Compliance Interview Series
with Ehi Eric Esoimeme

Ehi Eric Esoimeme , Managing Partner of E-Four and AAF

1. Could you explain the concept of money laundering in simple terms?
    Money laundering is the process that transforms proceeds gained by crimes such as fraud, corruption, theft, human trafficking and drug trafficking into supposedly legitimate-looking bank accounts, real estate, or luxury goods. This allows criminals to enjoy these proceeds without revealing their original source, and live their lives without looking like criminals.

    Although money laundering is a diverse and often complex process, it basically involves three independent stages namely Placement, Layering and Integration. I will explain these three stages using the hypothetical case study where an exchanger of convertible virtual currency and a “mixer” or “tumbler” of the convertible virtual currency bitcoin have been recruited as money mules by a criminal network to conceal or disguise the source of their illicit funds:

    The placement stage is the stage at which proceeds gained from profit generating crimes are first introduced into the financial system. This will occur when the criminal network sends their proceeds of crime in the form of bitcoin to a wallet associated with a darknet website that operates on an anonymized overlay network. The criminals will then be asked by a convertible virtual currency exchanger and a “mixer” or “tumbler” of the convertible virtual currency bitcoin to complete a withdrawal form, which includes the amount to withdraw, and a destination address. The criminals will fill this form so as to ensure that the next stage of money laundering takes effect.

    The layering stage involves further disguising and distancing the illicit funds from their illegal source through the use of a series of parties and/or transactions designed to conceal the source of the illicit funds. This happens when a “mixer” or “tumbler” of the convertible virtual currency bitcoin sends bitcoin that was deposited in a wallet associated with a darknet website at the placement stage to a designated address in a manner designed to conceal and obfuscate the source or owner of the bitcoin. The “mixer” or “tumbler” would transmit the bitcoin deposited into their wallet to one of numerous accounts held at different exchangers of convertible virtual currency. The “mixer” or “tumbler” would take bitcoin from a different account it held and transmit that bitcoin to a different bitcoin address. From this bitcoin address, the “mixer” or “tumbler” would then transmit bitcoin to the customer, minus a fee, into the previously provided customer destination address.

    Once the criminal network receives the bitcoin in their destination address, they will convert the bitcoin into fiat currencies by selling them at one or many bitcoin automated teller machines (ATMs) and withdraw cash. They will use the funds which now appear legitimate to purchase landed properties by employing the services of a real estate agent. Upon acquiring ownership of the landed properties with illicit funds, the criminal network may put some of the landed properties on rent and sell the remaining; They will later deposit the proceeds from the sale of the landed properties/rent(s) into their bank accounts. This is the Integration Phase of Money Laundering. Integration is the most difficult stage of money laundering to detect.
2. What is the biggest challenge in this sector?
    Supervisory pressure is the biggest challenge because of changes in the laws, regulations related to sanctions at international level.A strong culture of compliance is key to any financial institution and designated non-financial business and profession’s ability to comply with Anti-Money Laundering / Countering the Financing of Terrorism (also used for Combating the financing of terrorism) obligations. Many financial institutions and designated non-financial businesses and professions (DNFBPs) have a poor culture of compliance. By poor culture of compliance I mean:
    I. A corporate culture that effectively denies compliance officials with the requisite authority over the business and account relationship business lines to manage the institution’s risk profile.
    II. A culture where an organization fails to dedicate sufficient human and technological resources to meet its Anti-Money Laundering / Countering the Financing of Terrorism (AML/CFT) obligations.
    III. A culture that fails to implement effective measures to ensure the filing of accurate, timely, and complete suspicious activity reports and compliance with other AML requirements.

    A strong culture of compliance will include the following:
    A. Authority: The compliance department must be giving sufficient standing or authority within the financial institution and DNFBP to effectively execute AML responsibilities, in light of the institution’s AML/CFT risk profile.
    B. Independent Compliance Department: There must be an established policy that discourages the board of directors and Management from interfering with the staff’s duty and responsibility to investigate suspicious activity at the alert investigation stage.
    C. Adequate Staffing: Financial institutions and DNFBPs should ensure adequate staffing for the proper monitoring of day-to-day compliance with the relevant anti-money laundering laws and regulations.
    D. Resources: Financial institutions and DNFBPs should dedicate sufficient human and technological resources to meet their AML/CFT obligations.
    E. External Independent Reviewer: Financial institutions and DNFBPs should engage and retain an independent, external, qualified, and experienced external auditor (the “Third-Party Reviewer”), not subject to any conflict of interest, to examine their compliance program and to conduct risk-based independent testing of their AML Program. Independent testing will include program governance, compliance structure and staffing; risk assessments; compliance with all recordkeeping and reporting requirements, including currency transaction reporting (CTR), suspicious activity reporting (SAR), and know your customer (KYC) policies, procedures and controls; transaction monitoring; and training and communications.
3. How can AML or KYC or KYB benefit from the blockchain technology?
    The certainty that the blockchain technology creates is hugely beneficial to regulators, banks or law enforcement agencies because they can instantaneously verify the credentials of parties involved in a transaction and identify any discrepancies in the information. Not only is this cost-effective, but it enables regulators to quickly target criminal activity. Financial institutions can use the blockchain technology to adequately monitor wire transfers for suspicious activity.
4. How can governments stop money laundering? What do you think, can they?
    Governments around the world cannot stop money laundering but they can reduce it to the barest minimum. The Financial Action Task Force expects financial institutions to identify, assess and understand their money laundering and terrorist financing risks and take commensurate measures in order to mitigate them. This does not imply a “zero failure” approach.

    Money Laundering can be reduced through enforcement and compliance, including coordination and direction of procedures and activities of all agencies exercising delegated authority under anti-money laundering laws and regulations. Governments should investigate through law enforcement and other government agencies, and impose civil money penalties and compliance measures on financial institutions, nonfinancial trades or businesses, and individuals for willful and negligent violations of anti-money laundering measures. They should prosecute criminal violations of anti-money laundering laws and related money laundering statutes. Criminal charges should be brought against individuals for conspiracy to commit money laundering, evade reporting requirements, and engage in unlicensed money transmitting.

    Criminal charges should be brought against individuals accused of structuring cash transactions and aiding and abetting the structuring of cash transactions to evade money laundering statutes. Governments through designated authorities should conduct regular examinations and issue reports assessing the compliance level of financial institutions. Governments through the designated authorities and law enforcement agencies can also conduct educational visits on reporting entities.
5. If everything went to digital money and cash was no longer accepted, how will it change the AML process?
    A shift in the anti-money laundering landscape from fiat currency to digital money will force many reporting entities, including financial institutions, and virtual asset service providers (VASPs) to amend their AML/CFT program by implementing alternative processes to verify customers’ identity. To address this shift, reporting entities must use the latest technological innovations to provide complete customer lifecycle risk coverage – accounting for customer onboarding, ongoing due diligence and enhanced due diligence (EDD) processes. Reporting entities who only relied on documentation-based procedures will now have to use electronic/digital identity checks, either on their own or in conjunction with documentary evidence.

    With the latest technological innovations, reporting entities can further enrich customer and counterparty risk profiles with the latest intelligence aggregated from hundreds of external premium data sources to identify adverse media, politically exposed persons (PEPs), sanctions, and other relevant know your customer (KYC) profile data. The use of human-guided supervised and unsupervised machine learning will help to ensure accurate alert detection, increased team productivity and lowered compliance program costs. Human-guided supervised machine learning can detect known risks with advanced analytic techniques while unsupervised machine learning can identify unknown risks and hidden relationships.
6. Why is money laundering bad for the economy? What is the worst effect?
    Money laundering can have particularly damaging economic consequences for developing nations because their economies and financial sectors tend to be less diverse and more susceptible to manipulation than those of more developed countries. Thus, sustainable economic growth and development can be jeopardized in countries that are used as money laundering platforms. Money laundering can cause a potential reduction of foreign government assistance and possible destabilization of financial markets and weaker financial institutions. Money laundering has the potential to increase crime and corruption and weaken the legitimate private sector.
7. What are the best books to read to learn about Anti Money Laundering? Have you any recommendation?
    The risk-based approach should be the cornerstone of an effective AML/CFT system, and is essential to properly managing risks. So I will first recommend my second book entitled “The Risk-Based Approach to Combating Money Laundering and Terrorist Financing” published by Eric Press. I have authored 8 books in total and more than 40 academic articles. I will also recommend my fourth book “Deterring and Detecting Money Laundering and Terrorist Financing: A Comparative Analysis of Anti–Money Laundering and Counterterrorism Financing Strategies” published by DSC Publications Ltd. because it provides accountable institutions with a clear understanding of their AML/CFT obligations. If you want to learn more about how telecommunications companies can design AML/CFT measures that meet the goal of financial inclusion without compromising the measures that exist for combating money laundering, terrorist financing and other illicit transactions through the financial system, you can go for my fifth book entitled “Balancing Anti-Money Laundering/Counter-Terrorist Financing Requirements and Financial Inclusion: The Case of Telecommunications Companies” published by DSC Publications Ltd.

    If you want to know more about how to combat predicate offences like modern slavery using the risk-based approach you can go for my sixth book entitled “The Risk-Based Approach to Combating Modern Slavery” published by DSC Publications Ltd. They are all available on Amazon. If you are concerned with the compliance challenges of African countries and emerging economies and the legitimacy concerns that facilitate this, I will recommend the book By Nkechikwu Valerie Azinge-Egbiri entitled “Regulating and Combating Money Laundering and Terrorist Financing: The Law in Emerging Economies” published on March 2, 2021 by Routledge.
8. What are the risks and benefits of cryptocurrency in the AML?
    There is the risk of money laundering where a money transmitter that operates as an exchanger of a decentralised convertible virtual currency (a.k.a. cryptocurrencies) willfully violates the anti-money laundering registration program, and reporting requirements by failing to register as a money services business; failing to implement and maintain an effective anti-money laundering (AML) program; and failing to report certain suspicious activity. There is also the risk of money laundering when a money transmitter that operates as an exchanger of a cryptocurrency aids cybercriminals and other threat actors in circumventing the policies, procedures, and internal controls in place at cryptocurrencies exchanges by concealing the nature, the location, the source, the ownership, and the control of the proceeds of online drug sales, amongst other illegal online activities.

    This happens when a money transmitter that operates as an exchanger of a cryptocurrency interacts directly with darknet marketplaces and other illicit markets where individuals buy and sell illicit goods and services using anonymized overlay networks that require specific software to access. Bitcoin is the most common medium of exchange on these marketplaces. While the use of an anonymizing internet browser is not suspicious, the many transactions that take place through it, such as darknet marketplaces, may be a strong indicator of potential illicit activity when no additional due diligence is conducted. A financial institution that fails to comply with its AML/CFT program, record keeping and reporting obligations, as well as other regulatory obligations, risks exposing the financial system to greater illicit finance risks.

    One of the benefits of cryptocurrencies is the blockchain technology that comes with it. Law enforcement agencies and regulators can analyse cryptocurrency blockchains for suspicious transactions. The Financial Crimes Enforcement Network (FinCEN) adopted this approach in the matter of Larry Dean Harmon where a $60 million civil money penalty was assessed against Larry Dean Harmon, the founder, administrator, and primary operator of Helix and Coin Ninja, convertible virtual currency “mixers,” or “tumblers,” for violations of the Bank Secrecy Act (BSA) and its implementing regulations. In that case, Independent FinCEN analysis of Helix’s public records and analysis of convertible virtual currency blockchains identified at least 245,817 instances in which suspicious transactions took place. Yet, Helix failed to file a single suspicious activity report (SAR) throughout the corresponding time period.

    In addition to the above, cryptocurrencies could facilitate financial inclusion as it could be used in the payments market as an alternative to traditional payment and money transmission systems for the purchase of real or virtual goods or services for the benefit of the user. Cryptocurrencies can also be exchanged for fiat currency.
9. What’s the craziest money laundering scheme you ever encountered?
    As a Consultant, Trainer, Advocate, Author and Editor, the craziest money laundering scheme will be where virtual currency exchangers and bitcoin mixers conspire with criminals, and cybercriminals in particular, using virtual currencies to process the proceeds of their illicit activity. Mixers anonymize bitcoin addresses and obscure bitcoin transactions by weaving together inflows and outflows from many different users.

    Instead of directly transmitting bitcoin between two bitcoin addresses, the mixer disassociates connections in a manner designed to conceal and obfuscate the source or owner of the bitcoin. Mixers create layers of temporary bitcoin addresses operated by the mixer itself to further complicate any attempt to analyze the flow of bitcoin. Darknet marketplaces actively promote these additional mixers as the primary method for obfuscating bitcoin transactions.
10. What is the essential qualification of an anti-money laundering officer?
    The anti-money laundering officer must be fully knowledgeable of the anti-money laundering laws and all related regulations. The anti-money laundering officer must be technically competent to oversee ongoing compliance efforts for the risks and scope of the products and services provided by the financial institution concerned and the customers it serves. The anti-money laundering officer must have sufficient experience, authority, and resources to ensure day-to-day compliance with the anti-money laundering requirements, and the ability to initiate and complete internal investigations and file complete, accurate, and timely SARs.
11.How has anti-money laundering changed over the time?
    The rapid development and growing use of new payment products globally has created challenges for countries in ensuring that these products and services are not misused for money laundering and terrorist financing purposes. This has led to the development and implementation of AML/CFT regulations for new payment products and services. Many financial institutions have begun the process of upgrading their AML surveillance monitoring system globally across all of their separate business lines to a system that will provide enhanced grouping and alert features, thus strengthening the ability to monitor transactions between related accounts.

    In order to enhance the quality of alert handling, many financial institutions globally have set minimum experience requirements for their AML monitoring staff and provided them extensive training. Some financial institutions have also enhanced their minimum standards for alert handling, documentation and tracking. The enhancements include, among other things, detailed written instructions on how to handle alerts, document a review, and escalate an alert through the proper personnel channels.
12. How can a transaction be called money laundering?
    A transaction can be called money laundering if the transaction: (a) involves funds derived from illegal activity; (b) is intended or conducted in order to hide or disguise funds or assets derived from illegal activity, or to disguise the ownership, nature, source, location, or control of funds or assets derived from illegal activity; (c) is designed, whether through structuring or other means, to evade any requirement in the anti-money laundering laws or its implementing regulations; (d) has no business or apparent lawful purpose or is not the sort in which the particular customer would normally be expected to engage, and the reporting entity knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction; or (e) involves use of a money service business to facilitate criminal activity.
13. Have you any recommendations to fintech start-ups about the AML process?
    Fintech startups should ensure that they implement an effective system of internal controls to ensure compliance with the relevant anti-money laundering laws and regulations and manage the risks of money laundering primarily in their customers' accounts. Fintech startups must have adequate written policies, procedures and controls reasonably designed to assess the risks of money laundering and ensure the detection and reporting of suspicious transactions.

    A Fintech startup’s policies, procedures and controls must ensure that the Fintech startup gathered and reviewed sufficient information on account customers to adequately assess risk and potential for money laundering. Documentation of customer identification must be subject to adequate quality controls to ensure the accuracy of information. Furthermore, the Fintech startup must put in place an adequate system for periodically updating customer information. The authority to establish or amend expected activity profiles must be clearly defined and must require approval of the chief compliance officer, money laundering reporting officer or senior management.

    The Fintech startups’s enhanced due diligence files must be made readily available to key compliance officials. The Fintech startup must update or conduct periodic reviews of foreign correspondent accounts, and focus sufficient attention on the accounts and transactions that exhibited high-risk characteristics for money laundering. Failure to do this will prevent the Fintech startup from performing adequate analysis of the risks associated with particular customers to determine whether transactions lacked any apparent business or lawful purpose, or were within the particular customer's normal expected range of conduct.

    Fintech startups must implement an adequate risk-rating methodology that evaluates customers, based on specific customer information, with balanced consideration to all relevant factors including country/jurisdictional risk, products and services provided, nature of the customer's business, and volume of transactions. When a customer is rated as "high risk" or "very high risk," fintech startups must apply commensurate enhanced due diligence practices and transaction monitoring methodologies to manage recognized risk. Failure to do this will impair the Fintech startup's ability to appropriately assess the risks associated with particular customers.

    Fintech startups must have adequate systems and controls to monitor transactions conducted by their customers for potential money laundering or other suspicious activity. A fintech startup’s automated transaction monitoring systems must be adequate to support the volume, scope, and nature of international money transfer transactions conducted by the fintech startup. The automated transaction monitoring systems must be designed to readily identify suspicious elements, "Red Flags" or suspicious activity associated with individual transactions. In addition, the monitoring system's programming, methodology, and effectiveness must be independently validated to ensure that the models are detecting potentially suspicious activity.

    A fintech startup must ensure that the individuals responsible for AML compliance at the firm receive appropriate training concerning their responsibilities under the AML program. The Firm must provide job-specific training for the AML Compliance Program Officer, or other individuals designated for purposes of AML compliance. The job specific training may include training in gathering customer identification information, performing customer verification through the use of external databases, reviewing accounts for suspicious transactions, reviewing and/or approving wire transfers, and maintaining records in accordance with AML requirements.

    My Firm, E-Four and AAF offers training, awareness and capacity-building on traditional rules-based systems and the latest technological innovations that can provide complete customer lifecycle risk coverage – accounting for customer onboarding, ongoing due diligence and enhanced due diligence (EDD) processes. Our training Course is titled "Combating Money Laundering in the Financial System Using a Hybrid of Rules and Predictive Models." Amongst the AML Software Solutions we recommend is the one provided by Sanction Scanner (an anti-money laundering solutions provider aimed to provide cost-efficient AML solutions that can be used by all-size businesses).

    For more information on our training modules and course outline, kindly reach out to me at [email protected] With respect to AML Certification courses, the Singapore Financial Crime Compliance Association (SFCCA) is offering its course in Africa in collaboration with my firm E-Four and AAF. I am the Director Engagement & Outreach for Africa & Nigeria, for SFCCA. I am also on the SFCCA Trainer faculty as a Senior Trainer. The SFCCA certificates help you to acquire essential regulatory knowledge, practical compliance skills, and a business specific focus. Bankers in Nigeria and Africa can reach out to me on Trainings and Certification courses with SFCCA. My SFCCA email is [email protected]