KYC and DD - How to prevent massive fines, prosecution and Jail Part 4

In this highly regulated world we live in, how do you not get prosecuted? How does your company not get those massive fines? How do you pass inspections?

Crime prevention has moved from the authorities to the growing regulated industry. It is far easier to police you than the criminals.

Last time we discussed being prepared for ‘no-warning’ inspections as inspectors can go back seven years. Knowing your risks and checking your products, clients and countries and building a risk matrix. Getting your Boss on board, being prepared to say ‘No’ and getting the business to spend money to protect them and yourselves.

Suspicious Activity Reports (SARs). In every country, systems are always clunky or manual, Yet, you should complete them. It does not hurt you. No one knows what you are doing as telling the client is ‘tipping off’, which you must not do. Many compliance professionals will wait until they are told they can carry on. Real criminals know when you go quiet, what you are doing. In most countries you should just carry on with the work; as long as it is legal.

Remember, if something goes wrong, and you have not filed a report, then that is an excuse for your prosecution. Filing the report adds to your protection.

Everything comes down to culture. The prevention of money laundering and terrorist financing is all about culture. It's got to be a complete top to bottom culture running the process within your organisation.

Build a culture to look for the unusual, to be aware of the loudmouth shouting down the phone; the person overly pushing to make sure a deal goes through; the large funds coming in, sitting in, or going out through accounts; Lawyers receiving money into client accounts and then sending them back as ‘deals’ fall through etc. It’s about creating the culture of ‘the sixth-sense’ within your business.

Making sure your staff throughout the organisation know of all the different scenarios that create the risks works to build the culture. Get people around the table, have a brainstorming session of all the potential cases and investigate them. Make sure that training creates the prevention culture. A questioning culture. Be careful of beneficial owners or entrepreneurs or large organisations that try to restrict information. The ones that don't give you permissions, etc, that are a bit awkward.

It’s not just about relying on systems; you must also rely on your people. The systems are there to help you make decisions.

Now, of course, due to regulation, there's been a massive jump in the number of regulated businesses within the compliance space. New industries have been added and early in 2020 we had the fifth directive adding the oil and gas industry, property rental and exchanges (not just crypto etc. it could also be a Stamp exchange). We have this massive explosion of industries now bought in under the regulations. There are just not enough people of calibre, let alone trained people to deal with the on-boarding and on-going monitoring or to come and help you with your compliance within organisations. The solution: Automate as much as possible. You’d be surprised how many organisations are still using manual systems with very little automation or the automation they have, is old and legacy; as they are not spending money.

The main thing for you to remember is to cover all your bases, do as much as you can, expecting it all to go well is not really an option; you need to constantly check that the processes you put in place are working. If you were the MLRO in a company 5 years ago and it turns out your actions helped terrorists or arms smugglers on the other side of the world, expect your former employer to drag you into it. You therefore must do everything to protect yourself and your business.

Good luck and Stay Safe!!