Governments around the world are tightening anti-money laundering regulations and increasing noncompliance penalties. Management accountants are at the frontlines of money laundering risk. In this FM podcast episode, Matthew Russell, a London-based financial crime partner at PwC, discusses how finance professionals can address the changing anti-money laundering landscape and how they can use what they learn in the process to their strategic business advantage.
What you’ll learn from this episode:
- How the global anti-money laundering regulatory and enforcement landscape is changing.
- What management accountants need to know about the future of anti-money laundering and how to best prepare for it.
- Why every management accountant, no matter the size, sector, or geography of their business, needs to be concerned about money laundering.
- What makes an effective anti-money laundering programme.
- How effective anti-money laundering controls can mean good business.
Play the episode below or read the edited transcript:
— Drew Adamek is an FM magazine senior editor. To comment on this episode or to suggest an idea for another episode, contact him at Andrew.Adamek@aicpa-cima.com.
Drew Adamek: Countries across the globe are strengthening anti-money laundering regulations. Recent legislative changes in the US and in the UK have increased both anti-money laundering reporting requirements and noncompliance penalties.
At the same time, according to the global anti-money laundering organisation, the Financial Action Taskforce, the coronavirus pandemic has dramatically increased money laundering, and trade-based money laundering in particular, over the last year.
Matthew Russell is a financial crime partner in PWC's London Forensic Services Practice. He's been helping management accountants and finance professionals become more vigilant against and more prepared to mitigate money laundering risk.
Matthew is hosting a panel called "Anti-Money Laundering: Is the Regime Fit for Purpose?" at ENGAGE EUROPE on 19 May.
Hi, I’m FM senior editor Drew Adamek, and I recently spoke to Matthew about ways organisations get unwittingly caught in money laundering schemes, how they can balance the trade-off between money laundering risk and business opportunity, and why management accountants are key to fighting money laundering.
Adamek: Matthew, thank you so much for joining us.
Matthew Russell: My pleasure.
Adamek: How has the anti-money laundering regulatory environment changed, and why should management accountants and finance professionals be paying attention?
Russell: That's a really good question. I've been working within the anti-money laundering laundry space for just over 20 years. On one level, the regime hasn't really changed in the sense that we're still required to know who our customers are and then be able to — during the course of the relationship — determine whether that customer is still operating are acting in line with our expectations.
I think what's changed over that period of time is that there is every-increasing focus firstly on what does that mean in practice. And more specifically, how can an organisation be confident that they're effective in those activities?
Secondly, broadening those that fall within that regulatory regime. So, moving away from banks, other financial institutions to some of the enablers of the criminality, the lawyers, the accountants, etc. Still a fairly basic requirement however, the regulatory net is widening and the regulators are focusing on effectiveness.
Adamek: You mentioned banking in that answer. Traditionally, one would think of money laundering and anti-money laundering focused on banking. but it appears to be moving into other kinds of organisations. Are there other kinds of money laundering risks that people who work at, say, a manufacturer or a retail organisation be paying attention to?
Russell: They should. There will always be a need for the banks and other institutions to focus on the risks of cash-based money laundering. But increasingly, there's a recognition that organised crime and other money launderers are looking for other means to launder their funds and are looking increasingly at trade-based techniques.
A think tank in the UK recently suggested that as much as 80% of the proceeds of crime are now being laundered through trade-based schemes as opposed to cash-based schemes. That means that more organisations are being targeted and need to then be aware of the vulnerability that they may have to being caught in these schemes by organised crime.
So, yes, the banks are still important, but you're then starting to think about other organisations, manufacturing or otherwise, that could find themselves caught up in money laundering, particularly if there's the risk of the movement of the goods in particular is a mechanism for being able to launder — either launder proceeds of crime or being able to move illicit goods particularly on a global scale.
Adamek: I want to go into something that you mentioned earlier a little bit deeper. What are some of the ways that organisations can get caught up in money laundering that they may not be aware of or that are not obviously money laundering?
Russell: I think a good example would be the illicit wildlife trade. Now, that's, I think, recognised as one of the most violent methods of criminality as a means of moving illicit goods around the globe. Rather than focusing on the banks and financial institutions — which have a part to play in relation to frustrating that criminal activity — the initiatives that are successful in relation to illicit wildlife trade are also those that include transport, as you can probably imagine.
So, much more focus on the airlines or the logistics organisations who potentially may find themselves unwittingly involved in the movement of illicit wildlife trade, whether animals or other sort of related products. So, there, you're looking at organisations that need to better understand what they're being asked to move to minimise the possibility that they could be involved in that particular activity.
Similarly, greater focus on the roles of customs agencies within that particular set of activities. Again, the role that they play in relation to reviewing documentation, and also for sharing information so that law enforcement has a better opportunity to be able to spot some of the connections and the relationships that have been so successful, particularly within the financial sector. Now, trying to understand to what extent can similar techniques be used outside of the banks and other financial institutions.
Adamek: In light of the two things we've just talked about, this expanding regulatory environment and the expansion of financial crimes and illicit financial flows, how do you see the role of management accountants and finance professionals in identifying and mitigating those risks?
Russell: So, I think on one level, the challenge, particularly for those accountants and other professionals that are working in professional practice, the challenge for them is because they're now caught within the regulatory net, they themselves need to ensure that the systems and controls that they have in place — things like client relationships, any ongoing due-diligence, then any reporting — needs to be as robust as what we're seeing within the financial sector.
But I suppose, much more importantly, the role of someone like the management accountant within a regulated organisation or perhaps one of those that is exhibiting the vulnerabilities that we've just described as it relates to trade-based money laundering. I think there it's an interesting and quite an important role that they play. For two reasons — I think one is in the context of the financial information that they're likely to be privy to as it relates to some of these more trade-based schemes. That means that they're more likely to potentially be coming across some of the red flags that may suggest that there are issues or concerns that they may need to escalate. The whole notion of "It's too good to be true" then it normally is, and thinking about their role in being able to be alert to some of those red flags. Then, knowing where to escalate it accordingly.
But I think the second point, though— and I think this is where the management accountant has an important role to play — is, for the last 20 years or for as long as I've been involved in this particular space, there has been a tension between compliance with the regulatory requirements on the one hand and the business or the front line that are trying to ultimately do business and feel like they're being frustrated by the compliance professionals within a regulated firm telling them what they can and can't do in the context of the money laundering requirements.
It's in the context of that tension between the business and the risk or compliance function, which is where I see the management accountant actually having a really important role to play. It's because of this: It's one of the key principles, particularly of the regime in the UK Europe, and I think increasingly is that an organisation needs to understand their vulnerability to money laundering risk and be able to articulate that in some form of risk appetite. From my perspective, risk appetite is that trade-off between the business opportunity and the potential risks that may come with that business.
In my mind, a management accountant is well placed to be able to not only understand where some of the business opportunities are, and particularly good-quality business opportunities, but also then be able to use some of their measurement and analysis techniques to be able to take into account and perhaps recognise and then take account of some of the risks that maybe the compliance professionals may call out as it relates to the business that's being done. Particularly those higher-risk activities that ultimately the organisation may want to pursue, but they need to do so with their eyes open.
I think increasingly where organisations are being criticised is because senior management isn't having some of those tensions and some of those trade-offs being escalated at the right level and more importantly, some of the decisions being made at the right level.
I see the role of a management accountant, given particularly their access to typically the better-quality management information about what is going on in the business, as being an important conduit in order to be able to navigate those tensions, if that makes sense.
Adamek: It absolutely does and that leads me to another question, which is exploring that idea of the tension between doing legal, ethical business and efficient business. Do you have recommendations for best practices for management accountants and financial professionals trying to balance that tension?
Russell: I think one of the challenges to date and therefore one of the opportunities for the management accountant and financial professionals is how do you put a cost on the compliance efforts that are required in order to manage the risks associated with some of these higher-risk relationships or business within an organisation. Because, if that can be done and if those particular professionals can play that role, then I think you move away from a purely qualitative argument which typically ends up being a question of who's able to shout the loudest and quite often that will be the business because they typically sort of own the revenue and the profit-lines within an organisation and turn it into a more quantitative discussion and a more quantitative analysis.
So, if the cost of compliance and cost of risk associated with either an individual customer, a group of customers, or a part of the business can be done more effectively, then I think you can enter into a more strategic conversation not just with the business but with senior management around effectively, how much risk can a particular business, business unit, or part of the organisation run at any one time? Then, be able to make better-quality management and ultimately strategic decisions off the back of it. So, for me, it's very much trying to help the risk and compliance professionals really quantify what the risk associated with some of these relationships or the business that potentially does pose or expose the organisation to that greater vulnerability.
Adamek: For an organisation that either now has to take financial crimes more seriously because of regulatory changes, particularly in the US or because it's not something they've considered, what do you see if the first steps for an organisation that wants to go beyond tick-box exercises and really start to look at it, as you described it, as a strategic initiative?
Russell: For me the key pillar for this and arguably most other types of risk, is the risk assessment, particularly the enterprise-wide risk assessment. It has been a regulatory requirement for a considerable number of years. It's one that the international standard setters are giving increasing prominence to as they evolve the regulatory requirements. But I think from my perspective, it becomes the key mechanism — and should be the key mechanism — by which an organisation is able to demonstrate that they've really understood where the risks are and either have got controls that mitigate those risks or they've then been able to have an informed decision as to perhaps the business that they won't do.
For me, that's the starting point. The reason why that's an important pillar is because that is the mechanism by which the risk and compliance professionals are able to articulate to senior management where the risks are in their business. But also, it allows the risk and compliance professionals to be able to engage with the business and help the business better understand where the risks are and then have the business to be able to articulate which controls within their business they believe address those risks.
So, it begins to bring together as a tool, those key constituents — risk and compliance, the business, and senior management. In the context of this discussion, the more that that risk assessment can be data-led — and I can't emphasise enough the importance of good-quality management information in order to do so — that's likely where I think the management accounts and other finance professionals can play a part in being able to get the right information so that the risk and compliance professionals are able to better understand what the business is doing, how it's configured, who sits within that customer base in those markets, then be able to reflect back to senior management well in the context of that business and the controls that are in place sort of what the residual risk actually is.
I think those organisations that not only get that framing right but more importantly are able to set it up in a way that they can ideally on a more continual basis keep that risk assessment up-to-date means that you're actually using that to inform what you do to manage your risk rather than, I fear, in some organisations it being used almost as a backward-looking exercise to justify what has been done rather than inform what needs to be done.
Adamek: How do you see the next five to ten years when it comes to anti-money laundering and financial crime mitigation and risk assessment? How big a part of a management accountant's job is that going to be in the future?
Russell: There's three areas where I think go forward there's just going to be increasing prominence and interest for management accountants. Just the day-to-day activities are going to be more — they're going to find financial crime risk being more relevant. I gave the example of mergers and acquisitions. I think that increased granularity that the authorities and regulators are looking for in relation to the management of financial crime risk, I think is going to put a strain on perhaps the transparency and visibility of existing systems and controls, which could well be a touchpoint for the management accountant.
Thirdly, those aspects of misconduct and control that perhaps more traditionally fall within the management accountant's sphere such as fraud and tax evasion, for example. I think the convergence with those other aspects of financial crime risk are just going to make it harder for the management accountant to avoid financial crime risk.
Ultimately, I do think it's an opportunity given where they sit within that position between business and risk and compliance. Actually, I think it's an opportunity for them ultimately.