US President Donald Trump’s order to block any “significant financial transactions” related to North Korea is presenting US financial firms with a rigorous challenge to their anti-money laundering procedures.
Trade finance, trade surveillance and other departments will have to dig far deeper into customer identities, business relationships, and transactions to protect their firms from costly and onerous regulatory penalties if they fail to comply with economic sanctions against North Korea. Standard procedures in know-your-customer, sanctions filtering and transaction monitoring might catch the bad guys if their names already are on lists published by the Office of Financial Asset Control (OFAC) and Financial Crimes Enforcement Network (FinCEN), units of the US Treasury tasked with enforcing US sanctions and AML regulations respectively. However, AML experts suspect that hundreds, if not thousands, more problem entities might have escaped the official radar.
“This is what we refer to as secondary sanctions, or the additional layer just below the prohibited list,” explains Debra Geister, director of AML advisory services for Matrix-IFS, a New York-based financial crime consultancy.
President Trump’s executive order, issued in September, makes US financial firms responsible for tracking down anyone who might have even the remotest connection with North Korea. It says that US financial firms must block all funds that originate from, are destined for, or pass through a foreign bank account that OFAC determines to be owned or controlled by a North Korean person (or to have been used to transfer funds in which any North Korean person has an interest).
OFAC’s reach has alo been extended beyond US borders to foreign banks with no clear ties to the US, such as a representative office. The executive order says OFAC can also impose sanctions on any foreign institution that either knowingly conducts or facilitates any “significant transaction” with certain North Korea-related blocked persons, as well as any significant transaction connected with trade with North Korea. The phrase “significant transaction” is never defined.
Penalties for violating the executive order will be stiff. Financial firms will have a lot more to worry about than just paying fines. The US Treasury will have the right to freeze the assets of any individual or business and/or shut them out of the US financial system altogether.
Geister draws an analogy between the US sanctions against North Korea and those imposed against Iran in 2015 when US financial institutions also had to be concerned about any customers doing business with Iran even indirectly. “Financial firms will now have to do a lot of extra legwork in tracking down the ‘who, what and where’ whenever a new account is opened,” says Geister. ” Who is the new entity, meaning who actually owns the entity; what business does it do and where its revenues are coming from are critical questions to answer.”
Many US companies and foreign companies will likely not be doing business with North Korea. Yet they might have business relationships with firms in China, India and Russia, which are among North Korea’s largest trading partners. Although the Chinese government has ordered its banks not to conduct business with North Korea, US financial institutions still can’t exclude them from the list of potential cohorts to North Korea, say AML experts.
There are red flags that may help US financial firms uncover a potential connection between a client and North Korea. Firms located in Cyprus, Bermuda and Panama, among other offshore locations, should be flagged as high-risk because they could be shell companies backed by North Korea. “The DPRK (Democratic People’s Republic of North Korea) could take advantage of complex corporate structures to disguise ownership interests in corporations and funds,” says John Wintrow, manager of the financial crimes advisory practice of AML RightSource in Phoenix, an AML and financial crimes compliance firm. He also recommends using commercially available databases offered by companies such as Thomson Reuters, LexisNexis, TransUnion and Dun & Bradstreet to keep track of beneficial ownership of firms with potential ties to North Korea.
Specific industries also pose a high-risk. “Some transactions pertaining to petroleum, mining, coal and textiles, which seem suspicious, may in fact be attributed to the DPRK, due to its track record of using revenues to fund its nuclear proliferation efforts,” says Wintrow. Geister recommends that US financial firms also watch for transactions involving the sale and purchase of chemical products that can be used to create nuclear weapons.
Close scrutiny of trade finance documents could be the first line of defense against accepting the wrong new customers. “KYC specialists should ask trade finance specialists to look at the authenticity of purchase and sale orders,” says Natasha Taft, a New York-based AML consultant and former US compliance director of several foreign banks. “Do the letters of credit and bills of lading seem legitimate, do the customer’s trading partners actually exist, do the supply chains make sense, do the bank accounts through which the funds flow raise any red flags due to unrelated third-party payments or unusual arrangements are among the questions that must be asked.”
What about after the customer is accepted? If the client is marked as high-risk, fund transfers will obviously need to be monitored far more closely to catch any outliers. “If the client said that it only would have revenues of a certain amount each month, is there a month which is far higher than the normal threshold,” says Geister. “Is there also any transaction that seems out of place from a counterparty the client never mentioned from either China, India or Russia?” Wire transfer departments, she recommends, should also electronically strip out the originator and beneficiary information on payments to filter through a transaction monitoring system to determine if any parties to the payments have ties to North Korea. Presumbly, the names of those parties appearing on sanctions lists will have been coded into the transaction monitoring system.
As always with sanctions compliance, technology alone can’t catch the bad guys. “Additional training might become necessary for non-AML/OFAC staff such as trade finance, trade surveillance and front-office personnel,” says Walid Raad, a partner specializing in fraud investigations and dispute services at E&Y in New York. He cites the following examples of red flags: invoice amounts not consistent with the value of goods being traded, wash sales in different currencies, or a private investment company set up by a North Korean-born individual using a Chinese alias and identification documents.
One last step, recommend legal experts, is for financial firms to create an airtight business contract with their customers. They should require agreements that clients will not conduct any business with North Korea or other countries suspected to helping that country.Clients must also agree that they will pay the price for non-compliance, such as being reported to OFAC and FinCEN, having their fund transfers blocked, or their assets frozen. Of course, avoiding or eliminating the client relationship — if existing– is the final option and one that may be the most attractive if there is more than a shred of doubt.