A new paper sets out the Monetary Authority of Singapore’s supervisory expectations regarding the effectiveness of anti-money-laundering controls in the private banking sector and includes illustrative examples that it has drawn from regulatory inspections.
The inspections in question occurred within the last 18 months. The MAS believes that private banks have inherently higher exposure to money laundering than others, particularly regarding the predicate crimes of foreign tax evasion and corruption, because of "the client attributes, size of transactions and complexity involved."
SOW and SOF
The paper calls for a 'robust' (presumably this means 'accurate') corroboration of the sources of HNW customers' wealth and funds. Platitudes abound here, with the regulator exhorting firms to "ask the right questions" and "obtain adequate information." To remain as customers, HNWs should be made to "provide adequate information."
It also calls on banks to have 'zero tolerance' for illegitimate funds. This, presumably, means that whenever a bank alights on a questionable payment, however, trivial, it ought to root out the problem even if its risk assessment systems have spotted a larger potential problem elsewhere. This is the opposite of the 'risk-based approach' beloved of the Financial Action Task Force, the world's AML standard-setter.
Under a heading of "corroborating source of wealth," the MAS states that it is inappropriate to rely solely on clients' expectations for this. This seems to be a sign that SOW compliance is not generally up to standard in Singapore. Under the heading of "corroborating source of funds," the MAS asks private banks to enquire into the activity that generated the funds, use 'substantive' information, "facilitate the assessment" and pay extra attention to funding from third parties.
Tax risk management
Compliance in this area is so bad in Singapore that the MAS exhorts all firms, however good their compliance efforts already are, to 'strengthen' their ability to identify customers who present a higher-than-usual tax-related money-laundering risk at the 'onboarding' stage and to 'institute' (not improve) "monitoring controls" that allow them to detect tax-related problems. They should also teach staff members (i.e. the front office or "first line of defence") how to spot warning signs or 'red flags' at the onboarding stage and keep informing them about new types of tax evasion as they appear.
Getting down to cases: good practices
Bank A conducts a comprehensive tax risk assessment of customers at the onboarding stage and then conducts periodic reviews, looking into such factors as the use of 'hold mail' services, the type of customer and the purpose of the account, the presence of tax-related adverse news, the use of complex structures and the country of tax residence.
As part of its onboarding "customer due diligence" (CDD), Bank B requires "extra due diligence" (EDD) on the customers it thinks are highly risky, completing in-depth tax CDD questionnaires, obtaining official tax documents and perhaps even securing legal advice or tax attestations from independent parties.
As part of its continuous monitoring effort, Bank C requires relationship managers to pay attention to such "tax risk red flags" as:
- large or frequent transfers to jurisdictions that are highly risky from a tax standpoint;
- re-deposit or reinvestment of funds into their original jurisdiction after being transferred to a jurisdictions that is highly risky from a tax standpoint;
- any adverse news that relates to tax; and
- the purchase of large amounts of precious metals.
This last 'red flag' - that of buying gold - is in many (perhaps most) cases hardly a sign of money laundering at all, as many HNWs are understandably wary of fiat currencies in a world overloaded with sovereign debt. The reader must, however, remember that the MAS is a central bank that itself issues fiat currency.
Getting down to cases: bad practices
Although Bank D's policy requires staff to pay attention to a list of tax-related 'red flags,' its guidelines are unclear about the additional data that they ought to gather on customers that they have 'red-flagged.'
At the onboarding stage, a customer tells Bank E says that he is tax-resident in Singapore. The bank notes at this stage that his substantial income comes instead from another country. The bank does not, however, initiate a tax review or try to be more "tax duly diligent" than usual, despite the need to find out whether he has other tax-related obligations and whether these are in order.
At the onboarding stage, some HNW customers inform Bank F that they are "moving their account relationship from another jurisdiction" because of the onset of the Organisation for Economic Co-operation and Development's Common Reporting Standards (CRS) in that jurisdiction, because they are worried about confidentiality. Staff at the bank fail to realise that this looks like a tax-related 'red flag' and do no EDD.
The MAS's main points in this section are that financial institutions should provide staff with clear guidelines regarding tax-risk-assessment management so as to apply their standards consistently. They should also train people effectively so that staff members know a good deal about 'tax risk.'
Commercial or 'third party' transaction flows
Private banks, say the MAS regulators, must monitor customers' transactions to ensure that they are consistent with the wealth management purposes of their accounts, remaining alert to dealings and/or transactions that deviate from their intent and assess their legitimacy.
Case studies regarding good practice
Bank G requires the onboarding of accounts involving operating companies to be approved at a senior management forum. Such accounts are categorised as highly risky and subjected to unusually rigorous monitoring.
As part of the periodic CDD review process, Bank H requires staff to review past transactions to determine whether they were consistent with the profile of the customer in question and the purpose of his account, with particular emphasis on third-party flows.
Case studies that betray weakness
A personal investment company (PIC) account is set up at Bank I for the purposes of holding the clients investment assets. Even though the bank's staff have noticed persistent commercially-related transactions on the account during routine transaction alert reviews, they do not tell the compliance department (through the 'escalation' process) in accordance with the bank's policy. Consequently, the account is not subjected to EDD in line with that policy.
Bank J requires a look-back of customers' transactions to be performed during periodic CDD reviews. They should note and try to explain any third-party flaws that they spot. Instead, although they observe such flaws, they fail to ask about them and conclude - with no justification at all - that they are consistent with the customer's profile and purpose of the account.
The tone at the top
The MAS insists that managers should set their firm's "appetites" for risks related to corruption and tax. Firm-wide risk management is the goal.
They should oversee the firm's key risk areas. There should be adequate management reporting structures to ensure that the main risks are 'surfaced' quickly and effectively. Reporting figures should be detailed enough to monitor the main risk exposures, control weaknesses and facilitate effective intervention where necessary. "Risk awareness" is another theme of the paper.
The MAS seems to be keen for firms to embed their compliance efforts in the wages and bonuses of non-compliance staff. Its way of saying this is to say: "Incentive structure to foster right risk culture and behaviour...[A] performance management framework should provide an adequate balance of incentives and penalties to drive the right risk culture and staff behaviour." Sometimes in the piece, although it never says why, it uses American spellings.
The paper cites four commonly observed weaknesses.
- Performance indicators for RMs are purely "financials-driven."
- There are inadequate AML-related indicators in performance assessment, e.g. the uase of the completion of the mandatory AML training as the sole indicator.
- Assessment only uses quantitative indicators ("e.g. backlogs and timeless," whatever that many mean) without any emphasis on quality of execution.
- Feedback regarding lapses in past performance is inadequate, as is feedback regarding incidents in the staff's "performance scorecards." This might be an oblique reference to Singapore's "balanced scorecard" regime, a set of standards, audit procedures, penalties and remedial actions applied to RMs.
Lessons to be learnt
The MAS calls for sufficient weightage of AML-related indicators in the performance management process. Each assessment ought to be holistic and concentrate on both the quality of AML execution and quantitative measures. Lapses in AML-related performance should find their way onto staff members' scorecards "without delay." If they transgress again and again, they should be punished.
The MAS ends its paper with a little praise for private banks, saying that they have generally put in place the necessary "frameworks and controls" to detect and offset money-laundering risks. They should assess their controls' effectiveness against the findings of MAS inspections, as they are being asked to do here.