Compliance Portfolio

Compliance Portfolio SWIFT Business Forum Brazil 2015

Carolina Bezerra, Executive Director, BTG Pactual

Fedra Ware. Practice Lead Compliance Services, SWIFT

1 July 2015

Community inspired compliance services

2

As an industry-owned cooperative and the global network for secure

financial communications and standards, SWIFT is uniquely placed to

help solve the financial crime compliance challenge through

collaborative efforts and innovation

Significant costs

at stake….

... Yet no competitive

advantage for banks

Financial crime is top of

the agenda for banks

All geographies / All types

of players impacted

Lots of duplication…

… for universal challenges

SWIFT Business Forum Brazil - 1 July 2015

SWIFT Financial Crime Compliance Roadmap

FATF 16 Information quality

Compliance Analytics

Sanctions list

Mngt service

Sanctions KYC AML

Processing

services

Traffic analysis

Standards

Data

repositories

AML testing & tuning

Sanctions Screening

Sanctions Testing & tuning

(transaction & client systems)

Traffic restriction (RMA)

Live

Development

Qualification

Exploration

Quality

Assurance

Client/Name screening

3

KYC registry


Community-inspired solution portfolio

Sanctions Testing

25 top-tier banks with 35% of SWIFT message traffic

Maximise the effectiveness

and efficiency of your

sanctions environment


8 banks with

more than 10%

of SWIFT

message traffic

Enhanced understanding

& management of financial

crime-related risk.

Sanctions Screening

320 customers 16 central banks 100K messages per day

Hosted solution for cost-

effective compliance with

sanctions regulations.

The

KYC Registry

12 leading banks

in working group,

350 institutions

and counting..

One global source of KYC

information for

correspondent banking

4 SWIFT Business Forum Brazil - 1 July 2015


5

Enhanced understanding and management of

correspondent banking risk

Institution-wide risk assessment

• Understand payment patterns

• Enhance correspondent reviews

• Align to policy

Zero footprint

• Immediately accessible

• Consolidated rich, accurate dataset

• Interactive tools and reports

Mitigates emerging risk

• Track relationships and understand RMA status

• Understand risk concentration

Monitors payment flows

• To and from your institution

• Identify anomalies & nested activity

• Compare to peers


Sanctions Testing

6

Ensures filter effectiveness

• Quantify & reduce risk

• Model validation and fuzzy effectiveness

• Coverage and list validation

Manages cost & resources

• False-positive reduction

• Filter tuning and optimisation

• Test cycle automation

In-house teams or assessment services

• Independent testing for in-house teams

• Assessment and peer assessment services

Insight and understanding

• Fact based filter management

• Standard reports

• Community based approach

Maximize the effectiveness and efficiency of your sanctions

environment


KYC Registry

New global registry from SWIFT makes managing

your KYC compliance activities easier

SWIFT Business Forum Brazil - 1 July 2015 8

Today’s market: An unprecedented challenge to comply with

KYC requirements

9

KYC

Utility

Complex and inconsistent

requirements across

jurisdictions

Cumbersome, repetitive

and inefficient bilateral

exchanges

Unavailability and poor

quality of information

Complex and inconsistent

requirements across

jurisdictions

Cumbersome, repetitive

and inefficient bilateral

exchanges

Unavailability and poor

quality of information

Increase in pressure to

reconcile & ‘de-risk’

Increase in AML/KYC

fines (>$3 billion/2 years)

Increase in KYC

complexity: FATF/FATCA

As a result the industry has witnessed a new development: the growth of the KYC ‘utility’

The Cost of FI KYC is becoming prohibitive


In a nutshell… Single source of correspondent banking KYC information

7,000+ banks on SWIFT

Trusted third party (member-owned)

Leverage SWIFT membership

process to collect ‘basic’ data

User-provided, user-controlled

Up-to-date and validated

information (through dedicated

validation teams)


A Single Standard

Validated data

A feature-rich Platform

Unique value-add content

Community-lead engagement

The founding principles

www.betterkyc.com


http://www.betterkyc.com/

KYC: The foundation of an effective AML

program

Increasing regulatory and

market pressures

The industry must accept new expectations and manage growing

costs and potential real risk

of non-compliance

All banks require the same data -

there is no added value in doing separate

KYC data collection and

quality assurance

Every bank needs to be compliant, but there is no reward for being the best in class!


• 130 data fields and documents

• 5 categories

Identification

Ownership

Business

Compliance

Tax

• Directly provided by the

source

• Updated yearly and

continuously validated

• Electronic only

• Multi-language support

• A web-based application

• Hosted on swift.com secured

environment

• User-controlled access to data

• Pushed notifications upon

update

• Enhanced reporting, auditing

and exporting capabilities

• A user-to-user communication

channel

• Audit trial

• A unique traffic-based report

to support your KYC

• Objective and factual, helps

validate declared behaviours

• Specific, transparent and

unambiguous

• Optional and shared at bank’s

discretion

• Different levels of granularity

to cater for confidentiality

requirements

Content &

Controls SWIFT Profile

Features & Functionalities


Platform

Comprehensive set of data and documents

• Designed to satisfy the stricter regulatory requirements

• Public, non-public and private information

Continuously validated content

• Fact-based, documented and transparent controls

Collaborative platform

• Banks submit, maintain and selectively exchange data through the platform


The KYC Registry

A standard set of KYC data & documents

Category I – Identification

of the customer

Licenses and Proof of Regulation, Certificate of

Incorporation etc

Category II – Ownership

and management

structure

Declaration of UBO, Board of Directors Lists, AA/MA and

company Shareholdings and

structure, stock exchange

information

Category III – Type of

business and client base

Category IV – Compliance information

Key Compliance contact information,

AML documentation,

AML P& P, Wolfsberg

Questionnaire, USA Patriot Act, Other Compliance Docs

Category V – Tax

Information

Tax ID information, FATCA information, documentation and contact information

CDD & EDD

data

FATCA

MIFID

95+ data items

30+ Docs


The KYC Registry – Content

Mandatory – Conditional – Optional

I. Identification of the Customer

• Anglicised legal form

• Legal name in local characters

• Trading name in local characters

• Immediate previous legal name(s)

• Year of last legal name change

• Generic phone and fax

• Entity’s website

• Registration number (or other unique identifying number assigned

by the government authority)

• Authority issuing the registration number (commercial register)

• Country of authority issuing the registration number

• Date of incorporation/establishment


The KYC Registry

II. . Ownership and Management Structure

• Form of organisation

□ Publicly listed

% at which the entity is publicly listed

Name and country of primary stock exchange, link to the website and code of

the entity on the stock exchange

Name and country of secondary stock exchange, link to the website and code

of the entity on the stock exchange

□ Privately held

Memorandum and Articles of Association (or statutes or by-laws)

□ State-owned

•Bearer shares information

•Shareholding companies (companies with 10% shares or more mandatory, 5%

recommended for privately held and offshore banks)

•Ultimate Beneficial Owners statement

•Ultimate Beneficial Owners (threshold 10% ownership)

•Key controllers (Board of Directors, Senior executive mgt, Supervisory Board)

Mandatory – Conditional – Optional - Recommended SWIFT Business Forum Brazil - 1 July 2015 17

The KYC Registry – Content (6/13)

III. Type of Business and Client Base

• What type of products and services does the entity offer?

□ Cash services (all)

□ Cash management services,

□ Cash letters / cheques clearing

□ International funds transfers

□ Bulk cash activities

□ Banking products (all)

□ Money markets

□ Loans

□ Syndicated loans

□ Bonds

□ Credit cards

□ Banking services (all)

□ Private banking

□ Online banking

□ Mobile banking

Pro

du

cts

an

d s

erv

ice

s

□ Trade services (all)

□ Documentary collection

□ Letters of credit

□ Standby L/C

□ Guarantees

Market products (all)

□ Overnight investment

accounts (sweep account)

□ Foreign exchange

services

□ Spots / Swaps / Options

□ Investment advisers /

investment banking

□ Insurance

□ Islamic banking




III. Type of Business and Client Base

Ge

og

rap

hic

al p

res

en

ce

an

d r

ea

ch

• In which regions is the entity located, organised or operating?

□ North America

□ Latin America & Caribbean

□ British Isles & Eire & Nordics

□ Western Europe

□ Central & Eastern Europe

□ Africa

□ Middle East

□ North Asia

□ South Asia




IV. Compliance information

• Money Laundering Reporting Officer or Department contact details: First name |

last name (if applicable) | email

• Chief Compliance Officer name: First name | last name

• AML person contact details: First name | last name | job title | phone | email

• Number of employees and number of AML staff

• Name of AML Auditors

• State the respective sanction lists the entity is currently using □ None □ EU □ US

□ UN □ UK □ Other: specify

• What is the current PEP screening process of the entity? □ Automated □ Manual □

Other (free text)

• What is the current Sanctions screening process of the entity? □ Automated □

Manual □ Other (free text)

• What is the current AML Transaction Monitoring process of the entity? □

Automated □ Manual □ Other (free text)



Pricing model

• Data contribution (i.e upload) is completely free of charge

• Data consumption (i.e. usage) is payable via an annual

consumption based pricing model:

– You only pay for the data you need - Annual fee of 120 EUR per

counterparty’s data set consulted during the year. The recurring fee

grants an unlimited access (i.e. number of consultations and/or

users) to the information contained in the registry on your

counterparty

– Your total spending will be capped - A pre-determined price cap

amount will be made available to you, and data consumption beyond

this cap will be free of charge.

– Yearly Billing in December


Proposed Approach

Execute onboarding activities in manageable phases

• Phase 1 - Registration

Step 1: Registration of selected BICs, Assignment of KYC

Administrators

Step 2: Onboarding Category 1 information for selected entities

(Swift can assist with pre-populating some data)

Step 3: Data population of other categories (2-5)

• Phase 2 – Leverage platform for KYC refreshes of correspondent data

Outreach strategy with your correspondents (webinars,

newsletters, etc.)

Phase 3 – Embed Into Your Processes

Full integration of the Registry into your KYC process as BAU


Sanctions Screening

A quick and easy route to transaction screening


Transaction Screening – Why shall it be a priority

Why are Sanctions so complex?

25

40,000 names on lists

4 Billion fuzzy combinations

15.5 Billion $ fines levied on financial institutions for violation of sanctions regulations

1 Day

Average interval between sanctions list updates for banks active globally

-50%

Decrease in number of correspondent relationships from some US banks

+100%

Increase in alerts every 4 years due to increase in SDNs and transaction numbers

+20%

Yearly increase in names and aliases on US OFAC list


Inconsistent listings (across lists)

– i. There are 112 spelling variations in Muammar Kaddafi’s name in print media

– ii. The OFAC list provides 8 of them.

– iii. The UN sanction uses only 1 form of the name.

– iv. The form used in the UN sanction does not match any of the 8 in the OFAC listing.

26

SWIFT Sanction Screening v manual checks

Qaddafi, Muammar Kaddafi, Muamar Muamar Al-Kaddafi Mu'ammar Qadafi Moammar Khadaffy Muammer Gadaffi

Al-Gathafi, Muammar Kaddafi, Muammar Muamar Kaddafi Muammar Qaddafi Moammar Khaddafi Muammer Gaddafi

al-Qadhafi, Muammar Kadhafi, Moammar Muamer Gadafi Muammar Qadhafi Moammar el Gadhafi Mummar Gaddafi

Al Qathafi, Mu'ammar Kadhafi, Mouammar Muammar Al-Gathafi Mu'ammar Qadhdhafi Moammer Gaddafi Omar Al Qathafi

Al Qathafi, Muammar Kazzafi, Moammar Muammar al-Khaddafi Muammar Quathafi Mouammer al Gaddafi Omar Mouammer Al

Gaddafi

El Gaddafi, Moamar Khadafy, Moammar Mu'ammar al-Qadafi Qadafi, Mu'ammar Muamar Gaddafi Omar Muammar Al

Ghaddafi

El Kadhafi, Moammar Khaddafi, Muammar Mu'ammar al-Qaddafi Qadhafi, Muammar Muammar Al Ghaddafi Omar Muammar Al Qaddafi

El Kazzafi, Moamer Moamar al-Gaddafi Muammar al-Qadhafi Qadhdhāfī, Muàmmar Muammar Al Qaddafi Omar Muammar Al Qathafi

El Qathafi, Mu'Ammar Moamar el Gaddafi Mu'ammar al-Qadhdhafi Qathafi, Mu'Ammar el Muammar Al Qaddafi Omar Muammar Gaddafi

Gadafi, Muammar Moamar El Kadhafi Muàmmar al-Qadhdhāfī Quathafi, Muammar Muammar El Qaddafi Omar Muammar Ghaddafi

Gaddafi, Moamar Moamar Gaddafi Mu'ammar Al Qathafi Qudhafi, Moammar Muammar Gadaffi Omar al Ghaddafi

Gadhafi, Mo'ammar Moamer El Kazzafi Muammar Al Qathafi Moamar AI Kadafi Muammar Gadafy

Gathafi, Muammar Mo'ammar el-Gadhafi Muammar Gadafi Maummar Gaddafi Muammar Gaddhafi

Ghadafi, Muammar Moammar El Kadhafi Muammar Gaddafi Moamar Gadhafi Muammar Gadhafi

Ghaddafi, Muammar Mo'ammar Gadhafi Muammar Ghadafi Moamer Gaddafi Muammar Ghadaffi

Ghaddafy, Muammar Moammar Kadhafi Muammar Ghaddafi Moamer Kadhafi Muammar Qadthafi

Gheddafi, Muammar Moammar Khadafy Muammar Ghaddafy Moamma Gaddafi Muammar al Gaddafi

Gheddafi, Muhammar Moammar Qudhafi Muammar Gheddafi Moammar Gaddafi Muammar el Gaddafy

Kadaffi, Momar Muàmar al-Kad'afi Muammar Kaddafi Moammar Gadhafi Muammar el Gaddafi

Kad'afi, Muàmar al- Mu'amar al-Kadafi Muammar Khaddafi Moammar Ghadafi Muammar el Qaddafi


Public Sanctions lists available Country Description

Australia Department of Foreign Affairs and Trade

DFAT Iran Specified Entities List

DFAT Country List

Canada Office of the Superintendent of F.I.

OSFI - United Nations Act Sanctions

Department of Foreign Affairs and Trade

DFAIT Countries Embargoes

European Union

European Official Journal

EUROPE Countries Embargoes

EU Ukraine Restrictive Measures

France Journal Officiel français

Hong Kong

Hong Kong Monetary Authority

HKMA Countries Embargoes

Japan Ministry of Finance

Special Measures

Netherlands

Frozen Assets List - Dutch Government

New Zealand

New Zealand Police 27

Country Description

China Ministry of Public Security of the PRC

Singapore Monetary Authority of Singapore - Investor Alert List

Switzerland

Secrétariat d'Etat à l'Economie

SECO Countries Embargoes

United Kingdom

Her Majesty's Treasury

HMT Countries Embargoes

HMT Ukraine Restrictive Measures

United Nations

United Nations

UN Countries Embargoes

United States of America

Financial Crimes Enforcement Network

OFAC Embargoed Countries

OFAC Foreign Sanctions Evaders

OFAC Part 561

OFAC Palestinian Legislative Council

OFAC Specially Designated Nationals

OFAC Sectoral Sanctions Identifications

OFAC Non-SDN Iranian Sanctions Act

Public sanctions lists

updated by SWIFT daily

34

Private lists & Good-guys lists

managed by the users


Private Lists

28

Good Guys List

Single entries and bulk capability

Sanctions Screening- Additional Lists


Data Enhancements

29

• List from regulator needs to be enhanced and

repaired

– DFAT000527 : ASSAD AHMAD BARAKAT

• City Name (FOX DO IGUACO) corrected to:

FOZ DO IGUAÇU

– OFAC004632 : BANK MARKAZI JOMHOURI

ISLAMI IRAN

• No BIC Code : added BMJIIRTH


30

Screening & Audit Report

Screening Report

Audit Report:

• Copy of each alerted transaction

• Hit details

• Comments and final status

• Audit log of all transactions screened

• Audit log of all operators activity and decisions


350+ Clients 119

countries

21 central banks


Screening Configuration

32

1- Select which traffic will be screened

2- Select which lists will apply

3- Exclude some MT types if relevant


User & workflow management

• Users authenticated via Secure Tokens

• Roles available:

– Administrator

– Compliance

– Level 1 user

– Level 2 user

• Choice of workflow

– Standard

– 4 eyes


SWIFT Network

FINcopy

Outgoing transaction

Screening engine

Transaction

is copied

Transaction is delivered

(no hit or false positive)

Decision to deliver (no hit / false positive)

or abort transaction (true hit)

Transaction abort notification (true hit)

1

2 4

5

5

3

Service

user

Sending bank Receiving bank

Sanctions Portal

Managed by SWIFT

Service overview - as sender


Service overview - as receiver

Service

user Managed by SWIFT

SWIFT Network

FINcopy

Outgoing transaction

Transaction

is copied


as-is (no hit or false positive)

1

2

5

3

Sending bank Receiving bank

4 Instruction to deliver

transaction

5


flagged (true hit)

Screening engine Sanctions Portal


Interface

Alliance Access

Connector

for Sanctions

Back Office

Sanctions

Screening

SWIFT Interface

High level flows – Connector vs Copy option

Back Office

SWIFT or

other network

With the Copy option

With the Connector option

SWIFT

Transaction to be screened

Good transaction

Rejected transaction

36

Routing


Connector option

Increasing demand for

• More flexibility to screen FIN

• Ability to screen other

formats

Enhance the

current solution

with a alternative

implementation

option to cover

additional needs

The Connector option expands the current Sanctions Screening

service with a new access channel to the filter to enable greater

flexibility and support the needs of certain users.


• Screening other formats than FIN, such as:

– Local non-SWIFT formats (e.g. domestic RTGS/ACH)

– Internal format (before transformation to FIN, for instance)

– ISO20022 MX messages

– FIN MT or ISO20022 MX that would further be bulked in a

file transmitted over FileAct or other file transfer, e.g. low

value flows such as SEPA; sent through SWIFT or non-

SWIFT channels.

38

Enhanced Flexibility

Connector

option Flexibility

• More flexibility for screening FIN:

– More flexibility on which traffic is sent to the filter (e.g. exclude traffic from Head Office) – or

even FIN traffic not sent over SWIFT

– Screen all FIN categories

– Ability to screen the messages before they are sent to SWIFT (and an acknowledgement is

sent back to the Back Office)

– Ability to send pseudo-nack in case of rejected message


Q&A

?


Please provide us with your feedback!

• Kindly complete the survey form and submit upon exiting



Lunch

Special thanks to

our Sponsor:

Obrigada


Compliance Portfolio

Economy & Finance

Transcript of Compliance Portfolio