Law.com Subscribers SAVE 30%
Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Anti-Money Laundering
Within just the past few months, there have been several reports of highly publicized money laundering scandals. In May of this year, Australia's second largest bank, the Westpac Bank, became involved in what some are calling the largest international money laundering case ever brought. Federal prosecutors have accused digital currency exchange Liberty Reserve, a Costa Rica-based entity, of helping criminals launder more than $6 billion in criminal proceeds. Westpac was one of the many banks around the world alleged to have been holding funds from the company, thought to be worth about $40 million.
In December 2012, HSBC avoided a legal battle by agreeing to pay $1.9 billion to settle a U.S. money laundering probe after facing accusations that it transferred funds through the U.S. from Mexican drug cartels and on behalf of nations such as Iran that are under international sanctions. In the same timeframe, Standard Chartered PLC, another British bank, signed an agreement with New York regulators to settle a money laundering investigation involving Iran with a $340 million payment.
These scandals have concerned both national and international companies in a variety of industries and businesses. To protect your company from these types of scandals, it is important to have a robust and effective anti-money-laundering program.
In addition, as money laundering schemes evolve and become more sophisticated over time, anti-money laundering programs should be periodically reviewed and assessed to ensure that they remain effective.
The following are seven elements of an effective anti-money laundering program that may be useful for companies when they are assessing their programs.
1. Written Policies and Procedures
It is axiomatic that effective anti-money laundering programs must be in writing and contain specific policies and procedures approved by upper management. These policies and procedures should detail the internal controls within the institution which have been established to limit and control risks and to ensure compliance with all applicable anti-money laundering laws and regulations. The sophistication and complexity of the internal controls should be commensurate with the size, structure, risks, and nature of the institution. The policies and procedures should make sure to describe an overall corporate environment that is conducive to managing risks and complying with anti-money laundering requirements.
Specific company-wide operations that may be vulnerable or subject to abuse by potential money launderers should be identified and the anti-money laundering program should be specifically tailored to these risks. The operations identified should include a company's products, services, customers, as well as geographic locations.
It is highly recommended that anti-money laundering programs be “risk-based.” This often involves the preparation of a written risk assessment covering each of the operations identified as vulnerable to abuse. The institution can develop the written policies and procedures based upon the risk assessment, and specifically design them to address the degree of risk to which the business is exposed. As the risks increase, stronger controls become necessary.
Finally, screening procedures should be documented with specific steps put in place to screen out individuals whom the company knows, or should know through its exercise of due diligence, have a history of engaging in illegal or improper activity or other misconduct.
2. Regular Training of Company Employees
An anti-money laundering program cannot be very effective if the employees of the company are not familiar with the elements of the program and on board with its procedures. For this reason, ongoing training is critical. All relevant employees should be trained on the illegality of money laundering and the company's anti-money laundering policies and procedures. These “relevant” employees should include any employees whose duties could potentially make them vulnerable to possible money laundering situations.
Training should be tailored to the person's specific responsibilities and should include any current anti-money laundering developments and changes. This may, in some cases, require training more often than merely once a year.
The company should document its training program and keep accurate records of the dates of the training, as well as its content, and records of attendance.
3. Designating an Anti-Money Laundering Compliance Officer
Senior management should appoint someone as compliance officer for anti-money laundering activities. This compliance officer should have sufficient authority within the company to enforce the compliance program, and sufficient resources (including, budgetary, physical and personnel) to administer an effective program. The compliance officer must be a qualified individual who is knowledgeable about methods of money laundering and pertinent anti-money laundering rules and regulations. It is, of course, critical that the compliance officer be an individual of high integrity and reputation within both the company and business community at large.
This person should also have a full knowledge of the business, its products, services, operations, customers and money laundering risk assessment, and be able to regularly advise senior management about ongoing compliance issues.
4. Keeping Records
Diligent record-keeping is integral to the success of an anti-money laundering program. Record-keeping provides assurance that the process of identifying and managing risks is operating in an effective manner.'
Initially, it is important to set up a system for collecting and reporting data, prepare clear and concrete definitions of what constitutes data, determine a method and measures for establishing data collection, and establish data collection and records management roles.
Overall, a company should be able to produce all versions of its anti-money laundering program for at least five years. The company should maintain an annual file for training records which includes the topics covered, method of training, copies of materials used, and evidence of completion for company employees and officials. One should also keep a file showing evidence of testing in the past several years, including, areas tested, results of testing, action taken as a result of any findings, and documentation showing that the findings were communicated to senior management. By maintaining these records in an orderly manner, a company can reduce its regulatory exposure.
5. Periodic Independent Testing of the Program
To be effective, an anti-money laundering program should be tested independently and on a regular basis. Best practices dictate that this should occur at least annually. The testing should be conducted by individuals who are not involved in the anti-money laundering program. This could be an internal audit department or outside auditors or consultants. The entity conducting the independent audit should be knowledgeable about the company as well as the anti-money laundering program. The entity should also be acquainted with the company's anti-money laundering risk assessment and the risk assessment should be utilized in the independent testing process. The review should be risk-based and evaluate the effectiveness of the anti-money laundering program.
The entity conducting the independent review should report directly to senior management or a designated board or committee. Any deficiencies and/or corrective actions should be provided to senior management as well as to the compliance officer for follow-up.
6. Management Oversight
Management oversight and good governance are key elements of an anti-money laundering program. An important ingredient is to make sure that senior-level officials within a company are well informed about key aspects of anti-money laundering compliance, risk management and policy decisions that affect the program. Senior managers in a company should never be placed in the position of being surprised by compliance deficiencies, or the possibility of outside actors exploiting their company for money laundering purposes.'
To prevent these kinds of surprises, senior management should become knowledgeable about, and conversant with, compliance issues. Best practices suggest that a company have a written policy or statement by senior management or board or audit committee, setting forth the overarching policies with regard to anti-money laundering compliance and addressing the primary money laundering risk criteria relevant to the organization.
There should also be documentation of senior management's review of the risk assessment, independent testing and any other reportable conditions. Where anti-money laundering issues are discussed at Board or committee meetings, meeting agendas should be circulated in advance and clearly highlight the anti-money laundering issues to be presented and discussed, and the discussions and action items that follow from the discussion, should also be documented.
7. Appropriate Responses
To be effective, an anti-money laundering program needs to have processes in place to respond to potential incidents, such as an actual attempt to use some aspect or part of the company for criminal purposes. These processes should include an acknowledgement that the incident has taken place whether it is simply suspicious behavior on the part of a customer, a computer system being potentially hacked into, or something more serious. The incident should be documented, including its time, duration and location, and the fact-finding process should commence immediately.
Fact-finding should consist of interviews with the appropriate employees or other potential witnesses, and the identification of any records or documentation relating to the incident. After fact-finding, incidents must be reported appropriately and sufficiently and notifications must be provided throughout the organization. The next and very critical step is the analysis and assessment of the incident. This step may result in modifying the anti-money laundering program, addressing any deficiencies in staff behavior or performance, and/or altering or updating training regimens.
Conclusion
As these elements indicate, anti-money laundering management does not end when the program is implemented. Continuous monitoring and testing is crucial to maintaining an effective program. If the above steps are taken in a consistent and substantive manner and companies ensure compliance with all applicable regulations, they can limit their exposure and hopefully prevent their company from becoming the next scandal in the headlines.'
H. David Kotz serves as a director at Berkeley Research Group. He also serves as a compliance monitor for firms that have entered into deferred prosecution agreements and similar arrangements with government agencies. Kotz previously served as the Inspector General of the SEC,where he authored the landmark report investigating the failure of the SEC to uncover Bernard Madoff's $50 billion Ponzi scheme.'
Within just the past few months, there have been several reports of highly publicized money laundering scandals. In May of this year, Australia's second largest bank, the Westpac Bank, became involved in what some are calling the largest international money laundering case ever brought. Federal prosecutors have accused digital currency exchange Liberty Reserve, a Costa Rica-based entity, of helping criminals launder more than $6 billion in criminal proceeds. Westpac was one of the many banks around the world alleged to have been holding funds from the company, thought to be worth about $40 million.
In December 2012,
These scandals have concerned both national and international companies in a variety of industries and businesses. To protect your company from these types of scandals, it is important to have a robust and effective anti-money-laundering program.
In addition, as money laundering schemes evolve and become more sophisticated over time, anti-money laundering programs should be periodically reviewed and assessed to ensure that they remain effective.
The following are seven elements of an effective anti-money laundering program that may be useful for companies when they are assessing their programs.
1. Written Policies and Procedures
It is axiomatic that effective anti-money laundering programs must be in writing and contain specific policies and procedures approved by upper management. These policies and procedures should detail the internal controls within the institution which have been established to limit and control risks and to ensure compliance with all applicable anti-money laundering laws and regulations. The sophistication and complexity of the internal controls should be commensurate with the size, structure, risks, and nature of the institution. The policies and procedures should make sure to describe an overall corporate environment that is conducive to managing risks and complying with anti-money laundering requirements.
Specific company-wide operations that may be vulnerable or subject to abuse by potential money launderers should be identified and the anti-money laundering program should be specifically tailored to these risks. The operations identified should include a company's products, services, customers, as well as geographic locations.
It is highly recommended that anti-money laundering programs be “risk-based.” This often involves the preparation of a written risk assessment covering each of the operations identified as vulnerable to abuse. The institution can develop the written policies and procedures based upon the risk assessment, and specifically design them to address the degree of risk to which the business is exposed. As the risks increase, stronger controls become necessary.
Finally, screening procedures should be documented with specific steps put in place to screen out individuals whom the company knows, or should know through its exercise of due diligence, have a history of engaging in illegal or improper activity or other misconduct.
2. Regular Training of Company Employees
An anti-money laundering program cannot be very effective if the employees of the company are not familiar with the elements of the program and on board with its procedures. For this reason, ongoing training is critical. All relevant employees should be trained on the illegality of money laundering and the company's anti-money laundering policies and procedures. These “relevant” employees should include any employees whose duties could potentially make them vulnerable to possible money laundering situations.
Training should be tailored to the person's specific responsibilities and should include any current anti-money laundering developments and changes. This may, in some cases, require training more often than merely once a year.
The company should document its training program and keep accurate records of the dates of the training, as well as its content, and records of attendance.
3. Designating an Anti-Money Laundering Compliance Officer
Senior management should appoint someone as compliance officer for anti-money laundering activities. This compliance officer should have sufficient authority within the company to enforce the compliance program, and sufficient resources (including, budgetary, physical and personnel) to administer an effective program. The compliance officer must be a qualified individual who is knowledgeable about methods of money laundering and pertinent anti-money laundering rules and regulations. It is, of course, critical that the compliance officer be an individual of high integrity and reputation within both the company and business community at large.
This person should also have a full knowledge of the business, its products, services, operations, customers and money laundering risk assessment, and be able to regularly advise senior management about ongoing compliance issues.
4. Keeping Records
Diligent record-keeping is integral to the success of an anti-money laundering program. Record-keeping provides assurance that the process of identifying and managing risks is operating in an effective manner.'
Initially, it is important to set up a system for collecting and reporting data, prepare clear and concrete definitions of what constitutes data, determine a method and measures for establishing data collection, and establish data collection and records management roles.
Overall, a company should be able to produce all versions of its anti-money laundering program for at least five years. The company should maintain an annual file for training records which includes the topics covered, method of training, copies of materials used, and evidence of completion for company employees and officials. One should also keep a file showing evidence of testing in the past several years, including, areas tested, results of testing, action taken as a result of any findings, and documentation showing that the findings were communicated to senior management. By maintaining these records in an orderly manner, a company can reduce its regulatory exposure.
5. Periodic Independent Testing of the Program
To be effective, an anti-money laundering program should be tested independently and on a regular basis. Best practices dictate that this should occur at least annually. The testing should be conducted by individuals who are not involved in the anti-money laundering program. This could be an internal audit department or outside auditors or consultants. The entity conducting the independent audit should be knowledgeable about the company as well as the anti-money laundering program. The entity should also be acquainted with the company's anti-money laundering risk assessment and the risk assessment should be utilized in the independent testing process. The review should be risk-based and evaluate the effectiveness of the anti-money laundering program.
The entity conducting the independent review should report directly to senior management or a designated board or committee. Any deficiencies and/or corrective actions should be provided to senior management as well as to the compliance officer for follow-up.
6. Management Oversight
Management oversight and good governance are key elements of an anti-money laundering program. An important ingredient is to make sure that senior-level officials within a company are well informed about key aspects of anti-money laundering compliance, risk management and policy decisions that affect the program. Senior managers in a company should never be placed in the position of being surprised by compliance deficiencies, or the possibility of outside actors exploiting their company for money laundering purposes.'
To prevent these kinds of surprises, senior management should become knowledgeable about, and conversant with, compliance issues. Best practices suggest that a company have a written policy or statement by senior management or board or audit committee, setting forth the overarching policies with regard to anti-money laundering compliance and addressing the primary money laundering risk criteria relevant to the organization.
There should also be documentation of senior management's review of the risk assessment, independent testing and any other reportable conditions. Where anti-money laundering issues are discussed at Board or committee meetings, meeting agendas should be circulated in advance and clearly highlight the anti-money laundering issues to be presented and discussed, and the discussions and action items that follow from the discussion, should also be documented.
7. Appropriate Responses
To be effective, an anti-money laundering program needs to have processes in place to respond to potential incidents, such as an actual attempt to use some aspect or part of the company for criminal purposes. These processes should include an acknowledgement that the incident has taken place whether it is simply suspicious behavior on the part of a customer, a computer system being potentially hacked into, or something more serious. The incident should be documented, including its time, duration and location, and the fact-finding process should commence immediately.
Fact-finding should consist of interviews with the appropriate employees or other potential witnesses, and the identification of any records or documentation relating to the incident. After fact-finding, incidents must be reported appropriately and sufficiently and notifications must be provided throughout the organization. The next and very critical step is the analysis and assessment of the incident. This step may result in modifying the anti-money laundering program, addressing any deficiencies in staff behavior or performance, and/or altering or updating training regimens.
Conclusion
As these elements indicate, anti-money laundering management does not end when the program is implemented. Continuous monitoring and testing is crucial to maintaining an effective program. If the above steps are taken in a consistent and substantive manner and companies ensure compliance with all applicable regulations, they can limit their exposure and hopefully prevent their company from becoming the next scandal in the headlines.'
H. David Kotz serves as a director at Berkeley Research Group. He also serves as a compliance monitor for firms that have entered into deferred prosecution agreements and similar arrangements with government agencies. Kotz previously served as the Inspector General of the SEC,where he authored the landmark report investigating the failure of the SEC to uncover Bernard Madoff's $50 billion Ponzi scheme.'
This premium content is locked for Entertainment Law & Finance subscribers only
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
- Stay current on the latest information, rulings, regulations, and trends
- Includes practical, must-have information on copyrights, royalties, AI, and more
- Tap into expert guidance from top entertainment lawyers and experts
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
COVID-19 and Lease Negotiations: Early Termination Provisions
During the COVID-19 pandemic, some tenants were able to negotiate termination agreements with their landlords. But even though a landlord may agree to terminate a lease to regain control of a defaulting tenant's space without costly and lengthy litigation, typically a defaulting tenant that otherwise has no contractual right to terminate its lease will be in a much weaker bargaining position with respect to the conditions for termination.
How Secure Is the AI System Your Law Firm Is Using?
What Law Firms Need to Know Before Trusting AI Systems with Confidential Information In a profession where confidentiality is paramount, failing to address AI security concerns could have disastrous consequences. It is vital that law firms and those in related industries ask the right questions about AI security to protect their clients and their reputation.
Generative AI and the 2024 Elections: Risks, Realities, and Lessons for Businesses
GenAI's ability to produce highly sophisticated and convincing content at a fraction of the previous cost has raised fears that it could amplify misinformation. The dissemination of fake audio, images and text could reshape how voters perceive candidates and parties. Businesses, too, face challenges in managing their reputations and navigating this new terrain of manipulated content.
Pleading Importation: ITC Decisions Highlight Need for Adequate Evidentiary Support
The International Trade Commission is empowered to block the importation into the United States of products that infringe U.S. intellectual property rights, In the past, the ITC generally instituted investigations without questioning the importation allegations in the complaint, however in several recent cases, the ITC declined to institute an investigation as to certain proposed respondents due to inadequate pleading of importation.
Authentic Communications Today Increase Success for Value-Driven Clients
As the relationship between in-house and outside counsel continues to evolve, lawyers must continue to foster a client-first mindset, offer business-focused solutions, and embrace technology that helps deliver work faster and more efficiently.