Developments in the global financial services sector are increasingly starting to impact non-financial sector corporates, as regulatory authorities now expect them to have effective compliance programmes that address both corruption and money laundering risks.
Increasingly, governments and regulators are focusing on compliance programmes and insisting that corporates, particularly those in Asia and Latin America, put in place compliance programmes. This was one of the messages at the recent APEC Economic Cooperation conference held in Lima, Peru. The more developed economies in the US and Europe have a slightly different concern, as they focus on the quality of their compliance programmes, sources said.
The Anti-corruption and Transparency Experts Working Group's ("ACTWG") workshop on corporate compliance programs for APEC economies are looking to improve its "APEC General Elements of Effective Voluntary Corporate Compliance Programs", according to a lawyer privy to the discussion.
The "APEC General Elements of Effective Voluntary Corporate Compliance Programs" is an existing guidance to corporates which supports their fight against corruption and bribery when conducting international business.
ACTWG comprises members of the law enforcement agencies in a number of jurisdictions, including Singapore's Corrupt Practices Investigation Bureau, the Independent Commission Against Corruption from Hong Kong and the Corruption Eradication Commission in Indonesia.
While most financial institutions have both anti-corruption and anti-money laundering policies in their compliance programmes, non-financial corporates may not have placed much emphasis on AML issues in their compliance programmes, said Wilson Ang, partner at Norton Rose Fulbright (Asia) in Singapore. He said non-financial corporates tend to focus more on anti-bribery and anti-corruption policy in their compliance programmes.
ACTWG is considering recommendations for anti-money laundering policies, including AML tools, to be incorporated in the compliance programmes for corporates, according to Ang.
"AML is closely related to bribery and corruption. If companies were to focus narrowly on corruption, they can still get into trouble for anti-money laundering breaches. By incorporating aspects of AML in their compliance programmes, such as customer due diligence, companies can potentially prevent AML failings. There is a lot of synergy between the two, and you can use different aspects to target different risks," he said.
Ang said AML focused largely on know-your-customer, whereas anti-corruption was about knowing the agents or associated persons who act for or provide services to companies.
High-Profile Events Involving AML Breaches
The increasing interest in AML compliance by authorities and regulators comes as no surprise. A few high-profile AML breaches involving large financial institutions such as HSBC and Standard Chartered in recent years have led regulators to increase their focus on AML.
In Asia, the 1MDB case involving allegations against Malaysia's prime minister and the current investigations by the Swiss and Singapore regulators into Swiss private BSI Bank for a number of AML breaches, have seen regulators shore up their supervision of financial institutions and enforcement.
Asian Regulators Put More Focus on AML
Nizam Ismail, head of regulatory practice at at RHTLaw Taylor Wessing in Singapore, said AML has been given a lot more attention now than three years ago, as evident in the regulatory efforts in a number of Asian jurisdictions. Singapore made a number of significant revisions to its AML regime in the last three years in the run-up to the Financial Action Task Force's assessment in November 2015. Malaysia recently became a member of the FATF, whereas Indonesia has been taken off FATF's blacklist, although it has yet to become an FATF member.
Nizam said FATF's assessment of Singapore's AML regime was stringent, focusing on the implementation of its AML framework. In June this year, the Monetary Authority of Singapore ("MAS") formed a new department, focusing solely on AML supervision and enforcement. In the aftermath of its AML efforts, MAS revoked BSI Bank's license due to a number of regulatory breaches including AML lapses. Investigations by the Swiss and Singapore regulators into BSI Bank, and Singapore's current investigations into fund flows related to Malaysia's wealth fund 1MDB, have put the spotlight squarely on corruption and money laundering.
Spill-Over Effects on Non-Financial Corporates
All this, said Nizam, has a spill-over effect on non-financial corporates such as multi-national companies operating in Asia. He said such companies now want to do more extensive due diligence on their suppliers and customers. They will also expect their suppliers to have good compliance programmes in place.
Nizam said all companies in Singapore are subject to the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act ("CDSA"), the primary legislation governing AML in Singapore, even if they are not regulated by MAS. The CDSA also extends to the real estate sector, casinos, fund brokers, money lenders, lawyers and public accountants.
"There is general criminal liability on people who facilitate money laundering. Corporates have to put in place AML policy to protect themselves." he said.
Ensuring that compliance programmes are credible remains the responsibility of senior management and the board, regardless of whether they are financial institutions or non-financial corporates, Ang said.
"It goes back to the tone from the top; senior management and boards have to ensure that their programmes are followed through and that lapses are investigated," he said.
But banks appear to be at higher risk compared to corporates, largely because they are the inevitable channels for funds flows and thus being used as conduits for moving funds. Nizam said someone who heads up the compliance programme at a financial institution will be more nervous now than before given the increased supervision and the expectations from regulators to do things right. Lapses due to missing out on red flags, for instance, will immediately be considered a breach and so compliance officers face higher risk now than before.
"It is a bit of an art for banks to be able to set the right level of sensitivity for the algorithm in their systems in order to spot red flags. There is more focus now on doing things right. The repercussion is more significant now than before [for missing out on red flags]," he said.