ABA Money Laundering Enforcement Conference Convenes by Ken Golliher Principal, Pegasus Educational Services, LLC

ABA Money Laundering Enforcement Conference Convenes
by Ken Golliher
Principal, Pegasus Educational Services, LLC

Adhering to an established tradition, the ABA/ABA Money Laundering Enforcement Conference marked record attendance when it opened in Washington, D.C., yesterday (October 30, 2005). ABA personnel noted that approximately 1200 attendees are expected and the exhibit hall contains 40 vendors promoting a variety of BSA/AML compliance support services. The final agenda includes detailed information on the schedule and more biographical information on the presenters.

First on Sunday's agenda was a general session, "Money Laundering and AML Program Challenges Affecting Credit Card Issuers." While the presentations tracked the title and would prove particularly helpful to credit card issuers, it could also serve as a template for banks in the detailed analysis necessary to evaluate each of their products and services. Attendees participated in the segment by responding to a number of polls via handheld transmitters.

The conference's first speaker, Ami Kim of Capital One Financial Corporation, provided the first of many panelists' allusions to the heightened emphasis that regulatory agencies are placing on formal risk assessments. She acknowledged that Appendix J to the recently revised BSA/AML Examination Manual is the natural starting place for evaluating credit card risk and that reevaluations would be necessary on a periodic or "event driven" basis.

In analyzing the risk that credit cards could be used in money laundering, she suggested four general focal points for analysis:

• target customers,
• transactions,
• account management and
• existing controls.

Kim described the transaction portion as the "the meat" of the risk assessment. Noting that credit cards generally have something most other bank products do not, robust fraud detection capabilities, she suggested that the analysis focus on:

• Payments; types, any limitations?
• Charges: any limitations or controls?
• How to increase credit line?
• Any cash or other funds transaction permitted, limits?
• International transactions?
• Internet access?
• Internal controls?

She concluded that credit cards could generally be evaluated as a low risk product or service, but that areas of specific analysis should include payments, international transactions and credit balance refunds.

Another panelist, Barry Koch of American Express, praised U.S. acceptance of the concept that CIP, particularly in credit cards, should be risk-based rather than prescriptive. Indicating that "Documentary verification is almost meaningless in the credit card world ...," he noted the inherent unreliability of identification in face-to-face transactions. He pointed to the availability of "apparently real" fake identification over the Internet, but also emphasized that oftentimes "real" identification; e.g. certificates of existence for offshore companies, is an equally unreliable basis for establishing customer relationships.

Like Kim, he emphasized the superior fraud detection capabilities of credit card systems. However, he also noted that fraud detection is aided by the identification of specific events that preceded prior frauds and that money laundering has no such natural markers. He indicated that, based on everyday standards, those using credit cards to launder money might well appear to be good customers. He encouraged attendees to focus their analysis on how credit cards were used and how payments were made. As examples, he asked attendees how many had ever used a credit card to purchase a gun and how many had ever paid a credit card bill with a wire transfer.

Panelist Dennis Lormel of Corporate Risk International, noted that credit cards have played a significant role in some aspects of terrorist financing. He acknowledged that credit cards had been used on some occasions as a method of payment in support of terrorist operations. However, he also noted that the "new generation of terrorists" is more dependent on self funding rather than contributions, and has turned to credit card fraud as one of many criminal activities used to finance their enterprises.

He encouraged banks to fulfill their SAR filing responsibilities and to include all possible identifying information in the narrative to facilitate "data mining" by law enforcement personnel. Lormel also encouraged banks not to wait for their SARs to be processed and to contact law enforcement personnel directly.

Sunday afternoon's second session allowed attendees to choose between two breakouts. One was designed for industry personnel who are new to BSA coverage; e.g. insurance firms, dealers in precious metals, etc. The second focused on transaction monitoring.

John Atkinson from the Federal Reserve Bank of Atlanta kicked off the panel discussion for The "Transaction Monitoring and Technology" segment. He reiterated the regulatory agencies' emphasis on the formal risk assessment and encouraged banks to "Get off to a good start with a thorough, honest risk assessment." He described transaction monitoring as "... the heart of an effective program .... It's the one piece of the compliance program most likely to draw regulatory scrutiny if it's not functioning properly."

Noting that a lot of small banks can get by without a "fancy system," Atkinson said that those that do not have AML software will be relying very heavily on well-trained employees supported by conventional reports generated by their vendors; e.g. large currency transactions, suspected kiting reports, etc. He encouraged attendees to establish a map of their monitoring processes marking the methods used for:

• alerts,
• referrals,
• investigations,
• decisions and
• filing (SARs).

Atkinson also encouraged attendees to "Put your resources where your risks are," rather than spread monitoring efforts across the entire spectrum of possible transactions, and to develop the system that is appropriate for their risk profiles. He noted the stress points of any system might be a process that was too labor intensive or relied too heavily on key personnel for comprehension and understanding. He also encouraged the small bank relying on manual processes to keep in mind that significant growth would eventually render those processes ineffective.

Representing the perspective of the community bank, Christopher Spellman from the American Sterling Bank described his bank's monitoring program. He encouraged similarly situated institutions to document their policies, procedures and processes, and rely heavily on regulatory guidance provided in the recently revised BSA/AML examination manual. He mentioned the importance of using Appendix J in that publication in developing the bank's risk assessment and the use of conventional reports in the analysis of customer activity.

Elliot Berman of Johnson Financial Group rounded out the panel discussion with remarks regarding the effect that growth would have on the viability of the monitoring process. The effects of:

• more locations,
• more transaction volume,
• new product lines,
• new geographies,
• new customer groups and
• growth through acquisition

could all render a previously proficient monitoring system as unworkable; i.e. leave the bank "drowning in data." He noted that growth should not just happen and that a major issue in designing a monitoring system is whether it is scalable to the future growth of the institution.

The conference runs through Tuesday of this week. Recordings of individual sessions can be purchased through IntelliQuest Media after the conference is over. Next year?s MLEC will be held October 8-10 at the Marriott Wardman Park Hotel in Washington, D.C.

First published on BankersOnline.com 10/31/2005