In this second installment of our continuing series on Money Laundering, Sanctions and Terrorist Financing, Matthew Gamble explains the obligation of audit firms on illicit financial transactions…
IN MY first part of this series, I offered a refresher on money laundering, terrorist financing and sanctions. In this second part, I want to explore what I believe a prudent accounting / auditing firm should be doing to meet its obligations.
Perhaps the most important obligation is the reporting of suspicious activities and or transactions.
It is my intention in this part to discuss suspicious activities and or transactions and what to do with them as well as the important role that the Money Laundering Reporting Officer (MLRO) plays.
The best tool against money launderers, terrorist financiers and sanction busters is transparency. These criminals work in the shadows of commerce, hiding their true identities and real reasons for the transactions. William O. Douglas said “Sunlight is the best disinfectant.”
It is the same with transparency and corruption. It is for this very reason that the Financial Action Task Force on money laundering (FATF) recommends the need to require the mandatory disclosure of suspicious transactions and the ability for governments to share information. Only with mandatory sharing of information about criminal activities can governments work together to fight criminals who circumnavigate sanctions, finance terrorism and hide their ill-gotten gains.
This two pronged approach of disclosing and information sharing is reflected in FATF recommendations which in turn should influence each country’s legislation.
Let me take you through the path of mandatory disclosure and sharing of information regimes from FATF to UAE law and then finally describe how it is reflected in the Dubai Financial Services Authority (DFSA) laws and regulations.
FATF Recommendation 20 – reporting of suspicious transactions;
If a financial institution suspects or has reasonable grounds to suspect that funds are the proceeds of a criminal activity, or are related to terrorist financing, it should be required, by law, to report promptly its suspicions to the Financial Intelligence Unit (FIU).
FATF Recommendation 23 states that FATF Recommendation 20 also applies to the non-financial sector namely Designated Non-Financial Businesses and Professions (DNFBPs) which as covered in part 1… includes accountants and auditors.
In the UAE Article 15 of the Federal Law No. 4 of 2002 titled “Criminalisation of Money Laundering” states:
Chairmen, directors, managers and employees of Financial Institutions or Other Financial, Commercial and Economic Establishments who know of, yet fail to report to the Unit stated in Article (7) hereof any act that occurred within their establishments and was related to the Money Laundering offence, shall be punished by imprisonment or by a fine not exceeding AED 100,000 (UAE dirhams hundred thousand) and not less than AED 10,000 (UAE dirhams ten thousand) or by both penalties.
The FIU in the UAE is named the Anti-money Laundering Suspicious Cases Unit (AMLSCU) and resides in the UAE Central Bank.
In the Dubai International Financial Centre (DIFC), accountants who operate in or from the DIFC and auditors registered with the DFSA are subject to ASP Rule 6.6.2, which requires an accountant or auditor, if it’s Anti-Money Laundering Reporting Officer (AMLO) determines a report must be made, to make a report to the AMLSCU.
The appointment and duties of a MLRO or AMLO for accountants is discussed below.
The most important aspect I want to emphasis in Article 15 of the UAE law is the obligation on those who know of, yet fail to report any act that occurred within their establishment and that was related to money laundering. The penalty for a breach may include imprisonment, fines or both. Accountants and auditors need to consider this obligation carefully and what systems and controls should be in place to ensure compliance.
Ignorance is not an excuse. I do not believe that it is a valid defence to say that you were unaware. The test, I believe, will be: would an ordinary accountant / auditor faced with similar facts report their suspicion?
The test, therefore, is not one of reasonable doubt or on the balance of probabilities but merely having a suspicion. Most firms will have systems and controls in place that appoint a MLRO to carry out the task of forming a view as to whether a particular scenario is suspicious. In fact, in most jurisdictions the legislation will require the appointment of a MLRO.
From my own personal experience, I have seen firms argue that they only need to file a report on a suspicious transaction and therefore, if an enquiry does not develop into a transaction, then there is no need to file. In my opinion, this is a blinkered view and does not meet the spirit of what is trying to be achieved.
If an individual comes to you with a proposal that “smells like money laundering” you cannot simply wash your hands by turning him or her away. That individual will only seek a less suspecting accountant to carry out the proposal. It is for this very reason that FATF has said that the reporting should be for any activity whether or not a transaction results.
The AMLSCU has repeated the same in a number of outreach sessions over the last few years have. The DFSA proposes to amend its current AML rules to reflect this as well.
The second limb is sharing of information between governments FIUs. Criminals do not recognise borders of countries. In fact they actively seek to have their transactions occur across multiple jurisdictions in order to obfuscate their activities. Governments cannot work in isolation but need to work together to combat this.
FATF Recommendation 29 – financial intelligence units;
Countries should establish a Financial Intelligence Unit (FIU) that serves as a national centre for the receipt and analysis of:
(a) suspicious transaction reports; and
(b) other information relevant to money laundering, associated predicate offences and terrorist financing, and for the dissemination of the results of that analysis.
The FIU should be able to obtain additional information from reporting entities, and should have access on a timely basis to the financial, administrative and law enforcement information that it requires to undertake its functions properly.
Article 7 of the Federal Law No. 4 of 2002 states:
There shall be established, within the Central Bank, a “Financial Information Unit” to deal with Money Laundering and suspicious cases, and to which reports of suspicious transactions shall be sent from all Financial Institutions and Other Financial, Commercial and Economic Establishments. The Committee shall determine the format for reporting suspicious transactions and the methods of communicating reports to the said Unit. The said Unit shall make information available to law enforcement agencies to facilitate their investigations. The said Unit may exchange information on suspicious transactions with their counterparts in other countries in accordance with international conventions to which the State is a party, or on the basis of reciprocity.
FIUs usually come under four models:
i) The Judicial Model is established within the judicial branch of government wherein “disclosures” of suspicious financial activity are received by the investigative agencies of a country from its financial sector such that the judicial powers can be brought into play, for instance, seizing funds, freezing accounts, conducting interrogations, detaining people, conducting searches, among others.
ii) The Law Enforcement Model implements anti-money laundering measures alongside existing law enforcement systems, supporting the efforts of multiple law enforcement or judicial authorities with concurrent or sometimes competing jurisdictional authority to investigate money laundering.
iii) The Administrative Model is a centralised, independent, administrative authority, which receives and processes information from the financial sector and transmits disclosures to judicial or law enforcement authorities for prosecution. It functions as a “buffer” between the financial and the law enforcement communities.
iv) The Hybrid Model serves as a disclosure intermediary and a link to both judicial and law enforcement authorities.
One mechanism for the sharing of information is the Egmont Group.
In 1995, a group of FIUs met at the Egmont Arenberg Palace in Brussels and established an informal group for the stimulation of international co-operation. Now known as the Egmont Group of Financial Intelligence Units, these FIUs meet on a regular basis to co-operate, exchange information, provide training and share their expertise and experiences. The AMLSCU is a member of the Egmont Group.
Role of MLRO
As mentioned above, it is common practice to appoint a Money Laundering Reporting Officer (MLRO) to carry out a number of functions on behalf of a firm, the most important I believe is determining whether or not there are sufficient grounds to report a suspicious activity or transaction.
It is imperative that this function is carried out expeditiously as quick actions may result in the seizing of ill-gotten money or assets and the apprehension of the perpetrators.
That being said, it is an important function and should only be performed by persons with the utmost integrity and possessing the relevant skills and experience.
There are traps to consider, tipping-off being the most important. Due the very nature of the suspicion it is imperative that the person to whom the suspicion relates to cannot be told that a report has been made about him or her. The usual process is to file the report of the suspicion and await a response from the FIU. In the majority of cases the FIU will respond and say that the report has been recorded in their database and that will be the end of the matter. It will then be a matter for the firm to decide whether or not to continue the relationship but this will be based on the firm’s own risk appetite.
However, there will be those occasions where the FIU or an enforcement authority will want to take action such as freezing or seizing the assets or money. In this instance a firm may be placed in limbo. Not being able to continue with the transaction or turn the client away for fear that this may amount to tipping-off.
FATF Recommendation 21 – tipping-off and confidentiality:
Financial institutions, their directors, officers and employees should be:
(a) protected by law from criminal and civil liability for breach of any restriction on disclosure of information imposed by contract or by any legislative, regulatory or administrative provision, if they report their suspicions in good faith to the FIU, even if they did not know precisely what the underlying criminal activity was, and regardless of whether illegal activity actually occurred; and
(b) prohibited by law from disclosing (“tipping-off”) the fact that a suspicious transaction report (STR) or related information is being filed with the FIU.
Article 16 of the Federal Law No. 4 of 2002 reflects this recommendation and states:
Whoever informs any person that his transactions are being scrutinised for possible involvement in suspicious operations, or that security authorities or other competent authorities are investigating his possible involvement in suspicious operations, shall be punished by imprisonment for a term not exceeding one year, or by a fine not exceeding AED 50,000 (UAE dirhams fifty thousand) and not less than AED 5,000 (UAE dirhams five thousand) or by both penalties.
Tipping-off has always been a dilemma for accountants and for that matter for all persons who are acting on behalf of a client. How does one stall an irate client insisting that work be completed while awaiting guidance or clearance from the FIU?
A recent case in the UK brought this dilemma to the forefront and explored how an MLRO should determine his or her suspicion. This case was that of Shah versus HSBC (Shah -v- HSBC Private Bank UK) Limited  EWHC 1283). It is worth reading.
In this second part, Part 2, the intention was to explore suspicious activities and how they are reported, what happens to them and the role played by the MLRO.
In the next part, I want to explore how an accountant or auditor would go about developing a set of systems and controls to meet its obligations in respect of AML, terrorist financing and sanctions.
Any opinions, statements or other information or content expressed or made in this article are those of the author and not the DFSA, and the author’s opinions, statements or other information or content expressed in this article should not be viewed as any indication of the opinion, view or policy of the DFSA.