KYC3 is growing – are you fit enough to join our team?

This is the career defining CTO opportunity you’re looking for!

Launching in 10, 9, 8, 7 … are you ready to drive the rocket ship to success with us? If you have experience with modern technologies like Apache Titan, Spark, Hadoop, OpenNLP, and Bootstrap then you should jump on board the KYC3 rocket now!

KYC3 has opportunities for Senior Software Engineers who will build and extend our state of the art technology. Join the core team behind innovative state of the art technology for real. We’re looking for full-stack developers who are passionate about innovating on big data and delivering great user experiences. You like to code and have an eye for clean, intuitive design. If you want to use your abilities to deliver the next generation of intelligence processing application technology, then join us to create engaging, easy-to-use, and visually delightful intelligence analysis applications that address complex user needs. Become instrumental in converting sales opportunities into deals faster working with our sales team. You and the technology team will be responsible for delivering solid production quality systems for KYC3.com and its enterprise and API clients.

KYC3 offers you a chance to get in a ground level, with equity options and a potential CTO position for the right candidate who can combine technical skills with business acumen in a readily accessible manner in front of clients and investors.

You should be motivated, very flexible, and able to work in an environment that constantly generates new ideas and new invention. Creativity and a willingness to take bold steps are a plus. Although some travel, mostly to Luxembourg and Switzerland, will be required, you can work form anywhere most of the time.

We’re looking for demonstrated full-stack experience in one or many of the following areas:

• Previous experience with Apache Titan, Apache Spark, OpenNLP, Hadoop, Elastic Search
• UI design including HTML, CSS, Javascript UI frameworks; e.g. Dojo, jQuery UI, Bootstrap, Flat UI, d3js,
• Web application (Model View Controller (MVC), My Virtual Model (MVM)) frameworks; e.g. Java Enterprise Edition (JEE), AngularJS, EmberJS, Sinatra, or Rails,
• Cloud computing environments; e.g. Amazon Web Services (AWS)
• Building applications using cloud APIs and Representational State Transfer (REST)ful services

Financial industry background or expertise would be a bonus.

Please express your interest via e-mail to support@kyc3.com with details of who you are and why you would make a great addition to the KYC3 team.

KYC3 is a startup with massive potential – we have won numerous awards and have offices in Luxembourg in the BGL BNP Paribas LuxFutureLab and in Geneva in the FintechFusion program – both prestigious accomplishments in their own. Our team collaborates openly and freely. We research new ways to approach difficult problems and quickly adopt new technologies. We work in cross-site teams and with customers in international settings.

https://kyc3.com
Luxembourg: LuxFutureLab, Boulevard Royal 59, L-2449 Luxembourg City
Switzerland: Fusion, Av. de la Praille 50, CH-1227 Geneva

49.609749 6.126501

KYC3 Meets the Minister of Finance at the ALFI Conference

Minister Gramenga likes our “information refinery”.  Gave a quick demo and took photos!

49.611621 6.131935

When do you say “No” to a prospect customer or counterparty? (Part 2 of 2)

A fine local dentist is a good account to have…

In the first part of this article, we reviewed the “tick the box” hurdles that a prospect must overcome in order to meet basic anti-money laundering requirements. In this second part, we will look at the considerations that must be made when taking a Risk Based Approach towards the client or counterparty.

 

Would you rather have the well-to-do local dentist or the billionaire foreign despot as your client?

The final hurdle in a customer or counterparty due diligence (CDD) is often difficult to set since it is a grey area in which the risk must be evaluated and compared against your own tolerance or appetite for risk. There are several factors that are considered in the evaluation of CDD risk.

First, there is the customer or counterparty themselves. The degree of political exposure is also a risk factor, as politically exposed persons (PEPs) are often in a position of power that is conducive to bribery and corruption. The reasons given for the proposed relationship should be scrutinized and validated. The nature of the relationship should be considered as well: how much business and of what kind is expected over the duration of the relationship. Finally, the history of the party is a risk factor with facts such as past criminal or civil investigations, indictments, and convictions playing a role in judging the risk.

Second, there is contextual and geographical risk. If the party is foreign, then this presents more risk than would a well-known local. If the party comes from a country or region where corruption and crime are high this will raise the risk profile. A party from country with significant extractive resource revenue will also present a higher risk. There is some truth in the stereo type of a third word government official from an oil rich country making off with stolen funds, as this happens much more often than it does with first world government officials from diversified service driven economies.

Finally, there is the business proposed. If the proposed transaction involves new and innovative products then it should be carefully reviewed. If the party is action through opaque and complex structures, particularly those located in certain “secrecy jurisdictions” then the risk profile should be increased. Finally, if the proposed business involves transactions that would be conducive to money laundering, i.e. cash or high value asset transactions, then the increase in risk must be considered.

In the Risk Based Approach it is up to your organization, based on a thorough understanding of your business risk tolerance, to decide which clients to accept as “low risk”, which ones to accept as “higher risk”, and which ones to “reject” and the processes used to make and continually evaluate these decisions. You may have several levels of risk and appropriate risk management procedures for each. It is up to you, within the confines of your regulatory regime, to select the right tools and define and implement the processes that are suitable for your business. In order to do this, you must understand the risks you face and press the pedal down hard enough to get your business to the finish line, while turning away any client that presents unreasonable levels of risk for your business.

In short, it is a much lower risk proposition to do business with a well-known community dentist who owns a local practice for the last 25 years and is planning for retirement than it would be to deal with a high-level judge from a foreign country who has been investigated for bribery in the past and wishes to open a “confidential savings account”.

When do you say “No” to a prospect customer or counterparty? (Part 1 of 2)

Several hurdles should be jumped to show that you Know Your Customer

KYC is the foundation of the AML process. Knowing Your Customer is the most obvious way to spot suspicious behavior. When taking on a new customer or entering into a transaction with a new counterparty, it is very important to understand who you are dealing with. In this regard, there are a number of common base efforts that are usually made, such as verifying the ID cards of the individuals involved, checking the legal status of the companies and organizations involved, and checking utilities or other invoices from known providers in order to verify that the address information for the person or company is correct.

Collecting documents this is only the first hurdle. The next immediate step is to check the party against various government issued watch and sanctions lists. This is a step that is still in the “tick the box” approach; if the party is on the FBI Most Wanted list or has been sanctioned by the European Union for committing human rights violations, then clearly dealing with the party is a “No, No”. The only complications in this check are that there are a lot of various lists to check from different sources and that there are sometimes names that match the lists because the parties simply have the same name. The first case is easily addressed through the use of tools that enable searching all the lists at once. The second case requires comparing the list entry with the party in front of you in order to make a determination if it is a match or not. This is done by comparing attributes, such as date of birth.

After the second hurdle, the Risk Based Approach starts. This is a process moves into a grey area. It is here that KYC becomes a difficult and very personal affair. Two hurdles are overcome with yes or no answers. To set the third hurdle requires asking “How much risk does this party present and is it within our tolerances?”

In the next part of this article, I will discuss considerations of setting the third hurdle for the Risk Based Approach.

What’s a PEP problem and do you have one?

Is your rich foreign businessman a PEP back home?

In the age of globalized banking it is very important to understand the risk that “Politically Exposed Persons” pose to any business, no matter how small, that deals with international clients involving transactions or asset management of even modest sums.

Politically Exposed Persons or PEPs are those people that due to their own position or that of a close associate exercise functions that are conducive to corruption and related criminal activity.

Being a PEP does not necessarily mean that a person is corrupt, although some may argue this point.  A PEP is simply someone who has the access and the authority to be corrupt. According to FATF guidance on evaluating PEP risk, a PEP may be anyone who is elected or appointed to a political office, anyone who heads a state-owned or state controlled enterprise, any family member of the former two, or a known a close associate of the former types of people.  This includes judges, high ranking military officers, and government officials, especially those in a position where corruption is common, such as procurement or contracting.

A glaring example of such abuse by PEPs is the “Cash for Kids” scandal in which two U.S. judges were found to have been sentencing children to serve time in private juvenile prisons in which the very judges held a commercial interest.  While this scandal may have been difficult for the bank of the judges to detect there are often warning signs that should not be ignored.

The first step is to know that your client is a PEP.  Identifying PEP status and risk should be part of your KYC (Know Your Customer) client on-boarding and risk evaluation process.  You should ask your customer to disclose any political office or other politically exposed position they may hold and you should expect an honest answer.

Following advice that Ronald Regan made famous: a “Trust, but verify” approach is necessary.  Good research tools can be used to screen individuals against a database of known PEPs, as well as provide access to media coverage that will allow you to qualify the extent of the individual’s political exposure.

Take the very recent press example of former Minister Ninu Zammit of Malta.  HSBC Geneva managed accounts of more than 3 million Euros for him.  They took active steps to move the funds from Europe to BVI companies in order to avoid the EU Savings Tax Directive and clearly knew Zammit for several years.  However, a glaring red flag is that Mr. Zammit declared earning only 37,000 Euros per year from his ministerial position.  How is it then that he amassed a fortune of more than 70 years worth of his salary?  This is a typical Red Flag for a PEP: having assets far beyond their logical means.  Zammit claims that these deposits were built up since the 1970s through his savings and property business.  Unless he could document these deposits over that time, the source of the funds through tax returns and business records, and he could explain why he needed to put the funds in a secret offshore account, it would appear that HSBC may have been aiding and abetting corruption and been an active participant in money laundering in this case.  HSBC’s reputation is now suffering from their failure to manage this risk.

According to current statements, HSBC has changed their procedures and cleaned up their bank since this time; however, the example of Zammit is a very good case study of a high-risk PEP that would require a thorough KYC/AML evaluation and monitoring in order to manage the risk of the account.

Car Dealers: Do you know your KYC/AML obligations?

Luxury cars are often used to launder money

On March 6th, John Frank Mussari Jr., the owner of a luxury car dealership was sentenced to 2 years in prison for money laundering.

Cars, especially luxury cars, are often used to launder money.  Auto dealers routinely deal in transactions exceeding the AML regulatory limits, usually $10,000 or similar amount in Euros, Pounds or other local currency.

Mussari’s case is a very good example.  Mussari owned a dealership specializing in Ferrari, Lamborghini and other luxury cars.  Mussari developed a relationship with a “good client” who bought several sports cars from him.  Over the course of this relationship, he was paid $132,000 for a Ferrari 360 Spyder, $147,000 for a Porsche 911 Turbo Cabriolet and $320,000 for two Lamborghini Gallardos, among others.

In what could have been a scene out of Miami Vice, Mussari was stopped by Federal Agents leaving the client’s Fallbrook house in a yellow Ferrari.  Over the course of their relationship it became apparent to Mussari that the client’s source of funds was from drug dealing, yet he never reported any transactions to the authorities.  When this came to judgement in court, Mussari was found guilty and sentenced to two years in prison.

Clearly, it is important to have a reasonable KYC system in place in order to protect your business from the risk of money laundering.  Mussari probably only made a few tens of thousands of dollars on the sales, yet will spend two years in prison for it.  A basic KYC/AML procedure could have prevented this.

The first step is in obtaining the identification of the buyer and to have them declare the source of funds, e.g. savings, sale of another asset, or so forth.  Once this is done, some basic research should be conducted, such as checking sanctions and wanted lists.  If there is any hint of doubt regarding the client or the source of funds, a detailed media check should be made.  There are many tools available to do this, from self service KYC tools through to outsourced enhanced due diligence consultants who perform a full background check and provide a detailed report.

Mussari is a reminder that we should remember that auto sales also have an AML obligation that must be taken seriously.

FCA recommends EDD on directors of corporate clients

In November 2014, the FCA published Proposed guidance on financial crime systems and controls that lays out sound advice on how to manage compliance and mitigate the risk of financial crime activity across a financial institution.

In particular, they specifically advise

“carrying out searches on a corporate customer’s directors or other individuals exercising control to understand whether their business or integrity affects the level of risk associated with the business relationship.”

Good information is required in order to do this correctly. We look not only at the current employment of the directors, but also their present and past business activities and relationships is necessary in order to assess the risk associated with the individual.

Much like an HR screening, or a more detailed background check for a government security clearance, looking at the individuals more closely reveals patterns and relationships of risk, such as indications of past criminal activity, civil disorder or close relationships with politically exposed individuals or suspected criminals.

Most people still use general internet searches for this purpose.  However, tools such as KYC3 are the first step towards a true professional approach.  These offer current and historical company data and comprehensive news coverage and functionality such as qualified relationship graphs of the individuals.  We can quickly understand the subject’s activity with such information.  In an interesting development in the US Courts, the use of such tools is commonly becoming part of legal settlements in cases of non-compliance.

Of course, if one wants to really achieve the same level of certainty that a “Top Secret SCI” clearance would entail, then we would need an active investigation, complete with agents discretely collecting information on the individuals in order to form an accurate and very well informed opinion.  There are several companies out there that offer such services already.  Is this coming soon to a financial institution near you?

KYC3 Quick Tour

Take a quick tour of KYC3.com and see what it can do for your compliance process.  Be the first to check out the Know Your Customer AML/CFT/PEP screening reports and the enhanced News and Company research tools.

 

FinCEN demands Casinos do KYC too

FinCEN, the U.S. financial crimes enforcement arm of the Treasury Department, is demanding that casinos do more to prevent their use as vehicles for money laundering.

To this effect, casinos will be required to know the source of their customers’ funds.  Of course, the first step in understanding the source a customer’s funds is to Know Your Customer.

Source: Wikimedia Commons

Secondly, FinCEN also demands that casinos adopt a Risk Based Approach to managing their exposure to financial crime, particularly money laundering and terrorist financing.  A successful Risk Based Approach requires several well planned and functioning elements.  These include 1) the process and guidelines in place to ensure that the approach is methodically applied within the organization, 2) well trained staff with the authority to make decisions related to the assessment of risk and a corporate culture that gives them the freedom and respect to make independent assessments of risk based on the situation and their experience, and 3) professional tools to support the research and evaluation of subjects of risk facing the organization.

As a third demand, FinCEN insists that casinos improve their information sharing with regulatory and law enforcement authorities.  This means that casinos are required to voluntarily file Suspicious Activity Reports for any suspicious activity that would be identified within the casino.  They also request that the casinos provide additional specific customer information for any unusual activity.  As a matter of fact, it is well known that within the Department of Treasury Law Enforcement community there are many who believe that Suspicious Activity Reports should be changed to Unusual Activity Reports, but that is a topic for another post.

Finally, FinCEN has issued a warning against a high risk behavior called, “Chip Walking”.  This involves using casino chips as a placement instrument for purposes of money laundering or facilitating illegal transactions.  For example, suppose a bad guy obtains a hundred thousand dollars worth of chips and places those in a casino lock box.  The bad guy can then take the key to that box out and give it to the bad guy who has brought him a load of illegal drugs.  Deal done and no messy briefcases of cash to handle.

Of course, if the casino would know its customers, this suspicious activity would be noted and may eventually lead to reporting and arrest of the bad guys.  And this is the whole point of the FinCEN demand.

 

New Legislation Means Ignorance is No Defense – Jail Time for Commercial Service Providers to Criminals

There has been a long history of professional service providers maintaining a clean image under a shield of ignorance with regards to their customers’ activities.  That is changing quickly.

The UK has passed legislation that gives the Home Office, the Serious Fraud Office and the National Crime Agency new legal power to stop this type of behaviour.  White collar professionals, such as lawyers, accountants and fiduciary company agents, have long adopted a “don’t ask” policy with respect to their customers’ businesses.  They carefully ensure compliance requirements are met using a tick the box approach to satisfy their legal and regulatory requirements.

This legislation is a game changer that forces professionals to adopt a Risk Based Approach.  Professionals are now required to understand what their clients are doing with the commercial services they provide and can be held criminally liable for their participation in the criminal organization.  This is punishable with up to 5 years of prison time.  This legislation coupled with the trend to make tax evasion a predicate offense to money laundering place a very serious burden on every professional to really Know Their Client.  Not investing in an appropriate tool and making a real effort to meet this responsibility will soon become a case of professional negligence.

Continue reading →