Despite having a clear picture of how money laundering occurs, it’s still a consistent challenge to detect, prevent, and combat it effectively. There are numerous examples of money laundering occurring at top institutions, so it’s essential to understand what strategies can be used to prevent it.
Below, we cover some of the best practices for anti-money laundering including:
Let’s get started with the top ways to combat money laundering.
In recent times, governments all over the world have strengthened their efforts to combat money laundering, enacting legislation that requires financial institutions to establish procedures to monitor and identify suspicious activities.
It’s the responsibility of financial institutions to have adequate anti-money laundering processes and procedures in place (that meet the requirements as set out by law). To do this effectively, FIs need to take action, leveraging AML compliance solutions to perfect this process.
Below, we cover some of the top methods FIs use to prevent money laundering:
1. Establish AML Compliance Policies
It is essential to establish compliance policies to strengthen the AML framework within an organization. The company's anti-money laundering procedures should be outlined within a compliance policy, and made accessible to all team members.
Financial institutions implement anti-money laundering policies in an attempt to prevent revenue from unlawful operations. Within every company, adherence to these regulations is required to be able to form a culture of compliance.
2. Prioritize KYC Processes
Verifying a customer’s identity through KYC procedures is required under AML regulations. This is often the first AML protection in a customer’s lifecycle, as it occurs at customer onboarding. It’s critical to have a high-quality KYC system in place to authenticate customer information and determine if customers are who they claim to be.
This process is executed using a variety of methods, including identification documents, fingerprint and facial recognition software, and financial statements. Overall, streamlining your customer verification procedures can help you comply with the regulations and root out suspicious accounts.
3. Detect Suspicious Patterns
One of the most important ways to spot red flags is by monitoring transaction patterns.
Transactions to offshore accounts, lots of small-value transactions to the same account, and regular transfers to risky or sanctioned jurisdictions are some of the patterns to consider while conducting ongoing monitoring.
This should be made essential for PEPs and sanctioned entities. Companies can now analyze and detect patterns through existing data and establish a client model to investigate any suspicions.
4. Using Technology to Detect Suspicious Activity
While there are ways of screening for suspicious activity manually, it’s much easier (and teams can do a better job) with a compliance system like Regtech software. These tools support risk and compliance professionals with transaction monitoring, suspicious activity reporting, and compliance with regulatory requirements.
Data breaches, cyberattacks, money laundering, and other fraudulent activities have grown as a result of advances in digital products. Regtech reduces the risk to a company's compliance team by providing data on money laundering operations carried out online—activities that a traditional compliance team may not be aware of due to the growth of underground marketplaces online.
5. Training Team Members
When it comes to preventing money laundering, having the right team is crucial. Training is essential, and organizations may consider hiring a compliance officer to train staff, communicate with stakeholders to notify them regarding any suspicious activity, and take the necessary steps when there is even the slightest indication of a financial crime taking place.
Additionally, it's vital to have someone in charge of staying updated with regulations, news, and technology advancements, as well as managing the suspicious activity detection process. At the most fundamental level, you must ensure that your staff members are knowledgeable about the laws and can identify and respond to transactions and other activities that might be linked with money laundering.
6. Take a Risk-Based Approach
Taking a risk-based approach is all about understanding the risk your organization faces and putting controls in place based on their potential impact. This allows financial organizations to prioritize their efforts based on the actual threat they face.
In many compliance-related areas, regulators are moving away from prescriptive measures and toward a risk-based approach. This approach changes from one customer to another based on their risk score. It helps determine a customer’s risk profile and implement risk controls accordingly rather than following a one-size-fits-all approach.
While criminals actually committing money laundering face the worst penalties, negligence on behalf of the financial institutions does not exempt them from fines or penalties. Banks, exchanges, and other FIs that fail to adequately prevent (and report) money laundering are still subject to punishment.
To avoid being confronted with serious money laundering risks and penalties, financial institutions, including banks and other entities at risk of money laundering, must comply with AML regulations. To help you understand the scope of failing to meet AML regulations, we cover some real-world examples of money laundering cases:
1. Wachovia Bank
In 2010, it was revealed that Wachovia Bank had permitted Mexican drug cartels to transfer nearly $390 billion through its banks between 2004 and 2007, using wire transfers, traveler’s checks, and bulk cash shipments.
The cartels could smuggle U.S. dollars from drug sales in the United States back to Mexico, where the funds were deposited into Mexican bank accounts. With looser AML regulations, this was met with little resistance at the Mexican banks. Money was then transferred to Wachovia bank accounts in the United States. Inadequate anti-money laundering checks regarding the source of funds meant that this was never caught.
In this case, not only was the bank negligent with its KYC onboarding process, but it also failed to prioritize monitoring the source of funds for various transactions that should have been flagged as suspicious. Having transaction monitoring that identifies patterns (and anomalies) in user behavior could have alerted the bank to these issues.
2. Standard Chartered
Standard Chartered’s problems began in 2004, when the Federal Reserve and the New York regulator called out inadequate AML practices. Despite promising to make adjustments to their AML practices, things only got worse. The New York branch continued to do business with Iran (breaking sanctions in the process).
This caught up with Standard Chartered in 2012, when they were found to be in violation of anti-money laundering regulations. The bank was fined $1.1 billion by the U.S. and foreign regulators.
Again, the bank failed to make proper adjustments to their anti-money laundering program. In 2019, they were again found to have broken sanctions between 2008 and 2014. The New York State Department of Financial Services found that Standard Chartered had processed illegal transactions from Iran, Libya, Sudan, Burma, and Cuba, totaling $600 million.
Things only got worse, with the bank ignoring—and breaking—regulations barring them from doing business in Iran. This violation of sanctions led to $265 billion being laundered. In 2012, Standard Chartered was penalized to the tune of $670 million. However, the bank still didn’t properly fix their AML processes. This breach led to a $1.1 billion in fines from both U.S. and U.K. governments.
It’s the responsibility of financial institutions to conduct adequate sanctions and PEP screenings to ensure AML regulations are followed. It’s critical that compliance professionals are well-acquainted with sanctioned jurisdictions and organizations to ensure the organization is compliant with AML regulations. Banks should also conduct periodic internal audits to discover any gaps or weak controls within their anti-money laundering compliance systems to eliminate any risks.
In the 1990s, HSBC conducted business with a number of countries on the international sanctions list, including Iran, Cuba, Burma, Libya, and Sudan. The HSBC group learned of this practice, which involved the banks concealing the origin of funds to circumvent AML regulations, in 2000.
Shockingly, rather than clamping down on this, HSBC allowed this practice to continue until 2006. At this time, the bank also clawed back its anti-money laundering program, exposing them to more risk.
Mexican drug cartels took advantage of these lax restrictions, using it to launder money through the banks between 2006 and 2010. Investigators found that lax AML controls at HSBC enabled the bank to act as the main conduit for the money laundering of two major drug cartels in Mexico and Colombia.
Collectively, HSBC facilitated $881 million in transactions using wire transfers and currency exchanges. This led to fines of $1.9 billion for the bank, and required 5 years of independent monitoring to ensure they maintained adequate AML controls.
This again failed to do the job. In 2017, the bank again admitted to having inadequate anti-money laundering controls. While the U.S. regulators didn’t penalize the bank, in 2021, the U.K. fined HSBC $85 million for anti-money laundering shortcomings.
This case is another example of anti-money laundering failings due to a weak AML compliance program. Apart from strengthening due diligence procedures and ongoing monitoring requirements, a great way to make sure an organization is compliant is by training and educating employees.
Employees across all departments should be able to understand the importance of why AML controls are required, what they can do to prevent this, spot red flags, and the escalation or reporting requirements to help curb such issues.
4. Danske Bank
In 2007, Danske Bank acquired Sampo Bank. While the rest of this acquisition went smoothly, one branch, in particular, led to problems. Russia’s central bank raised concerns about suspicious activity at the Estonian branch, alerting both Danish and Estonian authorities. The concerns stemmed from what appeared to be transfers from Russian shell companies that were laundering money and evading taxes. Despite these warnings, no immediate action was taken by the Estonian branch.
After a whistleblower within the company spoke up in 2013, an internal Danske investigation was finally prompted. This eventually found that more than 99% of the branch's customers were suspicious. It also determined that the bank had conducted transactions totaling $230 billion over a nearly 7-year period. The Danish government launched an investigation of its own, which led to executives being charged with crimes. While the investigation is ongoing, Danske Bank is facing serious fines for failing to have—and follow—adequate AML procedures.
In part, this is not just a case of inadequate AML policies, but an intentional breach of these policies for individual gain. It’s critical to have an AML program that is well established at the organization, and that can ensure compliance of all members of an organization. The program must hold all members accountable, and be designed so it’s nearly impossible for individuals to intentionally evade required practices.
In one of the largest Australian cases of money laundering, Westpac permitted 23 million breaches of anti-money laundering and counter-terrorism funding rules. That’s actual instances of breaches, and not the total value, which amounted to nearly $11 billion. They failed to report and keep records for international transfers, some of which were linked to child exploitation in southeast Asia. In 2020, Westpac was fined $920 million (AU$1.3 billion).
Had Westpac employed sufficient customer onboarding, with strict KYC and due diligence procedures, this may have been prevented. Additionally, high-quality transaction monitoring could have identified suspicious transactions, especially when made internationally. By detecting anomalies, these transactions could have been flagged as suspicious, stopping this activity from persisting.
Learning from mistakes made by top institutions really puts the challenges of anti-money laundering compliance into perspective, and demonstrates that no financial organization is immune to ‘not doing enough’ — no matter how many internal resources or how much budget you allocate to your compliance program.
Ultimately, the more methods you can use to prevent money laundering, the more you’ll be able to stamp it out. Anti-money laundering regulations help dictate rules — and procedures — for the AML compliance team.
To get into more detail based on your business type and location, read through our chapter on Anti-Money Laundering Regulations Financial Organizations Should Know (and Follow!), which covers notable regulations from around the world and explains how to best comply with them.
If you’re still getting acquainted with what money laundering is and how it’s done, jump back to The 3 Stages of Money Laundering: Placement, Layering, & Integration.