AML red flags provide a warning of potential suspicious activity and are important indicators to help determine the level of customer due diligence that may be required on clients and the levels of risk involved.
Discovering activity which raises AML red flags is not something anybody wants to find when dealing with clients but they should be taken for the warning they are and dealt with appropriately. To be able to do this effectively the first steps are ensuring it is understood what constitutes a red flag, the types of red flags you could encounter, and what to do when you find one.
What do the FATF consider to be a red flag?
Red flags can differ by industry as different types of entities face different challenges due to the very nature of their business but generally red flags fall into three major groups.
- Client structures
Sometimes by the very nature of who they are, or what they do, clients can demonstrate risk indicators that will need investigating:
The client is a PEP
You should consider your client a politically exposed person (PEP) if they hold a prominent public role, or are closely associated with such an individual. PEPs may be current or former government officials, members of the judiciary, senior executives of state-owned enterprises, or important political party officials. They can also be a person that is a close family member, or a close known associate, of that person.
The client is from a high-risk jurisdiction
Some clients can pose a higher risk depending on their domestic country, and how much local politics, or the local environment provides a vehicle for corruption in the country they are based.
You should understand what countries are high risk and take appropriate action dependent on the risk associated with your client. The Basel AML Index provides a useful report on risk score for countries around the world.
The client works in an industry or occupation that has a high risk of ML/TF
Traditionally, high-risk industries include financial institutions, gambling, currency exchange, money services, and other cash intensive businesses.
While in most cases there is no reason to be concerned you should understand any risks alongside what else you know about your client and their risk profile.
The client instructions or access to funds does not match their business or personal profile
Conduct due diligence well and ensure you really know your client. This will help establish whether the access to private funding your client has should be considered suspicious, or whether their requests should be deemed unusual and not in keeping with what you know about their situation.
The client is a high net worth individual or a head of an international organisation
The risk with high net worth clients is in understanding where the funds were obtained from, whether they were obtained from legitimate sources, and whether legitimate funds could be intermingled with illegitimate funds.
The client conducts individual or classes of transactions that do not match their profile
Consider whether your client transactions are consistent with their expected behaviour. Red flags may include, use of multiple accounts, large cash transactions and unexplained payments into their account.
A transaction may have many factors that, considered individually, do not raise a suspicion, but, considered collectively, suggest criminal activity. A suspicion may also be raised after multiple transactions show a pattern of activity that have no apparent business or legal purpose.
The client is secretive or reluctant to provide information
While some clients may have privacy concerns or other reasons for not providing information, it is essential to carry out customer due diligence on all clients. Consider whether their secretive behaviour is suspicious and preventing you from establishing their identity, their source of funds, the reasons for their transactions or from understanding who the beneficial owner is.
The client appears in adverse media checks
Not all findings will necessarily raise red flags but additional checks should be considered if your client has an adverse media presence. For example, if media checks indicate acquisitive crimes or predicate crimes to this type of activity a red flag should be raised to the potential money laundering risk.
The client is linked to organised crime groups
While you might not have any reason to believe your client is involved with any suspicious activity, it is important to understand the risk that may exist through their connections.
Remember, organised crime groups may use their vast resources to purchase high value goods then sell them for cash to disguise the origin of funds, which allows them to layer money into the financial system without raising red flags.
2. Client structures
A nominee is used by the client
Using a nominee can make it harder to identify the true beneficial owner and can be used by criminals to facilitate money laundering. It is important you conduct due diligence on relevant person(s) such as the actual beneficiary or the controlling party and not just the nominee.
The client is a shell company, or a business or a trust whose organisational structure is unusual or excessively complex
Shell companies or complex ownership structures could be used to disguise criminal activity, money laundering or other financial crimes. Ensure your CDD includes the individuals that have ‘effective control’ and that receive the benefit from the activity initiated.
The client uses intermediaries who are not subject to adequate AML laws and measures and who are not adequately supervised
Use of intermediaries without good reason should raise a red flag as it could provide a way to mask true identity and/or beneficial owner.
The client makes it difficult to identify the true beneficial owner or individual with effective control
Beneficial ownership can be hidden in a number of ways which can make it difficult to identify who is controlling transactions and transfers of ownership. Know your customer, and you’ll find it easier to identify when something doesn’t make sense and needs investigation. Ensure you understand who is managing transactions and who will benefit the most. And, if something doesn’t make sense you should consider this a red flag.
The legal structure of the client is frequently altered, including name changes and transfers of ownership
Ensure you understand the reasons for unusual activity and whether it should be considered suspicious based on what you know about your client and their circumstances.
There are several reasons countries could be considered higher risk for money laundering. Some of these reasons may be resolved by countries over time, however some countries which are not currently considered high risk could become so. Below, are some red flags to look out for:
- Countries with poor or insufficient AML/CFT measures
- Countries that have a high level of bribery and corruption
- Countries associated with tax evasion
- Countries associated with organised crime or terrorism financing
- Conflict zones and their bordering countries
- Countries that are subject to sanctions and embargoes
- Countries associated with the production and/or transnational shipment of illicit drugs or people trafficking
The FATF maintains ‘black and grey’ lists which identify jurisdictions with weak measures to combat money laundering and terrorist financing. These lists are updated three times a year so you can keep up to date on which countries may have been removed or added to the list.
What to do if you discover a red flag
Discovering a red flag doesn’t mean you can’t do business with a client but you must understand, assess and record the risk, and carry out enhanced customer due diligence where necessary. This will include:
- Determining the level of risk your client poses.
- Obtaining additional information about the nature and purpose of the business relationship with your client.
- Obtaining additional information about your customer’s source of wealth or source of funds.
- Ensuring you have identified and verified customers identities, beneficial owners and any person acting on behalf of your client.
If your enhanced due diligence uncovers potential signs of money laundering or financing of terrorism, a suspicious activity report (SAR) should be submitted to the Financial Intelligence Unit (FIU) by your compliance officer using goAML.
Note, once a suspicion has been raised this must be reported within 72 hours.
You can still act for your client if a SAR is filed however, you must enact ‘anti-tipping off’ measures and ensure you do not disclose information related to the SAR to the customer or any of the team involved in the transaction (unless they have been actively involved in the decisioning process).
AML red flags are important warning signs which can help us understand the risks involved with doing business with a client, and can help uncover suspicious activity. We’ve summarised some of the most common red flags to look out for but if you detect other risk indicators don’t ignore them.
Remember, red flags are likely to look a little different dependent on your industry and your customers. Knowing your customer and knowing the risk for your business and sector will help you identify red flags particular to your situation.