Cleaning up SA’s act
Peter Cromhout is a Partner, PricewaterhouseCoopers Forensic Services
From every corner of the globe, governments and international organisations have rallied against money laundering. In laws, declarations and speeches, the problem has been associated with everything from narcotics to organised crime to political corruption. More recently, the president of the United States has highlighted the connection between terrorism and money laundering, following the tragic events of 11 September 2001.
Defining the concept
What exactly is ‘money laundering’? Money laundering is the process whereby criminals attempt to conceal and disguise the true origin and ownership of their illicit gains from unlawful activities and make them appear legal by means of a single or series of transactions, thereby avoiding prosecution, conviction and confiscation of the illicit gains.
Governments around the world, including South Africa, have recognised the urgency and importance of combating money laundering. To this end, the government introduced comprehensive anti-money laundering legislation in the form of the Financial Intelligence Centre Act (FICA) of which certain sections became effective on 1 February 2002. The FICA complements the anti-money laundering provisions contained in the Prevention of Organised Crime Act (POCA), which became effective in January 1999. The POCA placed an obligation on all employees to report transactions that involve assets suspected of or which reasonably ought to have been suspected of being the proceeds of unlawful activities. This provision, which is called suspicious transaction reporting, will be repealed and replaced by a similar provision in the FICA.
The FICA creates an onerous framework of law and regulation to control the way in which accountable institutions conduct their business as regards customer identification, record keeping, reporting, staff training and compliance requirements. The essence of the new legislation is that it places the responsibility for detecting potentially illegal activities on accountable institutions. Detailed regulations, required to implement the legislation, are currently in the process of being drafted. Government has indicated that the implementation of the various provisions of the FICA will be phased with the objective of full implementation by early 2004. It is anticipated that the provisions of the FICA relating to customer identification, record keeping and the other compliance arrangements applicable to accountable institutions will be implemented from October 2002.
However, South African anti-money laundering legislation falls short of the ‘Special Recommendations on Terrorist Financing’ adopted by the Financial Action Task Force on Money Laundering (FATF) during October 2001 to combat the financing of terrorism. Therefore, the government will need to amend the FICA in order to incorporate FATF’s recommendations on terrorist financing before they will be eligible for membership of FATF.
Money laundering is a serious problem that companies worldwide must confront and actively combat. It is not simply a government-imposed compliance issue that good corporate citizens address in as positive a manner as possible. Increasingly, money laundering is seen as an integral business risk management issue. Failure to prevent and detect money laundering can result in criminal penalties (fines or imprisonment), civil penalties and a negative public image that can result in the erosion of shareholder value.
The South African anti-money laundering legislation draws heavily on similar legislation in other countries. Based on experience elsewhere, particularly the US and UK, the proper implementation of the local legislation will ultimately have a marked impact on the way financial products are sold.
Background checks
In order to report what is suspicious or unusual about customer activities, it is necessary to know what is usual. Thus, the reporting of suspicious transactions, patterns of transactions, or unusual customer behaviour, hinges on Know Your Customer (KYC) principles. Business risk management and anti-money laundering needs converge in the KYC area.
|
KYC principles Each company’s policies and procedures should ensure the collection of the following information on each client: Positive identification Source of wealth/income Identity of all beneficial owners of the business Nature of the business Expected volume and type of transactions |
Traditionally organisational policies and procedures have only focused on obtaining information and performing background checks in respect of customers who borrow money. Limited information is obtained from customers investing in financial products and no background checks are performed. KYC principles require organisations to obtain basic background information on their customers, as contained in the accompanying table. Management information systems will need to be enhanced in order to monitor accounts for unusual and potentially suspicious activities.
It will be challenging to change the behaviour of management and the sales force who will be reluctant to accept that traditional practise are no longer viable under the new legislation. The changes can be significant – for example, changing from a commission-driven sales force to a salaried-based sales force, the retraining of staff and amending systems to provide the information required in the legislation or by management in order to monitor for unusual transactions.
Creating a culture of compliance
A focused, integrated, ‘top-down’ approach to embrace anti-money laundering risk management and control concepts will most effectively foster an environment in which managers and staff are knowledgeable and aware of the risks. An officer occupying a sufficiently high-level position within the organisation should be responsible for anti-money laundering compliance and should have appropriate responsibilities, authorities, and access to the Board and senior management. In order to promote accountability for associated risk management and control processes, compliance with anti-money laundering responsibilities should be included in employee evaluation and compensation systems.
A compliant culture requires leadership from the top of the organisation. Changes in the behaviour of management and the sales force will only occur when the directors make it clear through their own actions and attitudes that they will not tolerate non-compliance. As part of the corporate governance procedures in an organisation, the board of directors should be regularly reviewing key performance indicators of compliance and receiving reports from the compliance officer. Any indication that the organisation does not have a compliant culture should be rigorously followed up.
The recommended approach
Anti-money laundering risk management should be part of good governance and risk management. A comprehensive, enterprise-wide anti-money laundering compliance program, with the following case features, should be developed:
• Policies, procedures and controls;
• A compliance officer;
• An ongoing employee training programme; and
• An independent testing programme.