Housekeeping
Agenda Introduction ● Amy Bell ● OPBAS findings ○ Common Issues for Law Firms ○ Evidencing a Risk Based Approach ○ Steve Elliot ● Cost of Compliance ○ Identification Examples ○ Learning from other sectors ○ Audience Q&A ● End ●
Amy Bell Legal Industry Advisor | Encompass Compliance consultant and advisor to Encompass, current member and former chair of The Law Society’s Money Laundering Task Force.
OPBAS findings OPBAS Report – looks good on paper An improvement in the application of the risk based approach by the PBS – expect more ● information collection More PBS are conducting risk based activities, including utilising site visits as part of their ● activities – expect visits as soon as appropriate, in the meantime more desk based supervision Increase in enforcement activity – expect non compliance to lead to disciplinary consequences ●
What common issues do we see in Law Firms Firm based risk assessment Client AND Matter risk assessments Template Tick Box ○ ○ Not specific to your firm Timing ○ ○ Inconsistent completion ○ Only done once at the beginning of the ○ client relationship
Evidencing a risk-based approach in Law Firms Understanding the risk from the source of Client Identification and Verification funds and wealth Tick box ○ Policy? ○ Minimum verification ○ What are they looking for? ○ Risk of fraudulent documents ○ How are they recording they’ve done it ○
Evidencing a risk-based approach in Law Firms If it’s not written down how do you prove you did it? ● Controls? ● CDD obtained ○ CDD checked on each matter ○ Source of funds and wealth established ○ Money came from the source you expected and have checked ○
Steve Elliot Managing Director | LexisNexis Risk Solutions UK & Ireland Specialist in financial crime compliance having had responsibility for AML, Anti- Financial Crime & Security as a practitioner and within international law enforcement.
How the banks conduct KYC and importance of keeping your AML & Anti-Fraud processes current Steve Elliot – Managing Director
Who are we? What could be used to ‘identify’ us? Firms spend twice as much on labour as on technology
The cost of compliance $136.5B UK has the second highest number of financial Italy $15.8B institutions behind the U.S. (over 2,200) France $21.0B UK highest cost market, within the highest cost region. Why? Germany $47.5B Increasingly complex regulations • Data privacy limitations • UK $31.5B Sanctions violations • Canada $49.5B Labour costs $5.1B • United $6.1B $4.5B $2.3B States A primary focus for firms: $26.4B LATAM EUROPE SOUTH APAC NORTH Comply with regulations (Brazil, Mexico, Argentina, (Indonesia, Malaysia, AFRICA AMERICA Chile, Colombia) Philippines, Singapore)
Organisations are spending almost twice as much on labour as they are on technology 36% 40% 37% 33% Asset Overall Banks FinTech Mgmt. 63% 67… 60% 64% Technology Labour Q19c: Roughly, what percentage your annual financial crime FUTURE FINANCIAL compliance spend would you say is related to labour/resources, CRIME RISKS 2020 technology/solutions/systems, and other?
How is compliance achieved? Risk based identity authentication tools: Significant continuing challenges: • Know Your Customer (KYC) 1. Building the risk categories Name, Address, DoB, Nationality, etc 2. Ultimate Beneficial Owners (UBO) • Source of Funds (SoF) / Source of Wealth (SoW) 3. Screening (list matching) • Ongoing monitoring 4. Monitoring reliance on ‘rules’ • 5. Data quality Senior Management responsibility: 6. False Positives Employee Training • 7. Identifying ‘suspicion’ Reporting • • Record keeping
Example: KYC completed at multiple points (Wealth) Buyers Product Providers Advisors Products Customers Identity Network General Who + Risk Insurance Bank Mortgage Life Assurance Insure r Pension Advice Wants + Needs Fun Investments d Platform
Example: Data Gaps How clean is your data? Your consumer database is a key business asset; regular data cleansing will retain its value, allowing you to maintain communication with your customers while helping you satisfy your obligations to data protection regulation. Living as Stated Deceased Gone Aways
Example: Data Linking Rules Linking Statistical Linking
Rules Linking: Are they the same person? Record 1 Record 2 Forename: Forename: Sarah Sarah This method can work well but isn’t perfect… Surname: Surname: Barker Jones John Smith John Smith Postcode: Postcode: Aberdeen Plymouth AB1 1BB IV1 2CC 22/03/1980 22/03/1980 Date of Birth: Date of Birth: Two individuals that happen to share the same 17/04/1974 17/04/1974 common name and date of birth could be incorrectly identified as the same person Telephone: Telephone: 012 3344 5566 012 4455 6677
Statistical Linking: Are they the same person? Record 1 Record 2 Weight Forename: Forename: 5 Sarah Sarah Surname Mismatch Surname: Surname: -7 Penalty applied Barker Jones Penalty Weight: Postcode: Postcode: Moderate AB1 1BB IV1 2CC Date of Birth: Date of Birth: Penalty weights are determined by the likelihood 17/04/1974 17/04/1974 of a field value varying between records… Postcode Mismatch = Low Penalty: -3 Telephone: Telephone: Surname Mismatch = Moderate Penalty: -7 012 3344 5566 012 4455 6677 Date of Birth Mismatch = High Penalty: -16
Product Example: Mobile authentication Putting the identity process securely in the hands of your customer…
Learn from other sectors
Network analysis UBO Emerging Fraud / ML s
The future is available now Onboard more Improved customer Improved customer risk profiling customers experience Reduced Improved costs compliance
Recommend
More recommend