Top 5 takeaways from the RemitONE Compliance for Money Transfers panel at IMTC EMEA 2021

Earlier in the year, a few of the key players in the remittance industry digitally gathered together to discuss a wide range of key topics within the field of money transfer compliance in a panel hosted by RemitONE. The panel included deep dives into anti-money laundering practices, responding to suspicious activity, OFAC compliance (Office of Foreign Assets Control), and much more.

Moderator:

Oussama Kseibati, Head of Services at RemitONE

Panellists:

  • Ibrahim Muhammad, Independent Payments Consultant, Al Fardan
  • Nadeem Qureshi, CTO, USI Money

To condense the panel into a few paragraphs would be a tricky task indeed, so we’ve decided to focus on five of the key takeaways that our panellists settled on during their discussion.

1. Cybercrime requires a threefold solution – Ibrahim

There are two different types of financial crime. Broadly speaking, on one hand, there are crimes related to money laundering, terrorist financing, fraud and cybercrime. On the other hand, there is financial crime related to bribery and corruption. When it comes to the money service sector it’s the former type of crime that’s been on the rise recently, thanks to the pandemic and the increased digitisation of companies.

How do we prevent these attacks? It’s a threefold solution. First, companies need to ensure the right people are in charge of their systems – this means people with a clear understanding of risk assessment. Second, they need to put well-documented processes in place, guided by policies and procedures. And finally, the systems need to be robust enough to identify, prevent and deter financial crime.

2. Plugins have made all the difference – Nadeem

The availability of plugins is gradually taking us away from an environment of weekly updates and into a more active, real-time environment. What used to take weeks can now take place in the space of days or even hours, with lists being updated and names being added constantly.

Working with something which is real-time means it’s so much easier to identify a weakness faster. These days you have customers registering and processing within a matter of minutes. But as we’re working towards that more efficient way of processing, it’s vital that the system is robust and is set to your needs as opposed to the system needs.

3. There are two sides to the story – Oussama

There are two main sides to the new compliance regulations that we’re seeing. It’s not just where you yourself operate, it might also be where and whom you’re sending to. What kind of regulations do they have and what are their maximum receive amounts, for example?

We have to understand this because there’s an ever-changing landscape right now with new rules and regulations being set all the time. Unless you’re on top of those changes, then you’re always going to be putting yourself at risk when partnering with someone. It’s also worth noting that a lot of the regulations come from the central banks and they will have their own lists and connections that you’ll need to take into account.

4. Transaction monitoring and risk profiling are key – Ibrahim

Transaction monitoring is a key part of KYC and should always be an ongoing process. When we onboard the customer, that doesn’t necessarily mean we’ve 100% verified them. It’s the ongoing transactional behaviour of the customer that allows us to do that and this is where profiling plays such an important role.

You need to do a proper risk profile or categorisation based on the transactional behaviour of your customers and categorise these customers into different risk profiles at both the customer level and the transactional level. Of course, there are multiple systems, including RemitONE’s, that can facilitate the onboarding process and ensure that the customers are who they claim to be. But they can also track where money is going so that, for example, if the destination country is high-risk then additional checks can be put in place and appropriate limits can be set.

5. Creating an effective monitoring programme is all about asking the right questions – Nadeem

The first thing to do when building a transaction monitoring programme is to really look at whether you’re a B2B, B2C or B2B2C service. Once you can answer that question and are able to identify your customers, it’s much easier to break everything down. After this, you need to answer the question of the dual jurisdiction process – the rules and regulations in the sending and receiving countries.

Finally, once the system is configured, you need to ask whether or not it needs to be looked at a little deeper. Because so often you’ll rush to go live and there will be a tech anomaly that was overlooked or a parameter that wasn’t set right. Once you can confidently answer all of these questions, only then can you create something in terms of a robust framework, whether it’s for monitoring or compliance.

We’d like to extend a huge thanks to Ibrahim, Nadeem and Oussama for their time and insights.

What next?

Now that you’ve read our article we want to help you get the most out of it and deep dive into the trends and predictions shared.

Tap into our experts and schedule a free 30min consultation.

AML and CFT Guide for Money Transfer Start-Ups

Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT), are terms mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent, detect, and report money laundering and terrorist financing activities.  

Every regulated entity should have appropriate AML as well as CFT checks and controls in line with the regulatory framework of the jurisdiction where the entity operates from.    

To make it easier for Start-Ups, please find below the diagram of the AML/CFT Ecosystem:

AML CFT Ecosystem

The ecosystem shown above shows the five core responsibilities of Money Transfer Start-Ups:

1. Onboard a Money Laundering Reporting Officer (MLRO) 

First and foremost, all start-ups must have a dedicated Money Laundering Reporting Officer (MLRO) who is responsible for managing all compliance activities within the organisation. Depending upon the type and size of the business, there could be one or more members within the compliance team.  

Aside from the MLRO, it is important that other stakeholders such as Directors, Senior Managers and even Shareholders familiarise themselves with the Payment Services and AML regulations within the jurisdiction where the business is registered.

2. Customer Due Diligence (CDD) 

Each entity is responsible to identify the customers that they deal with. This step is known as the Know Your Customer (KYC). The MLRO has to identify the checks and controls that need to be in place to capture all the information needed from the customers as part of the KYC process. 

Apart from KYC, the entity must also maintain the Customer Due Diligence which is mainly to do with checking the customers registering against the watch lists and the transaction patterns of the customers. 

3. Suspicious Activity Reporting (SAR)

The entity is required to conduct appropriate investigations whenever an event such as a transaction monitoring alert or a sanctions match occurs. The MLRO has to validate such investigations further and need to report to the local regulatory bodies in the form of Suspicious Activity Reporting (SAR) or Suspicious Transaction Reporting (STR).

4. Record Keeping

The entity is responsible to maintain records of all their customers and transactions for a minimum period of 5 years or as per the guidelines of the local regulatory bodies. The MLRO has to ensure that the data captured from customers for identification and transaction purposes are stored securely and accessible to the authorized individuals of the entity whenever needed. Apart from customers and transactions data, the entity should also maintain the records of all the SARs/STRs. 

5. Registering and Reporting to Regulators

The entity is responsible to have the registration done with the relevant regulatory bodies in the jurisdiction where the entity operates from. The entity should also be aware of all the reporting obligations in order to submit reports related to the customers or transactions data to the relevant regulatory bodies in the jurisdiction.  

Whether you are a start-up or an established Money Service Business, it is very important that the AML policies and procedures are clearly incorporated within your business model. For more information, advice and support, please contact us.

RemitONE provides proven compliance products for Money Service Businesses and Central Banks and would be delighted to help your business. Contact marketing@remitone.com or call +44 (0) 208 099 5795.