Recent high-profile corruption cases plastering news headlines make the importance of anti-money laundering (AML) policies pretty clear. However, these policies have become increasingly complicated and detailed over the last decade, owing to the progression of technology, the loopholes stemming from it, and the increasingly sophisticated modus operandi of cybercriminals.
In a nutshell, money laundering is the process of converting assets obtained through criminal activities to make them legitimate. In other words, money laundering is the process of converting “dirty money” to “clean money” by disguising it. This process is often used for terrorist financing and criminal activity.
This is where AML compliance and policies come into play, which helps the banks and organisations in the financial sector in transaction monitoring and to detect and prevent criminals from performing money laundering acts, thus helping financial institutions combat financial crimes. They effectively serve as a financial crimes enforcement network.
In Malaysia, there is the Anti Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA) which are AML laws and regulation set in place to convict those found to be involved in money laundering activities. Malaysia’s central bank, Bank Negara Malaysia (BNM), also has strict reporting policies and regulations in place for companies, but sometimes, actions still fall through the cracks. AML laws are generally set in place to protect a financial institution from money launderers and avoid risking tedious internal investigations.
How do criminals launder money?
According to BNM, there are three stages to the money laundering process that are commonly known. The first is placement, which is when a person moves funds away from the source. Common ways of doing this are by depositing money into bank accounts via tellers and ATMs, purchasing foreign money using illegal funds via money changers, and purchasing gambling chips.
The next step is layering, where a person will disguise their financial transactions or “layer” the illegal nature of the funds acquired. Common ways of doing this are by doing multiple fund transfers to different offshore and onshore bank accounts, hiding funds in shell companies or trusts, and transferring funds into multiple assets.
The final step is integration, where the person will make the funds available for enjoyment, deeming it “legal” to suit the applicable law. In some ways, this is done through the purchase or investment in property, the purchase of luxury goods such as jewelry and handbags, or engaging in legal businesses by injecting capital.
Some notable cases in the region include money laundering cases from high-profile politicians from the Philippines and Indonesia.
In the case of Ferdinand Marcos, his wealth was investigated once he was ousted from power in 1986, where his family’s wealth was estimated at US$10 billion. However, the laundered funds were channelled towards various offshore bank accounts, foundations, and assets ( such as three thousand pairs of shoes owned by his wife, Imelda ). Not all the money was recovered, but approximately, US$1.2 billion was returned to the Philippines, which was pledged for the funds to be used for its original purpose.
In the case of Suharto, Indonesia’s ruler for 31 years, he amassed an estimated US$15 to US$35 billion. Once he stepped down as president in 1998, legal action started, but his health was deteriorating. The civil court judge acquitted Suharto in 2008 of his corruption charges but ordered his charitable foundation to pay US$110 million.
Ways to prevent AML in the banking sector?
A significant element in fighting financial crime and money laundering is to Know Your Customer (KYC) , as customer identification is a crucial foundation in order to have better detection in the later stages. KYC is, in today’s world, a mandatory process of identifying and verifying a client’s identity when they sign up for financial services, from bank accounts to insurance. Technology today has enabled KYC to be done via an electronic medium, called eKYC. Considering it is a fully electronic platform, it eliminates the need for an AML compliance officer to monitor any suspicious transaction.
Customer due diligence (CDD) checking goes hand-in-hand with KYC processes as it also focuses on identifying and verifying a person’s identity, to the extent that a financial institution needs to be satisfied that a person is who they say they are. Information is collected and kept in this instance.
Ultimately, CDD allows the institute to confirm the identity of customers, enable risk profiling of customers, prevent abuse by criminals, and assist law enforcement agencies. Just like KYC, CDD is done when there is a new customer or a new transaction to be carried out. It helps to produce a suspicious activity report to prevent criminals from committing criminal activity.
Standardising systems and data is important too. Financial institutions such as banks have grown by acquiring rivals or partnering with fintech companies, which means that they are often pieced together by different networks or worse still, legacy computer systems. The disparity of systems can stand in the way of any kind of anti-fraud efforts and the different parties would not be able to communicate effectively.
This is one of the many reasons why banks (who typically have manual or legacy processes in place) are moving toward adopting digital solutions, to the extent of moving operations to the cloud to allow for better detection of money laundering activity and to comply with AML obligations.
Manual KYC to eKYC: The devil is in details!
When it comes to identity verification, eKYC can be as effective or in some cases, even more than manual KYC. In order for eKYC to be effective, specific details are noted on a person and on identifying documents.
For example, when verifying the Malaysian identity card or MyKad, the technology behind eKYC processes will check for security features, specific documentation landmarks as well as anti-content tampering and forgery detection features such as the hologram on the MyKad.
To cross-reference the MyKad with the person submitting the application, the process typically would require them to take a selfie for liveness detection. Face verification technology comes into play here where the system will check for differences between the applicant and documentation.
In some instances, the face verification data will be encrypted and stored in the cloud order for the applicant to access their account digitally and seamlessly. Facial verification technology is believed to track more than facial keypoints, with recorded accuracy of 99.50% or higher.
Innov8tif’s OkayFace API, combined with our passive liveness detection solution OkayLive, is able to combat various forms of spoofing attempts, and is currently in use by major financial and telecommunications institutions across ASEAN.
Our OkayFace Search solution is also able to detect fraudsters from the blacklist data., serving as a potential substitution to passwords as well as for multi-factor authentication.
To get the latest updates on specific industry developments and to learn how our solutions can serve you better, subscribe to our free whitepapers here