATF to ensure Cayman remains in line with global AML standards. In particular, these regulations now consider effectiveness: not only must regulations be in place, but it must be demonstrated that they are operational. As a result, there is increased collaboration between law enforcement and other supporting agencies to enable the legislation to work effectively. Enhanced regulation and inspection activity is a response to the growing threat and sophistication of criminal and money laundering activity world-wide.
THE COST OF CONTROL FAILURES
Recently, the Commonwealth Bank of Australia (CBA) experienced AML control failures that were driven by coding errors within its Intelligent Deposit Machines between 2012 and 2015. These control failures permitted KYC and SAR control circumnavigation for cash deposits to be made to CBA accounts, resulting in more than 50,000 potential AML events. Events represent both direct and indirect cost to institutions as illustrated by recent fines of USD435m levied by New York State's Department of Financial Services (NYDFS) against Deutsche Bank AG and its New York branch.
These fines were in connection with violations of AML laws associated with a Russian mirror-trading scheme that went undetected among the bank's Moscow, London and New York offices. NYDFS worked with the United Kingdom's Financial Conduct Authority (FCA), which issued a parallel penalty of GBP168m. Beyond the direct cost to the institution associated with incident response, remediation and regulatory penalties, reputation impacts frequently represent even greater indirect costs to institutions and their valuable brands.
As an industry leading practice, companies should take steps to ensure their AML programmes are designed and operating effectively by periodically assessing their capabilities in the context of new and current regulatory requirements. It is important to conduct this type of assessment prior to being inspected, to gain an understanding of how your company is positioned to manage an inspection and demonstrate compliance with applicable regulatory requirements.
FORMAL FRAMEWORK AND PERIODIC ASSESSMENTS
Developing a formal framework to conduct a pre-inspection assessment will enable you to comprehensively assess the design and effectiveness of your programme. A robust assessment framework will include the elements shown in Figure 1 on the previous page. Conducting periodic assessments will help you validate that AML/CTF capabilities are both designed and operating effectively, as well as ensuring readiness for inspection activity. Where items are identified during any type of periodic inspection or review, a remediation exercise should follow, with additional subsequent reviews, post remediation.
Equally important is continuous employee training and awareness of business, product and client risks that may impact a business' AML risk profile. Management should harbour a culture that encourages staff to speak up, and implement anonymous mechanisms such as whistleblower hotlines that enable a culture of compliance and risk management.
SO, WHAT IS NEXT?
As one can see, the financial and management burden of AML/CTF programmes for institutions is growing. Currently, most AML programmes are highly manual in nature. We are beginning to see innovation to address the challenge in the form of advanced technologies to help manage money laundering risk, including FinTech and blockchain solutions, machine learning and Artificial Intelligence (AI), and Robotic Process Automation (RPA).
Innovation is often viewed as an industry disruptor, however, recently, the trend has shifted to a more collaborative approach that can help alleviate some of the challenges. Over the last decade, governments, regulators, journalists, and whistleblowers have placed an enhanced focus on AML/CTF across numerous industries to combat the increasing sophistication and on-going proliferation of financial crime.
We continue to see increasing cross-border cooperation and higher customer due diligence standards propagate globally. Simultaneously, changes in legislation, regulation and guidance represent both challenges and opportunities for businesses to strengthen programmes, collaborate and innovate.
In conclusion, focus should be placed on having formal programmes and systems supported by well-trained people that ensure appropriate oversight, execution, intervention and control to fight financial crime, including money laundering.
ABOUT THE AUTHORS
Bob Stanier is a Partner with PwC in the Cayman Islands and serves as the offshore banking sector leader for the PwC firms in the Caribbean region and Bermuda. He brings global experience to the region and leads a team that provides a comprehensive suite of risk advisory and assurance service offerings. Bob has more than 15 years of executive level experience leading enterprise risk and compliance organisations and engagements for some of the largest and most complex global companies in the financial services, development finance and consumer and industrial products industries.
Cora Schwendtke is a Manager with PwC in the Cayman Islands. She is a chartered accountant and certified anti-money laundering specialist with over six years of experience on financial services audits and advisory related projects. Cora has been involved in a number of AML KYC reviews and remediation exercises, regulatory investigations and compliance reviews in the UK and across the Caribbean region. Both through internal and external projects, Cora has developed a strong background of the local regulatory requirements across the AML/CTF space in the Caribbean region.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.