How Can Anti-Money Laundering Systems Break Down?

HSBC Holdings apparently is under investigation by a Senate panel in a money-laundering inquiry. Although the specifics regarding the inquiry have not yet been released, there have been reports of a “breakdown” in HSBC’s anti-money laundering systems.  

We recently spoke about this with Frances McLeod, one of the three co-founders of Forensic Risk Alliance and the firm’s managing partner. FRA is located in the UK, France, the US, and Switzerland and has worked on many major international corruption and fraud investigations over the past decade. McLeod advises clients on anti-corruption-related issues both in terms of response to internal and external investigations, in a compliance context, and in related civil and criminal litigation in a variety of jurisdictions.
 
Financial Fraud Law Blog: What risk and compliance procedures might HSBC have had in place to protect against money laundering?
Frances McLeod: It is to be expected that HSBC has robust compliance procedures in place, as it is a member of the Wolfsberg Group and a major international bank. Those would include robust Know Your Customer policies and procedures and transactional monitoring which would likely conform to the highest global standards across its offices worldwide. 
Financial Fraud Law Blog: How is it possible that an anti-money laundering system can “break down?”
Frances McLeod: The key to effective compliance is taking a risk-based approach. This allows for the allocation of resources (money, people, systems) to the most vulnerable areas. International AML standards, and those proscribed by the Wolfsberg Group, advocate such a risk based approach to two of the fundamental tenets of AML programs: KYC and transaction monitoring.
In our experience, KYC breaks down when such a risk-based approach is not taken either at client adoption or during the life cycle of the account relationship. If it becomes a “box ticking” exercise regardless of the client’s risk profile, there are real risks of Politically Exposed Persons (“PEPs”), designated individuals, or groups starting and/or maintaining a relationship with the bank.
Equally, if transactional monitoring is not designed to pick up riskier transactions or transactional patterns which require the bank to report them to the enforcement authorities, systems can break down.
Financial Fraud Law Blog: What are the keys to effective monitoring?
Frances McLeod: Effective monitoring is underpinned by trained compliance staff and AML software tools. The tools can help identify patterns or anomalies or matches, for example to OFAC lists, which given the volumes concerned can be impossible to do manually; human analysis can determine whether the transactions are indeed suspicious and recommend a course of action. Systems which are overly automated and compliance departments which are under-resourced or under-trained risk either over-reporting of suspicious transactions, or worse, genuinely suspicious transactions remaining unreported.
Financial Fraud Law Blog: Are there other factors that can lead to these kinds of problems?
Frances McLeod: Yes. Other factors which can lead to break downs in AML compliance systems are lack of effective AML training, under-staffing, and silos of responsibility (i.e., the compliance department is overly divorced from the operational and sales function).