The international law firm of Freshfields Bruckhaus Deringer's Global Enforcement Outlook Report offers readers a broad look at things to expect in 2021 in the field of anti-money-laundering regulatory enforcement.
Several high-profile global investigations have shown us that anti-money laundering enforcement is a global phenomenon that shows no sign of abating.
In fact, we expect that the post-Coronavirus landscape will only accelerate this trend. As these recent developments show, it is likely that regulators will continue to co-operate with each other internationall more and more, while using a wider range of detection and enforcement tools. They will, of course, still concentrate on senior management, culture and the adequacy of systems and controls.
Money flows across borders, so national and transnational authorities will still co-operate across borders too. As one US agency stated in relation to the 1MBD investigation, the case was "a model for international co-operation." Governments and their agencies in various regions continue to build on that approach and are thinking of co-operating more closely in significant cross-border money-laundering investigations.
In Europe, there are proposals to establish a regional AML supervisor for banks in the European Union. The European Banking Authority (EBA) has observed improvements in co-operation between national authorities. The UK and EU have also promised to co-operate to combat financial crime, as per the EU Trade and Co-operation Agreement. Many of the details remain to be worked out, but co-operation in money-laundering and terrorist-financing investigations is likely to be a priority.
In the US, the Federal Reserve Board and the Financial Crimes Enforcement Network (FinCEN) have proposed to change the rules to require financial institutions to collect, retain and transmit information from a much larger volume of international transactions.
In addition to more co-operation between jurisdictions, ‘copycat’ enforcement – where money-laundering investigations in one jurisdiction led to heavier enforcement in other jurisdictions – is a developing feature of the landscape, particularly in Europe, where national authorities have in the past been criticised for allowing the US to lead enforcement in relation to European-based conduct.
Scrutiny and enforcement on the rise
With so many money-laundering cases hitting the headlines in recent years through leaks of confidential documents and disclosures from employees – including a leak of suspicious activity reports (SARs) that banks have sent over the years to the Internal Revenue Service's database in Detroit, known as the 'FinCEN files' – AML compliance efforts have come under close scrutiny.
Alongside this, governments have been trying to take steps to detect more illegal activity and enforce the rules more onerously.
- The UK's Financial Conduct Authority (FCA) has been conducting more and more dual-track criminal and regulatory investigations so that it can use the widest range of enforcement-related resources to tackle money laundering in the financial sector, although we have yet to see the results.
- The Government of the United Arab Emirates has made AML laws more onerous in recent years. It overhauled the federal laws were overhauled in 2018 and 2019 and the Dubai International Finance Centre updated its AML rules in April 2020 to conform to the federal-level changes.
- EU member states had until 3 December 2020 to enshrine the sixth EU AML directive (6AMLD) in their laws. The fifth EU AML directive aimed mostly to increase transparency, while the sixth defines the crime of money laundering. However, some member states such as Germany are going further. The Germans want to legislate to heighten banks' scrutiny of their customers and re-evaluate processes to detect money laundering.
Across the Pond
Meanwhile, the US National Defense Authorisation Act for Fiscal Year 2021, which was passed into law on 1 January, includes a comprehensive re-examination of US AML law, including the creation of a comprehensive beneficial ownership registry for companies doing business in the US and a significant expansion of the state's power to investigate non-US financial institutions and subpoena records held overseas.
In addition to legislative changes, many agencies have ventured farther into the field of data analyis. For example, the director of enforcement at the US Commodity Futures Trading Commission has flagged COVID-19-related issues as a priority, explaining that "we now have the tools, including through the development of our data analytics programme, to better test and verify the information we receive."
Recent enforcement action shows that FinCEN is continuing to focus on SAR-filing requirements and the adequacy of AML systems and controls. The recent leak of FinCEN files, including thousands of SARs, raised questions about whether the number of SARs that firms are sending off exceeds FinCEN’s ability to review them. We may therefore see reforms to filing requirements. In the meantime, enforcement action, such as the 2021 Capital One decision, goes on.
In the line of fire
Banking regulators and enforcement authorities have been paying a good deal of attention to firms' AML compliance efforts. In the light of the novel dangers of the pandemic, however, regulators may now be keener than ever to assess systems and controls at firms to see whether they have detected money laundering and fraud adequately.
For example, the US Federal Reserve, the Office of the Comptroller of the Currency (OCC) and other agencies have issued joint guidelines that set out the circumstances in which they will punish firms for failing to obey the Bank Secrecy Act 1970 (BSA). The joint statement identifies the pillars of BSA/AML compliance programmes as a system of internal controls, independent testing, designated individual(s) responsible for BSA/AML compliance and training.
In short, companies might be, even more than previously, in the line of fire for missing red flags or the inadvertent facilitation of money laundering or fraud.
In the UK, the FCA has warned firms to keep watching for new types of fraud and change-control environments, where necessary, to respond to new threats. Change control is the process that the management of a bank uses to spot and authorise changes to its IT.
In a similar vein, the EBA recently published a report on money-laundering control which indicated that regulators in the EU ought to concentrate more on assessing the systems and controls that spot, appraise and monitor AML risks, instead of taking a ‘tick box’ approach.
Senior management responsibility
Enforcement authorities are also trying to hold individuals to account. If executives at the top of a bank have failed to set up a culture of compliance which runs from the top down, they may face regulatory action for failing to ensure that people are overseeing things and/or allocating resources to deal with evolving threats. In major money-laundering investigations, it is not just the people responsible for preventing money laundering who are being targeted; C-level executives are under mounting scrutiny too.
Lastly, law-enforcement agencies are becoming far more willing to embark on proceedings against the top executives at financial institutions. Failure to prevent money laundering, in other words, can lead to personal prosecution.
* Christopher Robinson in London can be reached on T +44 20 7936 4000 or at firstname.lastname@example.org; Kim Rosenberg in Dubai can be reached on T +971 4 5099 100; Olivia Radin in New York can be reached on T +1 212 284 4925 or at email@example.com; Kimberly Zelnick can be reached on T +1 212 277 4010 or at firstname.lastname@example.org; Daniel Travers can be reached on T +49 211 4979-310 or at email@example.com.