1
Q
A
2
Q
What are the 5 major domains covered in Financial Crimes Investigation/Customer Research?
A
1) AML/CTF Framework & Governance, 2) Risk-Based Approach (RBA), 3) Customer Research & KYC, 4) Transaction Monitoring & Investigation, 5) Regulatory Framework & Supervision
3
Q
===AML/CTF FRAMEWORK & GOVERNANCE: Stakeholder Ecosystem===
A
4
Q
AML/CTF Stakeholder Map: List the 5 key stakeholders and their primary roles.
A
1) FATF (international policy making), 2) Banking Supervision (safeguard soundness via on-site/off-site supervision), 3) Private FIU at Financial Institutions (gather/analyze suspicious transactions), 4) Public FIU/AMLA (guarantee adequate controls, enforce sanctions), 5) LEA (detect, investigate, prosecute ML/TF crimes)
5
Q
What are the two parallel frameworks that govern financial institutions?
A
1) Prudential framework (safeguard depositors’ money, maintain financial stability), 2) AML framework (prevent money laundering/terrorist financing)
6
Q
AML Framework Regulatory Examples: Name 3 major regulatory frameworks mentioned.
A
1) US Patriot Act, 2) EU AML Directive, 3) AMLA (Anti-Money Laundering Authority)
7
Q
Financial Crimes Risk Monitoring: List the 6 core control activities.
A
1) KYC, 2) Customer screening, 3) Payment filtering, 4) Transaction monitoring, 5) Periodic/ad hoc review, 6) Client exit
8
Q
Three Lines of Defence in AML: What are the roles of each line?
A
1st Line (Business/Front Office): Owns and manages AML risk (onboarding, KYC, transaction capture). 2nd Line (Compliance/AFC): Provides oversight, sets policies, monitors suspicious activity. 3rd Line (Internal Audit): Independent assurance of AML controls and governance
9
Q
Three Lines of Defence Issues: What are the major problems affecting each line?
A
1st Line: Conflict between sales targets vs AML, inconsistent CDD, weak knowledge, poor data capture. 2nd Line: Drowning in false positives, limited authority, under-resourced, fragmented monitoring. 3rd Line: Lack of technical expertise, focus on policy not effectiveness, weak independence, reactive after fines
10
Q
What is the 1.5 Line of Defence and what functions does it include?
A
Embedded control units close to business but with monitoring/oversight role (between 1st and 2nd lines). Functions: KYC onboarding teams, transaction monitoring teams, sanctions screening, business-aligned risk officers
11
Q
Basel Three Lines of Defence Requirements: List the 5 key requirements for each line.
A
Each line must: a) be adequately resourced (budget, tools, staff), b) have clearly defined roles/responsibilities, c) be continuously and adequately trained, d) promote sound risk culture, e) communicate with other lines to reinforce ORMF
12
Q
AFC (Anti-Financial Crime) Unit: List the 6 core areas and 4 key aspects of AFC independence.
A
Core areas: 1) AML, 2) Sanctions & Embargoes, 3) Anti-Fraud/Bribery/Corruption, 4) Investigations & Intelligence, 5) Monitoring & Screening, 6) Risk Assessment. Independence: 1) Monitoring via first line, 2) Maintain independence, 3) Avoid conflict of interest, 4) Escalate when needed
13
Q
Board Responsibilities for AFC: What 4 things must the Board ensure for the AFC unit?
A
1) Access to information, 2) Organisational support, 3) Sufficient staff, 4) Access to needed resources
14
Q
===RISK APPETITE & GOVERNANCE STRUCTURES===
A
15
Q
Risk Appetite vs Risk Tolerance: What’s the key difference per Basel/FSB guidance?
A
Risk appetite is Board-approved and consistent with overall strategy. Risk tolerance has zero tolerance for willful breaches (deliberate AML violations) but explicit tolerance levels for operational execution errors
16
Q
Risk Tolerance Examples in AML: Give 3 examples of operational risk tolerance levels.
A
1) False positives: Accept 90% false positive rate if ensures regulatory coverage (though costly), 2) KYC backlog: Allow up to 5% of reviews temporarily overdue before escalation, 3) SAR filing: No tolerance for missing statutory deadlines but tolerance for internal investigation queue up to X days
17
Q
UAE Bank Risk Appetite Example: What are the key commitments and thresholds?
A
Commitments: Combat financial crime, screen customers, adopt risk-based monitoring (alerts managed within 1 month), implement AML/KYC processes. Threshold: Accept max 5% of new customers as high-risk (with EDD and management approval). Exit non-borrowing ‘Prohibited’ relationships, monitor borrowing ‘Exit’ relationships quarterly
18
Q
Turkish Bank Risk Appetite: What are the 4 stages of customer value chain risk assessment?
A
a) Customer Risk, b) Country Risk, c) Product/Service Risk, d) Technology/Delivery Channel Risk
19
Q
Recovery Plans and Crisis Management: What are the 6 key components that must address operational risk?
A
1) Critical functions & core business lines (identify vulnerabilities), 2) Recovery options menu (operational feasibility assessment), 3) Operational continuity & resilience (BCP, cyber readiness, outsourcing), 4) Scenario analysis (cyber-attacks, fraud, disasters), 5) Governance & escalation framework (CRO/COO/CIO/CISO roles), 6) Communication strategy (swift communication to supervisors/customers)
20
Q
===RISK-BASED APPROACH (RBA): Core Concepts===
A
21
Q
Risk-Based Approach Definition: What does RBA consist of?
A
Identification, assessment and understanding of risks, plus consequent application of AML/CFT measures commensurate to these risks to ensure effective mitigation
22
Q
RBA Risk Variables: What are the 4 most common risk criteria for measuring money laundering?
A
1) Customer risk (KYC, customer research), 2) Country (FATF, Basel Index), 3) Products and Services (types of accounts, CBRs), 4) Industry (cash intensive, nature of industry)
23
Q
XBank Private Risk Scoring Model: What are the three risk factor categories and their weights?
A
1) Customer Risk Factors (40%): PEP +20, Offshore structure +15, Cash-intensive business +10. 2) Geographic Risk Factors (30%): FATF grey list +15, High-corruption +10, Sanctions list +20. 3) Product/Service Risk (30%): Private banking +10, Cross-border correspondent +15, Crypto-related +20
24
Q
XBank Risk Scoring Thresholds: What are the three risk zones?
A
0-30 = Low Risk, 31-60 = Medium Risk, 61+ = High Risk
25
XBank Model Example Calculation: A PEP from high-corruption jurisdiction with offshore trust in BVI using private banking and transferring to FATF grey list country scores how much and what classification?
Score: 70 (PEP +20, Offshore +15, High-corruption +10, Grey list +15, Private banking +10) = High Risk
26
XBank Model Hidden Flaws: What are the 3 major problems with this scoring model?
1) Risk aggregation is simplistic (additive not multiplicative - PEP + offshore + grey list should multiply), 2) Threshold gaming (60 vs 70 avoids EDD despite high risk), 3) No dynamic update (doesn't adjust for new FATF listings or typologies)
27
===WORLD BANK RBA & REGIONAL COMPARISONS===
28
World Bank Simplified RBA: What are the 3 steps for assessing ML/TF risks in financial inclusion products?
Step 1: Analyze product features and risk implications. Step 2: Assess risk mitigation measures (e.g., quality of analytical work for transaction caps). Step 3: Assess impact of country risk context on the product
29
World Bank RBA Purpose: What is the goal of this module?
Design ad hoc products to maximize exemption and increase financial inclusion while maintaining AML/CFT standards
30
EU AML/CFT Framework: What are the key regulatory basis, RBA framing, simplified measures, and supervisory approach?
Regulatory: 4AMLD/5AMLD/6AMLD consolidated under AMLR 2024, AMLA being set up. RBA: Mandatory risk-based CDD, enterprise-wide assessments, harmonized across 27 member states. Simplified: SDD for low-risk (basic accounts, domestic authorities), EDD mandatory for high-risk (PEPs, non-EU). Supervision: Risk-based, national supervisors + AMLA from 2027
31
US AML/CFT Framework: What are the key regulatory basis, RBA framing, simplified measures, and supervisory approach?
Regulatory: BSA, USA PATRIOT Act, FinCEN rules, federal banking regulators (OCC, FDIC, Fed). RBA: Programs tailored to bank risk profile (customer mix, geography, products), high focus on SAR and enforcement. Simplified: No formal simplified CDD but risk-based exemptions (payroll, government benefits) if documented. Supervision: Strong enforcement, regulators test if programs commensurate with risk, heavy fines for deficiencies
32
Asia AML/CFT Framework: What are the key regulatory basis, RBA framing, simplified measures, and supervisory approach?
Regulatory: Based on FATF standards via central bank/financial regulators (MAS Singapore, RBI India, SBP Pakistan, BSP Philippines). RBA: Institutional risk assessments, calibrate CDD/monitoring, maturity varies (Singapore advanced, emerging economies have capacity challenges). Simplified: Tiered KYC for low-value accounts/mobile money/government transfers, digital e-KYC widely promoted. Supervision: Risk-based inspections, capacity varies (advanced emphasize proportionality, developing build skills)
33
===KYC & CUSTOMER RESEARCH: Fundamentals===
34
KYC Three-Phase Framework: What are the 3 phases of customer research?
1) Know Your Customer (KYC) - customer onboarding, 2) Transaction Monitoring - red flags are generated, 3) Investigations - clear case or file SAR
35
KYC Due Diligence Activities: What are the 6 common due diligence activities in onboarding?
1) Identification and KYC report, 2) Political exposure (PEP), 3) Suspicious countries, 4) Research based intelligence, 5) Sanctions, 6) Adverse media
36
KYC High-Risk Customers Part 1: List 6 categories.
1) Politically Exposed Persons (PEPs) and associates, 2) Casinos, securities brokers, dealers in precious metals/stones, 3) Domestic/offshore shell companies, 4) Casas de cambio, currency exchanges, money transmitters, 5) Private investment companies (PIC), 6) International companies
37
KYC High-Risk Customers Part 2: List 4 additional categories.
7) Deposit brokers, 8) Cash-intensive businesses, 9) Foreign/domestic NGOs and charities, 10) Gatekeepers (attorneys, accountants, etc.)
38
KYC Exercise Decisions: For Messi (footballer, past tax evasion), Kirchner (Argentine PEP with corruption allegations), Abramovich (Russian on sanctions lists 2022), and Gates (Microsoft, philanthropist) - what are the onboarding decisions?
Messi: Onboard with EDD (past tax case but clear wealth source). Kirchner: Onboard only with strict EDD or consider reject (PEP + corruption = high reputational risk). Abramovich: Reject (sanctions = absolute prohibition). Gates: Onboard with standard due diligence (transparent wealth, strong record)
39
===KYC APPROACHES BY JURISDICTION===
40
EU KYC Requirements: What ID documents are required, what digital framework exists, and what simplified account must be offered?
ID: National ID, passport, residence permit. Digital: eIDAS framework allows remote onboarding with strong assurance. Simplified: Basic Payment Account must be offered to all legal residents (low-cost, accessible)
41
US KYC Requirements: What ID documents are required, what are the digital onboarding rules, and is there a basic account requirement?
ID: Government-issued ID (driver's license, passport, SSN/TIN). Digital: Remote onboarding allowed if meets CIP standards. Simplified: No formal basic account but risk-based exemptions for payroll and government benefit accounts
42
Singapore KYC Requirements: What ID documents are required, what digital systems are available, and what simplified accounts exist?
ID: NRIC (citizens), FIN (foreigners), passport. Digital: Full e-KYC permitted via MyInfo and SingPass. Simplified: No-frills accounts possible, mainly inclusion through digital onboarding
43
India KYC Requirements: What ID documents are required, what digital methods exist, and what simplified accounts are offered?
ID: Aadhaar, PAN, voter ID, passport. Digital: Video KYC (V-CIP), Aadhaar OTP-based onboarding. Simplified: Small Accounts (balance ≤₹50,000, annual credits ≤₹100,000), Jan Dhan Yojana for mass inclusion
44
Nigeria KYC Requirements: What ID documents are required, what tiered e-KYC system exists, and how are accounts structured?
ID: National ID (NIN), BVN. Digital: Tiered e-KYC - Level 1 (name/phone), Level 2 (ID+photo), Level 3 (full CDD). Simplified: Tiered accounts linked to mobile money & financial inclusion
45
===RED FLAGS IN AML: Six Categories===
46
Red Flags - Account Profile Indicators: List 6 warning signs.
1) Same home address for funds transfers by different people, 2) Income inconsistent with customer profile, 3) False identification documentation, 4) Use of variations when spelling names/addresses, 5) Unusual customer behavior, 6) Use of multiple accounts for deposits
47
Red Flags - Account Activity Indicators: List 10 warning signs.
1) Activity inconsistent with profile, 2) Account operated by non-owner, 3) Large number of accounts with same institution, 4) Numerous large ATM deposits, 5) Purchase of bank drafts by third parties, 6) Numerous small loan applications, 7) Same/similar methods for multiple loans, 8) Transactions inconsistent with profile, 9) Use of student accounts after departure, 10) Use of inactive account
48
Red Flags - Transfer/Deposit/Withdrawal Patterns: List 8 warning signs.
1) Frequent cash deposits over short period, 2) Frequent check deposits, 3) Large cash deposits, 4) Large cash transactions over short period, 5) Large cash withdrawals with bank check, 6) Multiple funds transfers below specific threshold, 7) Purchase of travelers checks with cash, 8) Withdrawing all/nearly all funds within short period
49
Red Flags - International Activity Indicators: List 9 warning signs.
1) Funds transferred to overseas then withdrawn locally, 2) Transfers to numerous offshore jurisdictions without business rationale, 3) Departure shortly after making transfers, 4) Transfers involving tax haven, 5) Multiple deposits to same overseas account by different people, 6) Large international transfers, 7) Use of multiple remittance providers to common beneficiaries, 8) Use of multiple remitters in same location, 9) Use of international credit card
50
Red Flags - Crypto Assets: List 4 warning signs.
1) Transactions involving sanctioned wallet addresses or linked to illegal activity, 2) Multiple large crypto purchases in 24H and withdraws as fiat, 3) Repeated crypto transfer/conversion to fiat in locations with low regulatory enforcement, 4) Purchase of large crypto amounts with funds above known wealth
51
Red Flags - Gambling Indicators: List 4 warning signs.
1) Betting accounts with large deposits but minimal betting activity, 2) Cash withdrawals from betting accounts in checks/vouchers, 3) Large funds transfers after gambling activity, 4) Unusual pattern of phone betting transactions
52
===TRANSACTION MONITORING DEVELOPMENTS===
53
New Transaction Monitoring Developments Part 1: What are the first 2 key developments?
1) Integration of Customer Risk Rating into TM: Alerts dynamically prioritized by customer risk scores from KYC/CDD; high-risk customers in high-risk jurisdictions trigger at lower thresholds. 2) Real-Time & Cross-Border Monitoring: Moving from batch T+1 to real-time alerting for high-risk payments (SWIFT, SEPA, instant payments); enhanced cross-border pattern detection; more screening integration (OFAC, EU, UN sanctions) in payment flows
54
New Transaction Monitoring Developments Part 2: What are developments 3 and 4?
3) Focus on Effectiveness (FATF-driven): Regulators expect quality of SARs not just alert volume; shift to 'useful intelligence' for FIUs; emphasis on feedback loops from SAR outcomes back to TM tuning. 4) Typology Expansion: Models now include sanctions evasion (mirror trades, complex routing), Trade-Based ML (TBML - over/under invoicing, third-party payments), crypto integration (on/off-ramp flows), mule accounts linked to fraud
55
New Transaction Monitoring Developments Part 3: What are developments 5 and 6?
5) Data & Technology Enhancements: Entity resolution tools to link fragmented accounts; graph/network analytics to uncover beneficial owners; cloud-based TM platforms for scalability/speed/AI. 6) Regulatory Pressure & Fines: Cases (Danske Bank, ABLV) showed failures; regulators demand regular model validation, documented threshold rationale, evidence of ongoing tuning & calibration
56
Transaction Monitoring T+1: What does T+1 mean in transaction monitoring?
Transactions that occur today (T) are processed overnight and reviewed the next business day (T+1)
57
===INVESTIGATION PROCEDURES===
58
Investigation Guidelines Steps 1-6: List the first 6 steps with their descriptions.
1) Alert Generation (automated systems with predefined rules/thresholds), 2) Initial Review (compliance analyst reviews legitimacy/relevance), 3) Risk Assessment (evaluate customer history, transaction details, alert nature), 4) Customer Profile (review and update KYC information), 5) Investigation (detailed investigation with additional data collection if suspicious), 6) Documentation (thoroughly document investigation, reasons for suspicion, actions taken)
59
Investigation Guidelines Steps 7-12: List steps 7-12 with their descriptions.
7) Peer Review (second analyst/supervisor reviews for objectivity), 8) Decision (decide whether to file SAR), 9) Reporting (prepare and submit SAR if required), 10) Escalation (escalate to law enforcement if needed), 11) Remediation (improve AML system for false positives), 12) Continuous Monitoring (ongoing process watching customer profiles/transaction behavior)
60
Investigation Guidelines Steps 13-17: List the final 5 steps.
13) Training and Feedback (regular training and feedback loops for improvement), 14) Record Keeping (maintain comprehensive records for audits/compliance), 15) Reporting to Management (provide regular reports to senior management), 16) Regulatory Compliance (ensure all processes adhere to AML laws/regulations), 17) Continuous Improvement (periodic reviews and adjustments for program effectiveness)
61
Red Flag Procedure: What is the decision tree for handling red flags?
Check: Is it in line with known patterns and account purpose? If NO → Escalation required, contact AML officer. Then: Is there explanation for pattern change? Is there adverse media or client associated with subpoenas/sanctions? Based on answers → Either candidate for SAR OR not requiring a SAR
62
===SAR REPORTING===
63
SAR Report Contents: What are the 6 typical components of a Suspicious Activity Report?
1) Full name, address and passport number of individual(s), 2) Nature of suspicious activity, 3) Date of suspicious activity, 4) Suspected category or categories, 5) Financial services involved, 6) Whether SAR is linked to previously filed SAR
64
SAR Regional Comparison: Compare USA, Europe, and Asia on annual volume, reporting style, and quality.
USA: 4.7M+ SARs (FinCEN 2024), defensive/massive volumes, criticized as too broad. Europe (EU/UK): 1.5-2M combined (fragmented), moderate-high volumes, more balanced but inconsistent. Asia: Hundreds (weak FIUs) to 700k+ (India/Japan), highly uneven, mixed quality (Singapore/HK high, others weak)
65
SAR Most Typical Mistakes: What are the 5 categories of common mistakes and why they matter?
1) Narrative: Vague/generic without explaining why suspicious (FIU can't assess or link to intelligence). 2) Data Completeness: Missing key identifiers (blocks FIU cross-matching). 3) Timeliness: Filing too late or waiting for proof (delays intervention; standard is 'reasonable suspicion' not evidence). 4) Context: No explanation why activity deviates from profile (FIU loses risk rationale, can't prioritize). 5) Volume: Over-reporting defensive SARs (noise) or under-reporting structuring/smurfing (leaves risks undetected)
66
US SAR Filing Rules: Who should send SARs, when should they be filed, and what is prohibited after filing?
WHO: Banks, investment firms, real estate agents, etc.; any US employee with suspicion (not vague unease) must file; largely filed electronically. WHEN: Whenever institution knows/suspects customer engaged in ML or BSA breach. DO NOT: Expressly illegal to inform customer/account that SAR has been filed or even exists
67
24H Report vs UTR Report: What are the differences and timing?
24H Report: Filed when bank has evidence related to criminal activity. UTR (Unusual Transaction Report): Filed as result of transaction monitoring alert; must be filed within 60 days of suspicious transaction. Unique process: Director of FIU tracks reports (case trackers) and escalates to AML committee
68
Investigation Parties and Roles: List the 5 parties involved and their responsibilities.
1) Customer: Provide info. 2) Relationship Manager: Collect info (no tip off!!). 3) Investigator: Fulfill regulator request timely. 4) Legal Council: All time present (no CoI!!). 5) Board: Ultimate responsibility, continuously updated by investigator, notices to all employees on roles during regulator-initiated investigation
69
===CASE STUDY EXERCISES===
70
Case: Family Business Account vs Private Banking Client - What are the investigation findings and decisions?
Family Business (Eastern Europe, €50m food exports, €3-5m monthly to UAE): Trade flows inconsistent with benchmarks, UAE counterparties are shell firms, payments structured below reporting thresholds → Decision: Onboard with EDD (verify BO, trade docs, monitoring). Private Banking (HNW Switzerland, €8m deposit, 'real estate sales Asia'): No documentation of sale, adverse media linked to former government minister (PEP), funds routed via offshore → Decision: Reject (unclear source of wealth + PEP risk)
71
Luxury Goods Trader Case: What are the key red flags and what actions should 1st and 2nd lines take?
Profile: ABC Trading Ltd (European capital, luxury watches, €30m annually, 18 months with bank). Red Flags: Multiple cash deposits from different EU individuals (each under €10k), rapid wires to related Hong Kong company, no invoices, same directors in both companies, adverse media on director (VAT carousel fraud). 1st Line: Escalate to compliance (structuring, lack of documentation, related-party transfers, adverse media). 2nd Line: File SAR (pattern suggests placement + layering, client unable to provide credible explanation). Consider exiting relationship
72
===CBR & INVESTIGATION TECHNIQUES===
73
CBR Investigation Skills Requirements: What 6 things should AML investigators know about correspondent banks?
1) Knowledge about respondent bank, 2) Jurisdictions in which it operates, 3) Purpose of the account, 4) Beneficial ownership, 5) Nature of its customer base, 6) Services it provides its customers
74
CBR Context Considerations: What 3 contextual factors make correspondent banking investigation unique?
1) Each correspondent bank has own AML program controls based on products/services, risk appetite/tolerance. 2) Different jurisdictions have different systems (daily transaction limits on international payments, FIs apply own limits for online banking). 3) Large transactions may be split into multiple smaller amounts over consecutive days (not necessarily structuring)
75
CBR Investigation Additional Skills: What 3 additional things should investigators analyze and consider?
Analyze: Upstream and downstream banks in payment chain, where banks/transacting parties located, currency corridor for payments, payment infrastructure used to settle. Consider: Respondent bank may have multiple correspondents (multiple RFIs in activity), banks need regulatory approval before responding to RFI, investigators should plan accordingly to allow sufficient time for RFI response
76
Wolfsberg Group: What is it and what tools does it provide for CBR?
Association of 12 global banks developing frameworks and guidance for financial crime risk management. Senior financial crime compliance leaders from member banks. Tools: 1) Correspondent Banking Due Diligence Questionnaire (CBDDQ), 2) CBDDQ Guidance, 3) Financial Crime Compliance Questionnaire (FCCQ), 4) Wolfsberg Group Transaction Monitoring Request for Information Best Practice Guidance
77
===INVESTIGATION BEST PRACTICES===
78
Customer Profile Structure: What 5 elements should be included in a customer profile for senior management?
1) Summary for senior management, 2) Basic info on customer, 3) Nature of business and purpose of account, 4) Red flags discovered, 5) Issues of concern
79
Investigation Plan Components: How should you scope an investigation plan (5 elements) and what should the scope define (3 elements)?
Plan: 1) Set timeline with flexibility, 2) Document items to be reviewed, 3) Establish a process, 4) Schedule intervals for reporting, 5) Proposed methods for reporting. Scope should: 1) Define magnitude of damage, 2) Parties involved, 3) Be justified and approved
80
Info Search Issues - External Sources: What are the 3 key concerns with open-source intelligence?
1) Privacy risk: Search engine could reveal business relations via IP address (breaching client confidentiality) - advise anonymous IP or PC not connected to bank network. 2) Unreliable sources: Blogs with author opinions should not be used. 3) RFI protocols: Best source is close to customer/transaction/situation; exhaust all internal sources before requesting RFI; follow organizational procedure
81
Info Search Issues - Customer Interaction: What are the 5 key considerations for interviewing customers and off-line visits?
Interview: 1) Necessary interpersonal skills, 2) Preparation (scripts/templates), 3) If customer uncooperative = additional red flag, 4) Ensure discretion to customer, 5) If customer is PEP additional skills/preparation needed. Off-line visits: Make sure of data protection laws in each jurisdiction, determine if activity is reasonable
82
Tipping-Off: What is it, who is mainly concerned, and what are the 4 key rules?
Definition: Alerting someone they're under investigation or financial activities are being scrutinized. Mainly concerns: Front line staff dealing with customers to collect info. Rules: 1) Understand the Law, 2) Data protection Law is relevant, 3) Not mention anything concerning a SAR (criminal offence in some jurisdictions), 4) Permission to continue activity could be granted to not alert bad actor
83
Know Your Regulation: What 4 aspects of regulation should you know across jurisdictions?
1) Identify suspicious activity, 2) Identify and verify customer (e.g., some jurisdictions accept car license), 3) Collect beneficial ownership info (some jurisdictions 10%, others 25%), 4) Prevent sanctions violations and financial crimes (e.g., US corruption law has extraterritorial reach)
84
===DATA ANALYSIS & DOCUMENTATION===
85
Transaction Monitoring Tools - Technologies: List the 5 types of tools and their purposes.
1) Machine Learning: Identify patterns to generate automatic alerts. 2) RPA/AI: Use advanced analytics to manage large volume of repeatable tasks. 3) Traditional Methodology: Relies heavily on human intervention. 4) Data Visualization: Principals industry vector, pattern in unstructured transactions (dashboards, interactive querying). 5) Tuning: Process to detect unusual behavior, adjust thresholds regularly
86
ML/AI Advantages: What are the 3 key advantages over traditional methods?
1) Lower probability of false positives versus traditional methods, 2) Reduce needs for human intervention, 3) Give humans time to analyze the data
87
Model Risk: What are the key concerns with model-based monitoring?
Red flags threshold setting, relevant data from various sources must be properly integrated and validated
88
Methods for Analyzing Data: What are the 3 primary analytical methods?
1) Cross Tabulation: Most common method, using tabular method to draw inferences between various datasets. 2) Trend Analysis: Analyze data collected over a period of time. 3) Use of Automatic Coding Software
89
Qualitative Data - Understanding Patterns: What 5 human/contextual factors should you investigate to capture financial crime patterns?
1) Culture of the organization, 2) Culture of the jurisdiction, 3) Economics and political climate, 4) Knowledge of historical incidents, 5) Psychology of the criminal
90
Psychology of Money Launderer: According to Carl Rogers, what characterizes a psychologically fully functioning person (which unintentionally describes a money launderer)?
Someone who lives in every moment without worrying about past deeds or future consequences and who follows own intuition rather than will of others. This describes the unmoderated ego of a money launderer
91
Document the Research: What are the 4 key documentation requirements for creating an audit trail?
1) Document all steps taken as part of risk-based approach, 2) Include how you resolved any inaccuracies or false matches, 3) Properly store the data collected, 4) Retaining notes of investigation (not in official package but follow organizational policies)
92
Final Report Structure: What are the 5 key elements and what should you be aware of?
Elements: 1) Outline of allegations, 2) Summary of enquiries, 3) People that have been engaged, 4) Findings and the rationale, 5) Recommendations that should be actionable and reasonable. Awareness: Be aware of final reader (usually CEO, Risk Committee, Board) to correctly address them with right and direct recommendations
93
===CUSTOMER RELATIONSHIP ENDING===
94
Process for Ending Customer Relationship: What 3 things should the process include and what 2 aspects require future monitoring?
Process: 1) Closure form with description of details, 2) AML officer to review and approve, 3) Client may be added to blacklist. Future Monitoring Essential Because: 1) Customer could hide/change identity to regain access using third parties' names, 2) Continuous monitoring with frequent review for high-risk customers is essential
95
Giovanni Falcone Golden Rule: What is the golden rule of investigation and who said it?
'To find the Mafia you need to follow the money' - Giovanni Falcone (1939-1992), Italian judge and prosecuting magistrate
96
===REGULATORY FRAMEWORK & SUPERVISION: Basel Principles===
97
Basel Core Principles (BCP): What are they, which 3 principles are particularly relevant for AML, and who uses them for assessment?
29 principles representing global minimum standards for prudential regulation and supervision of banks/banking systems worldwide. Principles 9-10-29 particularly relevant for AML. Used by IMF and World Bank to assess effectiveness of banking supervisory systems in Financial Sector Assessment Program (FSAP)
98
BCP Principle 9 & 10: What are the key requirements for supervisory techniques/tools and reporting?
Principle 9: Supervisor employs appropriate mix of on-site and off-site supervision to evaluate banks/banking groups; specific mix determined by country/bank conditions; regularly assesses quality/effectiveness/integration of functions; has coherent process for planning/executing activities. Principle 10: Focus on supervisory reporting standards
99
BCP 2005 Survey Results: What percentage of countries were largely compliant with on-site/off-site supervision framework, and what were the major issues for the 27% not compliant?
73% largely compliant. Major issues for 27% not compliant (e.g., Slovenia, Austria, Russia, Ukraine): Low frequency of supervision, small/poorly educated staff, low synergies with external auditors, unclear specifications
100
IMF 2023 Major Weaknesses in Supervision: What are the 4 key lessons learned about on-site inspection?
1) Onsite Inspection is one of most important weaknesses in Supervisory Techniques, particularly in Advanced Economies. 2) Quality of policies/procedures/prioritization challenging, supervisory engagement with boards/management still developing. 3) Limited supervisory resources lead to less frequent/comprehensive inspections of small banks; offsite monitoring becomes primary method. 4) External independent parties may be engaged for reviews, but essential for supervisors to conduct targeted inspections of small banks; special attention to watch-list and complex institutions regardless of size
101
IMF AML/CFT Issues in FSAPs (2018-2023): What 2 key areas continued to be covered and what reflects lack of global progress?
Continued Coverage: 1) AML/CFT risk-based supervision and preventive measures (customer due diligence, suspicious transaction reporting). 2) Beneficial ownership and professional enablers (lawyers, company/trust service providers as DNFBPs) - reflects relative lack of progress globally on entity transparency
102
FSAP USA 2020 Major Highlights: What were the 3 key challenges to maintaining supervisory intensity?
1) Number of onsite examinations declined considerably for both large and small banks; many cases where banks took excessive time to address supervisor concerns (unnecessary financial stability risk). 2) Room to improve communication with banks ensuring managements more responsive; quality of correspondence varies within/across agencies; areas for improvements in strategic level communication. 3) Communication doesn't always sufficiently prioritize MRAs and MRIAs; horizontal review findings occur throughout year; supervisors settle into excessively formulaic and compartmentalized prescribed formats. (Note: Onsite exams declined by 29%)
103
FSAP Switzerland 2019 Major Highlights: What were the 4 key findings about FINMA?
1) Previous FSAP recommended increasing FINMA resources especially for onsite work and risk expertise - NOT implemented; staffing has not increased. 2) FINMA considers available resources appropriate but is improving efficiency of supervisory processes, reinvesting freed resources in new/increased activity per risk-based approach. 3) FINMA's direct on-site work increased by 44% during 2014-17; dedicates significant share to 5 largest banks; requiring external supervisory auditors to take more risk-focused approach with 'deep dive' reviews. 4) Onsite prudential audits must include all concentration risks, not only single name credit exposures
104
===BCP PRINCIPLE 29: ABUSE OF FINANCIAL SERVICES===
105
BCP Principle 29 Evolution: What happened to this principle between 2012 and 2023?
BCP Principle 29 has been subject to the most extensive revision introducing higher scrutiny expected on AML/CT topics (2023 version significantly expanded from 2012)
106
BCP Principle 29 Major New Introductions: What are the 4 key new requirements in 2023 version?
1) Supervisor determines banks have: compliance function and AML/CFT officer with adequate powers, reporting independence, staff, resources (Previously: just appoint relevant dedicated officer). 2) Banks have policies/processes to report criminal activities by STAFF to competent authorities (Previously: absent). 3) Supervisor cooperates with domestic/foreign financial sector supervisory authorities or exchanges info regarding suspected/actual criminal activities by banks (Previously: cooperates or shares info also indirectly). 4) Banks have group-wide programmes to address ML/TF/proliferation financing, including info sharing procedures within group (Previously: absent)
107
BCP 29 Compliance Survey 2023: What percentage of countries (FSAP period 2012-2023 1H) were not compliant with the old BCP 29?
Approximately 20% of countries were not compliant with the old BCP 29
108
===COMPLIANCE CHALLENGES & CASES===
109
Citigroup 2020 Case: What was the fine, what were the issues, what is the remediation cost, and what is the root problem?
Fine: $400 million from US authorities. Issues: Persistent problems in compliance risk management, data quality management, internal controls. Remediation: Bank said it will spend $1 billion on improving risk management frameworks and controls. Root Problem: Many business units run their own systems with separate customer identification measures (money-laundering vulnerability); some systems have roots in late 1990s; needs to unify patchwork of systems to track customers and transactions
110
HSBC Zing Case (2025): What happened, why did it fail, and what is the compliance dilemma?
What: HSBC decided to close international payments app Zing only a year after launching (2024-2025). Why: According to Financial News, key reason was Bank struggled to restructure Zing's compliance functions. Background: HSBC started work on Zing in early 2022 to create direct competitor to Fintech targeting non-HSBC customers. Dilemma: Compliance vs agility - is it fair competition?
111
Banks vs Fintech Regulatory Issue: What is the core competitive distortion problem per BCP Principle 12?
BCP 12 (Consolidated Supervision): Supervisor supervises banking group on consolidated basis, applying prudential standards to all business worldwide. Problem: Non-deposit-taking subsidiaries of banking groups specialized in ancillary services are subject to regulatory burden NOT imposed on independent firms performing same function. Creates unwarranted competitive distortions: 1) Asymmetric requirements for different players under regulations that should follow activity-based approach (vs entity approach), 2) Lack of entity-based obligations for non-banks when warranted on primary policy grounds
112
Current Issues for Banks: What are the 3 major issue categories and their specific challenges?
1) Technology: Investments, capacity to implement it, capacity to use it. 2) Regulatory Framework: Business model alignment, skilled HR. 3) Staff: Continues training, aging, capacity to adapt. 4) Data: Availability, capacity to use, capacity to read it
113
Business Model Changes Required: Describe the transformation from distribution to centralized model.
FROM: Distribution model where each Business unit has its own KYC and TxM (Transaction Monitoring). TO: Centralized model with one centralized Operation handling TxM and one centralized AFC (Anti-Financial Crime) unit handling KYC for all Business units. Transformation: Distribution → Centralized
114
===HISTORICAL CONTEXT & PURPOSE===
115
Historical Financial Crimes Examples: List the 4 historical examples of financial crimes mentioned (years and descriptions).
1) 1696: Clipping and fake coin epidemics (~10% of silver coins); Isaac Newton leads prosecutions and recoinage. 2) 1822: Gregor MacGregor invented a country, sold bonds/land rights, duped settlers and investors. 3) 1925: Con man sold Eiffel Tower for scrap. 4) WWII: Operation Bernhard mass-produced counterfeit UK notes attempting to bring down Bank of England
116
Purpose of AML Quote: What is the simple purpose of AML according to the lecture?
'The purpose of AML is simple: protect the vulnerable, not the process'
117
External Request Protocol: When receiving external documentation request, what 3 steps should you follow?
a) Check customer database (Search true positive). b) Start and plan your investigation (Common search engine, internal sources like plan interviews). c) Work under time frame determined by regulatory requirement (service level agreement-SLA): Prepare time frame matrix, work backwards
Financial Crimes
flashcards
Decks in class (7)
# Cards
