Growth Need In Anti-Financing of Human Trafficking


Syrians are migrating en masse to Europe to flee their war-torn homeland. They would like to find a place where they have a chance at life and happiness. In their effort to get to Europe, many are selling everything they own to pay for a passage by water to Greece. Sometimes that ticket is for a boat to Greece, but not necessarily to get a chance at life and happiness.

One hears stories of rape and prostitution. People are enslaved forcefully. Others are coerced into a system that has them accruing debt with high interest rates, which they pay off through labor.

These stories have money behind it all. The transactions are, of course, illegal. The storage of money is also illegal. For banks of all sizes and locations, trying to track down funds originating from these criminal activities is difficult. And this problem isn’t going away. As a matter of fact, Freedom House, an NGO that studies human rights issues, recently released a report stating that a third of the human population lives at risk of war, violence, and terror on a daily basis. That is 2.43 Billion people. Banks and Money Service Businesses facilitate and secure the transactions that make human trafficking profitable.

Here’s where technology can be of great help. On a case-basis, data analysis tools play an important role in discovering players in such industries. On a systemic-basis, a central ledger might be a solution. This is most commonly called BlockChain. The idea is to have a single place where all accounts must balance and all transactions are verified by the community as a whole. Transactions can still be anonymous, but the facilitating financial institution has a place to check unique funds – unique because each unit of currency will have an identification code. You know those numbers and letters stamped on the US Dollar Bill? Yes, that kind of uniqueness. Currently, we treat a single dollar no different from any other dollar. But with a record of that unique identification available, we can start to root-out human trafficking networks.

Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Virtual Reality to bring compliance to life

from Risk Management Magazine
from Risk Management Magazine

One day this will happen. For now it is a headline that is pie in the sky. But there are situations that will come in handy even now.

I’m thinking of compliance training. The current state of compliance training is either classroom training or an online course where there are readings, maybe some audio and or video and then there is an exam.

Virtual Reality is very good for simulations. Here’s a chance to make every trainee go through simulated situations. I can imagine a simulation course with four or five scenarios. Each of them adding complications, making the experience more real. And unlike the current training schemes, the trainee can do anything that can be done at a firm. S/he could do things that are completely unrelated and waste time during the simulation, and then fail. The trainee could decide to investigate something when s/he should have simply reported it the appropriate person first. How about facing multiple scenarios at once. That’s very real. VR can address not only the compliance issues but how the trainee could deal with the emotions that come with trying to deal with these situations. Many compliance issues arise out of pressure and not out of malice. VR can be a very good tool to address this.

The technology already exists. The Department of Defense already have VR “games” to train soldiers for stressful and complex scenarios. Financial Regulatory Compliance simulations are simpler than combat.

Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. He is a member of ACAMS and ACFE. 

Importance of formal training in Compliance

There are many jobs that one can learn from experience alone. Compliance Officer is not one of them.

ACFELOGOLike Law or Accounting, becoming an effective compliance officer requires three sets of knowledge: foundational knowledge gained in formal education, specialist knowledge gained in training, and management and leadership knowledge through experience. Foundational knowledge is important because that’s the common knowledge with which the world operates. And management and leadership knowledge can only be developed through real world experience, no amount of conceptual knowledge alone will make one a good manager or leader. The middle piece, the specialist knowledge, requires training because without it the Compliance Officer simply becomes a Compliance Manager or Analyst.

The reason Compliance is like Law or Accounting is that the logic with which Compliance works differs. The logic behind complying with Financial Regulation comes from understanding a business at the operational level as well as the contribution the firm makes to the financial markets overseen by the regulator. Understanding the operations of a business could be gained through training and experience within a business. Understanding the requirements and priorities of regulators require interfacing with the regulator. Many roles are title Compliance Officer, but the true CO roles are the ones that require both arenas.

CAMS LogoThere are several ways to gain the necessary training. Many large financial institutions have Compliance training. Usually, this is the bare minimum of Compliance training necessary. Some of them might not actually be Compliance training but simply a training about suspicious activities awareness. To be qualified as Compliance training, it should include information about regulatory functions and the responsibilities of various regulators and their interactions with Self Regulatory Organizations (SROs) and private firms. In the US, this means a need to cover some combination of the following entities:

And, at a minimum, there is a need to cover the following topics:

These are a lot of topics and no one can be an expert in all of them. But without exposure to this full spectrum of knowledge, a Compliance Officer is not equipped to dealing with the complex nature of the competing interests without an overview of these subjects. There are several ways to get formal training on these entities and matters.

The most common, direct, and practical way to get the formal training needed to be equipped to be a Compliance Officer are through associations that have developed the certifications.

There are programs at a few institutes of higher education that offer coursework specifically addressing these entities and topics:

  • University of South Florida has undergraduate, graduate and PhD programs in Criminology
  • Pace University has Certified Compliance and Regulatory Professional (CCRP)
  • Utica College has MS in Financial Crime and Compliance Management
  • Charles Sturt University has Diplomas, BA and MA degrees in Anti-Money Laundering and Counter Terrorist Financing, Intelligence Analysis, and Investigations

I have provided a concise, compelling reason why you should be staffing your firm with trained Compliance Officer or training the untrained employees who are moving into Compliance. Hopefully, this will be a good starting point for you to think about what kinds of issues your firm will have to face and the value a trained Compliance Officer will bring in handling them.

Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience. 

Is it time to grow your compliance department?

US Beach Volley Team celebrate winning at Athens Olympics

No… or at least you hope.

For most financial services firms, it is a resounding “yes.” Why? Because your firm has not tested various measures set in place to comply with Dodd-Frank.

Unless you are one of the 40 largest banking institutions in the United States, compliance demands are much more than the compliance department can handle. A smallish bank with assets of about $15 Billion will have the full spectrum of depository financial products, a full spectrum of retail lending products, and some limited investment and financial advisory services for individuals, businesses and governments. Aside from a lack of active funds and securities trading floors, this pretty much covers Dodd-Frank. With about $700 Million in Revenue and about $100 Million in Net Income, the bank probably only has about $1 Billion in equity to play with. Reducing that Net Income means, reducing that equity cushion some more. So, then the bank takes on riskier loans for higher interest revenue, which will then require more compliance professionals, undoing the higher risk taken to offset the additional compliance cost to begin with.

Some of the solutions available to other industries is not available to your bank either. The bank cannot outsource compliance all together because… BSA compliance will not allow it. So, how can a smaller bank cope with the cost of complying with the regulation?

Merger is one method. Just become a larger bank, decreasing the marginal cost of management and overlapping markets, and simply have more resources available. This method defeats the purpose of the smaller bank because smaller bank has its own value proposition to the market, mainly, familiarity. You’re not supposed to be a nobody in a smaller bank.

Outsourcing whatever possible is another method. This is a tricky proposition. This might provide the bank with the leverage pressuring the vendor to reduce costs and, hopefully, the vendor can because it has other customers from which it has learned to be more efficient. On the other hand, this is at the cost of an internal culture that might have made the bank successful to begin with. Plus, the vendor actually has no incentive to pass on the productivity gains to the bank. And when the vendor screws up, the laws do not really have a recourse for vendors, which means the bank is taking on an operational risk as well.

This is what I propose for such banks: Hire senior level compliance officers as a service from vendors while hiring lower level compliance officers directly. Obviously, the chief compliance officer cannot be external, but all of the direct reports could be. The idea is that this regulatory change is being managed by people who have experience across the industry, and the bank can train lower level employees to take over over time. This hybrid method captures the most important part of hiring an external firm while obtaining the bulk of the manpower to maintain the business-as-usual processes and perpetuate the culture of success.

Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Whistleblowers Beware

Rachel Weisz in “The Whistleblower”

There is a danger to doing the right thing. Timing seems to play an important role. If you are thinking of blowing the whistle to the SEC, you might be taking on a risk that is not worth it.

In a recent case, the SEC rewarded just one of four whistleblowers to a single case. The reward was $700,000. It is a big reward, but what of the three who were not rewarded? Two simply accepted that their contribution was worth nothing, even though they stuck their neck out. And because the identities of the whistleblowers are redacted on the order, there is no way of finding out what have become of them.

The lone whistleblower who was not rewarded argued against the results. SEC’s position is that the fourth whistleblower’s information did not provide anything original. Basically, this means the whistleblower was too late in providing that information. There is a market for information and speed is part of the essence.

SEC, of course, doesn’t want copycat whistleblowers, so, to dissuade people from benefiting from other people’s work, they really only consider information they did not already possess and was important to their case.

Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Masters, JPMorgan’s Ball and Blockchain

Blythe Masters, the former head of commodities at JPMorgan, became the CEO of Digital Asset Holdings about a year ago and she has been on a tear through Wall Street talking up a recordkeeping technology called blockchain.

Blockchain is most famously tied with the digital currency BitCoin. It isn’t actually part of the digital currency. It is commonly known as a type of public ledger, a recordkeeping system, if you will. It is conceptually simple, but technologically very advanced. The idea is to have one central accounting system for all transactions where the whole world can see. In this way, embezzling is more difficult to do. One can’t only be financially savvy, but also be technologically so. Not just a little but a lot. Because blockchain is  central ledger for transactions, there is an external reference that is common to the buyer and seller. So, when a customer tries to buy something from a seller, the currency portion of the transaction (payment), goes through the blockchain, which verifies that the currency is in the buyer’s account and no one else on the blockchain is supposed to have it.

It makes every penny into a unique penny. We have a unique number on all paper bills in the United States, but that unique number really isn’t used for common transactions. This provides that extra security.

Masters is leading the idea that blockchain technology can be brought to Wall Street. Most senior investment bankers are skeptical. Of course, they are. Most senior investment bankers don’t understand blockchain or BitCoin. And, when they do, they generally know as much as you, my reader, because you now have read my previous paragraphs. To Masters, it is a no brainer. Here’s a technological tool that reduces counterparty verification which should, in theory, reduce the number of days it should take to clear a trade, thereby reducing cost.

The risk, aside from bank management not even understanding the significance of this technology, is the risk of systemic fraud or glitch. But one thing we’ve learned over the last century as we’ve centralized many of our transactional activities is that it greatly reduces the inherent risks of transactions, but because of the way our laws allow for increased risky behavior when risk has been reduced, it will likely increase the residual risks. There are a number of examples of this. When all trading goes through fewer routes to their eventual transactions, there are fewer route that need to be monitored and therefore monitoring and surveillance can improve. But when there are losses, they are usually big because the glitches are systemic or categorical. The Flash Crash it an example of centralizing and automating trades through fewer pipes led to big and quick irrational dive of the market.

I for one is a proponent of the BlockChain. I am not the person to discuss the potential economic consequences of this, but it would be the next step in the evolution of the Depository Trust Company, the central counterparty in US capital market trading.

Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. He is a member of ACAMS and ACFE. 

Interest Rate’s Effect On Compliance

Miranda Kerr says "you're welcome"
Miranda Kerr says “you’re welcome”

I thought if Interest Rates won’t interest you then maybe Miranda Kerr would. Obviously, this only works for 2/3rds of you. (About a third of you aren’t into Miranda Kerr or any other woman.)

Interest rates have many economic effects, which I do not need to describe to my audience. The Federal Reserve decided to raise the interest rate (Fed Funds Rate), to show that the economy is doing well. There are plenty of signs that the Fed is doing this as a symbolic move but it is still under the belief that the economy is not doing well. I’m of the side that the economy isn’t doing well, but I will get into why some other day.

For certain types of compliance, problems will increase as a result of interest rate increases. Interest rates can be viewed as the cost of capital. A cost eats away at income. It puts pressure on those who are supposed to maintain costs and those who are supposed to bring  in revenue.

So, the OCC isn’t likely to see much difference in volume of issues arising from financial institutions or money service businesses. OFAC isn’t going to be affected either. But FINRA and the SEC will. FINRA moreso than SEC because they deal primarily with revenue centers. SEC doesn’t deal with operations as much as reporting issues. But, of course, when the pressure to perform increases, there might be some increases in financial statement reporting fraud cases.

FINRA will face the problem of brokers trying to replace lost revenue. No matter what the interest was, if there is an increase, the pressure increase forces some to take shortcuts. Financial statement reporting fraud is one. Others include, ghost sales, underreporting expenses, embezzling, or, in the case of brokers, churning (making additional transactions to create business).

Banking is affected as well. Mortgage bankers may provide loans to those who wouldn’t qualify with the new interest rates because the amount lent maybe be higher than the bank is willing to accept. Clients might adjust records to pass credit analysis with inflated projections or hiding liabilities, such as other loans.

All of these things can happen without interest rate increases but the increase puts more pressure on these functions.


Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. He is a member of ACAMS and ACFE. 

Risk reduction

There has been increasing talks about reducing the risks in our economy. While I’m not suggesting the following, but people can’t be all that serious about reducing risks if they aren’t including in the option to wipe out student debt. We have a trillion dollars worth of debt borrowed by people who make very little money and who have nothing. Essentially, most people have negative equity in their own lives. It’s hard to take an argument to reduce economic risk seriously when almost all of consumer debt can be paid off by people who can afford to pay it off while improving both the lives of debtors and the economic system by having paid for education.

Just a quick thought this crisp Saturday morning in New York.


Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. He is a member of ACAMS and ACFE. 

Which Star Wars character would be the best Compliance Officer?

Star Wars is about a rebels who are seeking to reinstall a democratic system from an empire. It has brought some iconic characters. Let’s take a look at the characters and see what kind of compliance officers they’d make.

Han Solo: A go-it-alone type of guy, though he does have his trusty sidekick/partner, Chewbacca. He makes decisions based on his own understanding of the world. He is not extremely open new ideas without seeing some sort of evidence. He doesn’t like taking orders, though, which is fine for small investigations, but Compliance is a team effort with an organizational structure around it. – 6/10

Luke Skywalker: Naive but willing to learn. Persistent but most of that comes from his personal reasons, which isn’t something that comes up very often in Compliance. He learns to think more systematically, but his wisdom is learned at the cost of his right hand. Pretty steep cost for education. – 7/10

Princess Leia: Has a strong moral compass, but it comes with stubbornness and not very resourceful. She is stubborn and prideful, which doesn’t serve a cause, it just serves her ego. She isn’t resourceful in that she doesn’t take advantage of her uniqueness as the only woman among men, believing that it isn’t appropriate. She is right, of course, but that’s the two sides of morality and resourcefulness. – 7/10

Chewbacca: All instinct, no forethought, his decisions often lead to more damage. He is good at execution, however. He gets things done. He doesn’t get distracted very often. on the other hand, he often does not understand humans, which is a problem in Compliance. Both in terms of managing the business and complying with regulations, he would have to learn to shore up this weakness. – 2/10

Darth Vader: He is deluded into thinking that has chosen the correct path. Once doing so, he is dedicated, competent, and strategic. His management style is a bit of a concern. He kills people when they do not perform. Murder isn’t a management technique a Compliance Officer can condone. – 5/10

C-3PO: Incredibly knowledgeable about protocol, but completely oblivious to applying that knowledge. A serious deficiency that leads him to trouble and many times leads his team into trouble. He only seems to make right decisions under perfect conditions, which, in reality, there is no such thing. – 4/10

R2-D2: Feisty, persistent, exact, stubborn, dedicated, he makes the right decision all of the time. His only limitation is his physical being. But in Compliance, that should not be a problem. One problem, though, is his inability to acquire human language. That’s a problem since managing Compliance on all front require good communication skills. – 8/10

Obi-wan Kenobi: Hermit, once capable, dedicated, persuasive, he would be very good for AML, financial crimes, investigations, or advisory, but he doesn’t really have the best management skills. He is incredibly persuasive, but that does not mean that he can solve every problem that way. Still, he is incredibly adaptable, which is a good skill to have in an ever changing regulatory environment. – 8/10

Boba Fett: Rugged, independent, resourceful, and is a good detective. But he really only works for himself. This is a problem, of course. Compliance is a team effort with an organization and a division of labor. He isn’t likely to fare well trying advise people. He is more likely to get impatient and kill them. – 3/10

Lando Calrissian: A gambler, good at reading people, has his head on straight, is a charismatic leader of a city, he has many connections, he is a very good businessman. He is a well-rounded professional, adaptable. I wouldn’t trust his technical abilities, though. He doesn’t seem like a kind of person who would know how to fix things. – 9/10

Jabba the Hut: Good natured, albeit, deadly. Powerful, leads a very diverse organization with a wide reach. However, he is impatient and likes to be entertained. Compliance is not usually entertaining. Also, he wouldn’t do well being part of a team unless he was leading. He is also vengeful and keeps score. A Compliance Officer has to be able to let go because not everything can be solved right away. – 6/10

Palpatine: Knowledgeable, powerful, learned, patient, strategic, tactically sound, leads a very compliant organization. Considering he was the person who corrupted the senate and took over as emperor, he is willing to break all rules to create his own. He would be a terrible Compliance Officer. – 1/10

Yoda: Wise, funny, knowledgeable, but is impatient and cranky. Patience is a requirement in a function that requires the partnership of other control functions. He has a history of working with other leaders, willing to debate and listen. A very good trait to have in a Compliance Officer. – 7/10

Okay, so, if you want to be a very good Compliance Officer and need a Star Wars character to look up to, look up to Lando Calrissian.

Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. He is a member of ACAMS and ACFE. 

Pope, the Chief Compliance Officer


The Vatican bank, yes, the Vatican has its own bank, has the notorious reputation for being run like the Mafia. For that matter, it has always been run by Italian cardinals, usually the chief of the Curia, the Vatican government. Last year, its chief, Cardinal Bertone, was forced to step down under charges of financial crimes. Luckily for him, the Vatican is its own micronation and it answers to no one. To make sure Italy does not take over, it is guarded by the Swiss, another secretive organization.

In order to combat this reputations, which seems deserved, Pope Francis put together his person curia of sorts to oversee all aspects of the Vatican, including the Curia of the Holy See. The team of nine cardinals are all non-Bertonians, five of them are not even European… GASP!

I bring this up because November is a time when the Pope goes into his residence and often ruminates on the issues of the people. In 2013, he published his most famous Apostolic Exhortation, which focused primarily on refocusing the church from social issues to socio-economic issues. He did not support contrary views to his predecessors, but he did emphasize that the Catholic Church is not pro-capitalism, and that it should seek ways to help the poor and the sick. He was so clever to avoid changing the established viewed that he even combated the idea of science-vs-religion, and that he believes science explains somethings but it does not and will not ever explain everything, and it is in that knowledge of the unknown that he knows there is a place for God. In 2014, he shook up the Holy See more than the rest of the world by ordering the Vatican to install showers for the homeless. What will he do this  year?

I bring this up because I want to point out something he’s doing that compliance officers can learn from. He is staying well within his powers, explicit and implicit, to make changes. Compliance departments has to be sensitive to the needs of the business, obviously, because ultimately the business exists to help clients. Compliance have to balance that with satisfying regulators that the business has been doing everything its power to stay diligent on maintaining a culture of compliance, strong oversight and controls, and a responsive financial crimes units. Without these, the alternative will be a regulator in every financial institution, and no institution will be able to differentiate itself.

Things you can do:

  1. change the tone of the interactions with the lines of businesses,
  2. talk to regulators more frequently than requested,
  3. don’t make the letter of the law rule decisions.

All of these things do not replace what Compliance Departments have to do, but they do provide a way to make it easier for lines of businesses to deal with Compliance issues, get regulators to understand that you are doing more than defending yourself, and refocus Compliance to the goals of rules, not the technical rules of them.

Of course, if you are intent on doing the least bit possible, I can’t help you. And I would imagine Pope Francis wouldn’t want to help you either.

Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. He is a member of ACAMS and ACFE.