What can we learn from the FinCEN files?
One of the main stories from this week relates to the FinCEN files which is the latest of the document leaks that have come to dominate public opinion about the financial sector since 2014 where it started with LuxLeaks, then followed by the Panama Papers and the Paradise Papers. What is different in the FinCEN files is that these detail Suspicious Activity Reports (“SAR”) that demonstrate how banks dealt with relationships that they have already deemed to be suspicious from an anti-money laundering and counter-terrorism financing perspective and reported them to the authorities. Journalists questioned why the banks then continued to work with such customers. In this case, the agency that´s had a leak is the Financial Crimes Enforcement Network (”FinCEN”) which is a bureau of the US Department of the Treasury. The target of these leaks have so far only focused on the larger multinational banking institutions, but it is not unlikely that similar patterns of behaviour are likely across many different types of financial institutions. SAR reports and AML/CTF The purpose of filing a SAR is to flag, to the authorities in charge, that a customer relationship demonstrates a behavioural or transactional pattern that does not correspond to its expected activity. It is designed to ensure that financial institutions don’t hide such suspicions and indeed forces them to share such suspicions with the authorities in order to aid the prevention of criminal activity in society. Entities dealing with money are therefore on the front-lines when it comes to ensuring that funds derived from crime don’t make it into the financial system. To do this the financial institutions need to understand exactly who their customers are, monitor their activity closely and determine if they are likely to be engaging in criminal behaviour.
If you keep filing SARs on the same customers, or do not understand why they´re involved in certain activities, you should really consider whether you should be working with such customers at all. Some journalists have even questioned if financial institutions are using SAR reports as a box-ticking exercise, whereby they use them to discharge their duties under the AML rules and then continue with those customer relationships as before. The reality is more complex because financial institutions are prevented from tipping off the customer about the filed SAR report and some consider that such immediate account closures could be construed as tipping off. In any case the corporate conduct seen in the FinCEN files indicates that the corporate incentives might be misaligned with the purpose and spirit of AML rules, even if they are following the letter of the law.
Source: ComplyAdvantage The other side of SARs reporting Recently there has also been media coverage on over-zealous SARs reporting, including that of a well-known banking start-up which also serves as a good example of what unique problems arise when you´re creating a process that is leveraging technology and automation but that lacks sufficient human oversight. Other challenger banks have had similar problems in the past.
In short, innocent customers had their funds frozen but did not manage to get hold of any customer representative to discuss their issue with. This may be connected to the principle that once you´ve taken action against a customers´ assets, you´re not allowed to “tip them off” that something is wrong, but it’s unlikely. It’s probably got more to do with using technology that is very good at spotting suspicious behaviour but the organisation lacks the human capacity to investigate the customer and transactions more fully, take a position on whether the customer is genuine or not and act accordingly and follow up.
What perhaps connects both the FinCEN files and the overzealous challenger banks is a need for financial institutions to spend the time and effort to really consider what type of customer they are dealing with, whether any of those customer are really engaged in criminal behaviour and to handle them accordingly in a quick and fair way. Having a fully automated compliance programme is likely to create unique structural issues that may impact the service financial institutions seek to provide their clients. The structure needs to be stream-lined but with human oversight that can quickly intervene if something needs further review or if a mistake has been made.