FOR DNFBPs

2

1

4

5

3

2

Let’s start with ‘Why’ : Money Laundering Typologies

Presentation Outline

ML/TF Issues and Solutions

Protect Yourself

Why Comply?

Compliance Assessment Observations

3

Let’s start with ‘Why’

4

Red Flag Indicators:• Use of multiple

companies for no clear reason

• Multiple purchase of properties

• Customer requiring CoSec to become nominee shareholder/ director

Case 1: Using shell companies as a front to hide ultimate beneficial owner

X, a launderer

Forms

Brief Facts of Case:1. Shell companies created at different dates by Cosec but remains inactive until bought by client

2. X buys multiple shell companies to buy real estate through an REA firm

3. X appoints the Cosec as nominee director and/or shareholder to the companies

4. X’s ill-gotten money is pumped through the companies and into the REA firm as “loans”

5. It seems that the properties are owned by the shell companies

6. In actual fact, the UBO is X

Cosec

REA Firm

Adapted from: the White Whale case, ML using TCSPs (FATF), 2010

Purchases

Discussion:• What could the CoSec /

REA do to prevent his services from being misused?

• Monitor transactions of his clients?

• Find out who is the ultimate beneficiary of the transactions?

Shell companies

Extends “loans” to finance purchaseReal estate properties

Seemingly owned by shell companies

Actual UBO

Case Study | Using Legal Persons and Cosec as Nominee Shareholders

5

Red Flag Indicators:• Large cash deposits

• Cross border movement of asset (money & property)

• Use of shell company

• Lawyer’s clients accounts used to move funds from abroad without concrete reasons

Case 2: Misusing professionals and their trust account to lend credibility to transactions

Transfers

Brief Facts of Case:1. 2 individuals, X & Y, were involved in illegal importation of drugs

2. X & Y informed Lawyer 1 that they possess $400k cash which is owned by their Gibraltar-registered shell company; and that this money was ‘lent’ to the them to buy property in Auckland

3. The cash was given to the lawyer who banked it into his firm’s trust account w/o due diligence

4. Bank A, submitted STR to authorities when the lawyer deposited $100k on 4 occasions

5. Another professional, Lawyer 2, was engaged to facilitate the purchase of property

6. The funds for the purchase looked legitimate (a loan from a company)

Lawyer 1

Source: Yearly Typologies Report (APG), 2015

Engages

Discussion:• What could the Lawyers

do to prevent theirservices from being misused?

• Conduct due diligence on customer?

• Report STR?

Alleged company in

Gibraltar

Hands over $400k cash

Auckland property

Purchase

Drug moneyLawyer 2

X & Y

Law Firm’s Trust A/Cat Bank A

Submit STR

Bank A

Case Study | Misuse of Lawyer’s Trust Account

6

Your institution could be used as a conduit to ML/TF

7

Where do you stand?

RI may / may not have red flags established. RI knowingly allow criminals to transact or turn a blind eye despite the suspicions..

Berwaspada & Proaktif

Bersubahat

Penglibatantanpa sedar

RI has established red flags to help detect suspicious transactions but unwittingly involved.

RI has established red flags and is able to detect suspicious transactions. RI knows what to do in the event of suspicion. RI may continue executing transactions, for fear of tipping off.

Source: FATF Report – Money Laundering and Terrorist Financing Vulnerabilities of Legal Professionals (FATF), June 2013

8

Money laundering and financing terrorism ISSUESand Possible SOLUTIONS

9

What is Money Laundering (ML)?

Process of making illegally gained proceeds (i.e. “dirty money”) appear legal(i.e. “clean”)

Know what

is ML?

Issue: Money Laundering

What is the impact of Money Laundering (ML)?

More crimes happen since crime pays

Illegal businesses compete with legitimate ones

Integrity of financial system is affected

10

Createcreate a legitimate explanation

for the source of assets.

Concealconceal the illegal

ownership or origin of the criminal earnings.

Convertconvert proceeds of crime to

a less suspicious form

The broad aims of money laundering are threefold:

1. One of the most tried, tested and successful methods of investigating crime is to follow the money. Criminals want to move the money further and faster than investigators can follow or track it

2. To reinvest the profits in future criminal activity or in legitimate businesses3. To enjoy the benefits of the illicit proceeds without bringing undue attention to

themselves

Issue: Why launder?

11

Issue: How to launder?

Placement

Moving the funds away from its source

Layering

Disguising the trail or “layering” the illegal

nature

Integration

Making the funds available for enjoyment

Stages of ML

Banks, money changers, casino, lawyers,

accountants, company secretaries

Money changers, lawyers, company

secretaries, accountants, money

lenders

Real estate agents, DPMS, lawyers

Who may be vulnerable?

12

Process of financing terrorist activity either through legitimate or illegitimate sources

What is Terrorism Financing (TF)?

A person or a group who uses unlawful violence

and intimidation in pursuit of political aims e.g. ISIL, Boko Haram

Who is a terrorist?

Techniques of TF

• Other ways: Kidnapping for ransom Movement of funds/ money through the financial system in small amounts to avoid detection Movement of value through jewellery/ precious stones/ gold bullion across borders Borrowing through money lenders

• Raising funds through legitimate sources e.g. legitimate business, pawning of jewellery or other valuables

• Raising funds from criminal proceeds e.g. drug trafficking, credit card fraud

• Self funding e.g. families and friends

Issue: Terrorism Financing

13

What is Financing of Proliferation of Weapons of Mass Destruction (PF)?

The act of providing funds or financial services which are used, in whole or in part, for themanufacture, possession, transport, or use of weapons of mass destruction (WMD).

Issue: Proliferation Financing

Nuclear weapons Chemical weapons Biological weapons

What are Weapons of Mass Destruction (WMDs)?

Dual use goods (used for illegitimate

purposes)

Adapted from: Combating Proliferation Financing – A Status Report on Policy Development and Consultation (FATF), February 2010

14

Legal Framework

• BNM the competent authority for

AMLA and appropriate

supervisory/ enforcement powers

• Provision of law in relation to both

preventive and combative

measures

• Criminalisation of more than 400

offences from more than 45

legislations

• Inclusion of reporting institutions

• Adequate investigation & enforcement

powers (incl. freezing, seizure and

forfeiture of assets)

• Fully-functional FIU in BNM

• AML/CFT Units set-up in key law

enforcement agencies (LEAs)

• Structured training programs for

financial investigators

FATF

STANDARDS

Preventive Measures: Reporting Institutions

• More than 43,000 RIs

• Identifications of institutional risks

• Implementation effective AML/CFT

compliance programme to detect and

deter ML/TF

• Submit STRs and CTRs to

FIED,BNM

Domestic & International Cooperation

Combative measures: FIU & LEAs

• National Coordination Committee for integrated

approach across 16 Ministries & Agencies

• DNFBP Working Groups for collaboration among

licensing bodies, self regulated bodies, industry

associations and RIs

• Identify & respond to emerging risks through

National Risk Assessment process

• MOUs and strategic partnership with foreign FIUs

and counterparts

• Strong network with international/regional bodies

FATF, APG, Egmont Group of FIUs

Solution: Comprehensive AML/CFT framework for prevention of ML/TF activities since AMLA 2001

15

Banks

Insurance companies

Securities / Fund managers

Money changers

E-money operators

Money lenders/ pawn brokers

Leasing / Factoring

Gatekeepers – Lawyers, accountants, company secretaries and trust companies

Dealers in precious metals and stones (jewellers, goldsmith, kedai emas etc.)

Real estate agents

Casino

Gaming Houses (4D, horserace etc.)

1 Financial Institutions (FIs)Designated Non-Financial Businesses and Professions (DNFBPs)

Legal Framework

• Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (Act 613) – AMLA

• AML/CFT – Designated Non-Financial Businesses and Professions (DNFBPs) & Other Non-Financial Sectors (Sector 5) (Sectorial Guidelines 1-10 (2006-2008) were superseded by Sector 5 on 1 Nov 2013)

2

Solution: Reporting Institutions (RIs) under AMLA – a snapshot and instruments

16

CriminalsLaw Enforcement

AgenciesBank Negara MalaysiaReporting Institutions

• Financial Intelligence Unit (FIU) in BNM analyses CTRs and STRs

• Tries to place illegal proceeds via RIs

• Know your customer

• Submit STRs to BNM when the transactions are suspicious or out of ordinary

• Submit CTRs, when required

• Conduct investigation based on the analysis

BNM receives More than

200 STRs per day

• Provide analysis of multi-STRs reported by various RIs to LEAs

Preventive measures Combative measures

Solution: Reporting Institutions (RIs) are the First Line of Defence

17

You are part of the solution,How do you protect yourself from being

abused?

18

CDD information is a tool to confirm the identity of your customer and enable assessment of ML/TF risk

At the point of establishment of business relationship

When there is suspicion of ML/TF and/ or doubt on the information previously obtained

Customers

Person

Conducting

Transactions

Beneficial

Owners

WHY?

WHEN?

New customer 1Existing customer 2

First thing first, know your client – Customer Due Diligence (CDD)

19

WHAT ARE ACCEPTABLE DOCUMENTS FOR INDIVIDUAL CUSTOMERS AND BENEFICIAL OWNER?

• NRIC/ Passport

If there is doubt – ask the customer to show other supporting official identification documents with his / her photograph

• Any other official documents bearing the photograph of the customer, provided that the RI is satisfied with the authenticity of the document

• If biometric ID is used, verification requirement deemed to have been fulfilled. No photocopy of ID is necessary

CDD: Verification of individual customers

20

Identify and take reasonable measures to verify beneficial owner (BO)

(a) Identity of the natural person who ultimately has a controlling ownership interest in a legal personi. Identification of directors/shareholders with equity interest of more than 25%;ii. Proper authorisation for persons authorised to represent the company (letter of authority/

directors’ resolution); andiii. NRIC / Passport to identify the authorised person(s)

(b) If there is a doubt on the controlling interest - the identity of the natural person exercising control through other means

(c) Where there is no natural person identified- the identity of the natural person who holds the senior management position

Identification & verification of the BOs up to the level of natural persons who have control

(a) Name, legal form and proof of existence(b) Powers that regulate and bind customers(c) Address of registered office

Identify and verify customer

CDD: Verification of companies/ businesses (legal persons)

21

WHY?Terrorists, terrorist organizations and the development of weapons of mass destruction require financial support in order to achieve their aims. They use techniques like those of money launderers to evade authorities' attention and to protect the identity of their sponsors and of the ultimate beneficiaries of the funds.

HOW TO SCREEN CUSTOMERS?

Update and Maintain Lists

• United Nations Security Council Resolutions (UNSCR) list

• Ministry of Home Affairs (MOHA) list (for TF only)

1Report

• To FIED (including attempted transactions)

• Inform relevant supervisory authority

4

Check on names

• On new customers, beneficial owners and beneficiary

• Existing customers

• Potential customers

• Take measures to ascertain identity – not ‘false positive’

2

Freeze / Reject

• Freeze/ block fund for existing customers

• Reject transactions for new/ potential customers

3

Combating the Financing of Terrorism (CFT) and Proliferation Financing (CPF)

22

• RIs are required to formulate its own risk scoring mechanism for the purpose of risk profiling its customers e.g. high, medium or low

• Risk profiling is crucial for the purpose of applying effective control measures/ monitoring i.e. enhanced due diligence on higher risk customers, monitoring of transactions

WHY?

HOW?

Know your customers’ risk via Customer Risk Profiling (CRP)

The same risk factors are used for conducting Institutional risk assessment

• Resident or non-resident

• Company structure

• Politically exposed persons (PEPs)

• High net worth individuals

• Customer from high risk countries

2

• Non face-to-face

4

• Value of product/ service

• Cash-based

• Simple / complex transactions

1

• Business location

• Country of origin

• Country on sanctions list

3Product / service Delivery channels Geographical locationCustomer

23

Examples:• Cash based• Products of high value• Product/service

offered that is non face-to-face

iii. Risk associated with Transaction / Delivery Channel

No. Name of customer

Nationality Occupation/ nature of business

Foreign PEP(YES/NO)

Sanctioned person

(YES/NO)

Geographical location of business

Transaction value (RM)

Mode of payment

ML/TF Risk Rating e.g. Low, Medium, High

1. Dmitry Russian Senior Officer YES NO Bangsar, KL 450,000 Cheque High

2. Ahmad Malaysian Director NO NO Georgetown, Penang

1,500,000 Cheque Medium

3. Tan Malaysian Assistant VP NO NO Kelana Jaya 30,000 Bank transfer

Low

4. xxxx

Customer Risk Profiling (CRP): Example*

Examples:• Customers from

sanctioned/high risk countries• Customers who used complex

legal structure• Customers whose origins of

wealth cannot be verified

Example:• Customers on boarded at

high risk branches (to be determined by RIs)

ii. Geographical risk

i. Customer risk

Examples

* Please refer to Appendix I of Sector 5 Policy Document

Automatically a high risk customer if YES

If YES, do not deal with them. Block/ reject transaction or freeze

account (where relevant).

24

WHY?

WHEN?

• The higher the risk, the better your controls must be put in place

• To satisfy yourself that the client is legitimate and not trying to abuse your services

• Approval is to protect your firm from taking risk beyond your normal risk appetite

• Dealing with foreign PEPs • You assessed a client to be higher risk

(including domestic PEPs) HOW?

Have a chat to find out from your clients

Ensure your senior management agrees to

accept the client Remember! You don’t need to do EDD for

all your clients

• Ask clients to declare in KYC / Customer Application Forms

• Ask for more info / verification documents

You know the risk, now manage it through Enhanced Due Diligence (EDD)

25

CDD EDD On-going Due Diligence (ODD)

HOW?

Throughout your business relationship, do you find

the client suspicious?

Identification Verification ODD

i ii iii

• Make a copy of ID document

• Review and update client profile

• Transaction monitoring for consistency with known profile of client

Paragraph 13.6

• Identify• Sight ID document

26

STRs are documents that reporting institutions are required to submit when having suspicion that a customer is involved in money laundering or terrorism financing

WHAT IS AN STR?

STRs provide LEAs valuable information/ intelligence of potential criminal activities

✓ Submit STRs promptly✓ Complete the STR form as much as possible

✓ Disclose the submission to anyone else✓ Tip-off the person(s) being reported – do treat them as normal

clients

You may continue doing business with the client even after the submission of an STR, when reasonably belief that it would tip off the client if the transaction/ CDD is stopped

WHY?HOW TO

All you need to know about Suspicious Transaction Reports (STR)

STR form can be found at amlcft.bnm.gov.my

27

RI is required to submit STR (regardless of the amount of transaction) when the transaction:

UnusualNo clear economic

purpose Appear illegal, proceeds from illegal actiivites

Indication that customer may involve ML/TF

What is suspicious?

Reporting institutions are to develop its own red flags (and be guided by Sector 5 examples) to help identify suspicious transactions

28

Some steps that may be undertaken:

Screen

Evaluate

Ask Find

Screen the account for suspicious

indicators: red flags may be built by RIs

Step 1 : Screen

Ask customer appropriate

questions. e.g. for furtherance of promoting the

services or satisfying customer needs.

Step 2: Ask

Find out the customer's records i.e. review of information already known e.g. customer occupation, whether it commensurate with transactions.

Step 3: Find

Evaluate all information gathered and consider to promptly submit STR

Step 4: Evaluate

How do I recognise a suspicious transaction?

29

WHY?• Record-keeping is an essential part of the audit trail for the

detection, investigation and confiscation of criminal or terrorist property or funds.

• Record-keeping helps the investigating authorities to establish a financial profile of a suspect, trace the criminal or terrorist property or funds and assists the Court to examine all relevant past transactions to assess whether the property or funds are the proceeds of or relate to criminal or terrorist offences.

HOW?• In the form that is admissible in court

Management Information System (MIS)REMEMBER!Keep records for 6 years from the date of

the transaction completed or terminated• Not necessarily automated. Can be manual• To commensurate with nature, scale and complexity of operations• Important: MIS to provide timely information on a regular basis for

reporting institutions to detect irregularity/ suspicious transactions

Keep, Retain and Centralise Records

30

• By specifying in writing to : Pengarah, Financial Intelligence and Enforcement DepartmentBank Negara MalaysiaJalan Dato’ Onn50480 Kuala LumpurEmail: fied@bnm.gov.myFax: +603-2693 3625

WHY?

WHAT ARE THE RESPONSIBILITIES?• To ensure proper implementation of the

AML/CFT policies • To ensure all employees are aware of the firm’s

AML/CFT measures• To evaluate internally generated STRs before

submission

HOW?

• The CO acts as the key person for the oversight of all activities relating to the prevention and detection of ML/TF (including setting up an effective Compliance Programme)

Appointment of AML/CFT Compliance Officer (CO)

31

Policies & Procedures

• Commensurate with the firm’s ML/TF risks and size of business

Board of Directors & Senior Management

• Spearhead the AML/CFT efforts and compliance

Employee Screening

• Checks on employee’s personal information including employment and financial history

• Upon hiring and throughout the course of employment

AML/CFT Training

• Tailored to staff level & nature of works

• Frequency – correlate with level of risk

Other requirements: AML/CFT Compliance Programme

Please refer to Sector 5 Policy Document for more information

32

Comply to Protect

33

1. To protect your business from being abused by money launderers/ terroristfinanciers

2. To avoid non-compliance costs (for failure to comply or for rectificationmeasures) under the AMLA

Why do you need to comply?

34

Source from: The Guardian, United Kingdom, 14 September 2018.

Possible consequences:• Non-submission of STRs is punishable by

up to 5 years prison sentence in the UK.• In addition, members of professional

bodies may be referred to disciplinary tribunals for failing in their obligations.

Case in the UK: Failure to report an STR

Stark difference across different sectors with regard to STR submission levels.

• The overall number of reports increased by 9.6% but reports from lawyers fell by 10%.

Lawyers often have better understanding of transactions than other professionals.

• But these do not translate into STR submission, even when other sectors choose to report on the same transactions.

• Scandals like the Panama & Paradise Papers reveal involvement of accountants, company secretaries, and lawyers.

Regulators are stepping-up on enforcement on RIs which fail their obligation to submit STRs.

• In the UK, there are currently seven investigations by the NCA into professional enablers.

• There are also 19 intelligence on professional enablers, 11 of which involve lawyers.

35

Action taken:• Lawyer was fined S$10,000 for failure to

submit an STR

Brief Facts of Case:1. Kang, a lawyer in Singapore, was engaged by

Zhang, a Chinese national who wanted to purchase a property in Singapore amounting to more than S$ 5 million.

2. During the whole process, Kang has never met Zhang in person. Correspondence was through email.

3. Upon discovering that Zhang was being investigated in China for fraud-related activities, Kang failed to report an STR on the property transaction.

Source from: Lawyer fined S$10,000 for failing to flag suspicious Sentosa Cove property transaction, Channel News Asia, 2018.

Case in Singapore: Failure to report an STR

Real estate propertiesIllegal proceeds

Zhang, a launderer

Kang, a lawyer

36

AML/CFT Microsite: http://amlcft.bnm.gov.my/

FATF Publication: http://www.fatf-gafi.org/publications/

fied@bnm.gov.my

LINK: 1-300-88-5465 (1-300-88-LINK)

References & Contact Details

37

Thank You and Questions?