How could corruption affect our organization?
Corruption can affect financial services organizations in several ways. While the potential influences of corrupt actors and transactions are often an initial consideration, financial services organizations that operate exclusively in the U.S. are also not immune to the effects of both foreign and domestic corruption.
According to the “Memorandum on Establishing the Fight Against Corruption as a Core United States National Security Interest” issued by President Biden on June 3, 2021, corruption threatens U.S. national security, economic equity, global anti-poverty and development efforts, and democracy itself. The U.S. financial system is heavily intertwined with each of these items, thereby affecting financial services organizations of all sizes. Further, anonymous shell companies, opaque financial systems, and various service providers have the opportunity to enable the movement and laundering of illicit wealth.
Have we conducted a risk assessment to understand the level of impact from potential corruption?
A risk assessment is critical to the strength of any AML program. However, few financial services organizations include an assessment of their risk exposure to corruption and bribery.
Organizations should consider the risk exposure posed by their higher risk client types and particularly those that can act on behalf of their clients and facilitate money movement. These individuals can pose a higher risk given their knowledge of various AML-related rules and regulations and their abilities to circumvent certain rules.
Because corruption is a FinCEN priority, organizations of all sizes and trade areas also should consider incorporating the risk of corruption and bribery into the customer base section of their AML risk assessment.
Do we have an anti-bribery or anti-corruption policy?
Once a full assessment of an organization’s risk exposure to corruption is determined, a review of existing anti-bribery or anti-corruption (ABAC) policies is in order. Relevant policies should correspond to both an organization’s risk profile and to regulatory requirements.
Each policy should include the contact information of the ABAC officer and relevant regulatory requirements.
Are our employees trained on red flags and signs of corruption?
Typical red flags of corruption often mirror the traditional red flags of money laundering. According to the 2018 "National Money Laundering Risk Assessment," corruption cases typically involve the use of shell companies and help of lawyers or other professionals to facilitate the purchase of real estate and luxury goods. Furthermore, based on findings published in the 2022 "National Money Laundering Risk Assessment," corruption is one of the crimes that generates the largest amount of criminal proceeds.
It is critical that training programs include information on how to distinguish between money laundering and transactions that might indicate corruption. For example, who are the individuals involved in the suspicious transactions? Could they be associated with a government agency, either foreign or domestic, in any sort of capacity? Adding this layer of critical challenge to transaction monitoring alert investigations could aid in the identification of corruption.
Do we have a politically exposed person (PEP) policy, procedure, approval process, and exit strategy that aligns with our risk tolerance?
While the answer to this question is typically “yes” for most financial services organizations, many organizations accept the risk of domestic PEPs within their customer portfolios. In fact, many organizations reserve their definition of a PEP for foreign individuals only.
Considering FinCEN’s priorities, each organization’s PEP policies should be critically challenged as appropriate on the foundation that officials from all levels of domestic government present some level of risk for potential corruption. For example, two of the many corruption cases within the past several years include a small-city police chief and a member of Congress. Financial services organizations should carefully assess all risk exposure to domestic PEPs and subsequent risk exposure to corruption proceeds.
Do we have the appropriate governance processes in place for policies and procedures, including those related to anti-corruption or PEPs?
Just as governments around the world and in the U.S. are at risk for corruption, financial services organizations are as well.
In many corruption cases, involved parties attempted to launder illicit proceeds using a flow of funds through the financial system. Adequate governance of anti-bribery, PEP, and anti-corruption policies can help protect a financial services organization from becoming involved in facilitating this form of corruption.
Examples of governance include:
- Robust policies and procedures aligned to the risk profile of an organization
- Periodic review and approval of policies by the board of directors
- Implemented controls to assess the organization’s adherence to written policies and procedures
Do we regularly issue updates, receive board or committee approval (as required), and train employees on any changes or updates?
Once a financial services organization has updated its AML risk assessment with corruption-related risks and updated its policies and procedures to address corruption risks that exceed their risk tolerance, all updates should be reported to, and approved by, the board of directors. The updated anti-corruption policies, procedures, and training should then be communicated and rolled out to employees as soon as possible and at least annually thereafter.
What would be a good first step toward enhanced anti-corruption policies?
Countering corruption and bribery is a priority of FinCEN, law enforcement, and regulators. Organizations can take several steps to enhance their policies and procedures to reflect a heightened focus on these threats and all national priorities identified by FinCEN.
Specific steps might vary between organizations but can include:
- Incorporating consideration of bribery and corruption into risk assessments
- Developing controls, policies, and procedures to mitigate identified risks, specifically as they relate to payment service provider and PEP risks
- Implementing developed controls and procedures
- Providing anti-bribery and anti-corruption training
- Monitoring and testing associated controls to confirm they are functioning as intended
- Periodically performing an independent assessment via internal audit
No organization is immune to corruption, but none is defenseless, either
Financial services organizations of all sizes can have exposure to both foreign and domestic corruption risks from a variety of levels.
It is worth the investment for organizations to both understand the potential sources of corruption that could flow through their accounts and take the appropriate measures to act against them. Remaining prepared with continual training, updating, and review can demonstrate responsibility toward and compliance with regulatory requirements and safeguard the reputation of financial services organizations against illegal behaviors.