You’ve been Gooched

Charmian Good, co-founder of Global Witness via CBS News
Charmian Good, co-founder of Global Witness via CBS News

In a recent 60 Minutes episode on CBS, Global Witness, the nonprofit with the goal to “change the system by exposing the economic networks behind conflict, corruption & environmental abuse,” revealed the stunning fact that the United States has become the “easiest place to set up an anonymous company after Kenya, out of 180 countries.” As a result, GW decided to test the system by trying to get meetings with some fifty law firms. Thirteen firms accepted meetings and only one turned them down outright. One other firm said they would require more information before taking on the client.

What did these firms want to continue talking about? Well, basically helping a fictitious minister of natural resources in an unnamed African nation to move fictitious funds he received from bribes from corporations who wanted mineral rights, which he has control over. Obviously, the lawyers did not know of their fictitious nature. Still, the videos, which 60 Minutes showed, were rather damning.

The paradox is that US has one of the strictest  rules and regulations for Know-Your-Customer and Anti-Money Laundering in the world, but all of those laws pertain to the practices of financial institutions. Lawyers are exempt from much of the reporting rules, making it easy for them to get by undetected.

Charmian Gooch, a co-founder for Global Witness, made herself available for interviews with CBS on this piece to share these shocking revelations. In the process, probably made herself a target of many law firms. I wouldn’t be surprised, though, that there are more law firms willing to work with her organization, now that it has put itself on the map of the general public.

 


Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Bear Market Compliance

Jules, the bulldog, chase away the bears
Jules, the bulldog, chase away the bears

It’s easy to want to reduce compliance spending as the bank enters a bear market, but this is a bad idea for a whole host of reasons. The single primary reason is that revenue centers employees may take on non-compliant and high risk activities to reduce that decline in revenue to keep save their jobs. The incentive structure of your revenue center employees and the compliance culture will be tested.

Ideally, compliance spending should be relatively stable regardless of any short term market trends. In this case, short term means 18 months, because it is strategic. If your compliance department is organized to simply tackle tactical issues, you will need more compliance activity to address the possible rise of noncompliant activities.

In this sense, compliance is a lot like branding. Culture is one of the most important ingredients to Compliance Management. I know there are a lot of supposed Compliance Experts who talk about culture. If you haven’t noticed, my reader, I rarely talk about culture. It’s not that I don’t think it isn’t important, but because culture seems to be the only thing most Compliance Experts talk about; culture and tone from the top. But anyone who is actually a Compliance Expert would agree with me, culture is the one thing that doesn’t require compliance expertise.

In this entry, though, I will address culture from the perspective of a leader, not a manager. A leader who is promoting a Culture of Compliance will be cognizant of the fact that the Compliance Department’s culture and the Line of Business’s culture are often different. And the ways they are different depend on the mix of people in the Compliance Department more than the people in the Line of Business.

Compliance, by nature, requires being pedantic. Possibilities are dealt with, rather than thrown aside in favor of priorities. The few rogue employees are always looking out for possibilities, not necessarily what is right. The current bank structures are organized to reward those who bring in the most money, making the activity that brought in the money the de facto “right thing.”

We live in a society that rewards based on money, not productivity. Luckily, most of the time, productivity is the right thing. We don’t live in a society, however, that rewards those who are more productive; we live in one that rewards those who own the productivity. This means that a few superstar employees who know how to vastly upend the current level of productivity often are rewarded when the great many who help those superstars are not. (I know, I know, I’m starting to sound like a bleeding liberal; just hang in with me.) These superstars do not want to share their productivity gains with others who have helped them on their way. This last bit of change is what describes a transactional society, not a transformational one. Think about it. Transactions take just a minimum of two parties; one invariably makes a better decision than the other. Transactional society creates losers. A transformational one requires assessing one’s actual contributions and rewarding proportionally. A transformational society creates winners of varying degrees. When done right, much of the fear of getting laid off during a downturn will lessen because the issue isn’t due to proving one’s productive value but due to an issue of demand and the comparative productive value against other colleagues.

This doesn’t mean a transformational society is Utopia. But it means that people will understand the true competitive nature of the workplace: the larger competition between firms that an employee contributes to and the smaller competition between employees to be the most valuable on the team – again, the intrafirm competition doesn’t create losers but degrees of winning. But, as I said, we don’t have such a society.

That’s where managing the Culture of Compliance becomes important. Everyone should always feel like they are contributing to the welfare of the firm and compliance to policies and procedures should feel like a contribution to that firm welfare. And work should have a causality to it, meaning, one’s work causes something else to happen. If it merely has a correlation to it, as many corporate employees feel as they do, work feels bureaucratic. And it probably is. Then, of course, each employee’s duty to themselves comes down to the impression of productivity or cheating to be more productive. While only the latter is a compliance issue, they are two sides of the same coin.

So, to sum up the issue of tackling the Culture of Compliance as we head into a bear market, the Culture of Compliance starts from the duties of an employee having causal relationship to the firm’s well-being and understanding that noncompliance and brown-nosing are both results of caring more about results from a short period of time, not a long full history.

I know people might say that I am being idealistic with this, but if you are a compliance professional who doesn’t know how to lead your bank, you are ready to lead your compliance department. Compliance is a responsibility of every member of the firm and the Compliance department exists to take some of the responsibility away from other members of the firm so that they can focus on other activities. So, of course, I believe that leadership and Culture of Compliance as transformational issues, not a transactional one.

If you don’t believe me, then you are probably not a Compliance Expert. If you are a Compliance Expert, you would already know that regulators also agree with me on this point and often Delayed Prosecution Agreements are rewarded based on dealing with issues like I have mentioned.


Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

If the French strip citizenship…

http://www.liberation.fr/france/2016/01/27/christiane-taubira-ecarte-l-idee-de-participer-a-une-primaire_1429318
Christiane Taubira, Minister of Justice via Liberation.fr

France is considering an amendment to their constitution that would strip French citizenship to those who are accused of terrorism and possess duo-citizenship. There is a problem with this, of course, because anyone can be accused of terrorism. What happens if that person is not guilty?

And then there is the racism that is neatly disguised as  counter-terrorism. Citizens of the European Union generally do not hold duo-citizenship because they have the economic freedom to do as their like across borders within the Union. That means, this law primarily targets non-Europeans in France. For this reason, Christiane Taubira, the French Minister of Justice (closest equivalent would be the American Attorney General of the Department of Justice), is stepping down. She is Afro-Latin born in French Guiana. She is at no risk of being accused of terrorism, of course, but it isn’t as though she can’t see right through this proposal.

As a financial compliance issue, this adds the terrible problem of figuring out how to treat such a person. Should this person hold a French bank account but is no longer a French subject, this person should be treated as a foreigner. Sounds simple but foreigners have limitations and other criteria attached to their French domestic accounts. Banks will have to scramble to recharacterize bank accounts. Operationally, the best way to do this would be to simply give the interested person a new account, but that puts the bank in jeopardy of losing the account altogether. This is an obvious cost to business that doesn’t seem necessary for a bank because… well, because the person isn’t a terrorist, or at least has not been found guilty of terrorism. Losing money that does not make the financial system and the nation any safer isn’t really a very good way to do business.

The only thing saving the French bank from losing that customer’s business would be that all banks in France would be subject to this. But because of the Union’s economic freedoms, the newly non-union citizen sill still be allowed to hold an account outside of France and even outside of the Union and still do normal daily business. The transition might be troublesome, of course, but that is no more troublesome than simply starting a new account. So, it isn’t much of a save for the French banking system.


Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

 

//

Growth Need In Anti-Financing of Human Trafficking

from Fair.org

Syrians are migrating en masse to Europe to flee their war-torn homeland. They would like to find a place where they have a chance at life and happiness. In their effort to get to Europe, many are selling everything they own to pay for a passage by water to Greece. Sometimes that ticket is for a boat to Greece, but not necessarily to get a chance at life and happiness.

One hears stories of rape and prostitution. People are enslaved forcefully. Others are coerced into a system that has them accruing debt with high interest rates, which they pay off through labor.

These stories have money behind it all. The transactions are, of course, illegal. The storage of money is also illegal. For banks of all sizes and locations, trying to track down funds originating from these criminal activities is difficult. And this problem isn’t going away. As a matter of fact, Freedom House, an NGO that studies human rights issues, recently released a report stating that a third of the human population lives at risk of war, violence, and terror on a daily basis. That is 2.43 Billion people. Banks and Money Service Businesses facilitate and secure the transactions that make human trafficking profitable.

Here’s where technology can be of great help. On a case-basis, data analysis tools play an important role in discovering players in such industries. On a systemic-basis, a central ledger might be a solution. This is most commonly called BlockChain. The idea is to have a single place where all accounts must balance and all transactions are verified by the community as a whole. Transactions can still be anonymous, but the facilitating financial institution has a place to check unique funds – unique because each unit of currency will have an identification code. You know those numbers and letters stamped on the US Dollar Bill? Yes, that kind of uniqueness. Currently, we treat a single dollar no different from any other dollar. But with a record of that unique identification available, we can start to root-out human trafficking networks.


Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Virtual Reality to bring compliance to life

from Risk Management Magazine
from Risk Management Magazine

One day this will happen. For now it is a headline that is pie in the sky. But there are situations that will come in handy even now.

I’m thinking of compliance training. The current state of compliance training is either classroom training or an online course where there are readings, maybe some audio and or video and then there is an exam.

Virtual Reality is very good for simulations. Here’s a chance to make every trainee go through simulated situations. I can imagine a simulation course with four or five scenarios. Each of them adding complications, making the experience more real. And unlike the current training schemes, the trainee can do anything that can be done at a firm. S/he could do things that are completely unrelated and waste time during the simulation, and then fail. The trainee could decide to investigate something when s/he should have simply reported it the appropriate person first. How about facing multiple scenarios at once. That’s very real. VR can address not only the compliance issues but how the trainee could deal with the emotions that come with trying to deal with these situations. Many compliance issues arise out of pressure and not out of malice. VR can be a very good tool to address this.

The technology already exists. The Department of Defense already have VR “games” to train soldiers for stressful and complex scenarios. Financial Regulatory Compliance simulations are simpler than combat.


Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. He is a member of ACAMS and ACFE. 

Importance of formal training in Compliance

There are many jobs that one can learn from experience alone. Compliance Officer is not one of them.

ACFELOGOLike Law or Accounting, becoming an effective compliance officer requires three sets of knowledge: foundational knowledge gained in formal education, specialist knowledge gained in training, and management and leadership knowledge through experience. Foundational knowledge is important because that’s the common knowledge with which the world operates. And management and leadership knowledge can only be developed through real world experience, no amount of conceptual knowledge alone will make one a good manager or leader. The middle piece, the specialist knowledge, requires training because without it the Compliance Officer simply becomes a Compliance Manager or Analyst.

The reason Compliance is like Law or Accounting is that the logic with which Compliance works differs. The logic behind complying with Financial Regulation comes from understanding a business at the operational level as well as the contribution the firm makes to the financial markets overseen by the regulator. Understanding the operations of a business could be gained through training and experience within a business. Understanding the requirements and priorities of regulators require interfacing with the regulator. Many roles are title Compliance Officer, but the true CO roles are the ones that require both arenas.

CAMS LogoThere are several ways to gain the necessary training. Many large financial institutions have Compliance training. Usually, this is the bare minimum of Compliance training necessary. Some of them might not actually be Compliance training but simply a training about suspicious activities awareness. To be qualified as Compliance training, it should include information about regulatory functions and the responsibilities of various regulators and their interactions with Self Regulatory Organizations (SROs) and private firms. In the US, this means a need to cover some combination of the following entities:

And, at a minimum, there is a need to cover the following topics:

These are a lot of topics and no one can be an expert in all of them. But without exposure to this full spectrum of knowledge, a Compliance Officer is not equipped to dealing with the complex nature of the competing interests without an overview of these subjects. There are several ways to get formal training on these entities and matters.

The most common, direct, and practical way to get the formal training needed to be equipped to be a Compliance Officer are through associations that have developed the certifications.

There are programs at a few institutes of higher education that offer coursework specifically addressing these entities and topics:

  • University of South Florida has undergraduate, graduate and PhD programs in Criminology
  • Pace University has Certified Compliance and Regulatory Professional (CCRP)
  • Utica College has MS in Financial Crime and Compliance Management
  • Charles Sturt University has Diplomas, BA and MA degrees in Anti-Money Laundering and Counter Terrorist Financing, Intelligence Analysis, and Investigations

I have provided a concise, compelling reason why you should be staffing your firm with trained Compliance Officer or training the untrained employees who are moving into Compliance. Hopefully, this will be a good starting point for you to think about what kinds of issues your firm will have to face and the value a trained Compliance Officer will bring in handling them.


Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience. 

Is it time to grow your compliance department?

US Beach Volley Team celebrate winning at Athens Olympics

No… or at least you hope.

For most financial services firms, it is a resounding “yes.” Why? Because your firm has not tested various measures set in place to comply with Dodd-Frank.

Unless you are one of the 40 largest banking institutions in the United States, compliance demands are much more than the compliance department can handle. A smallish bank with assets of about $15 Billion will have the full spectrum of depository financial products, a full spectrum of retail lending products, and some limited investment and financial advisory services for individuals, businesses and governments. Aside from a lack of active funds and securities trading floors, this pretty much covers Dodd-Frank. With about $700 Million in Revenue and about $100 Million in Net Income, the bank probably only has about $1 Billion in equity to play with. Reducing that Net Income means, reducing that equity cushion some more. So, then the bank takes on riskier loans for higher interest revenue, which will then require more compliance professionals, undoing the higher risk taken to offset the additional compliance cost to begin with.

Some of the solutions available to other industries is not available to your bank either. The bank cannot outsource compliance all together because… BSA compliance will not allow it. So, how can a smaller bank cope with the cost of complying with the regulation?

Merger is one method. Just become a larger bank, decreasing the marginal cost of management and overlapping markets, and simply have more resources available. This method defeats the purpose of the smaller bank because smaller bank has its own value proposition to the market, mainly, familiarity. You’re not supposed to be a nobody in a smaller bank.

Outsourcing whatever possible is another method. This is a tricky proposition. This might provide the bank with the leverage pressuring the vendor to reduce costs and, hopefully, the vendor can because it has other customers from which it has learned to be more efficient. On the other hand, this is at the cost of an internal culture that might have made the bank successful to begin with. Plus, the vendor actually has no incentive to pass on the productivity gains to the bank. And when the vendor screws up, the laws do not really have a recourse for vendors, which means the bank is taking on an operational risk as well.

This is what I propose for such banks: Hire senior level compliance officers as a service from vendors while hiring lower level compliance officers directly. Obviously, the chief compliance officer cannot be external, but all of the direct reports could be. The idea is that this regulatory change is being managed by people who have experience across the industry, and the bank can train lower level employees to take over over time. This hybrid method captures the most important part of hiring an external firm while obtaining the bulk of the manpower to maintain the business-as-usual processes and perpetuate the culture of success.


Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Are your advisors text messaging clients?

90210 on CW
via Fanpop

Where you know it or not, the financial advisors at your firm are likely text messaging some of their clients. If you are not capturing this, you are letting FINRA to build a case against your firm.

FINRA might not have a case against your firm for any reason. And noncompliance with Rule 3110 is not one of the major issues facing firms today, but it can be tacked on easily to charges against the firm for other failures. The Rule requires, among other things, an annual review of all communications regarding the business. The Rule reads as though it only pertains to internal communications, but it includes all communication an internal person interacts with, so, it actually includes all communications. The rule is written to avoid public communications that an internal personnel did not actively participate, such as the publication of an article about an interested investment that the advisor had no knowledge of, even if the client did.

Leaving the pedantics aside, the major problem with text messaging is that usually the only repository for them is on the phones of the financial advisor. There are other messaging services that might store messages in a cloud for later retrievable, but that adds another layer of compliance question: is the cloud not controlled by the firm but controlled by the FA compliant enough?

The conservative answer is, of course, no. Whatsapp‘s cloud storage of messages is not designed to comply with FINRA rules. They also have no responsibility to keep the messages, let alone comply with an FA’s firm if the FA doesn’t want the messages reviewed.

 


Marcus Maltempo is a Certified Anti-Money Laundering Specialist and a Certified Fraud Examiner with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. 

Masters, JPMorgan’s Ball and Blockchain

Blythe Masters, the former head of commodities at JPMorgan, became the CEO of Digital Asset Holdings about a year ago and she has been on a tear through Wall Street talking up a recordkeeping technology called blockchain.

Blockchain is most famously tied with the digital currency BitCoin. It isn’t actually part of the digital currency. It is commonly known as a type of public ledger, a recordkeeping system, if you will. It is conceptually simple, but technologically very advanced. The idea is to have one central accounting system for all transactions where the whole world can see. In this way, embezzling is more difficult to do. One can’t only be financially savvy, but also be technologically so. Not just a little but a lot. Because blockchain is  central ledger for transactions, there is an external reference that is common to the buyer and seller. So, when a customer tries to buy something from a seller, the currency portion of the transaction (payment), goes through the blockchain, which verifies that the currency is in the buyer’s account and no one else on the blockchain is supposed to have it.

It makes every penny into a unique penny. We have a unique number on all paper bills in the United States, but that unique number really isn’t used for common transactions. This provides that extra security.

Masters is leading the idea that blockchain technology can be brought to Wall Street. Most senior investment bankers are skeptical. Of course, they are. Most senior investment bankers don’t understand blockchain or BitCoin. And, when they do, they generally know as much as you, my reader, because you now have read my previous paragraphs. To Masters, it is a no brainer. Here’s a technological tool that reduces counterparty verification which should, in theory, reduce the number of days it should take to clear a trade, thereby reducing cost.

The risk, aside from bank management not even understanding the significance of this technology, is the risk of systemic fraud or glitch. But one thing we’ve learned over the last century as we’ve centralized many of our transactional activities is that it greatly reduces the inherent risks of transactions, but because of the way our laws allow for increased risky behavior when risk has been reduced, it will likely increase the residual risks. There are a number of examples of this. When all trading goes through fewer routes to their eventual transactions, there are fewer route that need to be monitored and therefore monitoring and surveillance can improve. But when there are losses, they are usually big because the glitches are systemic or categorical. The Flash Crash it an example of centralizing and automating trades through fewer pipes led to big and quick irrational dive of the market.

I for one is a proponent of the BlockChain. I am not the person to discuss the potential economic consequences of this, but it would be the next step in the evolution of the Depository Trust Company, the central counterparty in US capital market trading.


Marcus Maltempo is a compliance professional with more than a decade of experience helping banks, law firms and clients manage investigations and regulatory responses. He is a member of ACAMS and ACFE.