ICT Views


Counter Terrorist Financing – sanctions controls are not enough!

by: (Global Head of AML) on

Like many of you I suspect, not a day goes by when I do not turn on my phone and I am faced with appalling images of terrorist atrocities or stories of UK nationals being arrested as part of the efforts of the national counter terrorist groups to protect us here on the UK mainland.

Whilst the physical acts of terrorism appear in the main to be focused in the Middle East, Africa and Asia, the threat of handling funds intended to support groups such as ISIL, Boko Haram and al-Shabab is a very real risk for all international payment handing firms domiciled anywhere in the world.

Terrorism, rather like crime, is now a transnational and organised affair, and the funds that are being raised through criminal activities such as kidnapping and extortion or through apparently legitimate charities or international trade-based activity, are being moved and laundered across the globe. Terrorist financing is therefore a risk that must be considered by all firms wherever they are domiciled so that this flow of finance and resourcing is disrupted and detected.

Notwithstanding the obvious rise in concern regarding the proliferation of international terrorism, I am struck by the fact that here in the UK neither the FCA, nor its predecessor the FSA, appear to have conducted a thematic review of the subject of terrorist financing. Yes, there has been a review of sanctions controls, but this is not the full story, and they like you and I, will be watching with growing unease how ISIL in particular is raising reportedly huge sums of money, and appears intent on laundering them to finance and sustain their longer term aspirations.

Reports have been provided recently by FATF and AUSTRAC of Australia and it is my very personal view that a review of this subject is both overdue and now inevitable.
So what are firms doing to manage this risk, and what must they be able to show to the regulator when the door is knocked?

What concerns me most as I deliver training on this subject to working AML and CFT professionals around the world is that most firm’s counter- terrorist financing systems and controls appear to be based almost entirely on sanction screening procedures, at a time when the UK and EU authorities appear more reluctant than ever to add the names of terrorists to the sanction lists.

In his recent independent report on UK sanction control procedures, Q.C. David Anderson highlights the reluctance of the authorities to list terrorists, even after conviction, and that the total number of unique designations of individuals and entities made by the UK government and EU authorities is 53. That’s right, 53, and total funds currently restrained amounts to less than £61,000. The fact of the matter is that firms cannot, and must not; rely on sanction screening measures alone to mitigate their risks.

So what should firms be doing to identify and mitigate this risk, and what will they show to the regulatory authorities when they come knocking to inspect these procedures as they surely will?

A quick guide to systems and controls that must be in place includes:

  • An up to date terrorist financing and proliferation risk assessment that includes consideration of updates by national governments on risks and threats, and reports provided by FATF, AUSTRAC etc. 
  • Robust and up to date CDD must be in place for clients that includes an assessment of source of funding, names of suppliers and agents of legal persons in jurisdictions that are recognised as having terrorist issues
  • Enhanced due diligence performed of high risk account holders such as charities and arms dealers etc. to monitor obvious sources of fund raising
  • Clearly defined and regularly communicated staff reporting procedures for suspected terrorist financing and resourcing
  • Ongoing jurisdiction risk assessments that include consideration of recent reports providing updates on terrorist financing, such as FATF reports on Terrorism in West Africa and Opium in Afghanistan, and the afore mentioned update published recently by AUSTRAC
  • Effective sanction screening across payment and messaging systems that have been tested to ensure that ‘fuzzy logic’ measures are working as required
  • Transaction monitoring that monitors the five recognised stages of terrorist financing
  • Enhanced controls of trade finance operations, including dual-use goods, and correspondent banking to identify extended line of sight risks 
  • Red flag indicators must be provided to all staff to help to identify suspicious transactions and activity
  • Staff training to embed a culture of awareness and confidence in investigating and reporting knowledge or suspicion. A few slides at the end of on-line AML training is no longer enough!

This is not intended to be an exhaustive list of ingredients, but must surely form the basis of a reasonable and risk based approach to the subject. If this effort, cost and investment is measured purely by the risks inferred by the number of terrorists that are listed on the sanction lists, then there is a strong fiscal argument to say that it is not proportionate.

However, the simple truth of the matter is that firms really are an integral part of the first line of defence against terrorism, and in spite of the lack of any reliable means of assessing the impact and disruption to terrorist funding that is caused by these efforts, the most effective stimulus to maintain and enhance the effectiveness of the fight to identify terrorist funding will most likely be provided by the pictures and faces of those suffering a new attack shown on our screens this evening.

 

Categories :

1 Comments :

Interesting article, thanks, Lee. Of course, I agree that anyone relying solely on sanctions screening as their primary CFT control is asking for trouble, but I think we also need to be honest and acknowledge that much CFT monitoring is managing regulatory risk, rather than the underlying risk you so evocatively describe.
TF transactions often have the unfortunate characteristic of being both very rare (and yet of a very common type) and very small - as a colleague at the NCIS Terrorist Finance Team once coined the phrase, it's not looking for a needle in a haystack, it's looking for a needle in a haystack made of needles. Without good lead intelligence (and sometimes typologies are anything but), it is a very difficult exercise.
TF risk (specifically threat) assessment is also a tricky area. As an example, we all glibly describe charities as high risk, but of course the overwhelming majority of charities offer no TF threat whatsoever. The AUSTRAC report you cite recognises this and says, rather clumsily and possibly not particularly helpfully, "However, this risk should be considered in the context of the relatively low incidence of terrorism financing in Australia, and the low value of funds suspected to have been raised in Australia to date. While charities and NPOs are one of the more significant Australian terrorism financing channels, they have not featured in a large number of Australian terrorism financing cases." Similar methodological problems arise when trying to risk assess other sectors (such as remittances) and countries.
So yes, firms provide valuable defences and, from my own experience and everything we hear today, remarkably good investigative support (often in near realtime), but let's not have too many false expectations of our ability to spot TF in transaction monitoring. Excellent collaborative work can be (and is being) done where specific circumstances allow, e.g. transfers to near Syria's borders, but more generally it is a monumental task, with as yet no proper assessment of the effectiveness of the controls mandated by FATF Recommendations.
May 13, 2015 07:21

Comment

Comments closed

Archive

Tel: +44 (0)121 362 7534

Blogger facebook LinkedIn Twitter youtube google + Trust Pilot

© 2017 – International Compliance Training Ltd, a division of Wilmington plc. International Compliance Training Ltd, is a company registered in England & Wales with company number 4363296 GB. Registered office: Wilmington PLC, 5th Floor, 10 Whitechapel High Street, London. E1 8QS VAT NO.GB 899 3725 51