Cathy Zhou
Partner, AML and Sanctions Regulatory Compliance
KPMG China
Financial institutions are on the front line of a rapidly changing regulatory environment. While anti-money laundering (AML) has always been a regulatory concern, it is quickly climbing the political, regulatory, and business agenda internationally and has become a key area of focus.
With AML regulators worldwide ramping up oversight in their jurisdictions, financial institutions are under growing pressures to develop and implement a robust and effective AML compliance programme that is consistent with industry leading practices and meet local regulatory expectations.
Currently, three issues are having a significant impact on AML compliance developments within Chinese financial institutions: the implementation of the People’s Bank of China’s (PBOC) No.3 decree, the Financial Action Task Force’s (FATF) mutual evaluation programme, and overseas regulatory developments.
Effective implementation of No. 3 Decree
Promulgated by the PBOC on December 28, 2016, the No. 3 Decree is an important milestone in China’s AML regulatory development. A highlight of the No. 3 Decree is a set of requirements pertaining to the reporting of suspicious transactions. The Decree has repealed the previous prescriptive transaction monitoring parameters and thresholds, which were universally applied to all financial institutions in 2007. Instead, the No. 3 Decree requires every financial institution to develop their own transaction monitoring rules and implement them by July 1, 2017. In addition, all financial institutions will need to:
Conduct ongoing tuning and assessment of the effectiveness of their transaction monitoring rules;
Perform detailed analysis of alerts; and
Keep detailed records of the decision-making process during an alert review such as the rationale behind why an alert was cleared or why further investigation was initiated.
The Decree also mandates that a suspicious transaction report (STR) is filed when the financial institution knows or has reasons to suspect that their client, client’s funds or assets, or transactions conducted or attempted by their client may involve potential money laundering or terrorism financing related criminal activity, regardless of the amount involved.
In order to ensure the quality of the alerts, financial institutions will need to develop an effective set of transaction monitoring rules, while taking into account their money laundering risk profile (Products, services, customers, transactions, and geographic locations) and risk appetite. This can be a challenge for the following reasons:
Excessive low quality alerts will cause financial institutions to invest unnecessary human and capital resources through the hiring of more compliance staff to analyse the alerts. It could also lead to relationship managers having to spend more time on gathering information to explain a customer’s transactional behavior, which may adversely affect a customer’s experience. On the other hand, if a financial institution’s aim is to minimise the number of alerts in a bid to save compliance costs, it defeats the purpose of developing the transaction monitoring rules in the first place.
The establishment and tuning of the transaction monitoring rules such as parameters, thresholds, and algorithms require ongoing and substantial testing and analysis, which is a long term task. For example, this could include above and below threshold analysis as well as, the analysis of potentially vast amounts of historical data.
The effectiveness of transaction monitoring relies on and is influenced by various components of the AML compliance program. This includes the adequacy of institutional risk assessment (covering all business lines, products, services, customers, transactions and geographic locations of the institution), robustness of the Know-Your-Customer (KYC) process, and the sophistication of the transaction monitoring system and KYC system (whether it can link customer segmentation with the threshold setting). In addition, data management (including data integrity, data flows and the interplay between upstream and downstream systems), detailed alert management and analysis procedures, STR decision-making and reporting process, continuing activity and post-STR filing actions, and the experience and competency of compliance personnel are important elements as well.
The key challenge will be how to utilise and improve a financial institution’s existing processes and IT infrastructure in order to implement the No. 3 Decree efficiently and effectively.
FATF mutual evaluation to accelerate AMLregulatory reforms
The FATF is an intergovernmental agency that sets global AML standards and is in the process of conducting its fourth round of mutual evaluation of its member countries’ AML regimes. The FATF mutual evaluation is an independent assessment of a country’s AML system.
While China received a favorable outcome from the previous round of FATF mutual evaluation, the upcoming assessment contains a few additional areas of focus, including the Designated Non-Financial Businesses or Professions (DNFBPs), cross-border activities, and the effectiveness of the implementation of AML measures such as its practicality in the real world.
Our analysis of other jurisdictions’ FATF mutual evaluation reports and their preparation work in this round showed that regulation formulation and enforcement measures tend to move swiftly towards leading global practices before or after the mutual evaluation.
Regulation formulation refers to the enhanced application of ‘risk-based’ principles and more regulatory guidance were rolled out to align with international standards.
Enforcement measures, on the other hand, refer to examination efforts to increase the level of scrutiny and enforcement actions for non-compliance (Cease and desist orders, fines, and prosecutions). The supervisory and enforcement powers of regulators were found to have increased before or after a mutual evaluation.
With China scheduled to undergo its FATF mutual evaluation in 2018, we are expecting the pace of China's AML regulatory development to quicken from 2017 onwards. This includes having more regulatory guidance, stricter supervision, and stronger enforcement.
Overseas regulatory developments
Chinese financial institutions operating overseas, however, will not only have to be aware of regulatory developments domestically, but also keep track of the changes in foreign jurisdictions.That is because they also need to strictly adhere to local AML requirements, which, in certain details, can be different to the requirements in China. The challenge is particularly great in relation to complying with US and UK requirements where financial institutions face potentially severe enforcement actions if they do not comply with local regulations.
In addition, foreign regulators are also raising the bar for individual accountability. For example, a UK law requiring annual compliance certification from a designated ‘senior manager’ came into effect in March 2016. The Department of Financial Services (DFS) in New York also implemented AML regulations in January 2017 that requires annual compliance certification from the Board of Directors or senior management. The increased focus to hold senior leadership accountable for AML compliance will impact how the head office oversees its overseas operations.
How should Chinese financial institutions react to the changes?
Both China's AML regulatory philosophy and regulatory measures are developing in line with international standards and practices. Financial institutions should therefore keep pace with and anticipate any regulatory changes in order to strategically develop an effective and sustainable AML compliance program that is consistent with international standards.
The following recommendations are meant to help financial institutions to utilise their resources in the most efficient manner whether they are developing their transaction monitoring rules, undergoing relevant system upgrades, or enhancing internal controls based on the newly issued guidelines.
Conduct an institutional risk assessment covering all business lines, products, services, customers, transactions and geographic locations of the institution. The assessment should also seek to understand an institutions’ inherent risks, existing internal controls and mitigating measures, and subsequent residual risks.
Develop or enhance the AML compliance program (includingtransaction monitoring rules) and relevant systems based on theresults of the above risk assessment.
Conduct a gap analysis, benchmark the institution’s existing AML compliance program against the relevant Chinese laws and regulations, international standards, and leading market practices. Enhance the AML compliance program based on the gap analysis findings and recommendations.
Build an AML compliance Target Operating Model or roadmap, which takes into account future business developments. Adopt a phased approach to deploy and improve the institution’s AML compliance program.
Provide AML training to relevant personnel at all levels; including the Board of Directors, senior management, compliance, internal audit, frontline business units and operations division. In addition, increase efforts to improve their understanding of the importance of AML compliance, knowledge of regulations and internal procedures, and relevant experience.
As China’s AML regulatory continues to evolve, financial institutions that act now and are proactively preparing themselves for the inevitable change will stand to benefit the most in the future.
Contact us
Cathy Zhou
Partner, AML and Sanctions Regulatory Compliance
KPMG China
Tel:+86 (21) 2212 3289
Email:[email protected]
Kyran McCarthy
Partner, Forensic
Asia-Pacific Head of AML and Sanctions Regulatory Compliance
KPMG China
Tel:+852 2140 2286
Email:[email protected]
Simon Topping
Partner, Regulatory Advisory
KPMG China
Tel:+852 2826 7283
Email:[email protected]
Please click“Read more”to learn more about our services and read AML and Sanctions related trending news around the world, trending articles and publications, and upcoming seminars and events.
