Just over a month ago, the final text of the Fifth Anti-Money Laundering Directive (5AMLD) was published, kicking off the 18-month countdown until it comes into play. Its precise, full impact is unknown for now, but it is expected to significantly impact the way governments, regulators and businesses in Europe have to approach financial crime risk.

What’s the rush?

This new directive followed the former surprisingly quickly in large part due to the rising popularity of digital currencies combined with the hysteria following the Panama Papers. Given it’s only been 2 years since the last AMLD was adopted (some countries are still trying to implement it), compared to the 12-year gap between the previous AMLDs, it is clear the European Commission is focused on reassuring people and businesses that they are on top of new and developing issues.

What does 5AMLD actually change?

The key change from the 4AMLD comes in the definition of “obliged entities”, increasing its scope to include virtual currencies, anonymous prepaid cards and other digital currencies. Previously, there have been no specific laws aimed to cope with the risks of virtual currencies and it’s clear that with this new directive, the European Commission is intent on making sure that virtual currencies do not become a safe space for criminality. It also shows clear signs of their move to increase the scope of the fight against money laundering (ML) and terrorist financing (TF), as criminals can take advantage of the anonymity of virtual and digital currencies.

The other key aspect of the 5AMLD is that it further clarifies the requirements and timings for the implementation of the required beneficial ownership registers introduced in the 4AMLD. Essentially, member states and the European Commission will be required to keep accurate and up to date registers that must be interconnected to the European central platform. This integration will allow for more efficient information sharing, making it easier to combat ML and TF.

Other features include the adjustments made to address Politically Exposed Persons (PEPs), expanding the definition and pledging to publish a combined list of EU and Member states’ lists of all prominent public functions. Traditionally, a “one size fits all” and “once a PEP, always a PEP” approach has been used, but this system is not adequately risk-based. The new regulations hope to address this issue by integrating a more nuanced and comprehensive approach to identifying and managing the financial crime risked linked to PEPs.

There is also set to be enhanced co-operation and information sharing among EU Financial Intelligence Units (FIUs) in the hope that this will make information more easily accessible and align with international best practices. FIUs across the EU receive broader powers under the 5AMLD as they will no longer need be limited to the identification of a predicate offence or suspicious activity report prior to filing an information request.

So, how to prepare?

With this new directive being introduced, here are a few things firms may want to consider in preparation:

1)    Virtual Currencies – 5AMLD will require obliged entities, i.e. providers engaged in exchange services between virtual and fiat currencies, to be registered and to comply with AML and CFT requirements. National authorities will be authorized to obtain all the associated information and regulate them accordingly. Exchanges that fall under the definition of an obliged entity will need to start benchmarking their existing frameworks against existing EU and jurisdiction specific AML & CTF controls and making any appropriate enhancements.

2)    PEP Categorisation – With changes being made to PEPs, firms may want to start thinking about how they categorise PEPs and how they apply different levels of monitoring such that when the new categorisation criteria come in, they are prepared

3)    Increased Reporting – Under new business ownership discrepancy rules, firms will be obliged to report discrepancies they find between the beneficial ownership information available in the central registers and their own registers. In the case of reported discrepancies, Member States will be obliged to ensure that appropriate actions be taken to resolve the discrepancies in a timely manner.

4)    Due Diligence Advances – 5AMLD will require a specific Enhanced Due Diligence list to be applied when dealing with high-risk countries defined by the European Commission. You should review and update your due diligence processes to ensure full compliance.

If you need any help scoping enhancements for implementation or indeed reviewing whether your current procedures meet the requirements of EU or jurisdiction specific requirements, FINTRAIL will be happy to offer assistance.

GDPR no longer needs any introduction, and here at FINTRAIL, we loved collaborating with the team at Jumio to help them launch their GDPR e-booklet, which you can download here.  

Together, we came up with 5 key principles that we think best help data controllers understand the activity of their online identity verification providers, and whether or not they’re fully GDPR compliant. Data processors in this space handle vast amounts of sensitive, personal data that, while integral to ensuring customers are who they say they are, can also be exploited or mishandled.  As such, GDPR compliant practices are key.

In brief, these are the main questions that controllers can ask of their processors which will help frame their thinking on this important aspect of compliance:

1. Human Review: How are verification decisions made and what recourse do data subjects have to challenge those decisions?

   • GDPR gives individuals the right not to have significant decisions made about them solely on the basis of automated processing.

2. Compliant Machine Learning: Does the data processor employ Compliant Machine Learning?

   • Under GDPR, vendors can only develop specific AI models trained on the data of a given customer and cannot leverage data from other customers to create more comprehensive models.

3. Data Retention: Can data retention policies be tailored to your business requirements?

   • Clear processes around data retention and deletion help processors and controllers deal with the stipulations around Subject Access Requests.

4. Data Breach Notifications: Do you have a data breach notification process in place and has it been tested?

   • Processors, as well as controllers need to be able to inform relevant parties of any data breach in a timely fashion; having clear and verified processes around this is one step in the right direction.

5. Data Encryption: Is personal data encrypted and protected appropriately?

   • Proper data protection and encryption reduces the likelihood of a breach and increases the privacy of citizens’ information. GDPR stipulates that personal data is properly protected.

You can read more detail in the e-booklet of course, and find out even more information about GDPR, its implications for processors, how best to approach these questions, and exactly how Jumio is helping controllers maintain and manage their GDPR compliance through its innovative identity verification solutions and careful approach to data privacy.

Due diligence - a term bandied about readily with much confidence across many different sectors - broadly accepted as a process that underpins a thorough and confident appraisal of a specific business proposition, perhaps a significant merger, acquisition or other investment. At its most effective, due diligence arms a business with the facts it needs to make confident, astute decisions. At its worst, poor due diligence muddies already murky waters and potentially guides businesses down the wrong path.

To avoid the latter outcome, it’s best to avoid an off the shelf, one-size-fits-all process and instead adopt a bespoke approach that accounts for all inherent risks associated with a particular proposition.

Venture capital (VC) investment in FinTech - a booming industry - is a case in point. VCs have to understand complex business models and cutting-edge technology to pinpoint viable investment opportunities. Armed with millions, or indeed billions - $1.8billion was raised by UK FinTechs in 2017 - and facing fierce competition from other VCs, the panoply of risks presented by startup FinTechs could appear daunting.

VCs will often feel most comfortable assessing the viability of the business model, legal and financial aspects and will engage experts to evaluate the technology. That makes perfect sense. The success of a FinTech largely hinges on a successful combination of those areas and, more often than not, those are the risks most familiar to VCs. However, other stones sometimes remain unturned..

People risk is often overlooked or considered addressed through a simple criminal background check. With the wealth of information sources now available it’s perhaps remiss not to take a closer look at those who you’re investing in. Start-up scams are not uncommon in Silicon Valley; an early 2017 Fortune article explored the sector’s “unethical underside”. Are the founders who they say they are? How accurate are CVs and other stated accomplishments - the CEO of Wkriot pleaded guilty to fraud last month. Have failed attempts to fund other start-ups been disclosed, what about other initiatives that crashed spectacularly? Are other business interests in play that conflict with those of the VC? Many a business leader and politician have fallen foul of skeletons discovered in cupboards they’d long since forgotten about.

How about the culture of the firm? Is there evidence of unethical practices in the founders’ previous businesses? What does social media tell us? The merest hint of unethical behaviour could have a huge impact on culture of the firm, which in turn could lead to corners being cut, regulations not properly adhered to and risk decisions ignored or taken well outside of risk appetite.

Thorough due diligence of a FinTech couldn’t be considered complete without a close look at how its offer might be exposed to financial crime risk. The fledgling nature of the firm will mean a full risk assessment isn’t possible, but early inspection of the proposal will allow for an early judgement to be made on the type of controls and framework needed to deliver a compliant and secure product.

An effective due diligence exercise should alert a VC or other investment firm to concerns in any of these areas. However, if risks go unflagged through neglectful or absent due diligence they hold the potential to manifest further down the line with grave consequences for the VC and other stakeholders.

FINTRAIL would be delighted to discuss structuring a bespoke due diligence process for any aspect of prospective investments. Our team have deep experience in conducting due diligence for global banks, investors and government agencies and have a wealth of cutting edge tools at our disposal.

Dealing with a financial crime crisis - whether that be a backlog of suspicious reporting that has built up, facing de-risking by a partner or finding out that a sanctions process has been working ineffectively - can be an especially stressful time for clients, particularly if the issues could lead to regulatory intervention, potential losses or the restriction of banking or payments facilities.

This is not to mention the obvious and negative impacts that such a crisis can have on customer trust and the potential reputational impact; in many cases, it can be a matter of survival for the business and brand, where trust is hard won but so easily lost.

So, we wanted to share some insight on how our team approaches these tasks to help readers be better prepared and have a head-start if you find yourself in the position of crisis managing a response to financial crime issues.

• Understand the nature of the problem. This sounds like an obvious place to start but it is absolutely critical to everything that follows. If you do not genuinely understand the root cause of the issue your are facing, it makes it very difficult to put in place a response that is effective and proportionate. So for example, if you are dealing with a significant up-tick in fraud or failings in AML or sanctions controls, you need to efficiently and effectively understand the nature of the problem so you can identify the core contributing factors and develop a proportionate response.

• Develop a considered plan of action. Once you have identified the root cause/s of an issue, you need to ensure that you develop a response plan that is action focused and targeted on addressing those specific items as well as factoring in any linked or dependency tasks. For example, it is pointless implementing a new tool or process unless you train those involved in using the tool, otherwise you may just make things worse by increasing operational risk. It is worth bearing in mind that you must be able to demonstrate to your stakeholders that tangible action has been undertaken.  

• Mobilise effectively. This covers not only how you engage the services of and mobilise external parties but also those internal stakeholders or your support network. This is a careful balancing-act against the needs of normal daily business. Depending on the nature of the issue, segregating resources to focus on the crisis can be most effective. Our view of mobilisation is making sure all those involved very clearly understand the issues at hand and are aligned to the common goal of solving the problem, and that those involved have the commensurate level of accountability and authorisation from senior management. This is no time for egoes or political wranglings.

• Ensure transparency. We often get asked ‘what should we say to our bank partner’ or similar. Our advice is always the same and that is you should be transparent. In a crisis scenario, you are aiming to maintain the trust you have built with all your stakeholders and transparency and openness are key values underpinning trust. We can confidently tell you from experience that one of the fastest ways to make a difficult situation even worse is by developing an opaque strategy with your partners - when they find out, trust goes out of the window, making the situation far worse. Instead, communicating the issue, along with regular situation reports and plans for resolution will really help to continue the trust you’ve worked so hard to earn.

• Accurate and effective communication. This needs to focus on the communication intra-team  but also the flow of information to wider internal and external stakeholders. In our view there is a big difference between communicating and communicating effectively. We define effective communication as ensuring the content is received, understood and a behaviour influenced, i.e. action is taken. Accuracy in communication and information is important in a crisis scenario and at times is an area that can suffer from the impact of stress. There are times when a 70% solution on time is going to be better than 90% that is late but accuracy becomes really important when you start to communicate with stakeholders, especially those externally. Accurate and simple communication (underpinned by high quality and accurate information) creates a sense of confidence that the situation is in-hand and under control.

• Continuous Evaluation. Once you have expended effort developing a response to the issue or crisis and have started to execute, it is vital to constantly evaluate progress and impact. Has anything changed? If it has, what are you going to do about it, how and when? The re-evaluation should be ongoing but it is also a critical process once you get to a point you have achieved your objectives and exited the crisis management situation. A wash-up and/or de-brief is a vital activity as it captures lessons learned and facilitates organisational learning.

The FINTRAIL team has developed deep expertise supporting international banks, FinTech, payments and regulated sectors in response to financial crime or regulatory crisis scenarios, drawing on our capabilities across financial intelligence & investigations, compliance advisory, technology, legal and communications. Our multidisciplinary response team can mobilise rapidly in support of a client crisis, providing executive level guidance and peace-of-mind while also delivering operational impact, all backed up by a support network and follow-on technical capacity as required.

If you would like to discuss managing a crisis further, learn more about how FINTRAIL can help your organisation or to discuss any other financial crime topic feel free to get in touch with the team.

FinTechs have been ahead of the curve in understanding certain criminal typologies thanks to the holistic and data centric approach they often take to tackling financial crime. However, there has been little focus on tax fraud as a criminal enterprise and how that may effect the FinTech community.

With the recent release of the Paradise Papers and Panama Papers, tax evasion and tax avoidance are back under public debate as governments and individuals ponder how best to ensure that everyone pays the taxes they owe. The data leaked by the Paradise and Panama Papers put into the spotlight the blurred lines between tax avoidance and tax evasion, which are often facilitated using the same complex mechanisms and can confuse our understanding of what is acceptable tax reduction and what is not. This has put international governments under pressure to address the growing consensus that tax avoidance and the exploitation of tax loopholes has gone too far.

For the FinTech sector, this means that in the near-to-medium future, our understanding of tax fraud and tax evasion could fundamentally shift. To stay ahead of the curve, we therefore have to ask ourselves: how does tax fraud affect FinTechs and what are our responsibilities in combating it?

One of the major confusions around tax fraud, tax evasion and tax avoidance is the definitions used. So, here are some definitions to help us clarify the issue at hand:

Tax Avoidance: tax avoidance is reducing one’s tax burden within the letter of the law (but often not within the spirit of the law). Examples include tax deductions or establishing an offshore company or trust in a tax haven to reduce tax liability.

Tax Fraud: tax fraud, according to HMRC, is illegally avoiding paying taxes. It is made up of three components—tax evasion, criminal attacks and participation in the hidden economy.

Tax Evasion: tax evasion is one type of tax fraud concerning individuals or businesses who intentionally misreport information to reduce their tax liabilities.

In terms of regulation, tax fraud has never received the attention given to sexier crimes such as money laundering or terrorist financing. However, this is beginning to change. At the end of September 2017, the Criminal Finances Act came into force in the UK, which made companies more liable for failing to prevent tax evasion, including facilitating the evasion of UK taxes by international entities and facilitating the evasion of foreign taxes by UK entities. The best way for FinTech companies to avoid liability is through robust risk management and a strong compliance programme.

Not only are FinTechs more liable for tax fraud than before, but the problem of tax fraud is growing. The current gap between taxes owed and taxes due is £34 billion, half of which is due to tax fraud.

There are several ways that tax fraud can touch the FinTech sector, including:

• Using FinTech products to collect bogus tax refunds or to facilitate tax fraud.

• Using FinTech products to process funds derived from the hidden economy.

• Using FinTech products to mask the origin of funds

So what can FinTechs do to protect themselves and reduce the negative social impact of tax fraud? Here are our recommendations:

1.     File SARs in a timely fashion. A quarter of all HMRC tax investigations are stimulated by SARs, so filing these properly is critical in the fight against tax fraud. You can also contact HMRC direct via the link here.

2.     Ensure robust onboarding and KYC policies to a) decrease the anonymity of the product and b) avoid liability in tax fraud cases.

3.     Impose reasonable transaction limits and limits on the number of accounts held in order to decrease the attractiveness of the product to tax fraudsters. Keep these limits under constant review based on changing typologies.

4.     Monitor relationships in an ongoing fashion and watch out for red flags such as

• Suspiciously large transactions sent for ‘expenses’

• Spending that does not reflect expected income

• Unexplained payments into customer accounts from sources linked to work or employment

• Multiple tax refunds coming into one account

• Multiple transfers to financial institutions in high-risk tax jurisdictions

If you would like to discuss tax fraud further and learn about how FINTRAIL can help identify and combat tax fraud typologies, please do not hesitate to contact us.

The global, connected web of financial criminality is difficult to unpick.  However, investigations over the past few years have shed light on the few, yet critically important bad apples amongst the network of financial institutions that enable this web to go un-checked. While many of these simply may lack the adequate controls to tackle money laundering or terrorist financing, other financial institutions have taken a much more direct role in criminal activity. The use of financial intelligence and investigation techniques present an opportunity for the regulated sectors to disrupt criminality at scale and efficiently. As such we are excited to announce the appointment of Nick Herrod as head of our Financial Intelligence and Investigations practice, who will help us drive solutions for clients that continue to deliver impact.

During a recent event hosted by Thomson Reuters, OCCRP Executive Director Paul Radu was asked how the international community should tackle the global and seemingly untouchable scourge of financial crime. His response was telling — go after the financial institutions, big or small, that facilitate the criminal activity. This is an interesting strategy to take, and targeting the institutions facilitating criminal activity presents an opportunity to disrupt criminality on a wholesale basis. The team at FINTRAIL decided to examine this subject in more detail, yielding some interesting results. Through our research we have found that one of the most significant red flags when it comes to these types of institutions (and counterparty risk) is the influence of high risk individuals/PEPs within the ownership structure. To better understand this, two public case studies are detailed below—the Global Laundromat and the BGFIBank Democratic Republic of Congo (DRC)/Hezbollah connection. It is evident that the links between financial institutions and owners more susceptible to criminal motivations can affect the robustness of an institution’s compliance regime and undermine industry efforts to counter financial crime. Taking an intelligence-led approach and exploiting a range of data sources allows us to highlight additional red flags and begin targeting the key nodes and facilitators of this volume criminal activity.

The Global (Russian) Laundromat: This laundromat, exposed by the OCCRP[1] three years ago, funnelled more than $20.8 billion from Russia into Europe. OCCRP reports show that it involved approximately 500 people, from oligarchs to FSB-affiliated individuals.

Igor Putin, cousin to current Russian President Vladimir Putin was a manager and executive board member for the Russian Land Bank (RZB), an institution whose accounts reportedly processed more than $9.7 billion, or nearly half of the total funds involved in the laundromat case. Funds were sent from RZB to Moldindconbank in Moldova, where they were then sent to Trasta Komercbanka in Latvia and from there to the rest of Europe. The OCCRP adds that Igor Putin was brought into RZB initially by Alexander Grigoriev, who allegedly has ties to the FSB and whom the Guardian identified as one of the main ringleaders of the Laundromat. Grigoriev headed the RZB during the laundromat’s operation until the time of his arrest. Putin and Grigoriev were also connected through other companies where Putin was a board member and Grigoriev a shareholder. Putin left the RZB board in 2014 contending he left after becoming aware of ‘the real situation.’[2]

BGFIBank DRC and Hezbollah: According to a recent Sentry report[3], BGFIBank DRC, run by the brother and sister of the president of the DRC, Joseph Kabila, reportedly allowed transactions from companies connected to a known financial contributor to Hezbollah: Kasim Tajideen. Tajideen, and his brothers Ali and Husayn, were subject to US sanctions, as were entities under their control. Despite this, and despite warnings from BGFIBank DRC employees, the financial ties between the bank and the sanctioned parties reportedly remained intact. Subsidiaries of Ovlas Trading, owned by Kassim Tajideen, would make transfers through BGFIBank DRC to subsidiaries of Congo Futur, managed by Kassim’s non-sanctioned brother, Ahmed Tajideen. Both Ovlas Trading and Congo Futur are under US sanctions, though Ahmed is not. Despite employee awareness of the risks involved, transactions from the sanctioned entities were allowed to continue, and BGFIBank DRC even went as far as to request the US Treasury unblock a transaction involving one of Tajideen’s companies and another bank. BGFIBank DRC had previously been alleged of diverting millions of dollars in public funds, further calling in to question the AML/CTF regime of BGFIBank DRC and the role the bank’s leadership played in the activity.

These two sample cases demonstrate how financial institution ownership from individuals more susceptible to criminal motivations can encourage complicity or active participation in criminal networks facilitating financial crime. In both, banks with ties to PEPs and high-risk individuals allowed significant cash flows to be laundered and used for criminal purposes. Though only two cases are discussed here, the findings still show how the use of financial crime intelligence and investigations can be utilised to go beyond the basic information generated by many static compliance controls, help better the understanding of evolving typologies and surface new opportunities to counter the capricious threat of financial crime.

At FINTRAIL we have seen an unprecedented level of interest in the financial intelligence and investigation capabilities we offer to our financial service clients, from start-ups to established firms. As such, Nick’s arrival to lead FINTRAIL’s Financial Intelligence and Investigations practice could not be more timely. Nick brings an exceptional pedigree to the experienced team at FINTRAIL after completing a range of public and private sector roles, culminating in his position as the Head of Global Intelligence Team within HSBC’s Financial Intelligence Unit where he was responsible for overseeing a significant portfolio of investigations that focused predominately on large, multi-jurisdictional networks facilitating illicit financial activity. Nick will continue to build on FINTRAIL’s strategy in this area, understanding the needs of our clients of all sizes and ensuring that we are delivering a suite of capabilities and solutions to help our clients mitigate the negative impacts of financial crime.

[1] https://www.occrp.org/en/laundromat/the-russian-laundromat-exposed/

[2] https://www.occrp.org/en/laundromat/the-russian-banks-and-putins-cousin/

[3] https://cdn.thesentry.org/wp-content/uploads/2016/09/TerroristsTreasury_TheSentry_October2017_final.pdf

Human trafficking has sadly become a widespread and global issue; from the woman forced into prostitution and kept locked up in a house, to the man working on a construction site, stripped of his documents and any salary taken from him. Every 30 seconds, the criminal industry of human trafficking makes more than $30,000; bringing in approximately $32 billion a year.

In the world of financial crime, human trafficking is a predicate offence (the criminal activity and the proceeds money laundering), the revenues of which may touch financial services as the profits are laundered. Financial services may also be used to facilitate these offences, providing the ability to pay subsistence for accommodation, book flights for a trafficked person and other activities traffickers rely on. As the awareness of human trafficking increases and pressure is applied to the criminals that make huge sums from the exploitation of others, the criminals may be forced to look at alternative financial arrangements or exploit new technologies to their advantage.

There are numerous behavioural patterns characterising the organised crime groups involved. Having analysed the most often occurring subtleties, it is evident that tools such as the Internet and other communication devices are utilised expansively. The most intimidating organised crime groups are mainly those capable of governing the entire course of trafficking, from the recruitment of victims to the reinvestment of the criminal proceeds.

Through our industry engagement, FINTRAIL has seen an increase in FinTechs’ awareness of the fight against human trafficking and subsequently, human trafficking was the subject of the October 2017 FinTech Financial Crime Exchange (FFE). Members presented case studies and industry experts provided insights on the changing nature of the threat and industry initiatives to tackle the problem. Many of the FFE members were able to give examples of cases where they had detected indicators of financial crime involving human trafficking or exploitation, demonstrating this is not only an issue that impacts large financial institutions but may also directly impact the FinTech industry. In fact, some of the features common to modern FinTech such as non-face-to-face onboarding and ease of account management/overview may make it potentially attractive to those involved in trafficking and exploitation. As a result, FinTechs are conducting enhanced Know Your Customer (KYC) checks and are scrutinizing onboarding documentation in an attempt to combat human trafficking.

The FFE session identified specific typologies that may be relevant in a FinTech environment and what mitigations and actions industry may be able to apply. Some basic example indicators or red flags are detailed below:

- Customers taking selfies or completing onboarding checks, appear to be under control of someone else. This may appear as someone in close proximity as the images are being taken or controlling what is done or said.

- A customer may not be in possession of their own legal documents and may add unreasonable delay while they get them from someone else.

- Recurring payments being made from one account to multiple accounts for wages at unreasonably low amounts.

- Multiple point-of-sale transactions at car rental agencies, airline ticket purchases and train ticket purchases with no subsequent spend in that destination.

- High expenditure payments at fast food outlets, supermarket outlets, clothing stores, drug stores etc.

The FFE and its members will continue to focus on human trafficking and its negative impact on society and implications for financial services. In addition, FINTRAIL will track the evolution of financial crime typologies associated with human trafficking in order to identify any shift by those criminals to target financial services as a tool to further their illicit and damaging behaviours.

If you would like to discuss human trafficking further, learn more about the FFE and how FINTRAIL can help your organisation identify and combat human trafficking get in touch.

On 17 October 2017 Thomson Reuters held the first in a series of events on Financial Crime. This event explored the recent investigations conducted by the team at the Organised Crime & Corruption Reporting Project (OCCRP) into the global laundromats. The brave and fascinating work by the team at OCCRP exposed the complex and globally connected money laundering networks that via a web of hundreds of companies and associated financial institutions have laundered over $20 billion.

Although the laundromats are money laundering on a huge and global scale, and it may seem like a problem only big financial institutions may have to deal with, OCCRP Executive Director Paul Radu stated that every laundromat case he’s worked on has involved myriad UK companies. This means the issue is right here on our UK doorstep.

Although money laundering through complex laundromats can seem like a victimless crime, they are in fact part of networks taking huge sums via corruption of national pensions, financing groups involved in serious organised crime like human trafficking, funding terrorist organisations, and destroying lives.

So what does this mean for the FinTech community? There is real excitement about the commercial opportunities for challengers in the business and commercial customer segments and this is very much true, but this segment also brings with it a very different set of financial crime risks that really need to be understood and factored in to an effective and proportionate financial crime risk management framework. When you consider the factors that may impact on financial crime risk, the customer type (i.e. complex corporate ownerships), geographies (i.e dealing with suppliers/customers across a range of geographies), product type (i.e. high value transactions or products) and channel (i.e. often in a FinTech this is non face-to-face), can all have a material impact on the potential risks a FinTech targeting this segment may face.

So what can FinTechs targeting these new and exciting customer segments do to assist in the fight against these laundromats, comply with applicable regulations and do their bit to reduce money laundering? We have provided a few helpful hints below:

- Ensure you have a financial crime risk assessment that accurately reflects your unique circumstances. All companies and products will have their own unique factors to be considered and may impact on your risk profile. In many cases, it is not only a regulatory requirement to have a risk assessment but it is also a hugely powerful tool to help you define and navigate your compliance and risk frameworks.

- Understand your customers. Just because you are targeting customers who may be registered in the UK or other equally regulated markets, it does not mean they may not get involved in illicit activity. This goes beyond basic identification of your customers to ensure you understand the nature of your customer’s business and how they intend to use your product/s. Without that knowledge, it becomes very difficult to monitor effectively and can/will cause negative customer experience in the long-term.

- Understand the typologies and red flags that you and your team should be looking for. By staying current on evolving typologies allows you to keep pace or even out-pace the criminals and reduces the long term negative impacts criminals may have on your business.

Paul Radu said at the event "it takes a network to fight a network" and although he was referring to an international network of the likes of law enforcement and financial institutions working together to tackle it, the growth of alternative financial services further diversifies the pool. The FinTech FinCrime Exchange (FFE) is one such network, where FinTechs come together to effectively collaborate and combat financial crime such as money laundering.

If you would like to discuss money laundering, or any of the topics raised in this post please don’t hesitate to contact the team at FINTRAIL.