Posted by & filed under AML General, Negative News, Research & Investigation.

It has recently been reported that a leaked draft document from HSBC’s monitor identified 13 British customers linked to Islamic terrorist groups in Syria.  While it is impossible to make any determination on HSBC’s AML policy without the full details of the report, this leak highlights a challenging topic for all banks.

There is no official number, but according to British authorities, approximately 850 people from the UK have traveled to support or fight for jihadist organizations in Syria and Iraq.  In many cases, those who have gone to Syria or Iraq have done so in clusters from the same regions or in a close time frame.  The UK is not alone, according to the EU’s Commissioner for Justice, Vera Jourova, about 6,000 Europeans have joined jihadi groups.  The US has also had hundreds of Americans travel to Syria And Iraq to fight.



Red Flags

Dennis Lormel, former FBI Terrorist Financing Operations Chief, wrote a detailed piece covering the Islamic State and like-minded terrorist groups from an AML perspective.  In the article he identified the below financial red flag taken from real-world case studies.

Financial Red Flags to Terrorist Financing

  • IP logins in areas of conflict such as near the Syrian border, to include Jordan and Lebanon, but particularly in Turkey
  • Periods of transaction dormancy, which could be the result of terrorist training or engagement in combat
  • ATM cash withdrawals in areas of conflict
  • Wire transfers to areas of conflict
  • Charitable activity in areas of conflict, particularly in Syria
  • Social media postings (many Western foreign fighters use social media)

The main challenge facing banks regarding terrorist financing is that in many cases it does not take much money to fund terrorist acts.   This makes it difficult for banks to detect because the account activity appears similar to what one would expect from a normal checking or savings account.  Many recent attacks were conducted on a budget of thousands, or even hundreds of dollars in some cases.

It is unfortunate, but sometimes there are only actionable step after a terrorist attack has occurred.  Specifically, the bank should identity and review the activity for all accounts connected to the alleged terrorist, and also identify transactions with any other parties that appear unusual or who may be involved in similar activity.  Suspicious activity reports (“SARs”) should be filed on all identified unusual activity.  This is also a good opportunity for the bank to go back look at the client’s activity to determine if there were gaps or red flags that were missed and could be corrected with enhanced procedures.

Open Source Data


Publicly available open information is continually growing and is an excellent source to identify individuals or companies with any direct or indirect terror links.  This can include domestic and international news, regulatory and law enforcement sources, social media, and corporate registries to name a few.

Specifically related to the topic of ISIS links in the UK, the BBC has complied an excellent public data set of Britons who have died, been convicted of offenses relating to the conflict, or are still in the region.  The information was compiled from open sources and BBC research.

The Counter Extremism Project (CEP) also maintains a listing of foreign fighters as part of their Global Extremist Registry.

While the BBC and CEP make this information available in visually pleasing and interactive formats, it can be difficult to work with for AML or investigative purposes.

If you work for a financial institution and would like this information in a more structured format, please send me an email at and I will be happy to send you a Excel file of the extracted data.


Posted by & filed under AML General, Negative News.

Artificial Intelligence or “AI” is the new buzzword in Anti-Money Laundering.  Nervous?

terminatorRecent AML news would have you believe we’re on the cusp of dramatic change that will wipe out thousands of compliance jobs.  AI will then transform those few remaining workers into Arnold-like Model T-101 Terminators annihilating alerts, cases, and SARs with emotionless robot-like precision.

My take is different. There are two likely outcomes of AI.

  1. AI will cure disease, advance all science and then lead mankind to destroy itself.
  2. AI will create more AML work, not less.

Let’s gloss over the first of these inevitabilities.  Once super AI is created and machines actually learn at speeds incomprehensible to human understanding, two things will happen:  First, machines won’t need us anymore, and second the political, economic, and social upheaval caused by AI will lead to cataclysmic war and famine.

But don’t worry, experts say this “super AI” is still probably 50 years away.


AI Impact on AML

For AML, the expectation is that AI will cure the overwhelming inefficiency the plagues us.  Billions of dollars are wasted as AML teams remain buried under false positives, hunt down information from clunky old databases, and make inconsistent, and sometimes really bad decisions.

An AI driven system that can gather data instantly and be programmed to make decisions when given a set of simple facts will no doubt change AML.  But this “weak AI” as it is known, won’t reduce AML workloads, it will actually increase them.

Let’s start with something everyone in AML agrees about:  There is too much time spent on finding stuff.  Take alerts and cases, for example, where 80% of the time on each matter is spent not on actual analysis and investigation, but on gathering transaction records, KYC information, and risk information such as negative news.  Or how about the AML risk assessment, which is just mostly a multi-month (or yearlong) data gathering exercise.  If AI can eliminate this wasted time and gather needed information in seconds, then indeed certain AML work will be reduced.


Peak Work?

peak-oil-graphIt wasn’t that long ago that the smart minds of science predicted the world was soon to run out of oil. The last 10 years has made it obvious that this theory, known as the “peak oil,” was utterly wrong.

A similar view, call it “peak work,” is what creates the hope that AI will transform AML:  All the work that needs to be done in AML is already being done, but this “real” work is overtaken by the “busy” work.  AI will eliminate the “busy” work, and we will finally be able to focus just on what remains (the “real” work) and banks will then start shrinking AML departments.

There is a problem with this thinking.  The “real” work of AML hasn’t even yet begun.


We Fail to Detect Most Money Laundering

The U.N. estimates that up to $2 trillion dollars a year is laundered.

Add together total money seized by credible law enforcement agencies from around the world each year and the amount of funds involved in activity reported on SARs and you get much, much less than the actual amount of money laundered.  The “real” work is to find this money.

So yes, weak AI will clear away a lot of the clutter, and it may even be able to report – without the need for human input – simple suspicious activity like cash structuring.

But imagine the activity that will be uncovered once the problem of disparate and inefficient data gathering is solved.  What will happen in banks when unknown customer connections are revealed or when data from innocuous looking wire transfers exposes critical information that up to this point is hidden?

Instead of shrinking AML departments, financial institutions will instead be hiring more investigators to deal with the flood of new, heretofore unknown (and more complex) suspicious activity.  And despite what AI developers may say, computers will not spontaneously learn how to analyze and investigate all this new activity.  It will take years for weak AI to work in banks and then it will take years for this weak AI to become super AI (general intelligence where machines can replicate or surpass human thinking).

Another thought:  Won’t the criminals, who are as well funded (or better funded) than financial institutions also be developing AI to suit their needs?  Perhaps their AI will be better than our AI.

Maybe we better hope John Connor really does take down Skynet.

Posted by & filed under AML General, Negative News.

flip-phoneIt was reported a few weeks ago that Andrew Luck, the star quarterback for the Indianapolis Colts celebrated his new $140 million contract by upgrading his flip phone to a… new flip phone.  It seems Luck is happy with a device that most of us last used a decade ago.

Hearing this took me back to 2003 when I was the AML officer at Riggs Bank and my investigations manager came into my office snapping pictures with his new flip phone.  Wow, a camera in a phone.  That was new back then.

Technology was beginning a breakout period that over the next decade would significantly change nearly every aspect of our lives, except AML compliance.

It was right around this time in 2003 that I signed a $300,000 a year contract for Riggs to subscribe to what remains the AML industry’s leading “Risk Intelligence Database.”  Finding negative news, PEPs, and sanctioned parties was emerging as a critical component of AML.

Nearly everyone (except a quirky All Pro quarterback) adapts to ever evolving technology.  The same cannot be said for AML however, because in over 10 years there has been little to no change in the tools available to AML investigators.

Take how we look for negative news and other risk relevant information: Institutions use applications developed in the 1990’s that still rely on the same 1990’s technology. No one reading this watches a tube television or is waiting for the new release of the latest Palm Pilot, yet AML officers accept using technology that is outdated, and actually undermines a critical component of AML compliance.  Why would they do that?

Legacy negative news and “screening” applications create serious risk for AML officers and their programs.

  • These applications actually contain very little data about negative news and other risks which means when analysts and investigators use these databases, they are constantly missing critical information that is actually available to the public.  How do you explain to a regulator that you missed a key piece of negative news, when they actually find it more easily than the AML group?
  • These applications bury users in false positives which means analysts are wasting time, allowing workloads to pile up which then force the AML team to work faster (and perhaps not as thoroughly).  How effective can analysts be when they spend so much time with their eyes glazed over wading through false positives?  These applications are actually creating risk when they are supposed to be helping to manage it.
  • These applications do not automatically create an audit trail of what was searched and the results. This leaves users, management, quality control, audit, and the regulators without evidence of how the work was completed (or even if it was completed).  What other AML compliance process exists that is based on the hope that the work is being done and being done correctly!?!  It’s 2016, shouldn’t critical compliance applications automatically record work and results?

Andrew Luck may not be missing much by using decade old technology, and what he does miss on Snap Chat or Instagram really isn’t that important.

The same cannot be said for AML officers, where missing key negative news and available risk relevant information has serious consequences.

Andrew Luck can afford to be quirky.  AML officers cannot.  Why would any AML officer push his or her luck?

Posted by & filed under AML General.

prepaid-cardsThe AML risks associated with prepaid cards have been known for some time, and with more than $623 billion loaded on gift cards and other types of prepaid cards in the United States in 2015 there continues to be a challenge for AML professionals to identify illicit activity in this sector.

Below are three separate lists of AML red flags related to the use of prepaid cards from the Network Branded Prepaid Card Association (NBPCA), the Financial Actions Task Force (FATF), and the Wolfsberg Group.  As highlighed in the below FATF paper,


“Red flags will be indicators of suspicious activity where a product’s actual use deviates from its intended use or does not make economic sense.  For example, cash withdrawals in foreign jurisdictions will be expected where the product is a prepaid traveller card, but unusual where the product is marketed to minors.  Red flags should therefore not be applied unthinkingly, but tailored to the product’s characteristics.”

Similar to most types of AML red flags, the majority of issues can either be grouped under transactions that do not make sense or fit the account profile, and red flags that involve discrepancies with the KYC of the customers.


Prepaid Red Flags the Network Branded Prepaid Card Association (NBPCA)

  1. A customer with an excessive number of cards (based on program parameters)
  2. A customer who is unwilling to provide information required by the CIP
  3. A customer who presents unusual or suspicious identification documents that the financial institution cannot readily verify
  4. A customer who requests a shipment of cards outside of the United States
  5. A customer uses different tax identification numbers with variations of his or her name
  6. A customer who is reluctant to provide the information needed for a mandatory report, to have the report filed, or to proceed with a transaction after being informed that the report must be filed
  7. A Cardholder that coerces or attempts to coerce a bank employee to not file any required record keeping or reporting forms
  8. High dollar deposits followed by numerous small withdrawals
  9. A Cardholder who makes multiple value loads on the same day at different load locations
  10. Large number of failed authorizations
  11. Transactions posted to the card account without corresponding authorizations
  12. Transactions occurring in more than one state or country on the same day
  13. Repetitive transactions occurring at the same time for the same amount each day or each week
  14. Transactions consistently occurring outside of the Cardholder’s residential area
  15. Unexplainable transactions with no logical purpose
  16. Repeated transactions outside of the Cardholder’s normal activity
  17. Multiple transactions slightly below reportable thresholds

 Source: Recommended Practices for AML Compliance for U.S.-Based Prepaid Card Programs


Prepaid Red Flags from the Financial Actions Task Force (FATF)

  1. Discrepancies between the information submitted by the customer and information detected by monitoring systems
  2. Individuals who hold an unusual volume of NPM (“New Payment Method” e.g. prepaid cards) accounts with the same provider
  3. A large and diverse source of funds (i.e., bank transfers, credit card and cash funding from different locations) used to fund the same NPM account(s)
  4. Multiple reference bank accounts from banks located in various cities used to fund the same NPM account
  5. Loading or funding of account always done by third parties
  6. Numerous cash loading, just under the reporting threshold of USD 10 000 (i.e., structured loading of prepaid cards), of the same prepaid card(s), conducted by the same individual(s) on a number of occasions
  7. Multiple third party funding activities of a NPM account, followed by the immediate transfer of funds to unrelated bank account(s)
  8. Multiple loading or funding of the same accounts, followed by ATM withdrawals shortly afterwards, over a short period of time
  9. Multiple withdrawals conducted at different ATMs (sometimes located in various countries different from jurisdiction where NPM account was funded)
  10. NPM account only used for withdrawals, and not for POS or online purchases
  11. Atypical use of the payment product (including unexpected and frequent cross-border access or transactions)
  12. Large  number  of  bank  accounts  held  by  the  same  prepaid  card  company  (sometimes  in different countries) apparently used as flow-through accounts (may be indicative of layering activity)
  13. Prepaid  card  company  located  in  one  country  but  holding  accounts  in  other  countries
  14. (unexplained business rationale which could be suspicious)
  15. Back and forth movement of funds between bank accounts held by different prepaid cards companies located in different countries  (may be indicative of layering activity as it does not fit the business model)
  16. The  volume  and  frequency  of  cash  transactions  (sometimes  structured  below  reporting threshold) conducted by the owner of a prepaid card company do not make economic sense

Source: Money Laundering Using New Payment Methods


Prepaid Red Flags from the Wolfsberg Group

  1. Information mismatch from application
  2. Application information/address/customer differs from pre-screened applicant
  3. Inability to verify card holder identity information
  4. Inability to provide government issued identification details
  5. Primary/secondary user name appearing on applicable government watch/sanctions lists
  6. Change of address to high-fraud area or to problematic jurisdiction, shortly after the card issuance or credit line increase
  7. Frequent and unusual use of the card for withdrawing cash at ATMs
  8. Structuring payments/Overpayments: balances on cards may move into regular credit where card holders pay too much or where merchants give credits to an account. Money laundering may be facilitated via refunds of the credit balance
  9. Unusual cash advance activity and large cash payments: the monitoring of incoming cash is critical, as excessive cash payments are often an attribute of money laundering. Credit balance accumulation resulting in refunds (CBRs) should be monitored as they can be used
    as part of a scheme to launder funds
  10. Cross Border: cash withdrawn via cards in another jurisdiction permits easy (and potentially high-value) cross-border movement of funds with a limited audit trail
  11. Unusual purchase of goods or services in countries regarded by an institution as posing a heightened risk for money laundering;
  12. Excessive payments on private label credit cards via gift card from the merchant
  13. Purchases at merchant on personal cards which are significantly out of pattern with historical spending behavior;
  14. Merchant credits without offsetting merchant transactions
  15. Excessive customer service calls
  16. Abnormal customer contact behavior (e.g., frequent changes of address)
  17. Multiple and frequent cash payment or money orders; large, cross-border wire transfer payments
  18. Where Issuers have access to this information, Settlements/partial settlements from unrelated third parties
  19. Where Issues have access to this information, unrelated checking/current account paying multiple credit card accounts
  20. Excessive/ongoing large credit refunds

Source: Wolfsberg AML Guidance on Credit/Charge Card Issuing and Merchant Acquiring Activities


Posted by & filed under Research & Investigation.

PEPWhile most financial institutions subscribe to a Political Exposed Person (PEP) list, there are many cases where these lists lack coverage or additional research is required.  Below is a list of seven free additional open sources to help you track down PEP information.

1. CIA World Leaders List

An online directory published by the CIA of “Chiefs of State and Cabinet Members of Foreign Governments.”  The directory is updated weekly and can serve as a great reference aid.



A project to “collect and share data about every politician in every country in the world, in a consistent, open format that anyone can use.”  Today the site has collected the data for 71,173 politicians from 233 countries.


3. CIBOD Biographies of Political Leaders (Spanish only)

Biographies on 766 political leaders from around the world.   The service aims to be “useful in the fields of education, research, consulting, journalism and politics” or for any user interested in global political leadership.


4. contains a list of heads of state and heads of government of all countries and territories, going back to about 1700 in many cases.


5. US Diplomat List

Provided by the U.S. State Department, this publication covers foreign missions (embassies, interest sections) in the United States.  It contains the names of members of the diplomatic staffs of these missions and their spouses.


6. Central Bank of Uruguay PEP List (Spanish only)

This is a PEP list made at the request of the Central Bank of Uruguay.  The list includes approximately 1,800 people who hold or have held public functions of importance in Uruguay and abroad.


7. cites itself as a “free database detailing the connections between powerful people and organizations.”  The site also offers a free visualization tool named Oligrapher.

Posted by & filed under AML General.

FinCEN has recently released a set of FAQs to assist financial institutions in understanding the scope of the new Customer Due Diligence Requirements.

The document helps clarify, and provides additional guidance on many aspects of the new CDD rules, such as which account and entity types would be exempt from the rule.  Financial institutions will have until May 11, 2018, to fully implement and comply with the CDD Rule.

Be sure to check out our earlier post on ways to identify ultimate beneficial owners!


Link to full document (pdf)

Posted by & filed under Negative News.

In 2005 I was the AML Officer for Riggs Bank overseeing an AML team and hordes of consultants.  Riggs was caught up in a whirlwind of regulatory, law enforcement and Congressional investigations.  Selling the bank was the only option, and before approving any sale, the regulators wanted a bunch of projects completed.

negative-news-batch-search-problemsOne of the projects involved negative news screening.

We “batch ran” a list of about 2,000 high risk client names against the leading negative news database.  That database, which I will not name, remains the industry’s “leading” source of negative news screening.

After nearly 4 months of work and hundreds of thousands of dollars in consulting costs here is what we found:

2,000 high risk customers were run against the negative news database generating over 30,000 “hits.”  From those “hits” there were zero (not one) investigation that uncovered information we needed to report to FinCEN.

Every so called “hit” (aka “alert”) was in fact either not related to the Riggs customer, the information in the database was incomplete, or the underlying information in the database was no longer available for review by the consultants.

Ultimately, the entire exercise was a waste of time and money.


What Exactly Is Negative News Batch Screening

Negative News batch screening has become a nearly universal process for financial institutions of all types and sizes.  Why?

There is a perception among AML professionals and regulators that the database products used to batch screen names contain vast amounts of information about people and entities that have engaged in, or alleged to have engaged in financial crime activity. If this were true, then negative news batch screening would in fact be a good use of resources.  But the reality is much different.

Negative news databases actually include only a very small amount of publicly available financial crime risk information.  How small?  Consider this:  the leading negative news database has about 2.3 million of what are often called “profiles” of individuals and entities who, according to the database company, present some sort of financial crime or regulatory risk.

Two million names may sound like a large number.  It is not. This year alone, more than 5 million new pieces of negative news data will be published.

This means that over the 15 years since AML groups first began using these negative news applications, the leading databases have not yet accumulated the equivalent of 5 months of publicly available negative news information!

Shouldn’t this be a problem for anyone relying on these datasets to actually find negative news information? This includes AML officers, AML investigators, and the regulators.


The Problems with Negative News Databases


They Miss More Information Than They Find info-iceberg

The fundamental challenge for any database is data. “Batching” or automating the screening of a list of customer names requires that there be another list against which your customer list is compared.  Such lists must be “structured.”  Think of a structured database as an Excel sheet with columns and rows.

To create these negative news databases, employees of the database companies read news articles and then select limited information to enter into the database. This is a slow, tedious and highly subjective process.  This is a problem of all databases that rely on human curation.  No wonder the datasets are so small.

And perhaps they are even smaller than many realize.

When these databases say they have 2 million records or “profiles” how many of these profiles are actually in fact just sanctioned entities listed by OFAC and other similar government agencies from around the world?  Including long lists of Politically Exposed Persons is another way databases increase their number of profiles.

No doubt every AML group needs to know if they are dealing with a sanctioned party or a PEP, but this begs a very important question that users of these databases should be asking:  Of the 2.3 million names how many are actually names harvested from true negative news?


Endless False Positives

One would think that with so little data in the databases, it wouldn’t be much work to run a list of customer names and find the very few (if any) that turn up in the database.  Wrong.

Instead of actually finding negative news that is about your customers, the AML department is deluged with “false positives” which is another way of saying, “unrelated results.”  This happens because names are not unique identifiers and trying to “match” one name against a batch of similar names creates all sorts of problems.


Today’s Reality

After more than 20 years in AML, I realize simply doing away with a process like negative news batch screening would raise eyebrows.  However, it is important that those paying for the direct and indirect costs of such batch screening negative news (and the regulators) realize what it is exactly that is being accomplished, what is not, and at what price.


What is Needed for Negative News Screening

Many parts of AML compliance remain untouched by the technological advances that have changed nearly every aspect of our lives.  In 2016, AML professionals and the regulators should expect technology to enable much more from negative news applications, including:

  • Finding as much publicly available negative news as possible – in real time.
  • Drastically cut down on false positives or unrelated information.
  • Simplify search techniques so entire AML departments work consistently.
  • Easy and fast ways to fully document all negative news search results.

Negative news searching remains a fundamental element of identifying, reporting and reducing risk.  It is time to improve how it is done.

TransparINT solves the problems caused by the existing crop of outdated negative news applications.  Contact me at or (202) 641-7485 to see how.

Posted by & filed under Negative News, Research & Investigation.

newsAs part of their work, due diligence analysts and suspicious activity investigators must properly search for “negative news” information.  If they do not, an AML program cannot be considered effective.  Recent enforcement actions, fines, and personal penalties against AML Officers prove this point.

What, however, is meant when AML professionals refer to “negative news?”

The term “negative news” emerged on the AML scene nearly two decades ago when banks first began to address financial crime risk.  The term, as it is currently used, does not capture the wide array of searching and research practices that must be carried out every day by AML analysts and investigators in order to comply with regulatory rules and expectations.

Operating without clarity around what constitutes “negative” information and how it should be found, creates serious risk for AML officers, AML compliance programs, financial institutions and even the regulators.  If an AML officer thinks “negative news” is a term related to media reports and not much else, then his or her program is likely weak and ineffective.


The Definition of Negative Information

When hearing the term “negative news” most AML professionals imagine newspaper articles reporting information about local, national or international crime.  Searching for and finding such news articles is essential for strong AML compliance.  However, “negative news” entails much more than just newspaper stories.

“Negative news” (also referred to as “adverse media” or “derogatory information”) is a euphemism.  A better way of thinking about what due diligence and suspicious activity analysts are searching for is really, “all publicly available relevant risk information.”  That is a mouthful and not likely to be coined anytime soon into AML lexicon.  However, finding “all publicly available relevant risk information” is what AML programs must do to be effective and safe from regulatory and enforcement penalties.


What Is “All Publicly Available Relevant Risk Information?”

In addition to newspaper and other media reports, here are other sources of relevant public risk information that all AML due diligence and suspicious activity investigators need to search:

  • Sanctions and Watch-Lists – Searching lists is often done automatically at account opening.  But often those under investigation are not customers.  Analysts and investigators need to search dozens of sanctions and watch-lists including all those published by U.S. departments such as Treasury, Commerce, and Justice.  In addition, lists from the European Union, United Kingdom, Canada, Australia and lists from key FATF countries need to be considered based upon the circumstances of the investigation.
  • High-Risk Business Registrations – These include lists like registered Money Service Businesses, licensed marijuana business, casinos, and other such entities considered high risk by AML compliance professionals and regulators.
  • Regulatory Filings and Databases – SEC and FINRA disciplinary actions are two examples.  Many U.S. states and foreign countries have similar lists and databases reporting violations and penalties that would be of interest to an AML investigator.
  • Blogs and other Non-Traditional Media – Sites that report issues involving corruption, human trafficking, and investor frauds such as “”
  • High-Risk Non-Profit Watchdogs – Think of the Panama Papers published by The International Consortium of Investigative Journalist, Transparency International’s “Corruption Perception Index” or Freedom House’s “Freedom in the World” rankings.
  • International Organization Databases – A good example is the World Bank’s Stolen Asset Recovery or “STAR” database as well as Wanted Person lists from Interpol.
  • Traditional News and Media – The largest source of negative news, but just how large is it and how much of it do AML analysts and investigators really search?  There are hundreds of thousands of news sources all over the planet.  From the Brown Deer Herald in Wisconsin to the Bangalore Mirror in India, these sources publish more than 15,000 new negative news article about financial crime every day.

So whether you are an AML Officer, and AML analyst or a regulator, the next time the phrase “negative news” arises, realize that it is so much more than many think it to be.  In that fact lies a great deal of risk because existing applications used by AML analysts and investigators capture only a small fraction of the publicly available relevant risk information.


We will be writing more about this issue and the risks it poses to AML officers in the next few weeks.


Posted by & filed under Research & Investigation.

Need help tracking down the link to the Hong Kong Companies Registry or the U.S. Postal Inspection Service’s Most Wanted List (here and here)?

We have just updated the free investigative resources section on our main site.  Some of the more popular categories are the sections for International Corporate Registries, Sanction/Watch Lists, and Visualization Tools.

Please also feel free to share any investigative links and we will add them to the page.



Click here for investigative links

Posted by & filed under AML General, Negative News.


Last week FINRA fined Raymond James & Associates, Inc. (RJA) and Raymond James Financial Services, Inc. (RJFS), a total of $17 million for widespread AML compliance failures.  Most notable perhaps was this fact:  RJA’s former AML Compliance Officer was personally fined $25,000 and suspended for three months by FINRA, effectively ending her AML compliance career.  According to J. Bradley Bennett, FINRA’s Executive VP of Enforcement, additional anti-money laundering and enforcement cases are coming soon.

So what can be learned from the Raymond James fine to make sure your institution (and you) are not the next focus of FINRA or other regulators.

Plain and simple, the Raymond James companies and AML Compliance Officer were “fined for allowing certain red flags of potentially suspicious activity to go undetected or inadequately investigated from 2002 through 2013.”

Looking at the FINRA order, it becomes very clear the Raymond James failure was a failure to identify and analyze publicly available adverse media information, and a failure to conduct proper suspicious activity investigations.


Examples of AML investigations that were identified as deficient:

  • When RJA conducted due diligence on an Ecuadorian bank customer at account opening, RJA’s adverse news information service identified a negative news report about the Ecuadorian bank’s subsidiary.  RJA contracted with a third-party vendor to obtain adverse news information about customers and potential customers, but rather than having the vendor send the reports to the RJA AML Department, RJA had the vendor send reports to the RJA Credit Department.  Adverse news information was not available or consistently escalated to the RJA AML Department, and in the case of the Ecuadorian bank’s subsidiary news, RJA’s Credit Department did not escalate the report to the AML Department to consider since the news did not directly involve the RJA customer.  RJA conducted diligence on the bank customer’s president, but not the individual who had trading authorization over the account.  If RJA’s AML Department had received the negative news about the bank’s subsidiary and reasonably investigated the news and the customer’s control person, it would have identified negative news that the person who held trading authorization and the subsidiary of the Ecuadorian bank each had been sanctioned by FinCEN and OCC for AML deficiencies.


  • RJA did not reasonably investigate suspicious wire transfers sent from the personal account of a RJA foreign affiliate’s financial advisor into the accounts of his own foreign customers.  In total, 194 customers of the same foreign financial advisor transferred over $10 million in third-party wires to a non-RJA client unregistered currency exchange business in the United States.  RJA and Busby (the AML Officer) eventually opened an investigation in March 2012, which Busby conducted herself, into the non-client unlicensed currency exchange business, but the investigation was inadequate.  For example, RJA failed to identify news reports that the non-client unregistered currency exchange business in the United States had been sanctioned by the U.S. Department of Treasury in 2009 relating to embargo program violations.


  • RJA and Busby identified some red flags associated with the outgoing third-party wire transfer of $250,000 to a Panamanian bank account, but failed to reasonably investigate multiple red flags, which included: ( 1) the round dollar amount; (2) the stated purpose of ”export banana shipment” was inconsistent with the accounts’ prior activity relating to gold mining; (3) the individual receiving the funds was in Ecuador but the funds were transferred to Panama; and (4) the Letter of Authorization provided to RJA by the customer was dated a day before the invoice provided by the customer. One month after the RJA investigation, the owner of the Panamanian account was subsequently arrested in Venezuela and deported to Colombia for alleged money laundering.


  • RJA’s failure to reasonably monitor journaling between accounts, combined with its failure to reasonably monitor incoming wires and inadequate investigation of red flags, also caused RJA to fail to adequately investigate activity in the 18 accounts related to an RJA customer JCM.  JCM-related entities actively moved funds between the 18 accounts, often with no trading activity, including movement of $2 million to a South Korean bank account for the benefit of a third-party.  In 2013, RJA opened two investigations into transactions in the JCM-related accounts, one after the $2 million wire appeared on the Foreign Disbursements Report and one after an SEC request relating to JCM, but these investigations failed to reasonably investigate all of the JCM-related account activity.  RJA also closed 70 alerts generated from the Excessive Wires Report for these accounts without any documented rationale.


  • RJA’s failure to have reasonable reports to review for patterns and trends across trading activity also led to the firm’s failure to identify red flags in the accounts of a foreign bank, BP.  Over the period of January 2012 through October 2013, in which Busby was the RJA AMLCO for approximately thirteen months, BP engaged in short-term in-and-out trading of over $70 million in U.S. Treasury Bonds.  Many of these transactions were in round dollar amounts, and many of the sales were followed by the almost immediate purchase of the same bond at a higher price which appeared to lack economic purpose.  Such in-and-out activity without economic purpose by a foreign entity was a red flag of suspicious activity that was not detected by RJA or Busby.


The two overwhelming themes in the above examples are the failures to identify and escalate public adverse media and risk information and the failure to identify transaction red flags indicative of high risk activity.  Even with all of the policies in the world in place, if an AML group is understaffed, lacks training, or doesn’t have the adequate tools to perform their function there will continue to be lapses similar to what was seen at Raymond James.


Further Reading: More details of the RJA’s failures are chronicled in a great article here written by Brian Monroe