FinCEN leaks expose personal risk of AML/CTF compliance enforcement

An unprecedented leak of thousands of files from the U.S. government’s most confidential financial intelligence database has shone a spotlight on the world’s $2 trillion-a-year dirty money habit. In spite of the excellent media coverage, this story goes much deeper than the “bad bankers” narrative being trotted out by many of the world’s leading investigative journalists.

In many countries, filing a suspicious activity report (SAR) can be a death sentence. Whether it’s the fentanyl trade, human trafficking, terrorism, child exploitation or wildlife crime, the world’s most ruthless criminals will kill to get their hands on illicit money. Once they have obtained it, they will kill to keep it.

The author of this article met with an anti-money laundering (AML) officer in Karachi, Pakistan last year who has two armed guards at home on rolling shifts to protect his family. Wherever he goes, he is shadowed by an armed escort, paid for by his employer. In Pakistan, this is just a cost of doing business as a major bank and keeping staff safe.

His mistake? Complying with the law and reporting on suspected terrorist financing to the country’s AML unit.

On another occasion, a former U.S. Drug Enforcement Administration (DEA) special agent explained how he once prised the body of a financier from the back of a car in Mexico City. The financier was one of his main informants on an international drug cartel money laundering operation. The photographic evidence he shared was grisly, showing the man’s hands tethered behind his back with his necktie. His fingertips were burnt to black stumps.

In bustling Amman, the capital of Jordan, the author had the pleasure of breaking warm bread with an inspirational AML officer. He loves his work — his professional calling — despite operating in one of the region’s most high-risk markets. He occasionally gets tailgated on the way home from work, after filing SARs on suspected terrorism financing. It comes with the territory in one of the world’s geopolitical hotspots.

“They want us to know that they’re watching, that there can be consequences for this type of work,” he said, shrugging his shoulders in a way that’s typical of people living under a permanent cloud of personal risk.

An inspiring breed

These are just a few stories from the world’s AML community; the people who love the challenge and sense of purpose that comes with using financial flows to identify serious criminal activity. Their job is to understand their business, their geographical risks, their customers and to spot anomalies that might indicate criminal activity. They need to master a range of talents, from interpersonal skills and “human intelligence” through to cutting-edge IT platforms and the use of big data.

Their job is not to prove crimes. It is to act as the bank’s conscience; its eyes and ears and its voice of professional scepticism. At the point when they have formed a suspicion, these mild-mannered heroes package up a file and feed it securely to their local financial intelligence unit (FIU).

The money laundering reporting officers (MLROs) may decide to close the bank account if it is deemed very high-risk. More often than not, however, those decisions are made by the business relationship manager. Many banks have fallen foul of regulators when there is a power imbalance between the risk, operations and business divisions. This has cost their shareholders hundreds of millions, even billions, of dollars in fines and remediation, but none of this detracts from the exceptional work that most AML units deliver for their banks. In most major AML enforcement cases, the fundamental problems lie elsewhere — such as in board complacency or senior management funding decisions. 

The businesses that do this difficult work are termed “reporting entities” for a reason. It is their job to run a legitimate business, to manage their risks, and to report any anomalies to agencies such as the Financial Crimes Enforcement Network (FinCEN).

“It’s a risk-based regime. It’s not a risk elimination game,” the ex-DEA agent said. “The bank’s job is to run a business and to report anything that’s suspicious. Law enforcement’s job is to work with that intelligence, to build the bigger picture. The only way a bank can eliminate money laundering entirely is to close its doors.”

Leaks, tips and tipping off

This week the financial intelligence world was shaken to its core when the International Consortium of Investigative Journalists (ICIJ) confirmed it had been fed more than 2,100 of these highly sensitive reports. Thomson Reuters Regulatory Intelligence  broke the news three weeks ago, tipping off the financial crime community that its SARs were in the hands of some of the world’s most prestigious investigative journalists.

On Monday the ICIJ partners released the first series of articles based on SARs that detailed suspicious transactions involving more than $2 trillion. The reports were filed by some of the largest international banks, including HSBC, JPMorgan, Deutsche Bank, Standard Chartered and Bank of New York Mellon.

There was a palpable chill across the sector, as bank staff worried that their names and contact details may be “out there in the wild” on confidential SAR forms. Banks are required to provide a point of contact when they file SARs. These days FinCEN lets them list a generic bank contact centre, for personal security reasons, but in the past these SARs often listed the individual who formed the suspicion within the bank.

Thankfully the members of the latest ICIJ exposé are being diligent about minimising the risk that individual SAR filers will be identified.

There has been a lot of public commentary criticising the banks for facilitating industrial-scale money laundering. Yet there has been far less focus on the failure of law enforcement to pursue these cases to a civil or criminal outcome. AML practitioners have said the existence of these SARs is proof that the banks involved had reported their suspicions to the relevant agencies. It is then up to the criminal intelligence and law enforcement community to take further action.

Financial crime experts with international experience, on the public and private sector sides, said the leaks would damage the trust and confidentiality that underlies the AML regime. On the other hand, the media reports may trigger a re-think about the effectiveness of the existing financial crime compliance framework, which is led by the Financial Action Task Force (FATF).

Devastating blow

For banks and their AML teams, the latest leaks are a devastating blow. Reporting on your customers is never a good look in business. Especially when “reporting entities” are obligated to report mere suspicions — a test that falls some way short of any hard evidence of a crime. To have these reports leaked is a huge breach of the trust and confidence that banks place in FinCEN and its partner agencies.

The most positive outcome from the “FinCEN Files” would be for the public to gain an insight into the extent to which kleptocrats, drug kingpins, human traffickers and multinational tax evaders have infiltrated the worldwide economy. Rampant financial crime and corruption has already undermined the world’s liberal democracies. If people do not demand change, the privileges of living in a civil society, which many people take for granted, may also be at risk. Civil societies are always built upon an equitable, clean and well-regulated financial system.

The financial crime profession is essential to the goal of maintaining integrity in the financial system and helping law enforcement agencies to tackle serious and organised crime. A clean economy also makes good business sense.

Venezuela is perhaps a stark example of what is at stake for civil societies. The author was in a major financial centre recently with some Venezuelan dissidents who are using cutting-edge intelligence to track the suspected $1 trillion stolen from their massive oil revenues.

“In the 1950s, Venezuela used to be the fourth-richest country in the world, in GDP per capita. Today, it’s a failed state,” said one of the dissidents, a university qualified economist. “I know exactly what the sting of tear gas feels like as it burns your nostrils. We’ve felt the police batons on our backs. Venezuela has a warning for countries like yours: it only takes 20 years to destroy a democracy.”

The FinCEN Files are enlightening, educational and at times entertaining, but should not be allowed to detract from the decades-long AML/CFT public-private partnership — and the importance of the work that still lies ahead.

Banks and their AML teams have clearly made mistakes along the way, as have regulators and governments, but these groups have been at the forefront of this international project for decades. The AML/CFT experts at the world’s financial institutions are the unsung heroes of the fight against financial crime. Despite the myriad challenges, the compliance profession will continue to drive the AML/CFT regime forward for many years to come.

Nathan Lynch is an experienced writer, public speaker, manager and technology enthusiast in the field of financial regulation and risk management. At Thomson Reuters, Nathan leads a team of experts who provide breaking news, deep analysis and practical guidance to risk practitioners in the global financial services sector.
Nathan manages Thomson Reuters’ award-winning Regulatory Intelligence team across the Asia-Pacific region, tracking developments in financial services law, regulation, financial crime and risk management.
Nathan has been involved in building innovative, tech-based businesses in the financial services “regtech” sector — including Complinet Australia and the Thomson Reuters Risk business.

Subscribe to Business Insight

Discover best practice and keep up-to-date with insights on the latest industry trends.