The practical challenges of sanctions and KYC screening in the - - PowerPoint PPT Presentation

The practical challenges of sanctions and KYC screening in the Insurance Sector: How to set up an Effective and Efficient Solution

Jason Jones, ICSR Tom Devlin, KYC Global Technologies

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Reasons for AML failure

• Reliance on traditional AML model
• Poor governance
• Human factors
• Defective screening
• Failure to meet the ‘Data Challenge’

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

‘Traditional Model’ of Money Laundering

• Traditional model flows from origins in anti-

drugs legislation

• Linear: ‘dirty’ money made ‘clean’:

‘Placement’ ‘Layering’ ‘Integration’

Crime generates $ Deposit $ into the system Move $ around + transact $ used legitimately: buy assets / spend

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Language used by regulators

FINCEN FATF “First, the illegitimate funds are furtively introduced into the legitimate financial system.” “The launderer introduces his illegal profits into the financial system.” “Then, the money is moved around to create confusion.” “In this phase, the launderer engages in a series of conversions

• r movements to distance them

from their source.” “Finally, it is integrated into the financial system through additional transactions until the ‘dirty money’ appears ‘clean.’” “Having successfully processed…the first two phases, the launderer moves them to the third stage in which the funds re- enter the legitimate economy.”

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Drawbacks of the traditional model

• Emphasis on cash / bank accounts
• Suggests money is ‘dirty’ to start with and

needs to be ‘placed’ into legit. system

• Emphasis on ‘laundering’ /

active movement of funds:

• Layering & integration often indistinct
• Best suited to ‘simpler’ criminality

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

A new model:

Criminal Crime Benefit (property) Disconnect(s) Disconnect(s) Disconnect(s)

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

‘Enable, distance, disguise’

Criminal Crime Benefit (property) Distance Enable Disguise

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Summary: a new model

• Away from three stages of ‘placement,

layering, integration’

• Focus instead on ‘enable, distance,

disguise’

• Remember the most effective question you

can ask: ‘Why?’

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

TITLE TEXT

Insured Local broker Cover- holder / MGA London broker Insurer RI broker

Reinsurer

Banks Processing and settlement bureaux Local insurer

Obligations and responsibilities

• ML regulations don’t apply to general insurance
• FCA & Lloyd’s expectations
• Proceeds of Crime Act, Terrorism Acts, Bribery Act
• Sanctions

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Risk assessment Scope Screening Alerting Reporting

Identify the risks inherent in the business and customers/ transactions Identify who and what to screen against which lists Match relevant policy and payment data to lists Ensure matches are investigated and appropriate action is taken Report internally and externally as required

Policies, procedures, awareness, training, due diligence, contractual protections, monitoring, continuous improvement

Screening as part of a risk-based approach

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Key screening challenges

• Often only minimal client data entered into the database
• Abbreviations, truncations, misspellings, inconsistency
• Lack of secondary identifiers - date of birth, gender,

company registration number

• Lack of information on connected parties - beneficial
• wners, board members, subsidiaries, affiliates, family

members, close associates

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Key screening challenges

• Additional insureds and/or underlying insureds often not

recorded

• Missing relevant watch lists
• Out of date watch lists
• Identifying current vs. historical sanctions

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Key screening challenges

• Screening often occurs after client acceptance
• Cumbersome transfer of client data to screening system
• Data protection concerns exporting client data outside

firewall

• Resource constraints for reviewing matches

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Defective Screening

• ‘Siloed’ screening
• Inability to apply the Risk Based Approach
• False Positives – signal drowned by noise
• Management Information – too little, too late

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Consequences

• Failure to socialise compliance
• Compulsory one size fits all approach
• Needles likely to be missed in haystacks
• Inability to conduct dynamic screening and to

be sure of catching critical alerts

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

The Data Challenge

• Inconsistent onboarding
• Disjointed, regional approach to client

lifecycle management

• Data not live, dynamic or easy to mine
• Monitor reactively not in real time

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Consequences

• Fallible decisions that are difficult to justify

in hindsight

• Disproportionate compliance effort spent on

finding, analysing and reporting data, instead

• f problem solving
• Massive wasted cost
• Defective BRAs
• Governance failings

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Critical Data - Alerts

• Can you be alerted in real time to:

– An attempt to onboard a PEP without following the correct procedure? – KYC deficiencies across a jurisdiction, product or service line? – Failure of staff to respond to red flags? – Suspicious account/relationship activity?

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Critical Data - Reporting

• Can you accurately and quickly report on the

following:

• How a single customer or a group of customers or

entire products/client books have risk trended over the past 12 months?

• All relationships with KYC deficiencies?
• Comparison of customer risk rating against revenue?
• Relationship with any customer data nexus to a newly

sanctioned country?

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

New Technology

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Takeaways

• AML failure is a choice
• Poor data = Poor compliance = Poor governance = Culpability
• Screening is something we all have to do
• Technology exists to make it painless
• Empower your first line of defence with screening technology

to socialise compliance and create efficiencies

• It is possible to optimise AML compliance with less

tomdevlin@kycglobal.com riskscreen.com jason.jones@icsr.co.uk www.icsr.co.uk

Contact Details

Jason Jones Director ICSR

Jason.jones@icsr.co.uk

Tom Devlin Senior Regulatory Adviser KYC Global Technologies

tomdevlin@kycglobal.com