7 minute read
Money Laundering and
Money Laundering and Anti-Terrorist Risk Management for Lawyers
By Timothy C. Stone and Martin J. Foncello
In the world of anti-money laundering and counter-terrorist financing (AML/ CTF) compliance, U.S. lawyers are not held to the same exacting regulatory standards as bankers. Bankers must monitor clients for suspicious activity and file Suspicious Activity Reports with the Financial Crimes Enforcement Network when client activity engenders suspicion of financial crime. However, Congress has not seen fit to impose a comparable obligation on U.S. lawyers — who, after all, are bound by the duty of confidentiality and attorney-client privilege. Yet in the AML/CTF context at least, it sometimes behooves lawyers to act a bit more like bankers.
Lawyers, of course, can be an important conduit to the financial system, and bad actors can misuse lawyers to move and hide illicit gains, which poses money laundering and terrorist financing risk comparable to banks and financial institutions. An attorney’s client accounts, for instance, can be used to place tainted money in the financial system or to layer funds and obscure their source. Lawyers create corporate structures such as shell and shelf companies, which can be exploited to retain control over illegally derived assets, and to prevent law enforcement from tracing the origin and ownership of assets. Attorneys play a central role in the transfer of real property, and criminals commonly invest the proceeds of wrongdoing in real estate.
Lawyers have strong reason to look at their money laundering and terrorist financing exposure. The risks of not doing so are many. For example, although not subject to the Bank Secrecy Act, attorneys are certainly bound by criminal money laundering laws, and want to protect themselves from imprisonment at worst and career-derailing criminal liability at best. Lawyers can also breach economic sanctions if they deliberately or even inadvertently handle funds coming from or going to comprehensively sanctioned countries, or facilitate transactions by individuals or entities designated pursuant to the Office of Foreign Asset Control’s sanctions programs.
Ethical violations are yet another pitfall. The most recent and prominent cautionary tale was the Global Witness/60 Minutes sting case from 2016. Wearing a hidden camera while posing as a German adviser to a West African mining minister, a witness from the non-profit Global Witness met with lawyers from 13 New York law firms — including the then-president of the American Bar Association — asking the lawyers how to anonymously move large sums of money that he said derived from suspicious origins. In all but one case, the lawyers offered suggestions on how to get the money into the United States without detection. This fueled a stir in the New York legal community and led to at least two instances of New York Bar authorities publicly censuring the attorneys involved.
Overlapping with each of the above risks is the hit to their reputation that attorneys take if they don’t consider AML/CTF issues in their enterprise risk management, and establish controls appropriate to their practice. The notorious and long- running 1Malaysia Development Berhad (1MDB) scandal is a case in point. As investigators unpeeled the case like a rotten onion, news reports cited financial transactions performed by key players in conjunction with five major U.S. law firms. A fraudster allegedly used one of those firms, which the DOJ named in a civil asset forfeiture filing, to launder (unwittingly, by all accounts) hundreds of millions of dollars pilfered from a Malaysian sovereign wealth fund through a law firm’s pooled account. The firm wired tens of millions of dollars to, among other places, casinos well known for money laundering opportunities.
Even assuming the legality of the attorneys’ conduct in that case, the firm found itself in the unenviable position of taking a blow to its reputation. The fact that a basic internet search for the name of a lawyer or firm yields news hits for money laundering is obviously something to be avoided at all costs.
From solo practitioners to multinational megafirms, lawyers can therefore take a page from the playbook of banks and other financial institutions by considering how enterprise risk-management techniques — including risk assessments and technology-enabled AML/CTF controls — can help identify, assess and mitigate exposure to financial crime, and potentially crippling damage to their reputations.
Nearly all banks and modern financial institutions use some form of enterprise risk management to identify and prioritize nonfinancial risks that can impact the organization’s ability to operate. As the Wall Street Journal reported in July 2019, government agencies are getting into the enterprise risk-management game. Faced with the often enormous impact of nonfinancial risks on public confidence in government, federal agencies are increasingly taking a cue from the corporate world by appointing chief risk officers, and instituting controls to identify and manage operational risks.
AML GUIDANCE FOR LAWYERS
Lawyers, too, can benefit from the structure and rigor of sound enterprise risk management, especially in the context of financial crime risk. In October 2014, recognizing the financial crime risk inherent in aspects of legal practice, the American Bar Association, in conjunction with the International Bar Association and the Council of Bars and Law Societies of Europe, issued AML guidance for lawyers that touched on the risk-based approach attorneys can apply in the AML/CTF context.
In June 2019, the Financial Action Task Force (FATF), the independent inter-governmental body that develops policies to combat money laundering and terrorist financing, issued updated risk management guidance for lawyers. Expanding upon earlier guidance, the 2019 document, titled Guidance for a Risk-Based Approach for Legal Professionals, lays out building blocks for a robust AML/CTF framework founded more directly on principles of risk management.
As the FATF guidance recognizes, a risk assessment is the starting point for operational risk management. Risk assessments should be adapted to the size, nature and complexity of a legal practice, adding structure, documentation and an input for considering money laundering and terrorist financing risk. In many cases, performing an AML/CTF risk assessment is not much different than what attorneys already do as a matter of course. For a solo practitioner, this can be as simple as memorializing the vetting of a client and taking on cases only within the attorney’s expertise.
For a large firm with a global footprint that facilitates transactions across markets at higher risk for corruption and other criminality, a risk assessment will need to be more nuanced. For example, it might involve not only individual assessments of money laundering/terrorist financing risk when on-boarding a new client but also an annual firm-wide assessment of aggregate inherent and residual risk, tied to an informed judgment about the effectiveness of the firm’s AML/CTF controls.
An AML/CTF risk assessment will naturally focus on the inherent financial crime risk of each client and its relationship with the lawyer or firm. FATF’s recent guidance covers certain well-trod ground in this area, such as the heightened risk from working with clients who are politically exposed persons and those closely associated with them. Lawyers should also pay attention to client companies that operate a considerable part of their business or have major subsidiaries in countries posing higher risk for corruption and other financial crime, and clients that are cash-intensive businesses.
TECH LEVELS THE FIELD
For firms with limited time and resources to dedicate to compliance, performing due diligence to support robust risk assessments can seem daunting, but technology is leveling the playing field. In this regard, FATF specifically urges legal professionals to “consider using reputable technology-driven solutions to minimize the risk of error and find efficiencies in their AML/CTF processes.” Some of the same technology-enabled tools that banks use to identify and mitigate AML/CTF risk are available to lawyers. In particular, tools that employ artificial intelligence and machine learning can provide affordable, repeatable and auditable ways to gather and review customer information and to monitor changes in a client’s AML/CTF profile.
The FATF guidance also offers valuable examples of factors that may render a transaction or service a lawyer is asked to facilitate riskier with respect to money laundering and terrorist financing. Some of these are obvious, such as whenever a lawyer, effectively acting as an intermediary, handles the transmission of funds through accounts she/he controls to carry out a business transaction on behalf of the client.
The guidance provides examples of more nuanced red flags as well. Examples include the transfer of real estate or other high value goods or assets between parties in an unusually short time period with no apparent legitimate reason; the postponement of payment for an asset or service delivered immediately to a date far from the time at which payment would normally be expected, without appropriate assurances that payment will be made; unexplained establishment of unusual provisions in credit arrangements that do not reflect the commercial position between the parties; and acquisition of businesses in liquidation with no apparent legitimate purpose.
In a profession where reputation is everything, lawyers have a compelling reason to understand and mitigate their financial crime exposure. FATF’s recent guidance outlines best practices for lawyers in identifying and managing AML/ CTF risks through tried-and-true operational risk management techniques, the effectiveness and efficiency of which can be boosted through technology-enabled solutions.
Timothy C. Stone is a Director based in the New York office of Exiger, and a former Manhattan Assistant District Attorney. He oversees the drafting and submission of reports to the Department of Justice as well as U.S. and international regulators. tstone@exiger.com
Martin J. Foncello, a former Manhattan Assistant District Attorney, serves as Assistant General Counsel at Exiger. mfoncello@exiger.com
