Money laundering is on the rise and presenting mounting problems for financial institutions and regulators alike. According to Eurojust, the European Union Agency for Criminal Justice Cooperation, the number of money laundering cases reported in Europe has doubled since 2016.
“This aligns with Irish figures, which show that the number of suspicious transactions here doubled from 23,208 in 2016 to over 47,500 in 2022,” says Cara Hyland, Head of Anti-Money Laundering Advisory at Mazars. “Whether that is due to an increase in reporting or better detection or a rise in the incidence of money laundering is unknown. But it does illustrate the growing scale of the problem.”
And, similar to cyber security, today’s leading-edge defence is tomorrow’s obsolescent legacy. “The innovators in this space are the criminals, and they continue to innovate to get around the systems put in place by firms to protect against them,” says Mazars partner and head of financial services consulting Kian Caulwell.
The consequences of poor anti-money laundering (AML) risk management and transaction monitoring can be severe, according to Hyland, who joined Mazars after working in anti-money laundering with the Central Bank for a number of years.
Generous State supports for R&D available as Enterprise Ireland grants and tax credits
Passing on a family business can be hazardous for even the smallest of businesses
Business energy supports ‘very significant’ for firms struggling with costs, say Mazars
Transfer pricing can be an easy target for tax authorities
“The first one that comes to mind is financial,” she says. “It’s not just fines from regulators but the cost of remediation. Firms can be much more focused on the reputational aspect. It doesn’t look good for a firm or its clients if they are subject to a regulatory sanction for having weak AML systems and controls in place.
“Operationally, the impact of not continuously enhancing AML defences and ensuring they are fit for purpose can result in staff looking backwards rather than forwards. They are working on fixing issues which have occurred in the past instead of being future-focused.”
There will be meetings with the regulator at least annually. The level of scrutiny is quite intrusive
The Central Bank of Ireland adopts a risk-based approach to AML supervision of credit and financial institutions, she explains. This means that firms with business models that expose them to a greater risk of advertently or inadvertently facilitating money laundering will be subject to more frequent engagement with the Central Bank.
Those firms categorised as high-risk can expect much more engagement from the Central Bank. “They will be subject to much more scrutiny,” says Hyland. “There will be meetings with the regulator at least annually. The level of scrutiny is quite intrusive.”
While AML and prudential supervision are undertaken separately at present, this could change in future. “We could see a more hybrid approach with Central Bank AML and prudential supervisors collaborating much more on medium to lower risk firms at least,” she adds.
“AML risk assessments should not be seen as a stand-alone exercise performed in isolation from the rest of the business”, Caulwell notes. “They must be embedded in and aligned with the firm’s business model and strategy, so that directors and senior management are engaged and are managing the risk effectively.
“Technology is another essential component of effective AML risk management, it is no longer a differentiator, Hyland adds. “In recent years, there have been huge technological advances to support AML frameworks,” she says.
“The ECB has noted the use of artificial intelligence to fight financial crime, but it has also said that users need an understanding of the limitations and risks of new technologies. For example, are firms just buying it off the shelf, or are they tailoring it for the specific needs and circumstances of the business.”
And technology can only do so much. The Financial Action Task Force (FATF), the global money laundering and terrorist financing watchdog, has said that humans can’t be replaced by new technology.
“You can’t use technological solutions on their own to manage and mitigate money laundering risk,” Hyland concludes. “It goes back to the people in the organisation and the resources available to them.
“Organisations need people who can assess money laundering risk, and the head of AML needs the right level of knowledge, competence and independence to influence and challenge boards to do the right thing in relation to it.”