Addressing Vulnerabilities in Anti-Money Laundering and Counter-Financing Terrorism

The anti-money laundering and counter-financing terrorism (AML/CFT) framework, one of the critical safeguards for money laundering and terrorist financing (ML/TF) risk, has been under regulatory scrutiny, both regionally and globally.

Most recently, the Hong Kong Securities and Futures Commission (SFC) has sharpened its focus on senior management accountability, where the senior management of licensed corporations (LCs) and associated entities (AEs) have the primary responsibility to ensure that the firm maintains appropriate standards of conduct and adheres to proper procedures. This includes active management oversight and adequate internal controls to ensure proper implementation of AML/CFT systems, which comply with all the applicable legal and regulatory obligations and manage ML/TF risks.

The SFC issued a circular¹ in December 2020 on the key observations identified from the thematic and routine inspections on AML/CFT practices. This recent in-depth review of AML/CFT policies, procedures, and controls (framework) of LCs and AEs has highlighted five broad areas of weaknesses.

In addition, the Hong Kong Monetary Authority (HKMA) published the 2020 Year-End Review and Priorities for 2021² for banks to adopt in 2021. There is also an increased focus on data and technology from the regulators on AML/CFT regtech solutions for banks to engage with and adapt to tackle AML/CFT issues.³

With the increased regulatory scrutiny and enforcement actions taken by SFC in 2020 against financial institutions (FIs) and individuals on AML/CFT deficiencies and breaches, it underscores the urgency for FIs to identify and rectify deficiencies via different avenues, such as regtech solutions.

^{1 Circular to Licensed Corporations and Associated Entities — Anti-Money Laundering / Counter-Financing of Terrorism (AML/CFT) Findings from inspections of AML/ CFT controls and compliance practices (SFC, 1 December 2020).
2 2020 Year-End Review and Priorities for 2021 (HKMA, 4 February 2021).
3 AML/CFT Regtech: Case Studies and Insights (HKMA, January 2021).}

The key areas of weaknesses, as observed in the industry, include:

• Failure to implement comprehensive and up-to-date policies and procedures, as well as maintain adequate oversight and internal controls for ensuring the proper and effective performance of AML/CFT functions by staff.
• Inadequate consideration of pertinent ML/TF risk factors when conducting institutional risk and customer risk assessments, as well as inadequate follow-up on the assessment results.
• Failure to assess fund deposits by clients to ascertain whether they originate from third-party payors in order to apply appropriate due diligence and transaction monitoring measures.
• Inadequate measures to establish the source of wealth and funds for high-risk customers, as required by the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO) and the Guideline on Anti-Money Laundering and Counter-Financing of Terrorism (For Licensed Corporations) (AML Guideline).
• Failure to perform screening of existing customers as soon as practicable whenever there are updates to sanctions lists. While existing customers are screened promptly against updated sanctions lists, their beneficial owners and other relevant connected parties may be incorrectly omitted from screening.

The five key aspects of AML/CFT deficiencies include:

Synpulse deploys a robust review framework to address various facets of AML/CFT requirements and risk, such as gap assessment, control recommendations, and target operating model implementation.

Key highlights of our offerings include:

Synpulse helped shape the entire value chain, from identifying gaps to formulating controls and implementing solutions to ensure regulatory compliance.

Synpulse has been at the forefront of transformation topics, engaging leading private banks and financial institutions to deliver both compliant and commercially viable control frameworks in response to disruptive changes. Our expertise in regulatory compliance and risk topic has a proven track for technology-driven business processes re-engineering and target operating model implementation.

Alongside supporting our clients in addressing their immediate challenges, Synpulse is committed to bringing transformational solutions to the industry, whether developed in-house or in collaboration with our regtech partners.

Having worked with eight of the ten largest financial institutions in Asia over the past 10 years on an array of successful projects in Hong Kong and Singapore, we understand the most pressing regulatory and compliance challenges this region faces based on our proven methodologies.

We would be most pleased to share the industry best practices and provide you with further information on how these risk topics may impact your organisation. Reach out to Prasanna Venkatesan (Partner) at prasanna.venkatesan@synpulse.com, Gregory Achache (Associate Partner) at gregory.achache@synpulse.com, and Parsa Khoshdel (Director) at parsa.khoshdel@synpulse.com.