William Byrnes' Tax, Wealth, and Risk Intelligence

William Byrnes (Texas A&M) tax & compliance articles

Is AML Training Effective or Whitewashing?

Posted by William Byrnes on August 10, 2009

Over the coming weeks we will examine a number of financial crimes issues including several for anti money laundering.  Feel free to comment or email me with any burning questions. Professor William Byrnes (www.llmprogram.org) as well as join one of daily webcasts.  This is part one in a series that I will compose on whether instiutions are implementing effective training programs or merely whitewashing to avoid criticism (at the cost of risk of non-detection of internal or external AML infraction).

The Regulatory Environment [1]

For the past several years, the US banking industry has focused on regulatory issues, such as the corporate governance provisions of the Sarbanes-Oxley Act (enacted in 2002) and the banking-related parts of the USA Patriot Act (enacted in 2001). Much literature and studies have been provided regarding the cost impact of the various implemented measures.

Smaller community banks have contended that it is difficult for them to comply with certain Sarbanes-Oxley provisions, such as the requirement that audit committees be composed entirely of independent directors and that companies have a “financial expert” on the board of directors. The provisions of the USA Patriot Act require increased investments in technology (though many in the industry have questioned the effectiveness of these investments in preventing the funding of terrorist groups or activities).

The Reporting Impact

Resulting from the impetus of the Al Qaeda’s terrorist attacks of 9/11, the US financial institution regulators became an enforcement hawk of the money laundering provisions of the Bank Secrecy Act (“BSA”).  In turn, hawkish enforcement has led to a drastic increase in the number of BSA filings.  In 2007, the approximate two hundred thousand US depository institutions filed over 649,176 Suspicious Activity Reports (“SAR”s), as  reported by the US Government Accountability Office (“GAO”) (over 1.2 million SARs filed by all financial service providers).  In 2008, these deposit institutions increased their SAR filings by nearly a hundred thousand.  In contrast, just two hundred, twenty thousand STRs were filed in the UK by all covered persons in 2006-07 (of which 140,000 were filed by banks) with a 10,000 total filing decrease last year.[2] 

This begs the question: are too many being filed in the USA, clogging the investigatory system, or are too few filed in the UK, allowing criminals to operate freely?  And leads to many other questions such as: Do criminals launder more money in the US and less in the UK?  Are US personnel improperly trained and thus filing SARs improperly or with little use?  Are UK institutions whitewashing their responsibilities and thus staff are not equipped to identify suspicious transactions and patterns?  We will discuss these and many others if not here, in the webinars.

Notwithstanding this level of apparent US hawkish compliance, the GAO noted that the federal regulatory authorities cited well over 7,000 BSA violations, leading to over 2,000 various actions against banking institutions.  Interestingly, a majority of 2005 actions were issued against the traditionally smaller credit unions that at first glance may be considered to carry less risk for money laundering.[3]  Moreover, these enforcement figures did not include the actions taken against casinos, jewelry stores, and money service businesses, such as check-cashing, whose anti money-laundering (“AML”) program compliance is audited by the IRS. 

Managing Risk through Training

International financial centers all have a requirement that firms subject to money laundering legislation have a designated compliance officer, known by different acronyms such as MLRO.  Further, the legislation requires staff training on a continuing basis.  By two examples, the USA and the UK respectively:

Bank Secrecy Act § 5318:

(h) Anti-Money Laundering Programs.—

(1) In general.— In order to guard against money laundering through financial institutions, each financial institution shall establish anti-money laundering programs, including, at a minimum—  …

(B) the designation of a compliance officer;

(C) an ongoing employee training program; ….

The Money Laundering Regulations 2007 Training: 

21. A relevant person must take appropriate measures so that all relevant employees of his are—

(a) made aware of the law relating to money laundering and terrorist financing; and

(b) regularly given training in how to recognise and deal with transactions and other activities which may be related to money laundering or terrorist financing.

KPMG reports that the training of employees to recognize money laundering, which is labor intensive, has required a big cost increase for banks.  Yet, reviewing a few of the high dollar value civil penalty actions issued by the US regulators in the last two years illustrates that a lack of money laundering expertise at the management level and a lack of firm wide education and training at the staff level cuts across both large and small banking firms. 

Penalties for Lack of Training and Expertise

The highest publicity action in the past few years occurred against American Express Bank International (“AMEX”) – shortly thereafter purchased by Standard Chartered.  AMEX’s original sixty-five million dollar penalty resulted partly from the gross amount of errors in just one year in its SAR filings regarding its private banking services to its high net-worth individuals (HNWI) and the individuals’ respective businesses throughout Latin America.  In the 12 month period from May 2006, over 2,000 filing error were found for only 1,639 SARs, not including over 1,000 late SAR filings.  Other recent large penalties citing the lack of staff training include ABN-AMRO’s (forty million dollars) and fines of ten million dollars each for Bank Atlantic and AmSouth. 

A medium size Chicago head office bank suffered a two million dollar penalty because “management failed to implement adequate training for appropriate personnel to ensure compliance with the suspicious activity reporting requirements”.  The regulator found that the  Bank staff was inadequately trained in suspicious activity identification and monitoring, detection of structured transactions, and identification of possible money laundering.  Israel Discount Bank, with branches in a few states, paid a twelve million dollar file for inadequately training its staff regarding the heightened risks associated with its transaction involving Delaware LLC shell companies.  On the opposite size spectrum from AMEX, a one branch bank, Beach Bank of Miami, with less than $150 million in assets, suffered an eight hundred thousand dollar fine for its lack of monitoring of high risk accounts, including six foreign correspondent accounts. 

[1] Standard and Poor’s Industry Surveys: Banking (Dec. 6, 2007).

[2] The SAR Activity Review – By the Numbers Issue 10 (FINCEN May 2008); Money Laundering Regulations 2007: Regulatory Impact Assessment (HM Treasury July 2007), and The Suspicious Activity Reports Regime, Serious Organised Crime Agency (SOCA) United Kingdom http://www.soca.gov.uk/assessPublications/downloads/SAR-Annual-Report-08-pn.pdf.

[3] http://www.gao.gov/cgi-bin/getrpt?GAO-07-212

5 Responses to “Is AML Training Effective or Whitewashing?”

  1. Petros Michaelides said

    You have written a very nice article that covers all the questions we should be asking. I would like to make a few comments, please find them listed here below.

    a) The financial industry in the US is larger than the Uk thus less transactions are taking place, hence less SARs could be filed. If the numbers you are providing are correct with regard to how many SARs are filed, comparing the USA to UK, then one could argue that actually the UK is filling a greater number of SARs than the US is on average.

    b) The problem is not the proper training, in fact the problem is deeper than that. There are no set in stone rules with regard to what extend institutions gather information, the designing of AML/KYC programs or the training for that matter. Hence, institutions are left trying to interpret the law and a single misinterpretation could lead to inadequate programs, confusion, failure to comply, and lastly large fines for noncompliance.

    To conclude I think that the failed policies of the Bush era, or maybe I should say the flexible policies adopted by the Bush government in order to allow room for all kinds of government abuses does not work and has never worked.Congress needs to come out and clarify, specify, and simplify the Bank Secrecy Act and USA Patriot Act respectively.

    Petros Michaeides


    • Thank you most kindly for your comments, and observations.

      The statistics are taken directly from the relevant FIU reports being FINCEN and SOCA (click the links in footnote 2 and it should bring you to these reports) so for these blogticle purposes I assume that these are correct.

      And in my next blogticle on Friday, I will likely be agreeing with you position regarding the UK in contrast to the USA. That a lack of USA training is perhaps clogging the system. Having said that, I am at a fairly high level conference tomorrow debating this proposition out.


  2. […] See the original post: Is AML Training Effective or Whitewashing? […]


  3. William,

    That’s a very interesting article. As I’m English, I’d like to suggest that you may want to consider the impact of The Proceeds of Crime Act 2002 (esepcially section VII that came into effect 1st March 2004) and of the relevant industry guidance (such as the JMLSG or the CCAB) which both impact on the number and timing of SARS as well as how and who is trained. In other words the structure of what you need to train having adopted a risk based approach. In effect Petros is correct.

    Another problem that the US may be encountering here is a lack of senior mamnagement will to include effective AML in the reward metrics for front office staff. If they continue to be rewarded by volume of new business and not quality, it is not in their personal, possibly target driven interest to point out the possible AML weaknesses of a new client and it is instead left to the IT systems to try and pick everything up…

    On a slightly more humerous note, as an a very experienced international AML trainer, your statement that “Yet, reviewing a few of the high dollar value civil penalty actions issued by the US regulators in the last two years illustrates that a lack of money laundering expertise at the management level and a lack of firm wide education and training at the staff level cuts across both large and small banking firms” is most encouraging.




  4. […] my previous analysis warning to financial institutions about lack of […]


Leave a Reply to Mark R Outhwaite Cancel reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: