Money Laundering and Your Bank Accounts – Part VII – Unusual Activities

Banks Solve the Money Laundering Puzzle.
This is the seventh part in our series that reveals exactly what banks are looking for when they are combatting money laundering.

Bank-to-Bank Transactions

The size and frequency of currency deposits increases rapidly with no corresponding increase in noncurrency deposits.

You know if you expect to see an uptick in your currency deposits. If you do, pay a visit to your banker and explain to her what is happening. That will forestall any unnecessary problems.

A bank is unable to track the true account holder of correspondent or concentration account transactions.

You may have an account that receives deposits from several other banks. For example, for sales made in multiple countries plus deposits from a credit card bank. If the bank thinks you aren’t the actual account owner, then they are obligated to take action. They will report it to the appropriate authorities.

The turnover in large-denomination bills is significant and appears uncharacteristic, given the bank’s location.

There is a global effort to reduce the number of large currency bills in circulation because of their anonymity. Your account will be flagged if you process many of these through your account where this is unusual.

Changes in currency-shipment patterns between correspondent banks are significant.

Transactions between correspondent banks are tracked so that if an employee manages to bypass internal controls, she will be caught. There are several triggers to be aware of:

  1. Large volumes of small denomination bills are sold to U.S. banks. (This is a trigger in the EuroZone as well. In that case, triggering currencies are USD, GBP and EUR.)
  2. Multiple wire transfer instructions from foreign nonbank institutions requiring the bank to transfer funds to entities for which there seems to be no reasonable business purpose.
  3. Customers exchange large volumes of USD or Euros for larger denominations. This facilitates physical cross-border shipment of currency.
  4. Deposits of Euros or US Dollars by a foreign non-bank entity that subsequently transfers the funds via wire to foreign non-bank entities.

Even legitimate businesses risk losing access to their funds temporarily or permanently as well as prompting an investigation of the principals if they engage in any of these activities.

Protecting Your Information While Travelling.

Protecting Information
image by stevepb
We are interrupting our information series on the impact of money laundering controls on legitimate businesses to deal with a subject that has become increasingly urgent to many of our customers, and that is protecting their private information when traveling. We shall complete the money laundering series shortly.

Protecting Your Private Information During International Travel

Numerous businessmen have become worried about the increasingly intrusive nature of border inspections. Border security agents are beginning to treat information with the same level of concern as they do physical weapons. That concern is understandable but too often it leads to invasions of privacy that are not warranted. Furthermore, they can easily lead to the leakage or loss of critical commercial information or reveal embarrassing private facts. Governments should not act in these domains, but we’ve made it easy for them. So they do it.

Border Interrogation

When you cross into a country, there is no limit to the amount of information border control agents may demand. Your very first line of protection is to be normal in every possible way. Act as a businessman, a tourist or a relative. Don’t draw attention. Don’t project an aura of being special.

Answer questions matter-of-factly. Tell the truth. Don’t joke.

If they select you for further questioning, you’ll go to a separate interrogation room. They are being paid for the time they are there. Meanwhile, the loss of time is costing you money. You want to leave quickly. They want overtime pay. They will use your impatience against you.

When they finish asking you questions or perhaps before, they will ask to look into your laptop and phone. Of course, they will tell you to provide the passwords. Now the trouble starts. As an international traveler entering a country, you have no rights. You are at the mercy of the inspector in front of you. You have two rational choices and one irrational:

  1. Give up your passwords and give them the keys to your life.
  2. Give up your passwords and let them be meaningless.
  3. Try to fight them.

We encourage option two. Give them the passwords to unlock your devices and any applications on them. Just ensure there’s nothing important for them to see.

Finger Prints, Pattern Tracing and Iris Scans

None of these are as effective as the old-fashioned password for protection – if you create a good password and change it from time to time.
As a matter, of course, you should have your devices set for complete encryption of all the data on them whether you are at home or on the road. Then, if you have any concern at all that your device may be lost, stolen or compromised, you should be certain to use a well-formed password to protect it.

Invisible Information is the Best Defense

When you cross a border, take the minimum necessary information with you. Fortunately, in the twenty-first century, you can transport minimal data easily. On the other hand, ferreting out your secrets is easier than ever, too. Especially if you aren’t careful. There are several data storage areas you need to be aware of; border agents certainly are.

  1. Your digital devices
  2. The cloud
  3. Social media

Let’s cover these in a bit of detail:

Digital Devices 1

There is virtually no possibility that you know what data can be found stored on you digital devices. Poor programming practices and lazy habits ensure that practically everyone has far more information on their devices than they can imagine. Every time they upgrade, they get more memory and transfer more history from their old devices to their new ones. Oftentimes it is buried so far that we don’t even know it is there. And if we don’t know it is there, we certainly can’t remove it. Some of it may be embarrassing. Some of it may be incriminating.

On top of that, as almost anyone with even a slight bit of computer literacy can tell you, erasing things doesn’t actually erase them. Generally, erasing just changes the first character to let the system know that space is available, but all the rest of the information is still there if it hasn’t been overwritten.
What you are going to have to do is to leave your daily-use digital devices at home.

Digital Devices 2

From now on you will carry only the bare-bones hardware that you need. For example, an iPad and a Huawei phone. Your iPad will connect to a straw iCloud account that is bare-bones and is not your regular one. Your Huawei will have only the phone numbers of your office, home and a couple of restaurants where you have business lunches.
Everything will have been paid for in cash or through your company account. Nothing will tie to your credit cards. The SIM for the phone will be one which you purchased for cash and without identification or, at worst, will tie to your company.

Memorize your iCloud account information. Use that information to download everything else that you need.
Once through the border and in your hotel room, you can connect your iPad to your main iCloud account and then download the business information and any apps (e.g. WhatsApp and Skype) that you need. Before leaving the country, you will upload all of the data back to the cloud and then reset your iPad and erase everything. Then you will connect the iPad to your innocuous iCloud account.
You will handle your Huawei Phone similarly.

The Cloud

Digital devices love the cloud. You probably have at least ten cloud accounts of one sort or another and some of us have acquired hundreds. There are a variety of ways to track the passwords for them including through special password apps, through your digital device operating system or some manual system of your own. You will connect your iPad only to your straw account. Your straw account will contain real information but not information that you wish the border agents not to see.

Social Media

This may be your biggest problem if you have been putting information on your social media that you would prefer that the border security agents not know about. They will check the most popular social media sites.
If you are able, you can try to clean up your social accounts, but generally, there’s not much you can do. What’s done is done. You can start flooding them with entries every day so that the investigator gives up before getting to what you want to conceal or can’t distinguish the important from the dross.

Money Laundering and Your Bank Accounts – Part VI – Loans


photo by Drew Hays, unsplash.com
This is the sixth part in our series revealing exactly what banks are looking for when they are combatting money laundering.

Laundering Money Through Lending Activity

Money launderers course massive sums through loans and investments. Bank authorities must perform significant due diligence to detect money laundering in these cases. To top that off, some governments try to discourage detection of such money laundering activities through legislation and regulation.

A borrower secures loans using pledged assets held by third parties unrelated to the borrower.

Launderers clean dirty money by pledging an asset purchased with dirty money to secure a clean loan. Sometimes, they course the funds through several banks, several shell companies, and one or two straw men. The bank may ask many questions to prevent any money laundering. The borrower must answer those questions convincingly.

A borrower secures a loan by using readily marketable assets, such as securities. If a third party owns the assets then the transaction is especially suspicious.

Borrowers don’t usually pledge easily marketable assets to get cash. The borrower can sell such assets with less difficulty than taking out a loan. If a borrower does not, he needs to be able to explain why. He will need to provide a convincing reason.

A borrower defaults on a loan that is secured by easily marketable assets.

The borrower probably took out the loan in order to default on it. Launderers create these schemes as a way to convert somewhat clean assets and create clean money.

Loans are made for or are paid on behalf of, a third party with no reasonable explanation.

The borrower purchases a certificate of deposit using an unknown source of funds in order to secure a loan. When funds are provided via currency or multiple monetary instruments the source of the security is even more suspicious.

Banks may permit the borrower to partially or fully secure a loan by purchasing a CD issued by the bank. However, banks that do so must thoroughly vet the source of the funds. If they don’t, regulators will suspect them of colluding in money laundering.

Banks that make loans that lack a legitimate business purpose, provide the bank with significant fees for assuming little or no risk, or tend to obscure the movement of funds (e.g., loans made to a borrower and immediately sold to an entity related to the borrower) will be suspected of colluding to launder money.

Money Laundering and Your Bank Accounts – Part IV – Automated Clearing House (ACH)

dirty money needs laundering
image by Vitaly via unsplash.com

This is the fourth part in our series revealing exactly what banks are looking for when they combat money laundering.

Automated Clearing House Transactions – Policing Money Laundering

“Automated Clearing House” or ACH refers to all clearing houses, not only to the U.S. one with that name. GIRO, NETS, ACH, CHAPS, EFT, BACS, PEACH, SDD and others are all automated clearing houses. Launderers attempt to route transactions through them to bypass some anti-money laundering safeguards.

FinTech

The rapid rise of financial technology (Fintech) third party quasi-banks has created new openings for money laundering. PayPal was one of the earliest Internet Fintech companies but many have followed in its wake. Fintech quasi-banks carve up the banking product into pieces. Each fintech company provides one or two services, adding to the burden of regulators. Ayden, LendingClub, Addepar, Commonbond, Kabbage, Transferwise, etc. are a few of the many third party fintechs. Fintechs are generally on the up-and-up but it is reasonable to assume that some are designed as money laundries and are even capitalized by dirty money.

Non-customers launder money by using large-value, ACH transactions through third-party service providers (TPSP) that don’t perform effective due diligence.

Regulators don’t control TPSPs as rigorously as banks. So money launderers can move money into the banking system without the usual controls. ACH systems must flag such transactions. Regulators are looking at the TPSP environment now. Even so, they only look at deposits, checks payment, and money lending.

TPSPs violate ACH network rules, or generate illegal transactions, or process manipulated or fraudulent transactions on behalf of their customers in order to facilitate money laundering.

Regulators should close down TPSPs after catching them breaking the law, but often they don’t. Usually, regulators don’t consider the transgressions to be bad enough to put them out of business and may impose lesser penalties. Bank regulators will look for regular patterns of abuse by TPSPs. When they find an abusive TPSP, they will punish banks that have done business with it. But that takes time. Meanwhile, money launderers and their crooked clients continue to operate.

Layers of TPSPs that appear to be unnecessary are involved in transactions in order to launder money.

Always and everywhere, officials use complexity to facilitate fraud or theft. Complex tax codes such as that of the U.S. are examples of regulations designed with malicious intent. Complex financial deals are often designed to defraud. Regulators find such fraud hard to detect if they were designed with care. Launderers use TPSP layers to facilitate much of the money laundering outside the main banking system.

Clients initiate an unusually high level of transactions over the Internet or by telephone.

This is simply smurfing by another means and is as easy to track as any other kind of smurfing. Banks will usually detect this in the twenty-first century, and if they don’t, their regulators will.

NACHA information requests indicate potential concerns with the bank’s usage of the ACH system… i.e. they may suspect money laundering.

NACHA doesn’t communicate directly with end users of the US ACH. That is important for you to know because fake NACHA emails are a goldmine for phishing attacks. However, NACHA does have a set of rules and the ability to fine members who do not obey them. Furthermore, banks can alert NACHA of suspicious transactions they see. Third party software such as that provided by NICE•Actimize can automatically detect the misuse of ACH transactions. Those are reported to NACHA and bank regulators.

Can Money Launderers penetrate the system?

Yes. Many people try to game the system and succeed. It is clear that in many governments themselves are anxious to leave some channels available to move dirty money with little friction. Power and money laundering go hand-in-hand.

How do money launderers work in the 21st century?

In one scheme, criminals route debt obligations across multiple borders to clean dirty money. For example, X takes out a loan for a million dollars from a peer-to-peer fintech lender in the U.S. He deposits the loan in his U.S. account. He then funds the repayment of the loan from a Bank of Cyprus account using a UK peer-to-peer fintech fund offset service. Money crossed no borders under this scheme. On the other hand, the launderer moved a million dollars from his Russian-controlled Cyprus account into the U.S. When he repays in amounts of around $5,400 per month they will be thought to be normal payments for a thirty-year loan. Only the structure of the transaction would give a clue as to what was going on and given the separation in location and time, no alarms will sound.

We will discuss other schemes later in this series.

Money Laundering and your Bank Accounts – Part III – Funds Transfers


image by Vitaly via unsplash.com

This is the third part in our series revealing exactly what banks are looking for when they are combatting money laundering.
Transferring funds is at the heart of commerce and is the most important function performed by modern banks. Transferring funds is also at the heart of money laundering. Move dirty money through enough hands by sufficiently devious means and at some point, it magically becomes clean.
Think about this, if we can describe an activity, it is possible to write software to detect it. Banks do just that.

Bank Checks on Money Laundering Funds Transfers

You transfer funds in large, round dollar, hundred dollar, or thousand dollar amounts.

This is classic smurfing. Sudafed smurfs were buyers for meth labs who would go from drugstore to drugstore purchasing Sudafed cold medicine containing pseudoephedrine. The manufacturer then made crystal meth from the pseudoephedrine. Smurfing has expanded into money laundering. Smurfs typically deposit small amounts to many accounts. The money from those accounts is then assembled and transferred to a master account in another country. Then someone transfers the money, this time to the actual beneficiary. Dirty money often travels through several jurisdictions before arriving at the final destination.

Funds transfer activity occurs to or from a financial secrecy haven, or to or from a higher-risk geographic location without an apparent business reason or when the activity is inconsistent with the customer’s business or history.

“Higher-risk geographic locations” tend to be tiny island nations such as the Cayman Islands, Vanuatu or the British Virgin Islands. But, they are also places such as Luxembourg and Gibraltar. Banks maintain a list of risky jurisdictions. Transactions involving such jurisdictions receive extra scrutiny.

Funds transfer activity occurs to or from a financial institution located in a higher risk jurisdiction distant from the customer’s operations.

There might be a logical reason for a Florida business to be remitting to or receiving funds from the British Virgin Islands, which are close by. On the other hand, it is unlikely that they’d be doing much business with the Cook Islands in the South Pacific. Again, banks will pay extra attention to such transactions.

Your accounts receive many small, incoming transfers of funds, or receive deposits of checks and money orders. Then, almost immediately, all or most of the transfers or deposits are wired to another city or country. Usually, the transfers are in a manner inconsistent with the customer’s business or history.

Again, we see smurfing on a large scale. Drug cartels purchase chain restaurants, casinos, entertainment and sports venues in order to be able to launder money through them. These venues typically have large numbers of small transactions; ideal for throwing banks off the scent. But law enforcement has statistical data that can sniff out this sort of money laundering.

Your accounts receive large, incoming funds transfers on behalf of a foreign client, with little or no explicit reason.

Banks want to know what to expect. If you are going to be receiving a large amount of money, it is wise to tell them in advance what is going on. Ensure that they write it down so that you can avoid suspicion. You may think it is troublesome, but having the FBI knocking on your door is real trouble.

Transferring funds is unexplained, repetitive, or shows unusual patterns.

To the average person, the world seems jumbled, chancy, ad hoc. But those who pay attention see patterns. So it is with bank accounts. Observe enough bank accounts and you’ll see that 99.9% of them follow predictable patterns. If your account is in the one-tenth of one percent, the bank will examine it closely.

You receive payments or receipts with no apparent links to legitimate contracts, goods, or services.

If you run an asphalt business and suddenly receive payment in your account for a Ferrari, that may well be flagged. Receive payment for a Ferrari and a luxury condo and it will be flagged.

You send funds to the same person using different accounts or to different accounts. Or the reverse.

Well Sir Smurf-a-lot, banks figured out this channel a long time ago. It can work, but only by using multiple aliases or smurfs at many banks over a long time.

You don’t provide enough information regarding funds transfers, not only the why but also the who of related parties.

Banks detect these omissions sometimes but they fall into a gray zone. Protect yourself by being open and up front in describing both why the transaction is taking place and who the beneficiary is.

Singapore Government Sets Small Business Controllers Astir As AEOI Comes Knocking

singapore registered controllers red tape
Image by James Petts
Until now the controllers of most local businesses could sit quietly in the background, passively earning money. To the world at large they appeare to be unconnected with the company providing their income or wealth. In the new world of AEOI and FATCA, goverments no longer condone such anonymity. These folks are now deemed Registerable Controllers” whom we describe in more detail further on.

For government departments to learn who actually controls the business is a significant chore today. So legislation will now go into effect on 31 March 2017 to rectify that problem.

From that time forward, some companies must maintain a register of their “Registerable Controllers”. Government owned companies, financial institutions and companies traded on a stock exchange are exempt.
Their registrar’s office or the registered address will keep a new document known as the “Register of Controllers”. You can find more detail on it here

Registerable Controllers

The legislation is interesting in that it doesn’t say who IS a registerable controller; it defines who isn’t one.
If you (either as a person or a company) control a company indirectly through one or more controllers, you aren’t a controller. In that case, don’t have to appear on the register. In other words, for example:

  1. If you are company A and own or have a significant interest in company B and
  2. company B owns company C,
  3. then B would have to register with C as its controller and
  4. A would have to register with B as its controller.

Because 25% interest in the company or in its voting shares is the cut-off. A company could have up to four registered controllers, if they each controlled 25% of the voting shares.

More Information

This is just a brief summary of how the law works. There are more details for the immense variety of ownership and control structures that could exist, but the principal is always the same:

  1. If the company is already statutorily required to keep a record of its controllers somewhere, it isn’t required to maintain a second copy.
  2. If an individual or legal person controls a company indirectly through one or more companies, they need only be listed at the directly owned company(ies) subject to a above.

As always, the devil is in the details, which you can find here.