AML-Prevention or AML-Compliance? Is Ukraine Still on the Right Track?

In Ukraine, recent adoption of a law that implemented the principle of “once a politically exposed person (PEP), always a PEP” triggered considerable professional discussion. This debate was accompanied by a number of myths and inaccuracies, but the key points made by both sides are difficult to deny in essence.

On the one hand, the adopted law does indeed implement the requirements of the EU AML-Directive, but the “lifelong“ status of PEPs is rather arguable: the EU Directive does not establish a term after which a person ceases to be a PEP. However, once the PEP is no longer entrusted with a prominent public function, they should be subject to enhanced due diligence for at least 12 months (but in any case, until that person is deemed to pose no further risk specific to PEPs). The adopted law in Ukraine is generally similar to the requirements of the Directive.

On the other hand, in practice, there are numerous cases of an overly conservative approach being taken by banks serving public figures, in particular, unjustified closure of bank accounts.

The second thesis is the one that creates a real problem, and has caused a huge wave of dissatisfaction (mainly from people who have personally encountered such an approach by banks). For example, no matter what risk-based approach is established at the level of the law, banks would equally apply the most conservative approach, demand all kinds of additional paperwork or simply refuse to provide services to (ex)-public figures.

The mentioned issue is a part of a global phenomenon in AML-systems around the world known as “de-risking” – a phenomenon in which an obliged AML-entity refuses to establish (or maintain) business relations with clients for the purpose of risk-avoidance rather than risk-management.

But what are the reasons for de-risking? Usually, experts define the following key ones.

Regardless of the prevailing reason, we may observe a certain distortion of the purpose of the AML/CFT system. If the primary goal of the system should be the real prevention of money laundering/terrorist financing (AML-prevention), in practice it has often become limited to mere formal compliance with regulatory requirements in this area (AML-compliance).

The good news is that this problem is perfectly understood around the globe. The introduction of the risk-based approach at the level of both legislation and central bank regulation in many countries has been an inevitable step in order to eliminate this distortion.

Unfortunately, in many cases, the risk-based approach still remains only on paper. Taking this into account, the central banks as the key regulators in the field of AML/CFT, should encourage the “AML-prevention approach” rather than “AML-compliance approach”. Several potential steps that could be considered for this purpose are outlined below. They are based on specifics of Ukrainian legislation and Ukrainian problems, but could be also considered in other countries with similar issues.

In Ukraine, there is no such effective procedure. Although one can file a complaint to the National Bank of Ukraine (NBU) against the “de-risking”, such complaints are mostly unsuccessful. The NBU usually argues that financial institutions, guided by a risk-based approach, independently make decisions regarding the possibility/impossibility of conducting operations, ceasing business relations with the clients, etc, and the NBU does not have the authority to consider disputes between banks and their clients.

Thus, if banks use de-risking when servicing their clients, the latter are actually deprived of the opportunity to protect their rights/interests in a pre-trial procedure and have to apply to a court of law – a lengthy and (often) expensive process. Since banks mostly apply de-risking because of potential fines from the NBU, they will be able to promptly receive feedback from the regulator regarding the adequacy of certain measures in the field of AML/CFT compliance, especially if such measures were introduced in connection with the risk of fines. It would therefore be reasonable to introduce such a pre-trial procedure at the level of the NBU.

Unfortunately, in practice, there are cases of the application of fines by the NBU for minor violations, which, in principle, do not affect the risk of a financial institution being used for the purpose of laundering criminal funds or financing terrorism (eg, a slight delay in submitting documents to the NBU, a failure to identify a public figure in the absence of a suspicion of money laundering, or the untimely identification of a PEP where the latter used common bank services). The fear that the NBU will punish banks with fines for even the smallest violations does not incentivise banks to implement a real risk-based approach.

Establishing clear rules at the level of the law regarding application of fines to financial institutions should help (for example, stipulate that fines may be applied only if the violation has led to a real risk of the use of the financial institution for money laundering/terrorist financing, or if such violation was serious/systematic). The confidence of the obliged entities that they will not be fined for essentially minor violations will likely also contribute to the spread of a risk-based approach.

Finally, the classic method of restraints and incentives (“whip and gingerbread”) can work in the AML/CFT system. So far, only the “whip”, in the form of fines and other influence measures, is used in Ukraine, but if the obliged entity is provided with some “gingerbread”, in the form of incentives for the real detection of criminal transactions, then it will also have more interest in a high-quality and risk-based approach to AML/CFT. It is clear from international practice that there are various options for incentivising private individuals to help the state in implementing its functions (for example, in the USA, bonuses are actively used to encourage whistle-blowers to help the government to collect money from criminals).

It is obvious that the implementation of such incentives is a rather bold idea that would require long and painstaking preliminary work: the very possibility of their implementation and the specific mechanism employed would have to be worked out in detail to minimise other related risks (in particular, corruption). However, such incentives would significantly increase the involvement and interest of the obliged entities in applying the concept of AML-prevention, rather than AML-compliance.

I am convinced that there should be a partnership between the state and business in the field of AML/CFT, as well as international co-operation and knowledge exchange between authorities of different countries, where financial institutions really understand the importance of this institution and have a real interest in not just fulfilling regulatory requirements, but actually preventing the laundering of criminal funds and the financing of terrorism.