19 July 2021 — Stories

How to proactively manage money laundering risks?

by Iryna de Smedt

How to proactively manage money laundering risks?

Money laundering (ML) has devastating consequences. It promotes crime and corruption that weaken our economies and damage social wellbeing. Citizens and governments lose over €110 billion to financial crime and 2 to 5% of global GDP is estimated to be laundered every year. It is critical to ensure that the fight against money laundering and terrorist financing (TF) is effective and efficient.

This has led Accountancy Europe to issue the publication Building an effective anti-money laundering ecosystem which recommends how to better implement the existing anti-money laundering (AML) legislation.

We do this ahead of the European Commission (EC) proposals (expected in July 2021) to strengthen these rules and how they are supervised.

AML as an ecosystem

Our recommendations have a wider remit than the enhanced EU AML rules. Complying with these is not enough to effectively stand up to criminals. We look at AML as an ecosystem where obliged entities (OEs), supervisors and policy makers cooperate and take charge of their responsibilities to mitigate AML risks.

Who are the obliged entities?

OEs are grouped in financial entities such as banks and insureres and non-financial such as auditors, external accountants, lawyers. They are required by the EU AML legislation to have procedures in place designed to assess and mitigate ML/TF risks.

Check our 9 recommendations to build a more effective AML ecosystem:

Obliged entities need to proactively manage AML risks

Recent AML scandals such as Luanda Leaks, FinCEN Leaks and the Panama Papers highlighted deficiencies in how OEs implement AML policies. We believe that they should take a more risk-based approach to understand the ML threats and take the right action.

We propose three actions for OEs to shift from reactive, to proactive and preventive AML risk management:

1.         better recognise and mitigate AML risks

through discussing with supervisors and policy makers, AML training and better understanding sector specific risks.

2.       strengthen risk-based systems and controls

to assess whether they can deal with the risks identified, regardless of OEs’ size and complexity.

3.       leverage technology

to increase AML efficiency and quality. For example, in remote client onboarding and collecting client information on clients.

Obliged entities need to improve governance to strengthen AML

Integrating AML in the governance structures can improve an OE’s risk overview and management. It can also allow an OE to be proactive on AML risks and ensure ongoing monitoring, reporting and oversight. We recommend the following 3 actions for boards and management.

4.      boards should build a strong AML culture

Boards should foster a culture that supports AML risk awareness, behaviours and judgments about risk and provide escalation mechanisms. They need to challenge AML policies to ensure these align with their business activities’ inherent risks.

5.       management should implement effective risk management

In line with the board’s guidance, management’s role is to implement effective risk management and risk reporting obligations. Management should be able to recognise AML risks, monitor these and allocate adequate resources to establish a control framework that can manage and mitigate those risks.

6.       Obliged Entities should establish three lines of defence

Entities should establish three lines of defence to ensure sound ML/TF risk management:

  1. management control over business operations
  2. risk controls and compliance
  3. internal audit to evaluate the risk management and controls

Reinforcing the regulatory and supervisory framework

Supervision and regulation need to be modernised as well to ensure the AML ecosystem functions properly. To further reinforce the regulatory and supervisory framework we recommend for supervisors and policymakers to:

7.       enhance cooperation amongst member states

Information and knowledge sharing between national supervisory authorities is critical for the AML system to be effective. Member states should also ensure OEs have sufficient access to information through data sharing and inter-operable systems.

8.      facilitate collaboration between the private and public sector

National actors should overcome the ‘taboo’ of cooperating with the private sector to combat financial crime. Enhanced cooperation between OEs and authorities can improve understanding of common threats. These partnerships should be cross-sector, involving financial institutions, other private-sector organisations and law enforcement agencies.

9.       consider sector specific divergencies

The current AML legislation seems to be designed primarily for the financial sector. Its requirements are not adapted to the nature of non-financial OEs’ activities. This poses difficulties in interpretation and may cause gaps in its application. The legislation needs to be better adapted for OEs in the non-financial sector. The rules should acknowledge there are different types of OEs and identify and target the factors to consider.