GDPR Means General Data Protection Regulation

If you have been seeing Cookie Acceptance Notifications pop up on many global websites lately, it is precisely because this 2016 EU law, which goes into effect on May 25, 2018.  The law is broad in scope, but the notifications require the site user to accept the cookies being used, which is to document the site-user of opting in to the cookie tracking.  The sites are require to be able to evidence this opt-in.

The major requirement is in the title: Data Protection.  The foundational principle is that the website user owns his or her personal data that the site is collecting, so, as long as the site receives acceptance to use the data, the site also is responsible for protecting the data from data breaches.  Considering the ever-growing prowess of Black Hat Hackers, many sites are opting to purge the user data.  Major social networking site are probably coming up with ways to anonymize user data.

This principle that the user owns the data that is being collected has other ramifications.  The user can request erasure of his or her data.  The user will likely be able to request all users of his or her data, however removed from the originating data collector, to provide how the data was used.  All of the rights of ownership are attached to the data.

This is quite contrary to the American legal principle of privacy, which requires sites to keep the data private, but since the site owns the user’s data, it can do what it can do with any other asset it owns.  The defense of the American legal principle is that much of the data collected are actually intellectual property.  Take, for example, demographic information.  One site may analyze my personal data and conclude that I am a social conservative while another a social liberal; the conclusion is the result of the site’s work.

The EU legal principle suggests that such work may indeed be owned by the site, but if it is derived from the user, then user has derivative ownership of those conclusions.  Essentially, it recognizes that the user’s information has economic value and, therefore, the site will have to have a valid contract to use that data.

Since the law protects all EU citizens and residents and their data, it is global in nature.  Also, if an American tourist logs in from the EU jurisdiction, the American is protected as well.  For that matter, the American would be protected if the data is harvested from the United States but it is stored or passes through the EU jurisdiction.

Some questions remain, at least for me.  Would a company legally headquartered in Ireland but its activities are in Menlo Park, California, is the company treated as an EU company, and, therefore, require data protection to all user information going through Menlo Park because the financial results of that information is reported to the Irish tax authorities?

How about counter-terrorism efforts?

Or, does the public figure have an economic right to his or biography published by a traditional publisher of hardcover books?


Compliance: a bridge but not a goal

Law and Business often play by opposing rules. Law is about justice and playing fairly and business is about winning and gathering unfair advantages. Compliance is the bridge.

I don’t need to explain why this is the case. But I do need to explain how the goals of law and business are achieved, and where we stand currently.

People outside of regulated industries often believe that compliance is a way to defend companies. They also believe that regulators are out to “get” companies. And then they are shocked to find out that a regulator tried to work with a company who had breached a rule. They are appalled that regulators would actually try to help “fix” the problem rather than punish breacher company. Outsiders who feel this way miss the point of compliance.

Because compliance is trying to keep the competitive spirit alive and well in the industry while keeping companies in line, regulators and compliance officers are on the same side in different organizations. Regulators do not want the industry to be punished for an incredible effort to comply with rules and regulations because mistakes happen. Punishment doled out by regulators is more often to deter companies from making that mistake again. They put a heavy price for mistakes. Unlike customers who can simply move their business to another firm if the company does something they don’t like, regulators do not have that power. So, that’s where fines come into play.

Other than that, regulators are trying to keep business going. They are regulating, not preventing.

What we have seen in the past few years is the lack of understanding by the public. Financial institutions complain about the harsh regulatory climate they are in while the public generally seems to believe that all of it is well deserved. In aggregate that might be true. In reality, what we have done is punish the system, not the bad actors. If the system is broken, it should be fixed. Punishing people trying their best in a broken system leads to inefficiencies, it leads to many unforeseen economic costs.

Two quick examples.

Because of the incredible risks taken by some firms, we merged those firms with better firms. We have merged so many firms that thirty three banks have become four. Now we have institutions that we must prop up if they are at risk of falling. We called them Systemically Important Financial Institutions, SIFI, for short. These institutions are so large and forced to reduce so much risk that unless you do not need a loan, you basically don’t qualify for a loan. That’s the result. SIFI’s can’t take the risk of financing startup companies. And we have fewer banks that can. Companies have fewer options for financing. If I recall correctly, there have only been two applications for new banks in the past five years. Ten years ago, we averaged one hundred applications for new banks each year. We thought that new regulations decreased risk to our economy. Instead, we have ingrained a new risk. Yes, we no longer have large financial institutions that will take the economy with it upon collapse, but we have instituted a requirement that you have to be financed by wealthy people in private equity and venture capital in order to start a business. Or you need to have perfect credit and no debt in order to qualify for a loan. Essentially, you already have to be connected with wealthy people and be wealthy yourself in order to start a business. That’s what the regulations seem to be doing.
credit Sintetia

A few years ago, a number of states banned employers from checking the credit histories of applicants. This makes sense for the most part. What does the credit history of an applicant say about the applicant’s ability to do the job? Probably, nothing. But the result was… well, let me have Planet Money explain it for you:

(Robert) SMITH: The theory in passing the laws against credit checks was that it would help black applicants, that it would help young applicants, people who tend to have lower credit scores. But now that employers were asking for more experience, asking for more education, [researchers] found that the laws were hurting the very same people they were meant to help.

(Danny) SHOAG: The switch from checking credit scores to relying on other signals like education and experience actually created relatively worse outcomes for African-Americans.

SMITH: So fewer African-Americans were getting jobs?

SHOAG: Yeah. Employment went down for African-Americans – and for young people.

Compliance can help make sure we are following the rules and regulations, and regulators can supervise that activity and deter bad behavior. But regulations that address whole systems in reaction to a few bad actors tend to have these types of fundamentally unproductive consequences.

As a compliance officer, I am always concerned with this. I know that I am helping firms play the economic game fairly, by the rules we have agreed to follow as a society, but our society often seem to set my goals that shoot it in the foot. I know I am doing good, but by doing good I see what outsiders often don’t see, which is that it is bad and we don’t even know it.

And that is the limitation of compliance. Now, I know that my role is supposed to be compliance. We need people to do compliance. I just wish that we as a society would take observations by people like me and then adjust the rules and regulations so that complying with them would lead to the outcomes we sought in the first place.

Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

How to hide a billion dollars: learn from the best
credit Utero

If you haven’t heard, the world’s leaders have been hiding billions of dollars. And one law firm is telling exactly how they do it. Well, they aren’t exactly telling you how, it’s just that someone has stolen their data and given it to journalists. Here are some headlines and links to what I am talking about before I move onto the next layer of analysis.

Brief Overview

Mossack Fonseca is a law firm that helps people and companies setup shell corporations. It has helped many political leaders in Russia, China, Iceland, to name a few. It has also helped private citizens. FIFA executives come into mind. And though Amazon probably wasn’t a client of Mossack Fonseca, the company uses a shell company based in Luxembourg to “avoid” taxes on UK income. So, this is a common strategy for hiding assets and evading taxation.

What is notable about this data leak is both the shear amount of data that was leaked: over 200 people had setup more than 214,000 companies shown in 11.5 million files amounting to 2.6 terabytes of data covering 40 years of the law firm’s work.

Here are some highlights of what the data shows:

  • Since the AML enforcement boosts of 2009, there have been more deactivations than incorporations of shell companies.
  • United States is one of the top intermediary firm incorporators.
  • United Kingdom is one of the top places to locate intermediaries and acted as a tax haven.
  • British Virgin Islands is the most sought after location for shell corporations formed by Mossack Fonseca.
  • Banks, though required to report potential money laundering, have been actively involved. Seven of the top ten banks that  Mossack Fonseca was involved with are well known international firms you probably have heard of.
  • Mossack Fonseca has also helped companies that provided access to funds to the Syrian government, the same government that has been tear the country apart and killing many.
  • The first politician to fall because of this leak is Iceland’s Prime Minister
  • VIX, the indicator of risk in the financial markets was up 10.2% by noon in Chicago on the day that the Icelandic Prime Minister resigned.

Importance of understanding Shell Corporations for AML Programs

Shell corporations are worrisome because the laws that allow such companies provide secrecy. And there is nothing wrong with secrecy in itself, but it attracts and fosters tax evasion and financing of some dubious activity, some of which result in death. Any comprehensive source of AML focus on the importance of routing out shell corporations, but the forces to have shell corporations is much greater. Banks and law firms make billions on hiding money for clients while AML programs are tiny in comparison. Just think about it. Large global banks based in the US and Western Europe have about 2% of their headcount in Compliance, of which, about half of it in AML Program. How much of their headcount is in High Net Worth Wealth Management groups? 10%? 15%? And that doesn’t include investment banking units that help corporations setup shell corporations.

Crime will not be completely wiped out, no matter what we do. But one things seems to be pretty clear: Wealth Inequality fuels shell corporation. As the world creates more people getting a ever smaller share of global growth, those with a share of the global growth is inclined to hide it. The pattern is stark. Greater the inequality, more likely the wealthy are likely to form shell corporations. This is a very odd result to such logic. Countries like Denmark have very few people involved in forming shell corporations and hiding assets and income from tax authorities even though their tax rates are much higher than places like the United States. Denmark’s public school teachers and kitchen staff get paid enough to afford a five week vacation while most Americans are one medicial bill away from bankruptcy. As a matter of fact, the US needs lenient bankruptcy rules because we bankrupt so many people.

I know that this article has turned into a economics argument, but the truth is that AML Programs are a way to cope with the symptoms of an climate and culture of beating the system, not a way of improving it.

Please donate to The International Consortium of Investigative Journalists. They provided organized and funded much of the 100+ journalists who analyzed the material. DONATE HERE.


Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Ethics Does Not Have To Be Serious
credit Digital Transcendence

Ethics has to be real. Ethics has to be appropriate. However, ethics does not have to be serious. Seriousness is a style. And there shouldn’t be a prohibition on taking pleasure in doing the right thing.

I was asked to distinguish between ethics and morality. Morality is what is considered right or wrong by a person or society. Ethics is morality in action. So, if you believe that Jesus Christ was the son of God, then it would be unethical for you to desecrate his image. For that matter, if you don’t believe that Jesus Christ was the son of God but you do believe in respecting other people’s beliefs, you would avoid desecrating images of God worshipped by others.

Notice, I framed morality based on an individual’s belief and, in my second example, I changed the belief but applied the decision to act the same way. There are subtle difference that I won’t get into in this post.

Obviously, desecration of holy objects is a very grave matter. But the non-desecration should not be. It should simply be the norm that people are respectful of each other’s beliefs.

This can be applied to corporations. There is one difficulty with corporations, though: they aren’t democracies. The president or CEO gets to prescribe the appropriate behaviors and one must keep morality to the self. This is an HR issue.

I want to talk about ethics and sales. Financial advisors may have their own personal beliefs, but they take an oath to act in accordance with a set of codified conducts. The industry set these up specifically because FAs are knowledge workers and what they provide is not just financial products but advice. For this reason, an inappropriate product for a certain type of client is forbidden. This hurts the investor and it makes the industry look like cheaters. So, if you want to join the industry, you much follow the ethical guidelines prescribed to you.

This prescription even goes as far as breaking the code of coduct of the financial institution the FA is working for. Against, this no-exemption exists so that firms cannot create an environment where financial advisors are permitted to dismiss their oath.

This is all serious stuff. Why? Because we are talking about harming investors.

But for an FA who loves providing value advice and access to products to his or her clients and the guidelines make him feel secure that his competitors cannot cheat, then why shouldn’t they have a smile on their faces?

So, smile.

Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Don’t be fooled by student debt article

This is not about financial regulatory compliance from the perspectives of regulators or financial institutions. This is about compliance from a personal finance perspective. The short and skinny of it all is, you should not borrow money for education if at all possible.  The reason is because it is one of the worst to get toward financial independence.

I will explain why by first explaining how income taxes and their associated fines work when you don’t pay your income taxes. If you earned $100,000 in 2015, your effective earn income tax rate is 28%, or $28,000, unmarried non-head of household taxpayer. If you didn’t pay any of that, you would pay a fine of up to 25%. This in on top of the unpaid taxes you must pay. Basically, the IRS is punishing you for borrowing money you owe them. That makes sense. So, 125% of $28,000 is $35,000, or an effective tax rate becomes 35%. This is only applied to the years you did not pay your income taxes, of course.

Let’s see what that looks like when it is converted to student loans. If you borrowed $100,000 for your higher education, and if your interest rate is 5%, and you are in repayment, then this year you would pay $12,727.92, of which about 95% of it in your first year of repayment will be interest, or $12,091.53. Essentially, you are paying this interest to the government, which, if you think about, is a tax because this is not the amount you borrowed; it is on top of it. And, also, you must pay all of the borrowed money back. It is kind of like having a very low interest rate for this portion of borrowed “income.”

Since you are in repayment for our example. You would get a deducation of up to $2,500 from your pre-tax income, the deduction cannot exceed the amount of interest paid. So, now you will pay 27.3% or $27,300 on your earned income, a savings of $700. Plus you will have been paying the government an additional $12,091.53, so, you will have paid the government a total of $39,391.53. And this will continue for ten years, albeit the “tax” portion of it will decrease. Another way to look at it, regardless of whether you pay all of the interest, you will still have to pay more interest for at least ten years, unlike not paying taxes, which you will only have to pay interest as long as you don’t pay.

In order to pay an effective tax rate of 39.3% on your earned income, you would have to make $14.3 Million. Another way to think about it this: in order for student loans to really make sense is if you either make enough money to live on comfortably even after you pay your student loans and you are guaranteed to have your job(s) for the duration of the repayment period, or make a break even amount the first year and then an increase in your income to the amount of the interest rate each year (which becomes easier to do each successive year because the even monthly payments effectively reduce the interest payments over time).

That magical break even income for the example’s first year is… about $66,700. How do I figure? Well, if living comfortable on average costs about $40,000 per year, and your effective tax rate will upwards of nearly 40%, then you need to make $40,000 after tax. This $66,700 only accounts for Federal Income Tax. It does not account for Social Security, Medicare, local taxes. Most of those other taxes amounts to about 10% of your income, depending on where you are. That means, you’d need about $80,ooo.

Who gets paid $80,000 on their first job after undergrad? Engineers and investment bankers. Is it no wonder that they have the bandwidth to accomplish a lot of other things in their early lives?

Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Wealth Management in China might not be managing wealth

Lack of auditing financial statements and going concern by professionals is a problem around the wholebut in China, the scale is just different. Everything is just bigger.

Guangdong Bangjia sold financial products that promised returns up to 47% on loans and loan funds. The Company targeted senior citizens for these investment opportunities. In a country that is so new to financial products and so large that scale of things just are immense, many investors took the bait. Some 230,000 of them have been investing in the Company during the course of about a decade. But there were no investments. It was a Ponzi scheme.

How did Chinese senior citizens end up investing in this Company’s funds? Well, the Company invested in itself first. It spent money on lavish and grand marketing exhibitions, proving that it can afford to do such things because of its success.

I didn’t intend to write three articles consecutively on financial crimes in China, but I couldn’t help it but notice how big financial crimes can easily get in China. This is a place with very little wealth for the ordinary citizen. But because of the countries fantastic rise and people being exposed to media that show them how wonderfully wealthy some people of little means have become, people are willing to take a chance.

The sad thing is that the United States is becoming this sort of place. Getting ahead by working hard is less and less secure, so, more and more people are gambling. US has the lowest labor participation in a very long time and the average income per employee hasn’t kept up to pace with inflation, even while productivity per employee has increased over the past three decades. Financial crimes involving financial professionals offering hope of a better life is going to be more prevalent if we don’t start doing something to make sure we do something about the system that makes us want outrageous investment returns.

Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Paper is a problem in China

China’s banking system has a paper problem. It uses too much of it. In today’s realtime-tracking systems and continuous risk calculations and cross-market arbitrage algorthms, much of China’s $700 Billion financing market is funded through paper loans. In one incident late 2015, Citic Bank, one of China’s major banks, discovered a fraud scheme that approved $150 Million of approved loans using a financial instrument called Banker’s Acceptance. This is a short term loan that does not need to meet all of the stricter requirements of a traditional loan. This fraud was done through the production of fake documents.

As a result, China Banking Regulatory Commission publicly asked banks to review their banker’s acceptance bills financing instruments. This is in the face of an industry with little domestic competition, and, therefore, no real need to manage risks. For that matter, the domestic operations of Chinese banks is quite archaic. Only one in five loans are done electronically. This often means, loan proceeds are given to borrowers before a complete review has been completed.

The problem here is two fold. There is the direct problem, which is that the industry needs to have a regulation that requires full reviews, and, hopefully, will pressure banks to make their loan application and review process be more electronic. And then there is the systemic issue. With every bank essentially acting as an arm of the central bank, there is no competitions, so, there is no motivations to compete. Without such competition, why should any executive risk the bank’s operations with costly and unproven improvements? There is very little upside.

The irony is that Chinese bank operations in other countries, like the US are highly risk averse. They more risk averse than their Western counterparts.

Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses.