Kroll explores Central Banking’s survey data on how central banks are fighting money laundering. Many will need to step up their work with data and risk-based supervision to cope with new threats.
Zoë Newman, Regional Managing Director, Emea, and GlobalCo-head of the Financial Investigations Practice, Kroll
Howard Cooper, Managing Director and Global Co-head of the Financial Investigations Practice,Kroll
David Lewis, Managing Director and Global Head of Anti-Money Laundering Advisory, Kroll
In collaboration with Central Banking, Kroll conducted a survey of central banks across Europe, Africa, the Americas and Asia‑Pacific with questions focused on anti-money laundering (AML) and countering the financing of terrorism(CFT) supervision. Unsurprisingly, the majority of respondents comprised those that have AML/CFT supervisory authority over regulated entities, specifically retail and non-retail banks, with other countries designating this authority to standalone supervisors or a hybrid financial intelligence unit (FIU). The respondents to the survey were largely based in emerging market economies; however, when it comes to AML/CFT supervision, the perception of risks – as well as supervisory models adopted by central banks– are mostly consistent, regardless of geographic location and the size of
The survey results reveal that central banks face significant risks from cross-border payments, and their supervisory models are under strain as the payments landscape changes with the rise of payment and e-money firms. Although there is an emphasis on on-site inspections, the rise in the use of data analytics and the adoption of risk-based supervision models is enabling central banks to overcome resourcing challenges and better manage risk. Finally, AML/CFT supervisors are improving their ability to co-operate domestically, but there is significant room for improvement in international collaboration to effectively combat shared financial crime risks.
Central banks reported three common AML/CFT risk factors: money laundering methodologies utilising cross-border fund flows, large cash deposits and the laundering of the proceeds of corruption. It is evident from the survey responses that central banks can do more together to manage and respond to these risks.
Cross-border fund flows: a consistent risk
Money laundering involving international financial flows is the most common concern for supervisors, with 80% of respondents considering it to be one of the most significant AML/CFT risks. There is potentially, however, a significant gap in the ability of supervisors to respond to the risks these cross-border paymentspresent.
More than one-third of respondents reported that they do not proactively share data on suspicious activity with international partners. In fact, less than half share information even upon request from international partners, with only 19% proactively sharing relevant data.
Kroll has significant experience investigating complex cross-border money laundering schemes. The defining feature of all of these schemes, regardless of how the illicit funds were generated or the countries involved, is the co‑ordinated movement of illicit funds through multiple jurisdictions. The schemes all exploited visibility gaps across jurisdictions as the funds went through the placement, layering and integration phases of the money laundering cycle. We have seen first-hand the success that can be achieved through supervisory agencies sharing relevant data across borders to detect, analyse and investigate financial crimeschemes.
The majority of central banks do, of course, report information on suspicious activity to their FIU, which may in turn share information with their international partners. Supervisors are often the first to identify high-risk, unusual and suspicious activity, and high-level findings or details of specific transactions may be shared with their FIU counterparts. Systemic issues discovered within one regulated entity are often not used to assess the risk of non-reporting to the FIU and how the identified failings may have had a contagion effect across the economy. Crucially, reports on high-risk entities fail to be disseminated to foreign AML/CFT supervisors to assist them in assessing and mitigating risks in cross-border fund flows.
Cash is still seen as king
Many central banks still see cash as king when it comes to money laundering methodologies. Despite the ever-increasing use of electronic payments and corresponding reduction in the use of cash in many economies, more than half of respondents consider large cash payments to be a significant AML/CFT risk.
Cash remains the primary means of value transfer in illicit activity such as the drug trade and untaxed shadow economy; however, in Kroll’s experience investigating large-scale international money laundering, the use of physical cash is negligible.
Regulated entities do, of course, need to monitor and be alert to the use of illicit cash entering the financial system. It is, however, arguable that the continuing focus on cash and the relative simplicity of transaction monitoring systems to detect cash deposits means resources are not allocated to detecting more complex typologies using cross-border payments. This in turn causes an overreporting of cash-based suspicious transaction reports that impact on risk perceptions by supervisors.
Corruption and politically exposed persons(PEPs)
More than half of respondents(57%) reported illicit funds from corruption to be a significant AML/CFT risk. This contrasts with only 23% of central banks that consider PEPs a significant risk. In almost all cases, corruption schemes involve a PEP, their family or close associates, and the survey results may represent evidence of a disconnect in the understanding of AML/CFT risks stemming fromcorruption.
We have seen many cases where illicit funds linked to corruption have been moved through and, ultimately, deposited in foreign jurisdictions for the benefit of PEPs. In some cases, the regulated entities that ultimately received the funds had identified the ultimate beneficial owner as a PEP but had not adequately assessed the AML/CFT risks of the funds they were receiving. Related to this is a focus by supervisors on monitoring how effective regulated entities’ know-your-customer (KYC) programmes are in identifying PEPs, rather than assessing the risks of the money movements through their accounts.
In many ways, AML/CFT risks faced by central banks have remained the same over the years. But there has been a rapid change in the types of regulated entities operating in the financial system and the types of services they offer. Central banks are facing challenges to maintain effective oversight in this expanded ecosystem.
Banks remain the focus, but other institutions are on the rise
Unsurprisingly, the majority of central banks that exercise AML/CFT supervisory powers retain oversight of retail and commercial banks, reflecting the primary role these institutions maintain in the financial system. However, it is clear that the operating environment is changing, and recent years have seen an explosion in the number of payment services and e-money companies challenging banks for market share in transaction services. These include payment processing companies servicing online and physical businesses and online money transfer companies. This shift has seen a rebalance where AML/CFT risks– particularly when it comes to cross-border payments– lie across the spectrum of regulated entities.
Reflecting this, 75% and 80% of respondents have supervisory responsibility for e-money institutions and payment firms, respectively; market operators are commonly classified as fintech companies. The challenge remains for central banks to adapt their supervision models to deal with this seismic shift in the transaction landscape and the number of regulated entities, to effectively manage risks.
The survey revealed that only 15% of respondents consider fintech firms to represent one of their most significant AML/CFT risks. There is a danger that central banks view these firms as simply providing traditional bank services, for example cross-border payments, in a new way. This could lead to a failure to adapt their supervision model to reflect the vastly different operating models between these new entrants and traditional banks.
Crypto: an emerging risk?
Cryptocurrencies and virtual assets have evolved over the past 15 years – from a niche industry to one enjoying significant public attention and wider adoption among traditional financial market participants. There has been corresponding attention paid by governments and the wider public to the AML/CFT risks present in the industry. Where not banned outright, cryptocurrency firms often sit within a legal grey area and remain unregulated in a large number of advanced and emerging economies. The small number of central banks (19%) in our survey that have AML/CFT supervisory responsibility for the cryptocurrency sector may reflect this patchwork legality and regulatory oversight of the industry.
Equally, despite the high profile that cryptocurrencies and virtual assets currently enjoy in the public’s mind and the perceived legal and regulatory focus on the industries in recent years, only one respondent considered cryptocurrencies to present a significant AML/CFT risk.
Regardless of views on the size of the AML/CFT risk posed by cryptocurrencies and virtual assets, central banks need to be aware of the existence and operations of these firms within their jurisdiction to ensure there is effective AML/CFT oversight and that other regulated firms are adopting appropriate controls when interacting with cryptocurrency firms.
Nature of supervision
With the number of regulated firms and the complexity of their operations and service offerings undergoing a rapid change, central banks are facing a distinct challenge to adopt their supervisory models to adequately manage and respond to AML/CFT risks. The increasing number of those adopting dynamic approaches in line with international guidance and best practice are reporting fewer challenges and improved outcomes.
Traditional scheduled inspections remain the norm
The main supervisory tool for central banks is the traditional on-site inspection with all relevant central banks using these to assess AML/CFT risks and compliance within regulated entities. Almost all central banks(85%) combined on-site inspections with off-site desk-based analysis.
A number of supervisors(40%) are utilising risk questionnaires to assist with profiling prior to an on-site inspection, but only 20% are utilising data gathering and analysis before the inspection process.
As outlined, most jurisdictions are seeing a huge rise in the number of regulated entities and the complexity of services offered by these firms. There is a real danger of central banks being unable to effectively oversee regulated firms if they continue to rely on a system involving regular on- and off-site inspections of all regulated entities. This is compounded by the resource constraints under which many central banks are operating.
Despite exercising wide-ranging AML/CFT supervisory powers, two respondents did not have a dedicated AML/CFT department within their central bank. Average staff allocated to AML/CFT oversight was just six in these two central banks, compared with an average of 20 among respondents with a dedicated AML/CFT department. In addition, more than half of respondents reported facing resourcing limitations that negatively affect their ability to exercise their supervisory powers.
Countries are adopting dynamic approaches to risk management
In a positive development, a number of countries have adapted, or are in the process of adapting, their supervisory approach in line with the Financial Action Task Force’s(FATF’s) Guidance on risk-based supervision, issued in March2021. Namely, this is the adoption of a dynamic supervisory approach harnessing data analytics to proactively detect higher-risk activity and firms. Supervisors can then apply their interventions in a more timely and targeted way to address these risks.
Central banks that have adopted a risk-based supervisory approach all report an improvement in their ability to develop a more holistic and current understanding of AML/CFT risks and to devote their scarce resources to targeting those entities and activities that present the highest risk. This ability to adapt has revealed itself to be even more important since the Covid‑19 pandemic began, with many central banks reporting they have been unable to conduct on-site inspections.
The survey results suggest that the adoption of a risk-based supervisory approach appears to be correlated with a country undergoing the FATF mutual evaluation process, and we foresee that many more countries will adopt this approach as they prepare for and go through the mutual evaluation cycle. Anumber of countries that are preparing to or are currently undergoing a mutual evaluation also reported an increase over the past 12 months in staff, software and training.
More countries are using data analysis to detect AML/CFT risks
There is an increasing focus among respondents on using data analytics to detect and monitor AML/CFT risks with two-thirds of central banks currently using data analytics in their work. Of these, the majority rely upon the automated collection of data from supervised entities, with a smaller number making use of external public records and exchanges of data across borders.
A significant challenge faced by most central banks when using data analytics is the different size and complexity of operations of supervised entities. Thisis compounded by the duplication of data or incompatibility of data for analysis across the supervised entities. In addition, central banks report a lack of the required technical tools and skilled staff to conduct this work.
Although only 20% of respondents reported collecting data submissions from regulated entities to assist with their work, in Kroll’s experience, central banks often possess or have access to a huge amount of data that, if utilised in the correct way, can be a tremendous resource in assessing AML/CFT risks and exercising supervisory powers. For example, high-level cross-border payment data can often provide indicators of unusual or suspicious transaction activity, which can allow supervisors to target specific regulated entities.
Greater collaboration with domestic agencies and public-private partnerships
In contrast with international engagement, and encouragingly, two-thirds of respondents share relevant data proactively with domestic agencies. In line with international best practices, a number of jurisdictions reported the recent establishment or expansion of domestic co-ordination bodies or forums, including relevant authorities with AML/CFT responsibilities (for example, FIUs, other AML/CFT supervisors, regulators, police and prosecutors). These collaborations are seen as a critical element in successfully developing robust AML/CFT policies and legal frameworks, as well as the enforcement of existing laws.
One-quarter of respondents still report that a lack of co-ordination among domestic agencies impacts their ability to effectively oversee and manage AML/CFT risks in their jurisdiction. In many instances, a country’s laws and regulations are not a barrier to domestic co-operation. The challenge often faced is to develop a cohesive strategy with shared goals and desired operational outcomes that benefit all participants.
Similarly, a number of jurisdictions have developed public-private partnerships, providing a forum for government, regulated entities and other interested parties to share intelligence and knowledge on AML/CFT matters. These partnerships also extend to the development of shared KYC and transaction monitoring tools, allowing regulated entities and government agencies to have insight into relevant data to assist in their respective compliance, investigative and supervisory capacities.
These shared technology solutions are without doubt a positive step in the fight against financial crime. With many countries adopting different models, supervisors need to collaborate to ensure lessons from the development of each of their tools is being shared and to ensure there is some consistency across borders.
Central banks are operating in an ever-evolving and complex environment, and this will surely continue. The growth of fintech firms and new payment methods will present challenges in their ability to assess and manage AML/CFT risks– particularly in regard to cross-border fund flows. Countries can and should be working to adopt more dynamic risk-based approaches to supervision, harnessing data analytics to utilise their scarce resources more effectively.
Collaboration is the key component in the fight against financial crime, and countries should continue to work with their domestic partners, while more proactively developing relationships to share intelligence with foreign partners to combat the shared money laundering risks all countries face.
This feature forms part of the Central Banking focus report, Anti-money laundering and countering the financing of terrorism 2022
AML supervision at central banks: 2022 survey
Kroll explores why many central banks are investing in skills and data to tackle money laundering, but resourcing constraints are preventing stronger action, asCentralBanking’s survey datareveals.
As an expert with demonstrable knowledge in the field of anti-money laundering (AML) and countering the financing of terrorism (CFT) supervision, I have extensive experience in investigating complex cross-border money laundering schemes. My expertise includes a comprehensive understanding of the challenges faced by central banks in managing AML/CFT risks, especially in the evolving landscape of financial transactions, emerging payment methods, and the rise of fintech firms.
The article you provided discusses the findings of a survey conducted by Kroll in collaboration with Central Banking. The key concepts covered in the article include:
Survey Scope and Participants:
- The survey, conducted across Europe, Africa, the Americas, and Asia-Pacific, focused on AML/CFT supervision by central banks.
- Participants included central banks with supervisory authority over regulated entities, such as retail and non-retail banks.
Common AML/CFT Risks:
- Central banks reported three common AML/CFT risk factors: cross-border fund flows, large cash deposits, and proceeds of corruption.
- Cross-border fund flows were identified as the most significant risk by 80% of respondents.
Cross-Border Fund Flows:
- Concerns about cross-border payments were highlighted, with 80% of respondents considering it a significant AML/CFT risk.
- Challenges in proactive data sharing on suspicious activity with international partners were noted.
- Despite the rise of electronic payments, large cash deposits are still perceived as a significant AML/CFT risk by more than half of the respondents.
- The article suggests that the focus on cash might lead to overreporting of cash-based suspicious transactions.
Corruption and Politically Exposed Persons (PEPs):
- Illicit funds from corruption were reported as a significant AML/CFT risk by 57% of respondents.
- The article emphasizes the connection between corruption schemes and PEPs.
Supervisory Scope and Challenges:
- Central banks are facing challenges in adapting their supervisory models to the changing financial landscape.
- The rise of payment services, e-money firms, and fintech companies has expanded the scope of AML/CFT supervision.
Fintech and Crypto Risks:
- The article notes the challenges in adapting supervision models to address the risks posed by fintech firms and the cryptocurrency sector.
- Only 15% of respondents considered fintech firms a significant AML/CFT risk, and cryptocurrencies were perceived as an emerging risk by only one respondent.
Nature of Supervision:
- Traditional on-site inspections remain the primary supervisory tool, but there's an increasing focus on risk-based approaches and data analytics.
- Some countries are adopting dynamic supervisory approaches in line with international guidance.
Data Analytics and Collaboration:
- Two-thirds of central banks use data analytics to detect AML/CFT risks.
- Collaboration with domestic agencies and public-private partnerships is emphasized as crucial in combating financial crime.
- The article suggests that central banks should adopt more dynamic risk-based approaches, leverage data analytics, and collaborate internationally to effectively manage AML/CFT risks.
In conclusion, the survey reveals the challenges faced by central banks in adapting to the changing financial landscape and highlights the importance of collaboration, data analytics, and dynamic supervisory approaches in combating money laundering and terrorist financing.