CHAPTER 1
An Introduction to Anti-Money Laundering

THE EMERGENCE OF AML

Money laundering is generally understood as the concealment of an illegitimate source of assets, providing an apparent legal origin. People have various reasons to whitewash assets: they might want to conceal the original crime and not let their wealth become a whistleblower, or they may simply want to build up a reputation of being a successful and respectable member of the community. Since the late 1980s, there has been another reason to launder money. Law enforcement, initially as part of the US-driven war on drugs, started to clamp down on the financial aspect of crime and new laws were enacted globally to criminalize the laundering of assets itself, whilst at the same time making it much easier for law enforcement to seize assets and for the courts to include confiscation of assets, both as a penalty and a measure of redistributive justice. Against the backdrop of a publicly perceived rise in profit-driven crime, it was generally felt that criminals should be hit where it hurt the most: in their pockets. Criminalization of the act of money laundering and the emphasis on the law enforcement effort to go after the money are a natural extension of the age-old adage that no man should profit from his own crime. Consequently, money laundering touched upon the core beliefs about a just society, where advancing oneself by evading the rules is felt as unfair towards those citizens who abide by the law. As such, money laundering (as any criminal offence) is a crime against society, against the public . and there is a public duty to fight and prevent.

By the late 1990s, another dimension was added: the counteracting of the financing of terrorism, and this was further fueled by the US terrorist attacks on September 11, 2001. This dimension worked as a catalyst for the development of ever more stringent anti-money laundering regulations, adopted across the globe, and the emergence of what arguably can be called an entire new industry: Compliance. To a large degree, Compliance became a synonym for AML Compliance, AML standing for Anti-Money Laundering (and we will use this well-established acronym throughout the rest of this book), but even that is a pars pro toto, as it commonly also encompasses counter-terrorist financing (CTF).

There were two main factors that contributed to the emergence of AML Compliance. First, there is the down-to-earth fact that law enforcement simply did not and does not have the capability or the capacity to do what is needed to detect money laundering. This is why financial institutions were recruited to partake in law enforcement as gatekeepers. Second, there was the shift in public perception about the role of private companies as Corporate Citizens and the intrinsic notion of good citizenship, linked to widespread notions on corporate moral responsibility, sustainability, and good standing and reputation. This is why the financial institutions, to date, accept the operational and cost burden of AML. Obviously, there is a clear financial incentive for financial institutions to be compliant: the fines imposed by the regulatory watchdogs for non-compliance are enormous. But beneath this mundane motivator there seems to be a genuine acceptance by the financial industry of the role they have to play, as members of society at large, to disallow and prevent the abuse of their systems.

Accepting this role is one thing, it is quite another to live up to it. Being a money laundering prevention gatekeeper imposes all kind of practices that need to be established in order to keep compliant with all regulatory requirements. There is the practice of "know your customer" (KYC), which in a nutshell means establishing that a customer is who he claims to be. Then there is the practice of enhanced due diligence: risk assessing a financial institution's entire customer base on a continuous basis, specifically for the purpose of AML and CTF, and stepping up the monitoring effort or even reconsidering the relationship with the client in the case of high risk. Lastly, there is the practice of transaction monitoring: looking at behavior on the account to identify any suspicious1 or unusual activity. When such activity is deemed to be found and cannot be refuted by further analysis or investigation, then the financial institution has the obligation to report this to the local Financial Intelligence Unit, which in most countries acts as the conduit between the financial institutions and law enforcement, and quite often acts in an investigative capacity itself.

It goes without saying that complying with AML along the lines of these three practices impose a huge administrative burden on the financial institutions, requiring significant investment in front, middle, and back office operations. This applies in particular to transaction monitoring where volumes of customers, accounts, and transactions are significant, and meaningful analysis cannot be done by human labor alone.

And this is where AML software enters the scene. Financial institutions not only deploy electronic means to detect suspicious or unusual activity because of the sheer scale of the data, but also because regulatory watchdogs require them to apply computerized forms of analysis to avoid inconsistency and too much reliance on the (frailty of) human capacity to do so. Whilst computer systems carry out the tasks they can do more efficiently than humans, there is still a role for human analysts and investigators to further verify the validity of the initial electronic analysis. Thus AML transaction monitoring is typically divided into three practices: electronic analysis of transactions and the subsequent generation of alerts, the assessment by a human analyst with regard to the validity of the alert(s), and the subsequent filing of a regulatory report if one or more related alerts cannot be refuted as false positives.

The end-to-end process of data collection involves electronic and then human analysis; further investigation of more complex cases; and reporting to the regulators and being able to explain to the regulator how risks have been assessed and mitigated appropriately. All of this constitutes a complex operation, driving up the (manufacturing) cost of financial services delivery and potentially upsetting customers, especially when these customers find themselves unjustifiably subject to a financial investigation, often with the added penalty of not being able to execute transactions and do business. Striking the balance between satisfying both the regulator (compliance), banking customers (services delivery), and shareholders (keeping operational costs down whilst maintaining a good reputation) is of utmost importance for financial institutions today. It is the AML transaction monitoring software that enables financial institutions to do this.

The aim of this book is to explain various aspects of AML transaction monitoring software and will mainly focus on the electronic analysis, both from a perspective of the logic applied in this analysis and the challenges faced during implementation of that software in terms of data integration and other technical aspects.

We, as authors of this book, share a history with SAS, representing a combined 17 years of experience in the implementation, configuration, and redesign of the SAS Compliance Software. SAS has been considered market leader in a number of significant areas relevant for the practice of AML: data integration, analytics, transaction monitoring, case analysis, and reporting.

For any AML software to be taken seriously, is by definition complex. This is because AML transaction monitoring is a multifaceted process. This book aims to provide further clarity mainly on the logic applied to the rules. We hope to provide a good starting point for the beginning AML scenario analyst and administrator. We also hope this will benefit AML alert analysts and investigators, so that they may understand a bit better the output of what we call the alerting engine in terms of the AML and CTF alerts. To that aim this book will put the technical and analytical detail in its business context.

One could legitimately ask if this would not play into the hands of those whose actions we try to detect and allow them to improve their ability to evade detection. We think this not to be the case. Whilst much of the rule-based approach is already in the public domain, the keys are in the actual thresholds financial institutions set as part of these rules for their specific customer segments.

AML AS A COMPLIANCE DOMAIN

Money laundering is commonly defined as the act of providing a seemingly legitimate source for illegitimate funds. In order to conceal the illegitimate origin, the proceeds of economic crimes need to be whitewashed. This will do two things for the criminal beneficiary. Firstly, it will cut the follow-the-money trail leading to the criminal acts, thus avoiding financial assets giveaways of the underlying crimes. But, secondly, even when it does and the criminal is successfully prosecuted and convicted for the criminal proceeds, when successfully laundered, the proceeds will not be subject to confiscation, since no link between these assets and the convicted can be proven. Even if the criminal is imprisoned, the criminal or their family will still be able to dispose of the assets and wealth build from a criminal life.

Anti-Money Laundering, therefore, is, in its widest...