Thinking About How Things Are Connected

John and Elliot examine how different things come together in financial crime prevention efforts. They discuss a recent release from AUSTRAC about the connection between cybersecurity and AML/CFT compliance and an interesting blog post from the Council on Foreign Relations on the nexus of human trafficking, democracy, and corruption.

Thinking About How Things Are Connected - TRANSCRIPT

Elliot Berman: Hi, John. How are you today?

John Byrne: Okay, Elliot. A lot going on in the world, unfortunately, with what's happening in the Middle East. The completely dysfunctional U. S. Congress, at least the House, although I'd argue the Senate is not much better. So, a lot of that kind of stuff going on, which touches on our issues in that it impacts national security, impacts the ability to pass legislation, so those things going on, but we've seen a bunch of things going on globally and domestically.

In the AML sanctions, CTF space a lot going on, and I'll just start, one of the things that we saw AUSTRAC is actually the very first financial intelligence unit created. It was created even before FinCEN, and I've been around so long that I visited AUSTRAC back in 1990 in Australia, they obviously an impactful FIU unit in Australia. And they do a lot of different things in terms of guidance, and they just came out with something on data breaches that relate to AML/CTF considerations.

So the guidance came out obviously publicly posted. There's not a lot in there that's brand new, but a couple of things that I thought were interesting. They talk about that data breaches obviously can impact AML/CTF because personal identifying information can be used to create accounts, to move money, and all that.

And so it's a 10 page document, but they say to look at your risk assessment and make sure that you have controls in place, obviously, but to update that risk assessment fairly frequently because data breaches change. And I thought that was interesting, but the one thing that stuck out to me was the recommendations included things, some that are obvious, people that change their phone and email addresses all at once or in quick succession, that sort of thing. But they also say you should go back and look at current customers, so to look at indicators there that You may want to reverify some customers based on activity and customer documentation.

Something I hadn't really thought about before. They're calling it reverify a customer's identity. And you do it on a risk basis, of course. But anyway, good document. Ten pages. It's on the AUSTRAC website and no matter where you sit, probably is worth a read.

Elliot Berman: Yes, the thing that struck me is that it's bringing several things together that everybody has been worried about but has not necessarily looked at together. AML/CTF, and cybersecurity. Everybody's worrying about cybersecurity totally appropriately. You and I were actually talking about a cybersecurity change at our own company before we started recording. But this AUSTRAC guidance does a good job of reminding us to broaden the frame when we look at risks and thinking about the risks that aren't core, but definitely impactful.

And that really takes us to another thing we found. There's an interesting blog post on the Council for Foreign Affairs website by one of their senior fellows, a person named Anne Norris. And I'll read the title, The Nexus of Human Trafficking, Democracy, and Corruption. And here again, these are all topics we've talked about before, but bringing them together and talking about how the risks and incidents of human trafficking, are significantly higher in countries where they have weak democratic institutions in part because that is a prompt for higher levels of corruption.

And again we've talked about human trafficking, we've certainly talked about the importance of strong democratic institutions, and we've talked about corruption, but this was an interesting synthesis, nothing shocking in here, but just a reminder that as we get more sophisticated as a community in looking for ways to identify, detect, and report, that we need to be bringing different disciplines together and looking at them in that way.

This paper in particular focuses on Mexico and El Salvador, Guatemala, and Honduras. Those three countries known as the Northern Triangle in Central America.

John Byrne: And just it's the Council on Foreign Relations that is the name of the organization. So that's where you, that's where you can find it. It's a public document. And again, I obviously agree with why that's a unique and relevant piece.

A couple other things I wanted to mention, as I said up front, the terrorist attack on Israel. That is a number of things that impact our world. And just today, the Treasury Department's OFAC has imposed additional sanctions on 10 key Hamas terrorist group leaders and financial facilitators outside of Gaza, in Sudan, Turkey, Algeria, and Qatar. And the other part of that, and that's obviously on the OFAC website that I wanted to highlight besides going after facilitators, which obviously OFAC has done before, is the, again, the continued focus on fundraising as a method of moving money.

They talk about Hamas's ability to do virtual currency fundraising. We've talked about that as well. There's a business called Buy Cash, a virtual currency exchange service that was identified several years ago. It's still obviously a problematic organization. It's been designated pursuant to these various executive orders for materially assisting, sponsoring, providing financial aid in support of Hamas.

And they all talk about something that we also mentioned quite a bit in terms of the protocols for fundraising that Hamas often relies on small dollar donations. And again, including the use of virtual currency. So there's been a number of things. We were going to speak about it, and I know we decided it was just in a story, but Senator Warren and some bipartisan support from Republicans are looking at additional legislation dealing with virtual currency as, again, a mode of fundraising for terrorist activity.

Again, there are laws in place and things, but obviously, looking at additional ways to target those. So that's pretty important. And I think that's something that we've done programming Elliot, you would know better than I how recently, on virtual. currency. I think this means for something we should be focusing on maybe early next year to do a program just on how this gets used for fundraising for terrorist activity.

There's been so much on this. I think our community could benefit from a robust conversation on what to look for, what to report, that sort of thing.

Elliot Berman: Yes we have talked about this in the past, but we have not zeroed in on the terrorist fundraising side of it and Hamas is by no means the only designated a terrorist organization that is using the virtual currency rails for fundraising.

Going back to your reference to the bipartisan activity in Congress about virtual assets, virtual currencies, and adding controls. There does seem to be a movement, and you never know how anything's going to come out, particularly in Congress these days, but there does seem to be a movement toward bringing the virtual currency networks and providers under the Bank Secrecy Act more directly than they are today, which is through a designation as an MSB.

And that leads us to something else you wanted to talk about, which is the Undersecretary making some comments about some other, areas of the economy that may need or probably should be under the Bank Secrecy Act.

John Byrne: So Brian Nelson, who's the other Secretary of Terrorism and Financial Intelligence, spoke recently at a conference in which he highlighted obviously the attacks in the Middle East, but also some of the things that Treasury and FinCEN continue to have on their plates for hopefully posting and processing in the next six to eight months.

He spent some time on beneficial ownership saying that they're going to be getting beginning to accept beneficial ownership information on January 1st 2024, but also he mentions two items that I know that we've talked about constantly and we've worked on for decades, and that's eventual inclusion of the risks associated with non-financed purchase of residential real estate. They said they're going to build off of all the data they got from geographic targeting orders for the past seven years and then put out a proposed rule by year's end.

And then also looking at investment advisors, a group that should have been included in the Patriot Act were included in the Patriot Act, but regulations were never implemented. And they believe that investment advisors have facilitated a number of crimes from foreign corruption, fraud, tax evasion, all those things. And so they're currently conducting risk assessments on this sector and considering policy options. So that's not as straightforward as what's going to happen with real estate, but there's hope that there'll eventually be some obligations for those that are in the investment advisor world.

Elliot Berman: Yes. I would recommend to FinCEN that on a go forward basis, they use a risk based approach to decide who should be under the Bank Secrecy Act. Coming out of the Patriot Act, they added insurance underwriters but didn't add investment advisors. I don't have any data, but it certainly feels from a risk based perspective, investment advisors are much riskier for money laundering and tax evasion.

Yeah, it'll be good to see those. I was disappointed as you pointed out that difference, I was disappointed in the fact that the undersecretary didn't describe that investment advisors are on the agenda for a proposal, but at least a step, maybe two away from them deciding to do that.

John Byrne: And this is in the weeds, of course, in terms of process. But if the government goes dark in November, there'll be a lot of difficulties in to implement some of these actions before the end of the year. So that's something to watch if they close the government. If those that don't know how to govern simply want to shut the government down, that's going to be impactful to our world. Pay attention to that as well.

Elliot Berman: Yes. We have a webinar coming in November on managing regulatory exams. The date's a little different than our normal because of the Thanksgiving holidays. So that'll be November 16th. And you should be able to register for that by the end of next week. And then next week. We also have our October webinar, which we've talked about in the past it's about sanctions and focusing on due diligence, a little different angle on it. And then just to give you a teaser, the one in December, we're going to be talking about where compliance technology is going and more on that as we get a little closer.

John Byrne: That sounds good, and we are working to get a couple more interviews before the end of the year for the podcast AML Conversations that I do. Again, if you're people you'd like us to speak to and talk to, or topics, Let Elliot and myself know more than happy to do that. We try our best to make these things not just relevant, but also practical. And so we want to continue to do that.

Elliot Berman: Sounds good, John. You have a great rest of the week and a great weekend, and I will talk to you next week.

John Byrne: All right. Let's hope we don't make the next Speaker of the House someone who tried to take down the government. By the time you guys hear this on Friday, you'll know the answer. All right. Have a good week.

Elliot Berman: All right. Bye bye, John.