_This is the sixth episode of our COVID-19 webcast series. In this episode Partner Mark Shaw wants to look at CSSF Circular 20/740, which was issued on 10 April 2020, and covers the financial crime, anti-money laundering and counter-terrorist financing issues specific to the COVID-19 pandemic.
Transcription of the video:
Regardless of the disruption caused by COVID-19, the CSSF’s fight against financial crime remains a priority. Past experience shows us that during a crisis, illicit financial flows continue, as criminals seek to exploit temporary weaknesses in anti-money laundering controls, particularly where legitimate financial flows diminish and firms struggle to retain assets.
The COVID-19 pandemic has also presented a number of additional opportunities for fraudulent parties, seeking to take advantage of social distancing and also various governmental and charitable interventions.
The Circular is intended to provide guidance to all professionals subject to the CSSF’s supervision for AML in relation to these additional risks and vulnerabilities that arise from COVID-19, although we’ll focus on its application to financial services.
The Circular is broken down into four sections, which we’ll look at in turn.
Section 1 sets out several new ML threats resulting from the COVID-19 pandemic
We are all aware that criminals are taking advantage of COVID-19, and are finding new ways to generate or integrate illicit funds. The growth of these has been rapid and the CSSF breaks these emerging threats down as:
- crimes that represent both a significant operational risk for financial institutions and a ML threat; and
- crimes where the risk to financial institutions is primarily related to the laundering of illicit proceeds.
The first of these threats is cybercrime, and we’ve covered this previously, so you should be well aware of the increases in phishing scams; the CSSF explains how the operational risks have been amplified by the changes to work practices put in place to allow for social distancing.
Next, the CSSF looks at frauds related to COVID-19. For financial institutions, the combined operational weaknesses resulting from home working and the increased activity in the markets makes it easier for criminals to circumvent controls, which may result in diversions of customer payments or other sources of losses. These issues are significant for affected firms, not just being a direct cost, but also a significant reputational issue and a huge loss of management time in remediation.
There is significant bribery and corruption risk resulting from the deployment of government stimulus packages to support businesses through the economic downturn. The exceptional circumstances, unprecedented size and urgency of such measures create opportunity for abuse, and therefore pose a material ML threat for financial institutions.
The CSSF also flags the risks associated with the trafficking of counterfeit medicines and other goods, and also opportunities for thefts and burglaries during the pandemic – firms should be aware of increased attempts to launder the proceeds of such crimes.
Finally, the CSSF flags an increased risk of market abuse. This could either stem from:
- the nature of COVID-19’s impact on issuers, and the unusual channels through which inside information is transmitted, which may result in a higher number of persons having access to that information; and
- opportunities for abuse resulting from the highly volatile market environment -the pharmaceutical sector being particularly sensitive here- and again, wider access to inside information and weakened communication channels.
Section 2 of the Circular describes several particular areas of vulnerability for the financial sector
In relation to the new ML threats arising from COVID-19, the CSSF acknowledges specific areas of the financial sector that could be exploited…
The first relates to online payment services: the surge in online transactions creates more opportunity for criminals to conceal illicit funds within the greater number of legitimate payments made online.
Next, the contraction in economic activity could place some clients of firms in distress. This creates opportunities for them to be exploited by criminals seeking to launder illicit proceeds. For example, there would be an increased likelihood that a borrower at risk of default may accept proceeds of crime in order to finance interest payments, facilitating the integration of those illicit proceeds.
For borrowers with collateralised loans, credit institutions may re-value existing collateral and request additional collateral. If a large number of borrowers are in financial distress then controls on the origin and source of funds risk being relaxed in order to obtain such collateral, which could facilitate the entry of illicit proceeds into the system.
Governmental credit support or relief schemes could also be targets for abuse, either by fraudulently obtaining funds without the intention of repaying them or misusing the schemes to launder money.
Firms that are distressed may seek to off-load investments to minimise losses, such fire sales present the opportunity for criminals to purchase or re-finance such distressed assets using the backing of illicit funds.
Finally, the delivery of aid through non-profit organisations has been identified as a risk area where there are increased financial flows through these organisations to higher risk countries.
Section 3 describes several mitigating actions around these risks for supervised professionals
The CSSF expects supervised professionals to continue to implement and maintain effective anti-money laundering systems and controls. Clearly, they need to adapt to these new risks, so the CSSF has stressed some focus areas:
The first is business continuity planning, which we’ve covered previously, but the key point is that effective AML processes are in place and controls remain fully operational whilst staff are working remotely, and that there are adequate systems of communication for collaboration between business lines.
Again, as highlighted in our last webcast with RFA, mitigation of cyber risk is critical: systems should be reviewed, controls should be robust and staff should be trained.
Moving on to transaction monitoring. As in the ordinary course of business, professionals should continue to monitor transactions and pay particular attention to any suspicious patterns in customers’ behaviour and financial flow.
Professionals should take risk-sensitive measures to establish the legitimate origin of unexpected financial flows, and pay particular attention to:
- customers in sectors that are known to have been impacted by the economic downturn; and
- those that are suddenly seeing increases in financial flows, such as pharmaceuticals.
The CSSF encourages professionals to continue to apply the customer due diligence measures required under the 2004 AML Law and to consider how these can be strengthened to mitigate the impact of a lack of face-to-face contact with customers resulting from social distancing, such as increasing the frequency and detail of checks on certain persons. They may also want to consider the use of regtech solutions.
Professionals should make dynamic ML risk assessments on an ongoing and 360 degree basis, specific to the business and communicated across the organisation.
Finally, firms should continue to cooperate closely with competent authorities. This includes promptly reporting suspicions of ML to the CRF as well as continuing to interact with the CSSF in a timely manner. Professionals should also be proactive in using industry bodies and sharing information in real-time to help collectively combat these new ML threats.
Section 4 outlines the CSSF’s approach to AML supervision during this period
This final section simply highlights the CSSF’s commitment to combatting money laundering and terrorist financing throughout the COVID-19 pandemic, and aims to reassure market participants that it is as close to business-as-usual as possible for its AML supervision while lockdown continues.