Elements of Customer Risk: Profiles and Relationships

https://www.alessa.caseware.com/
Elements of Customer Risk:
Profiles and Relationships

https://www.alessa.caseware.com/ 2
Alessa: Integrated AML Compliance Solution
Customer Due
Diligence
Transaction
Monitoring/
Screening
Regulatory
Reporting
Sanctions
Screening
AML
Capabilities
Data Management, Workflows, Case Management,
Fraud Detection & Prevention (Advanced Analytics)
Traditional FIs FinTechs
Gaming and
Casinos
MSBs
Markets
Questions? Email us at alessa@caseware.com

Agenda
3
1. What is risk, and why do we care about it?
2. Customer Due Diligence vs. CIP
3. Categorizing, quantifying and measuring
customer risk
4. Profile and Relationships risk factors for
individuals/consumers and businesses/legal
entity clients
5. Relationships in context of customer risk
6. Key Takeaways and Q & A

What is risk?
The intentional interaction with uncertainty
Uncertainty is a potential, unpredictable, and uncontrollable outcome
Risk is an aspect of action, taken despite uncertainty
A subjective judgment made about the severity and probability of a risk
Risk Perception:
Risk:

FinCEN CDD Rule: Customer Risk Profile
Challenge for compliance professionals: Not so much WHY, but HOW?
Certain elements of customer risk scoring only you can determine:
• How you build your institution’s scoring model – which risk factors you choose, and
if/how you assign weights to different factors
• How you incorporate customer risk scores into your transaction monitoring software
5
Why a Customer Risk Score/Rating?
“A financial institution should establish an understanding of the money
laundering and terrorist financing risks of its customers.”
Department of the Treasury, Financial Crimes Enforcement Network (2016)

Customer Due Diligence vs. CIP
Customer Due Diligence is:
 Detailed analysis of a customer from a
money laundering risk perspective
 Assessment of risk factors involving
demographic data, products/services,
anticipated transaction behavior, and
geography
 May expand into enhanced due diligence
 Ongoing, continuously evolving over life of
customer relationship
CIP + CDD = KYC
CIP is:
 Identity verification
 For new customers
 For beneficial owners of legal
entity customers
 Government photo ID, address,
date of birth for individuals
 OFAC screening
 One and done

Categorizing Risk Elements
Profile &
Relationships
Products/
Services, Activities &
Behaviors
Geographic Risks
Where Who
What

• Customer risk scoring model: Keep it simple
• Need to quantify risk objectively, but be able to modify for judgement
• Most models are way too complex
• Will never be perfect
8
Quantifying and Measuring Risk
Important: Risk scores should be dynamic

Customer Profile and Relationship Risk Factors:
Individuals/Consumer Clients

Risk Factors: Individual/Consumer Clients
Risk Factor Why?
Channel – online or third party Anonymity factor - collusion
Depth & length of relationship Mitigating factor – longer/deeper is lower risk
Employment status
–Unemployed ask why
Cash basis – placement risk; potential undocumented status
Assets & sources of wealth
Higher than expected for stated employment; unusual or irregular sources
– red flags
Citizenship status & residence Non-resident alien; potential money mule
Politically Exposed Person (PEP)
Higher risk of involvement in money laundering, bribery, corruption or
terrorist financing
Joint account – no familial
relationship
Red flag for potential fraud or funnel account
Anticipated risky transaction activity Cross border transfers, frequent cash deposits are high risk indicators
– risk of comingling, fraudSelf-employed

Individual/Consumer Clients: Case Study
Mr. Talal Chahine:
• Naturalized citizen, native of Lebanon
• Prominent businessman, self-made
• Founded a chain of restaurants in greater Detroit area
• Highly respected in the community, family man
• Deep customer relationship with his bank: personal
and business accounts, commercial and personal
loans, investment services
Risky?

• Four-year period: skimmed $20 million in cash proceeds from the
restaurants
• Maintained double set of computerized books – computer generated
• Altered books artificially reduced amount of cash receipts
• Employees converted millions of dollars in cash into cashier’s checks,
sent to people in Lebanon
• Employees converted cash from smaller to larger denominations –
smuggled to Lebanon
• Paid employees in cash
• Strong ties to high-level leaders of Hezbollah terrorist organization
• Currently a fugitive, believed to be in Lebanon
• Wife pled guilty, served 18 months in prison
12
Individual/Consumer Clients: Case Study cont’d

Profile/Relationships Risk Factors:
Businesses/Legal Entity Customers

Business/Legal Entity Clients – ML Risk
Risk Factor Lower Risk Higher Risk
Ownership Transparent, easily verifiable
Beneficial owners hidden behind trusts or
layers of LLCs/other entities
Entity legal structure
Simple — sole proprietorship, general
partnership, or publicly traded corporation
Complex — less transparency, such as
LLCs, trusts, joint ventures, limited
partnerships
Third party oversight Regulatory or licensing oversight required No independent oversight
Cash Intensive No Yes
Foreign business
activities
None
Extensive, especially involving higher risk
countries
Length and depth of
customer relationship
Over 5 years; multiple accounts &
services
Less than 5 years; one or two accounts

Risk Factors: Business/Legal Entity Clients
Ownership
Transparent, easily
verifiable
Beneficial owners
hidden behind trusts
or layers of
LLCs/other entities
Entity legal
structure
Simple — sole
proprietorship, general
partnership, or publicly
traded corporation
Complex — less
transparency, such as
LLCs, trusts, joint
ventures, holding
companies, limited
partnerships
Third party
oversight
Regulatory or licensing
oversight required
No independent
oversight
• Less transparency/oversight = greater risk
• Money laundering risk associated with certain
entity types and related ownership structures is
based on:
• Ability to disguise human (beneficial) owners
• Potential to hide actual business purpose
and activities
• Lack of external/internal oversight of
business activities

Nominee incorporation services (NIS) firms
• AKA corporate formation agents
• Can legally form a business entity in any state
• Provides Resident Agent, mail forwarding,
and “corporate office service packages” -
gives a shell company the illusion of
legitimacy
• Establishes “nominee” officers, directors,
stockholders, or bank signatories - hides true
owners’ identities from public records
16
Red Flags – Ownership/Legal Structure

Domicile location - higher risk:
• Not domiciled where business operations
located
• Domicile state known to promote anonymity:
Delaware, Wyoming, Nevada
• Physical address: nominee incorp service?
• Off-shore domicile
17
Red Flags – Ownership/Legal Structure cont’d

Cash Intensive Risks
• Ability to easily comingle dirty cash with
legitimate receipts
• Large cash deposits are routine – may be
exempt from CTR reporting
• Examples:
18
Cash Intensive Businesses: Risks
Risk
Factor
Lower
Risk
Higher
Risk
Cash
Intensive
No Yes
Convenience store Car wash Nail/hair salon
Restaurant Private ATM operator Tavern/bar/nightclub
Marijuana dispensary Thrift/retail store Liquor store
Parking lot/garage Money service business Vending company
Pawnbroker

Cross border activity
• Export/import businesses: foreign payments typical, especially wire transfer
• Involves frequent transportation of goods across southwest US border – land or air
• Money service business in southwest border region – Casas de Cambio
19
Foreign Business Activities: Risks
Foreign
business
activities
None
Extensive,
especially
involving higher
risk countries

Consider that:
 Money laundering:
 Introduces criminal $$ into legitimate/respectable business
 Uses techniques developed for legitimate business purposes
 Uses service providers: attorneys, accountants, financial advisors
 The more profitable organized crime becomes, more important to shift profits
into legitimate activities
Conclusion: “Family owned and operated” respectability now a red flag
 Closely-held entity with few or no controls/oversight
 Money laundering & fraud increasingly committed through:
 Legit businesses with strong reputations
 Traditional or well-respected industries
 In perceived “safe” rural/small urban areas
20
The “Respectability Factor” and Customer ML Risk
The perfect hiding places for illegal activities?

Business/Legal Entity Clients: Case Study
CATT International Inc.
• Yuma, Arizona
• Husband and wife team with two other employees
• Cattle broker: arranges for live cattle to be driven from
Chihuahua, Mexico into the US.
Chihuahua:
• Just south of New Mexico/Texas
• Largest cattle producing state in Mexico
• Major center of the illicit Mexican drug trade
• Ciudad Juarez: heavy drug cartel violence;
political/law enforcement corruption

Business/Legal Entity Clients: Case Study #2
Business model:
• Individuals in Mexico paid a per-head fee to drive herds into US
• Payments: $10,000 to $20,000 per person
• US dollar wire transfers through Mexican casas de cambio
• Report gross income of $20 million + annually
What makes this small, “family owned” business a high-risk
customer?
• Massive cattle herds - convenient vehicle for drug smuggling?
• Business dealings primarily with unidentifiable Mexican
individuals
• Large payments through Mexican casas de cambio
• High-intensity drug trafficking region

Length of customer relationship to the institution: risk mitigator
• Established pattern of normal activity
• 5 years is a common threshold
Individuals: Two or more unrelated individuals are owners or
authorized signers
• Possible funnel account
• Potential indicator of human trafficking or elder abuse
23
Customer Relationships and Risk

Customer Relationships and Risk cont’d
Businesses:
• Look for hidden connections:
Bob
Smith
Logistics
LLC
Salon Pro
LLC
NuChem LLC
Magic Nails
LLC
Speedy
Cleaners LLC
LoDo
Trucking Inc
100%
100% 100%
Customers:
Not Customers:
Not a Customer:
• Foreign subsidiaries, parent or affiliates – in what countries

• Keep the customer risk scoring model as simple
as possible
• DOCUMENT the how/why of your model
• Educate front line staff
• Ensure customer information and resulting risk
factors are regularly updated
• Customer risk profiles: continuously evolving
• Address change
• Ownership change (business)
• New foreign payment sources/destinations
• Changes in behavior
• SAR filing
25
Concluding Comments

• Use technology built into your AML systems –
machine learning
• No one risk factor exists in a vacuum
• Risk profile has limited value unless consider
customer behavior as well
26
Concluding Comments

Elements of Customer Risk: Profiles and Relationships

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à Elements of Customer Risk: Profiles and Relationships

Similaire à Elements of Customer Risk: Profiles and Relationships (20)

Plus de Alessa

Plus de Alessa (17)

Dernier

Dernier (20)

Elements of Customer Risk: Profiles and Relationships