Risk assessment of money laundering and terrorist financing

Financial institutions and other financial market participants must continuously identify, assess and manage risks of money laundering (hereinafter – ML) and terrorist financing (hereinafter – TF). This obligation is also imposed on the virtual currency exchange operators and other obliged entities. In the spring of 2020, FCIS published an updated National Risk Assessment of Money Laundering and Terrorist Financing, which identified the ML / TF threats faced by financial institutions and other obliged entities. Below, we discuss the main risks faced by payment-related financial institutions as well as virtual currency operators.

Risks faced by banks 

Banks face situations where individuals set up fictitious companies in their own name, which are then transferred to criminals, thus enabling individuals to use a bank account to commit illegal activities. In cases when banks refuse to establish business relations with a non-resident natural person, the non-resident person, with the help of other persons, establishes a company in Lithuania and opens a bank account as a legal person. Such company then acts as a shell company for money laundering purposes. One of the most common situations is when criminals use mule accounts to make payments related to economic crimes. This means that criminals make transfers between different accounts, generally in different countries, using other people who in most cases do not suspect that they are helping to commit the crime.

Assessing ML vulnerabilities, the current tools used by banks to monitor payment transactions are often rule-based and not risk-based, leading to a high number of false positive reports generated by payment transaction monitoring systems. Banks face difficulties in verifying the beneficiaries of non-resident customers by identifying shell companies or fictitious services. Additionally, in some banks, KYC (know your customer) information for low-risk customers is updated only once a year or less, and no automatic checks are performed during that period, allowing the offender who bought the low-risk legal entity to use a bank account for at least one year – until the KYC data is updated.

Vulnerability in TF area is lower because banks are sufficiently aware of TF risks, but banks have limited access to information to identify and manage these risks. The banking systems and processes used to manage TF risk are often similar to those of ML risk management, and the rules and scenarios for monitoring payment transactions are not adapted to detect TF cases. Nevertheless, according to data of SSD, the level of the terrorist threat in Lithuania remains low.

Banks should apply rules and scenarios for continuous monitoring of customer business relationships and operations not only to prevent ML but also to combat TF, and to ensure that the process of updating customer identification data in banks allows for timely and appropriate identification of customer’s or beneficiary’s information changes.

Risks faced by payment / electronic money institutions

Payment and electronic money institutions are attractive to criminals because customer identification is usually carried out without the customer’s physical presence. Criminals with multiple identity documents use the one that is more favourable in terms of ML prevention and can open accounts in payment and electronic money institutions. In addition, electronic money has an advantage over cash when it comes to making payments online. At times paying for some products and services using electronic money is easier or even the only way.

Criminals use electronic money accounts as intermediate accounts for fictitious goods and services and then transfer the illegally obtained funds to a bank account. They also use money mules and receive funds to inactive bank accounts in order to make payments related to ML / TF or other economic crimes. From these accounts they initiate transfers of funds within a short period of time. Legal entities also use the services of payment and electronic money institutions to make transfers to other companies’ accounts for fictitious services. Such companies are generally inactive and do not have a clear and economically justified source of funding. There are also many cases where companies make transfers of funds to each other under fictitious loan agreements in order to conceal funds of illegal origin. However, the threat of ML / TF is reduced by the traceability of electronic money, the possibility of an audit trail.

The vulnerability of the electronic money and payment institutions sector is exacerbated by the fact that a large proportion of customers are identified without the customer’s physical presence. Institutions face difficulties when identifying the client and the beneficiary and in verifying the information from a reliable and independent source. Most institutions have not yet performed ML / TF risk assessment of the institution’s entire business, taking into account risks such as customer risk, country / geographical risk, service and product risk, transaction risk, product, service, transaction or service delivery channel risk. In addition, the institutions’ continues monitoring measures of customer business relationships and transactions are not always effective, some companies do not carry out retrospective monitoring of payment transactions.

Looking at the vulnerability of the TF, it can be noted that the institutions’ awareness of the TF risk and its management measures is low. The systems and processes used by payment and electronic money institutions to manage TF risk are in many cases the same as those used to manage ML risk, and the rules and scenarios for monitoring payment transactions are not tailored to identify TF cases. The main tool for TF risk management is the verification of clients, beneficiaries, senders / recipients of funds in the lists of international financial sanctions and restrictive measures, but this tool is insufficient. Often, TF risk arises from individuals who are not on the sanctions lists.

Payment and electronic money institutions must ensure the proper enforcement of customer due diligence requirements, including customer and beneficiary identification, and the adaptation of rules and scenarios for the ongoing monitoring of customer business relationships and transactions, not only to prevent ML but also to combat TF. There is a need to summarize suspicious transaction reporting data and to share knowledge on possible ML / TF schemes, which would allow financial market participants to see the overall market picture and provide an opportunity to improve ML / TF prevention processes, including the monitoring of payment transactions. Also ensure cooperation between the private and public sectors when exchanging information related to ML / TF risks. Finally, payment and electronic money institutions should strengthen the sector’s understanding of TF risk management and the implementation of international financial sanctions and restrictive measures, and ensure that sufficient resources are allocated to risk-based assessment as the number of electronic money and payment institutions grows.

Virtual currency exchange operators

Criminal groups use the services of virtual currency exchange operations to transfer illegal funds or purchase goods anonymously, as it is easy to carry out transactions to different countries, there are no uniform ML controls and the product itself almost guarantees the anonymity of transfers. In this way terrorist groups receive anonymous financing or purchases in virtual currency. Criminals can also cash out illegally acquired virtual currency at ATMs and / or use cryptocurrency payment cards for payments. There are cases when criminals use the proceeds of crime to set up a virtual currency exchange operator.

High levels of anonymity (due to the absence of a customer identification process or the use of unreliable remote authentication technologies) and the rapid transfer of funds allows the interaction with high-risk areas or high-risk customers (darknet) that cannot be identified. Many virtual currency exchange operators are established abroad, making them difficult to trace. Technological solutions are needed to identify the recipients of virtual currency. Insufficient traceability of funds makes it difficult to assess the impact of virtual currency exchange operators on the level of money laundering risk. The development of new technological solutions carries the risk that virtual currency exchange operators will be used for terrorist financing purposes. Product features such as online transactions, cross-border transfers and anonymity make the virtual currency exchange operator sector vulnerable and attractive to terrorists.

Competent authorities should monitor developments in the sector of virtual currency exchange operators and assess the need for changes in national legislation to combat ML / TF.  Ensure that all virtual currency exchange operators comply with ML / TF requirements. Supervisors should assess and monitor the risks posed by blockchain technology.

Newsletter SubscriptionGet in touch