One lesson from “FinCEN files”

One lesson from “FinCEN files”

Kamil Kouba | 09. 11. 2020

A couple of days ago, the Academy organised a seminar “Measures to detect sanctioned entities”. Since the seminar was met with great success, I decided to sum it up for those of you who were unable to participate.

At the beginning of the presentation, we could hardly avoid the current hot case of the leak of suspicious transaction report data from FinCEN, a case known as “FinCEN files“. We tackled violation and/or attempt to avoid sanction measures referred to by experts as measures to implement international sanctions (hereinafter the “sanctions“). When analysing typology of individual “FinCEN files“ cases, we can see that there were individuals and entities engaged in complex chains which sanctions were not imposed on.

Obliged entities are required to implement detection mechanisms and processes to recognize money laundering and financing of terrorism as well as individuals and entities which are on sanction lists.

Within the EU, this involves implementation of sanctions pursuant to directly

• applicable EU regulations • relevant national regulations (government regulations) • UN sanctions, as given by guidelines issued by the Financial Analytical Office

These procedures are further developed by explanatory texts issued by the FAU [1] and the CNB  [2].

Among other things, the explanatory texts show that most obliged entities also apply – in addition to the domestic legal requirements – certain US measures, i.e. the so-called OFAC list (Office of Foreign Assets Control). Moreover, it is recommended that obliged entities which are providing significant volume of service to clients from other jurisdictions applied relevant local sanction lists.

The real challenge, however, is to perform measures or follow processes which help us exclude entities on sanction lists from our client portfolio.

Checks of natural persons are usually simple. We check sanction lists for the individual´s name and surname upon establishing a contractual relationship and subsequently during such relationship. Checking of legal entities is more complicated, as the number of entities which we “must” and “should” check on sanctions lists is almost exponentially growing.

The Czech legislation requires the obliged entities to determine entity´s ownership and management structure as well as its beneficial owner. In reality, this means that to establish the beneficial owner the obliged entity must determine the chain of companies associated with the client.

Unfortunately, the law doesn’t stipulate any further requirements and the name of respective companies is therefore considered sufficient. E.g. there´s no requirement to determine the entity´s registered address. The management structure is understood to be individuals having decision-making powers, i.e. members of respective statutory bodies. Nevertheless, the above mentioned FAÚ guidelines stipulate that it is sufficient to determine members of statutory bodies to the second management level, i.e. to the level of owner/mother company of the client. Experienced economic crime investigators, however, know that perpetrators of economic crime, in order to avoid detection or to merely avert thorough checks, hide their key persons deep in the chain of legal persons.

Obliged entities which are implementing the above guidelines stipulating the statutory minimum checks are clearly acting in keeping with the law. But are they vigilant? The AML Act, in its provisions guiding risk assessment, allows the obliged entities to introduce stricter requirements and may require their clients to submit all information available to the entire ownership structure all the way down to the beneficial owner, should they be identifiable. Obliged entities may require clients to evidence information by relevant documents instead of solemn declarations. Ideally, obliged entities should have automated systems in place to process and assess such information daily, at least on the day of the newest update of the relevant sanction resolution and regularly compare data with their client database.

Although the above procedure is by no means bulletproof, it may at least impede illegitimate transactions of potential perpetrators and increase chances of early detection of a sanctioned entity/person followed by a subsequent report of suspicious transactions. If the banks affected by “FinCEN files“ performed their due diligence beyond the regulator required scope, i.e. probed further to relations amongst entities and their registered addresses beyond the 2nd management level, they would have indeed detected entities subject to sanctions.

[1]     Metodický pokyn č. 1 – K uplatňování mezinárodních sankcí v souvislosti s financováním terorismu

Metodický pokyn č. 5 – Provádění některých omezujících opatření vůči osobám, subjektům a orgánům, na které se vztahují rozhodnutí Rady bezpečnosti OSN

[2]     Dohledový benchmark č. 2/2018 – K požadavkům na vybrané postupy pro provádění mezinárodních sankcí;

Kamil Kouba

AML officer with more than 16 years of experience in the anti-corruption police.
In the rank of colonel, he headed a special department, which was the recipient of criminal reports to the FAU.
He was repeatedly awarded for the fight against money laundering, he served as a member of the Czech negotiating team in defending the AML measures taken at the Council of Europe in Strasbourg.
For 6 years, it has been successfully providing services in the private sector across the spectrum of liable persons.