GPAG 2020 Session 4 for APAC
welcome to day four of our gpac conference as we proceed with these discussions covering various viewpoints we trust it's been beneficial to you we welcome any feedback for today we shift our focus to risk management again please direct your questions by email as your participation is much appreciated let me now introduce our moderator pat geogrande pat is corporate and investment banking's compliance manager at wells fargo she will lead a discussion on the convergence of aml cyber and fraud pat over to you hello and welcome to the gpeg aml cft panel my name is pat gian grande i am the compliance senior director at wells fargo for payment services and financial institutions i'm very happy today to moderate this panel and i'd like to introduce our panelist the first panelist is carrie nelson gary is a senior director eml client advisory financial crimes division at royal bank of canada carrie has over 30 years of banking experience and we're very happy to have her with us today i'd also like to introduce next we have jan garrett i can jan is the divisional head of global financial crimes prevention at commerce bank where he's responsible for the oversight of commerce bank worldwide financial crimes prevention program we also have james saco james is the acting financial crimes head for corporate and investment banking at wells fargo where he oversees the execution of the financial crimes program across all businesses including markets banking and commercial real estate and last panelist is evan weitz evan is the head of international risk and control for wells fargo in cib thank you all for joining today with that i'd like to go to some of our panelists questions and kick us off the first question for the panelists how is kovid impacting your aml program working from home kyc what changes have been made as a result of the situation so pat if it's okay i'm happy to lead off on this one so we at wells fargo uh in the international and largely correspondent banking space have gone completely 100 work from home uh most of us have not been in our office uh you know since march uh really uh so we've been really staying at home and making that work um in some ways i think because um we were so internationally focused um we've adjusted better than perhaps other areas of the uh of the industry uh you know because we're used to dealing with folks across the world and globally uh you know we're already very accustomed to doing calls via teleconference doing things via phone call and not having to be sitting in the same room all the time in order to get our jobs done i think the biggest change though for us certainly in correspondent banking in the fixed space has really been site visits and inability to do them i know james does a lot of these as well but the ability to go out meet with our clients understand their concerns in the region understand their risks and their international reasons is really uh is really a cornerstone i think of our program and really any any correspondent banking program um i know most folks agree that correspondent banking really uh as a correspondent bank uh your first line of defense in many ways is your client's defense and you have to kind of know what your client is doing in order to mitigate the flow of payments that are there going through you um so i think the inability to go out and meet personally with clients has been challenging um on the other hand i have say that one of the um one of the real benefits that i think was going to be unexpected um was that you know previous if we had an issue or we had a larger concern like an enforcement action you know it might take some time to get on an airplane get the right people in a room and then kind of talk it out whereas i think now because everyone is working remotely and we're not having to wait on travel we're able to do usually teleconference calls very quickly um and that gives us the ability you know to really address problems to be quicker than we otherwise would have because we don't have to get on a plane or without aligning schedules because everyone's really at home i think that's been the biggest change of course there's been a lot of other smaller discrete changes i think you know another big one for us has really been um how you safeguard confidential information in a working home environment certainly things like printing from home having the appropriate safeguards and emails has really taken on more of a concern just as we don't have a physical you know a physical building to lock books uh information and you can't essentially lock the door when you go home at the end of the end of the day the way you could pre-code it i think that's been really challenging as well but overall um you know i think we've adjusted probably far better than i would have told you or would have expected uh prior to the march shutdown thank you evan carrie do you want to tell us what's going on sure we also are 100 work from home we were able to adapt uh quickly as well and i think the primary reason for us adapting so quickly was really the growth of our financial intelligence unit over the past couple of years in toronto and so we we introduced a rotational work from home so all of our desktops were turned into laptops and uh therefore when we had to when we went into lockdown we were able to adapt very very quickly within a day or two with respect to our our program and the impact that covetous had i think for the most part our retail space would have been largely impacted with respect to to going more into a digitization um you know e-signatures the kyc done a little bit differently going into a non-face face-to-face type environment so i think that was uh that was where we saw the impact there was a lot of work that we did with in the industry and our regulators to come to sort of a common ground in terms of still sort of complying with regulations but making it a little bit more um you know useful for our clients and and still complying um so i think that was sort of a change with respect to that um in terms of correspondent banking we actually don't do significant amounts of site visits so i think that that wasn't a huge impact to us from that perspective so you know our our program continued we didn't stop any of our refresh our due diligence program uh continued on and we're sort of in the same spot we were pre-covered which i think speaks to our program and our people and and our controls in the back end okay so john the first question how is kovitt impacting your aml program working from home kyc what changes have you made as a result of the covet situation good um the thing is um similar to the situation with the us and canadian banks that we are also working more than 100 percent from home um and that has obviously led um to a lot of challenges within the organization also concerning of course operational stability i must say and i'm very proud in this respect that we could have coped with these challenges since march of this year we are of course doing no um on-site visits anymore with clients nevertheless we manage really to have a lot of interactions with our clients so we are very much engaged with the first line um but also with our regulator in trying to make clear what the situation is and how we basically can cope with the situation and looking just at client meetings as one example we have a lot of compliance to compliance codes we have a lot of team meetings we are very active um in this respect and frankly speaking the number of client interaction has rather increased than decreased yeah of course there are challenges specifically when it comes to krc requirements documentation requirements etc i think this is true for all organizations but i think this is nothing which we really put us into a huge risk thank you yan i think i'll move on because i've heard uh several concerns around site visits so i'd like to go to question number two and call on james seiko so the question that we're kicking off is how is covid impacting your aml program for correspondent banking changes in your enhanced due diligence practices so james i'll let you kick off there great thanks pat so as uh evan alluded to earlier we had to make a pretty substantial change to our program with regard to site visits although you know i know different correspondents take different views on this we have as a requirement that for all non-us financial institutions we have to conduct an in-person site visit and of course under covid we're not able to do that so um trying to take a risk-based approach here you know luckily we have a long history of site visits with all of our customers and have already established most of those relationships and we're able to rely on that and essentially substitute in phone calls and video conference calls in place for those in-person site visits you know there have been a few challenges where we don't have the strong relationships or if there are new relationships um or if the staff at our customer banks have have turned over or changed it's of course harder to meet people um over video conference than it is in person but we we obviously had to make that change and um that you know the biggest impact for us practically isn't on our periodic reviews that we conduct for banks and so um we've tried to apply you know first off um amending our internal procedures and apply a risk-based approach to the circumstances that would require an in-person visit and therefore just go past due under covid versus those where we can make this one time exception to that rule and plan to circle back and do a site visit after we're again allowed to travel um and so that's been up and running for six plus months for us uh it's going relatively smoothly um and you know we have not uh seen generally speaking levels of risk that would cause us to say we can't get the information we need or the level of comfort we need through the phone and video conference hey if i can just um pat maybe just add on a little bit to some of the wells fargo experience that james was talking to and really two points for me um the first is you know we made some of the changes to our our periodic view process that james has discussed one thing i think that we got right was we socialized that with the second and third line right away i think that was really important to keep our second and third line partners in the in you know in the loop in terms of what we're doing so it wasn't going to be a surprise to them and really front run a lot of those issues with those folks and secondly make sure we have the proper governance as well around this decision making um i know certainly at the beginning of the pandemic it was you know very easy to be very reactive and kind of make changes because she needed to kind of keep up with the work but i think was really critically important at the same time we were that agile we were that flexible we also made sure that we you know brought up the proper committees got the proper approvals on everything that we were doing um so that you know so that there wasn't any questions later on about what we did and what we didn't do um but i think to me i think the bottom line for us was that you know while we had to make some changes to our program what we could never do was to somehow compromise or justify less due diligence on our clients or on our program in general due to covid i think that to me was the real bottom line challenge to compliance and risk professionals was really how is it that you're able to get creative and get the same documentation the same vigor of review under these new restrictions that kovac brought to us and i have to say in the u.s i found that the regulators that we were dealing with were very cooperative they were very professional they understood that this was you know hopefully a once-in-a-lifetime event um but at the same time i think they were equally clear that this was not going to be an excuse to lessen our program in any way um and i think that was really the challenge that the whole industry faced and while i can't speak the whole industry i you know i was pretty proud of the way wells fargo reacted uh and pivoted uh to make sure that we kept the same bigger our program but still keeping our people safe yeah and and to draw a broader message or lesson from this experience i think it's always a challenge to know when an extraordinary circumstance that justifies an exception approval or something like that kind of turns into a bau for you um and so i think uh it would be perfectly understandable that for the first few months of of covid's you'd see financial institutions everywhere saying okay we're unable to to follow our approved procedures we have a pretty good excuse for kovid and notifying stakeholders as evan mentioned in the second and third lines of defense but at some point you have to actually go back and say okay we've been at this for a few months now this is becoming um maybe not the permanent bau but something that needs to be formalized and documented through the right governance channels and um you know fortunately we uh we we got after that pretty quickly at wells fargo and it's not just on the the site visits and the need for site visits it also goes to some of the the documentation that john mentioned not just for corporates but also for financial institutions so just the the practical issues of not being able to get physical documents we've spent a tremendous amount of time just on the issue of e-signatures and you know what is legally binding and in which countries um that is an incredibly complicated topic um and we continue to work on it quite a bit so we've had to and frankly we've had to make some risk-based judgment calls on applicability of things like e-signatures and independent verification where that may or may not be practically feasible under these circumstances and you know again apply a risk-based approach and and do our best to just be transparent and document exactly what we're doing and why um under those you know extraordinary circumstances yeah and i would add to that just from a canadian perspective um and with respect to uh what's going on in canada now some of you may know that we are um rolling out some significant changes in our regulation as it relates to travel rule and record keeping and reporting ventrac reporting and so you know uh just a sort of a shout out to the banks in canada that have really you know it's tough enough when you're rolling out and implementing regulations um uh you know that are significant and that impact our correspondent banking clients and our indirect clears and our you know other types of clients and to do it in this circumstance um you know pre-covid we were actually trying to meet um you know get all the stakeholders in a room and we really thought that that worked well from a collaboration perspective and when you're sort of put in this environment you can't just sort of stop and wait you know wait a few months until it goes away we have to build and so um you know work has continued and you know i'm really proud of the work that rbc and and and uh all of our peer banks in canada have sort of come to the table the regulators have been you know fantastic to address some of our concerns with respect to some of the new regulations and and you know to you know current environment like bau and and our current program and so i think you know um there's been a lot of great collaboration among the industry um you know with our with our correspondents as well and and with our regulators john any further comments on that topic that you'd like to mention as we have seen a number of fraud issues rather in the retail and private segment due to the misuse misappropriation of financial aid designed really for small shops and businesses i think that is a typology a pattern that has been seen in other countries as well we have in the area of correspondent banking rather seen um at the very beginning of covet a number of transactions that related to protective gear like masks specifically in the context of trade finance business between europe and asia we've seen also fraud attempts in this respect rather on a massive scale but since april may we have not detected any major issues in this respect um we are following of course the discussions we are very active in discussions with regulators also enforcement agencies and it appears that a major concern is currently seen in the area of organized crime that likely try to invest their cash into businesses that are seeking cash currently so you have demand on the one side and obviously your criminal organizations with a high level of cash currently possible to be spent into such investments and that is an issue not so much in the corresponding banking side but rather on the corporate client side that we have to be have an eye over shareholder structures changes in shareholders uh because that could be um specifically with smaller businesses um likelihood that we see more frauds on this side and actually i think jan makes a great point i know something we discussed offline um was you know i the difficulty you know in understanding your client um you know when you don't have that rapport that you you get when you meet with them in person you know i know i think it was james i'm going to steal your line it's very difficult to get kind of a holistic understanding of your clients programs if you're just reading off the checklist on a video conference call it's far easier to really get an understanding of your clients needs and and you know what issues they're seeing uh in their regions when you meet with them um informally i mean to me you know at the extent of being maybe toucan that i found you know the dinners or you know the you know the the cup of coffee you have with you know with your colleagues at other banks sometimes far more informative than the than the actual um the actual formal meetings just because it gives you the opportunity to get that rapport and speak more freely that and it's just you know it can be challenging to do that i think be a video conference it's something i think everyone is having to deal with but i think john is absolutely right in that comment yeah and i think um you know of course if we're having such great success without client visits um you know in this economic and expense environment um it raises the question of well are they actually needed in the first place when all this is over um and it's a fair question and um i would say you know within our program at wells fargo we haven't answered it um in a concrete way yet but we're thinking about it um and i don't know i i could see us continuing to take an even more risk-based approach to when an in-person meeting is actually required by the program and when it's more discretionary um you know as as evan said at the end of the day it is uh you know what makes um in my view our program really strong is the subject matter expertise of our team in assessing the strength of our customers compliance programs in addition to regulatory regimes and there's a lot of art to that um and as evan said it's it's harder to do that um if you don't have the informal uh communications and interactions that might even take place outside of the actual meeting itself and so um i do think you know as of now there will certainly be a place for it going forward but you know perhaps we'll have to be a bit more risk-based um as we are very conscious of you know travel expenses and the like thank you james i'd like to move on to the next question how is kovid impacting fraud issues um facing our institution types of fraud new vulnerabilities changes and fraud can we discuss that who would like to kick off with that question so i'm happy to kick off please please yeah don't go ahead kerry please i i was just going to say that you know from what from our experience in canada bad actors are just using the same tools so we see a lot of phishing we see a lot of malware identity theft um altered checks so the same sort of mo as as we has have historically seen um in the past it's just they've taken advantage of this sort of opportunity in this crisis i think in early days we actually saw a few cases of the medical supply scams for the ppe materials so there was an uptick in the procurement of medical supplies and primarily it was around masks and gloves and and sanitizers so you know the criminals would take advantage of of the emergency services folks and and the hospitals that were needing the supplies and um you know sort of using businesses that wanted to sort of tap into a new you know type of uh business and and make some money and act as a vendor or middleman um and so in some of these cases um the they used legitimate money to purchase counterfeit items and uh knockoffs and that sort of thing and in other cases there was just no shipment at all and so um you know over time i think we've seen that sort of die off i think the government has put in canada anyways has put some real stringent processes around vendor uh the vendors they use and um you know not sort of going wide or spread to you know individuals and and smaller businesses to to basically source these items and so there's more rigor around it and so they've just sort of gone back to you know altered checks and identity theft and that type of thing likely similar in the u.s in canada there was some government intervention and they have provided some individuals and small businesses with emergency funding you know if somebody had lost their job or if they needed to pay some employees for a short amount of time and obviously the criminals were tapping into that and you know receiving the auto payments in in accounts that the money obviously weren't theirs and so there were some altered checks and some id theft but you know nothing um significant i think there's been a ton of cooperation with law enforcement on this um and so um there's been um you know faster sort of uh retrieval of some of those uh funds so that's sort of uh what what we've seen in canada how is kovitt impacting your aml program for correspondent banking in relation to site visits enhance due diligence yeah side visits of course we're not possible um um anymore this is um clear um nevertheless i think the real challenges came rather also from fraudulent activities we have seen as a result of covet 19 we have been very much engaged in discussions with our public private partnership in germany where we are very active but also with europol where we've seen that yeah a lot of not necessarily new typologies came up but a massive number of fraudulent attempts specifically when it was above the misuse of covet 19 payments financial aid from the state we have as a result amended our program accordingly we of course also and that is also relates to the question of limitations out of kovit we replaced um respective client face-to-face meetings with virtual courts that went as i said very well and also of course we're in a very active exchange with our regulator who really wanted to know what the impact of covet 19 means also for us from a financial crime perspective um so i could tell you in the us it sounds like we have a lot of the same concerns that we've seen in germany and canada in the u.s we had the paycheck
protection plan which it sounds very similar to what uh jan and kerry were discussing where the government was pushing out large amounts of of low interest loans to businesses to keep them afloat um and there was a real i think incorrectly so but a real um a real impetus by emphasis by the us government to get that money out quickly um and as a result you know it was challenging i think for all banks to be able to have the same level of diligence uh that you would have in other loans that you have around these loans which we needed to get out quickly and of course the bad guys took advantage of that so um certainly there have been in the u.s lots of cases of prosecutions where you know uh you know the business that was supposedly receiving the funds it had been defunct for years where it was claiming a number of employees and didn't really have them um and so i think that was something that certainly was a huge uptick uh during covid um two other areas that we looked at or we're looking at and concerning about first were the potential uptake in romance scams kind of the traditional taking advantage of folks who are maybe shut-ins or older folks who are you know don't have family members around um we expected to see a jump in those as well we're still going through our numbers and math that was something that was sort of top of mind for us was those typical sort of romance scams that you see all the time we you know seeing if we were going to see an uptick and then i i will say ransomware was another concern for us as well and um if i put a plug-in uh ofac and fincen in the us put out dual advisories recently on ransomware and to me of an absolute must read for anyone you know anyone in the dsa space um but certainly ran somewhere with everybody going uh remote and everything now you know just people not having face-to-face interaction uh the ransomware was definitely a huge area of opportunity for for criminals and bad guys and especially the fence and guidance puts out a number of red flags for financial institutions to be on the lookout to ensure that their clients are not being taken advantage of or sending funds uh to unlock other computers via ransomware scares so that was another big focus for us here that we you know a fraud type instance that we thought would be occasioned by covid yeah and i think uh an interesting aspect of the ppe related fraud for medical equipment is that you know frankly um it's been challenging especially you know earlier this year uh to determine exactly what is fraud and what is not um you know to give you an example if there's a an intermediary or middleman using a shell company to help facilitate um a a government to acquiring ppe from another country you know what is at what point does the cut they take um become fraudulent um and you know or and at what point are they just being uh a savvy uh business person um that's a that's a tough question to answer um it's not one that we haven't seen before in other fraud contexts but given the number of both people and governments that were in truly desperate situations particularly earlier this year and also we're on the lookout for a similar desperation coming up as kovit continues to ramp up and and i hope it doesn't happen but we are on the lookout for this if people are desperate for ppe um they will use a variety of tools to try and obtain it even though doing so is legal and things like that things like using middlemen and shell companies or using personal accounts for transactions that are not personal in nature just as a means of obtaining uh ppe it raises a whole host of uh difficult questions about you know what is fraud what is underlying criminal activity um and therefore what is a financial crime um i think we've all been erring on the side of um you know treating anything close to fraud as fraud but depending on the volumes um it's an area we're really looking at going forward um evan mentioned romance scams and you know this is an area that intuitively makes a lot of sense to me that in this situation where we have so many people on lockdown that there would be people vulnerable to romance or elder scams where people are frankly lonely and looking for companionship in one way or another um i'll be honest uh thus far we haven't seen a huge increase in volume there but it's something else i'm on the lookout for and then finally i wanted to mention a little bit about cash because with the downturn in global trade and just the broader global economy there's been less cash movement and therefore less cash for criminals to hide their own cash movements inside of so uh we have heard from a variety of sources that this has resulted in cash beginning to pile up for criminal criminal enterprises and uh it's it's presenting an issue for for those criminals and we've even started to very much be on the lookout for and seen some upticks in other types of assets that can be used to transfer transfer and store value for criminals so things like gold precious metals um and virtual currencies as well um so we're uh we're keeping an eye on that and then finally another point that that jan made that i think is really important one for us to look at is as the economy continues to struggle there will be more and more distressed and troubled businesses that will be looking for sources of investment in capital and you know when you have criminal organizations with all this cash piled up and a bunch of businesses that used to be legitimate that have a need for cash unfortunately those interests uh certainly um uh complement each other and so um we're looking for companies that that appear to have been taken over by criminal organizations even though they they may have a long track record of legitimate business hey and james these are great points i i'm still taken by you know i've been privy to some of the public information you've discussed about how some of the you know especially narcotics organizations literally just have piles of cash that they can't launder because the cash economy has slowed down so much you know we were joking at some of the phone calls you know one of the things that i saw and i know james you saw this as well was at the very beginning of the pandemic there was this huge draw in cash for some reason everybody thought you know they were going to go into a bunker somewhere and so they were pulling out large amounts of cash so especially our domestic clients in the u.s were seeking just lots of banknotes because there was such a run on them um and what's ironic now is that you know so few people are wanting to take cash because they're worried about germs you know i think i've literally had the same 20 bill in my wallet now for the last six months because i you know everything's by credit card or online um and so all this cash out there that you know that bad guys have you know traditionally they have to figure out a cash intensive business longer through and they're just less of those so i'm really interested to see what happens with that going forward um i'm sure the bad guys will get creative and figure something out but that's been a real a real you know real concern for us as well i will say just going back to one of my earlier points though um this was another area where i thought it was really critical to talk to the second and third lines about because certainly um you know for those that are in charge of filing sars or even you know potentially in the second line if they're going to call for client exits you know for instance that that drawing cash you know that's the type of thing that would set off all sorts of alerts under normal business times and we were very quick to communicate with our second line partners that hey you know here's why we're seeing this draw of cash listen you may decide to still take some action on your own and that's you know that's your call that's not ours but understand that this is the logic and reasoning we've been given so if you're going to talk to law enforcement let them know that this is our thinking on it um or at least be aware of wild said and all these you know for us ada alerts are going crazy on cash um you know and that that's what we're seeing but again it was really critical to keep second and third line for us in in the loop and all these sort of emerging uh financial crimes we saw that were covered related thank you for that i'm gonna move on to the next question which is very in line with what you are speaking about which have you seen covet serve as an accelerator for changes in your aml program how is your program evolving as a result of the situation even any risk appetite change you're thinking about as well from a policy perspective i mean i'll lead off with the obvious i'm pretty sure work from home and video conferencing is here to stay that is going to be a big part of everybody's program going forward um and i think we've just got learning to deal with that i think it's been easier now um i'm concerned more about as we grow and hire new people you know getting those folks kind of the sense of team and training them the ipo you know working from video conference is going to be challenging but i i think that even after kovic goes away this is going to be kind of the new normal and the new norm i also think business continuity planning that is going to be a huge regulatory topic going forward um i i think you know you'd have to kind of be sticking your head in the sand to not expect that question to come in your next regulatory exam and really have some questions to be asked in terms of you know uh you know do you have you know key risk do you have single points of failure in your people do you have technology issues do you have the ability to you know basically go back to 100 work from home on a short notice those are clearly things that you got to be really redoubling your efforts and building into your program going forward yeah and i would also uh say that you know there's still some challenges with respect to um you know maintaining inclusion with your with your team members and your staff and and that sort of thing and you know it's tough when you're sort of not in front of them to make certain that you know everybody is still working together and making certain that we're carrying out the various elements of the program um you know obviously i think james you made a good point earlier with respect to the the medical supply scams and and determining whether or not it you know it's legitimate versus you know somebody taking advantage of one of our clients basically um you know they could be entering into new you know business opportunities and so you know we see a lot of that um we have seen a lot of that so i think you know i take your point and to that um to that point we we've done some extensive training of our first and and second line as well um you know as well as our peers and and sharing um sort of typologies with the other uh institutions in in canada to make certain that we're not sort of passing back and forth the risks so i think you know we're we're sort of getting to you know better at having virtual coffee meetings and chats and keeping up to date um training um you know i mentioned the the new regs in canada we've done significant amounts of training to our own financial institutions clients because we you know we we need to make sure that we continue to educate our clients as we move forward you know similar to to what you know wells fargo does on an ongoing basis as well um you know and so i think we we've all adapted well i think it's a matter of continuing these types of sessions and continuing with to strengthen the program there's no reason to not um be able to do that in a virtual environment so jan do you want to comment on what's going on at your financial institution our program our program indeed is is generally generally stable we have of course we are looking at this all the time and really focusing currently rather on relevant new typologies that could be relevant for us especially in the area of course of transaction monitoring but also of course when it comes to changes in the kyc area we are currently also reviewing if we stick to certain requirements in our policies or do we or if we have to be if legally permissible be flexible when it comes to electronic signatures as an example i think this is also a topic which more or less every bank has on its channel currently so i wan i want to thank the panelists today and i'd like to go through some closing remarks um just again overall on the program and the changes that have taken place as a result of covet so why don't we go to each or just a few final statements carrie would you like to begin so i think overall and despite um you know not thinking that we would be out that long i think we've adapted well i think it speaks to the strength of the program our people and you know i think going forward and as we continue on in this in this environment we will need to continue to stay vigilant and come together to discuss and educate ourselves on new trends and typologies as we move forward and as an industry thank you so much thank you carrie why don't we go to yarn for his final comments thank you very much um it has been really a pleasure to be on this panel um with respect to covet 19 my view is um that covet 19 will remain a challenge both for the organizations for us as banks as well as also from a financial crime perspective since i would expect more fraud cases to come which are relevant for us um and i think we are very well advised if we really continue really to to to see and identify new fraud typologies and associated risks thank you thank you why don't we move on to james james would you like to make some final comments please sure um my final comment would be that first off in actually detecting and reporting financial crimes related to covet if you have a strong existing fraud program you're you're probably going to have a pretty strong covid fraud program at the end of the day there's a lot of the same tools and techniques that will be used to to detect either of those there's a lot of interesting judgment calls that have to be made now but the core of the program is the same and then with respect to the practical impacts on our program i think that you know i am proud that we've been able to make a number of risk-based decisions to get us through this challenging uh time period i do uh worry a little bit about long-term sustainability and where we're headed um you know if we have to keep up some of these seemingly temporary measures for a longer time period i also worry about you know long-term development of the staff particularly junior staff and their ability to pick up on all the nuances of this area without having as much personal contact with their peers um but you know i think that we will find a way to to get the work done we just have to be conscious of these risks going forward thank you evan so first of all again thank you pat everyone else for letting me speak on this panel um you know real privilege to sit alongside my fellow uh panelists on uh talking about aml today um you know i i can say that for me um had you told me our program would be where it is uh now you know back in february or march before this started i i would have been very pleased um i have to say that this has worked out i think far better than i ever would have anticipated in terms of the work from home and our response from financial crime perspective um to covid um i think the key really has been agility um you know one of the things that i really liked about aml since i started getting into the space was that you know we're expected to respond to bad guys as they change their tactics in order to financial crimes and i think we're doing that certainly in the clove environment but now i think we're also being asked to pivot our programs to also deal with the reality of covet and i think we've done uh i think as an industry a really nice job and i'm really proud of my financial crime colleagues across the industry in responding but i think going forward it's going to be the real challenge is going to be how is it that we go back to a bau environment uh and do everything that we did previously uh in this covid you know with the coveted restrictions understanding that whatever we do you know we can't lessen the vigor and we can't lessen the comprehensiveness of our program uh going forward and i think that's me the real challenge going forward in over the next year or so but i'm very optimistic and again really pleased to have been able to be part of this presentation today thank you again so i'd like to thank kerry um for joining us from rbc jan from commerce james from wells fargo and evans from wells fargo for their very informative responses today thank you everyone thank you thank you to pat and the panel let us now take a short break before we open for q a and our dialogue please direct your questions by email to global payments advisory group [Music] wellsfargo.com [Music] hello and welcome to our q a on the convergence of aml cyber and fraud in the time of covet in addition to our speakers i'd like to welcome les joseph manager of the global financial crimes intelligence group here at wells fargo and jafar amin the regional president and head of wells fargo's corporate investment bank in asia pacific to our panel welcome i'd like to direct the first question to to dinesh um dinesh how is kovat impacting your anz aml program for correspondent banking business okay so i'll start with the correspondent banking and if you like i'll also cover on or touch upon the other impacts that the aml legislation has had and changes to that i've had in general terms as far as correspondent banking is concerned like most aml programs it tends to be risk-based as everybody else has in the australian market what we have found is that the australian banks tend to have much fewer risk based site visits than for example our american counterparts so the immediate impact of course is that since we can't travel the site businesses have had to stop and then the the challenge that we have faced with switching over to things like video conferencing has actually been internet connectivity in some of the jurisdictions where we would have liked to have site visits so that's been the major change we've switched to conference calls and virtual calls etc rather than site visits other than that the program has remained essentially the same there's been no particular change as far as corresponding banks is concerned as far as the general aml program is concerned on kyc of course there's been a number of changes which the regulators have made or have accommodated some temporary some permanent most of these relate to the kyc side of things so for take for example we would normally have asked for certified copies of documents but since movement is restricted we are relying more on self-attestations or electronic copies of those there's more there's more of a move towards electronic verification of those documents the underlying documents the face-to-face re-verifications have gone down because there are not many people who would actually go into a branch so we are relying on things like con like video calls with the client to affirm the identity and so on some of these will become we believe permanent features in the australian new zealand market it has just accelerated the move towards this digital world but some of them we will have to then re-verify once the coverage restrictions are restricted or lifted okay thanks thanks dinesh um pat you want to ask the next question or evan the next question is for you just expanding on what dinesh had just mentioned in the work from home environment reduced travel with remote kyc as he mentions which includes enhanced due diligence it's actually becoming the norm what policies or governance structures need to change um and have we changed our risk appetite has the risk appetite changed as well great so thanks pat for that question so let me let me start with the second half of that first if i could so our risk appetite has not changed um you know i think the real uh the real challenge for those of us in the aml space has been we've had learning how to do things differently but we still need to be just as rigorous and just as thorough as we were in the past um and you know what we can't do is tell our regulators and really i think the industry expects this we just need to find new and creative ways to be just as careful as we were previous so the answer is our scout has not changed at all um going to your first question i think i i need to echo what dinesh said i think the principal change we've had to make to our program has been the site visits um before kovid we took a lot of time set a lot of the energy making sure that we were able to visit our clients learn more about the regions where we're doing business and really the best way was to just simply go out there on a regular basis uh obviously for the last several months we've not been able to do that so we've had to learn as denesha pointed out to do things more virtually um to have more phone calls have more um video conference calls um to be able to do things electronically as opposed to being able to sit in person and and speak to your client you know from across the table um you know as i discussed in the um you know in the session just now i think what's really important is that when you make those changes you keep your second line and your third line fully apprised at all times uh you document all the changes that you make and then finally you keep your regulator in the loop as well let them know about the things that you're doing differently um you know for me one of the things i learned when i moved over to the private sector a couple of years ago was you know getting the right decision was only half the battle you had to get it right but then you had to make sure you had the governance and documentation around the decision making process as well and you know one is just as important uh as the other um interesting i think going forward you're gonna see some real changes from this i i do think site visits will absolutely be necessary for new clients uh strategically important clients clients where you have you know ongoing maybe issues or remediations but i do think the sort of every you know the regular sort of you know once a year site is that you do uh that may go away a bit i think we're gonna probably rely more on the type of things we're doing now in terms of being able to uh be a video conference call so i do think that that is going to be a lasting change but i do think side businesses will come back in some form just not not in the same way we've done them historically thanks aaron looking back over the last sort of um you know six to eight months right i think that the apec region has done a far better job than the us and europe for example to manage the global pandemic crisis and that's obviously shows obviously in the current sort of uh economic turnaround so let me direct this next question to jeffer how how has covete impacted sort of wells fargo's overall operations and business in the apac region yeah thanks michael um it's been a certainly an interesting year um all around but i do keep reminding our leaders in the us that you know asia uh was impacted by covet for anyone else if i recall it was really back in february where china effectively started going into lockdown and if you think about uh the size of that market and then the interconnectivity that had a pretty significant impact across the region and we saw a pretty sharp drop in volumes particularly on the transaction banking side of the business but um interestingly on the on the capital market side or on the fixed income side particularly through february march etc they um you know we we didn't see any challenges on on that front other than uh that there was obviously a lot of volatility which our markets business benefited from um and then what we saw was obviously the continued demand at that point in time in march from a credit perspective i think the other point that was important is that you know we had to quickly adjust market by market because asia is not a homogenous region and each country was dealing with the impact of covet in a different way but also the actual infection rate was also you know quite quite different and so the ability for us to one really focus on making sure that team members were safe was the number one priority and we did that quickly and in some sense i would say that we had to do it um you know ourselves in the region first even before the enterprise came out with their guidance and how to deal with things on a global basis because we didn't have the ability to wait for that right so we had to make sure that we were making some very uh timely decisions the second aspect of it and i don't think any this is any less important than obviously you know the team member safety and health was making sure that we were continuing to have a uh be able to serve our clients without any disruption right and i and i'm i'm you know glad to say and i think you know we've been able to demonstrate that you know there was really almost no impact in terms of our ability to serve clients uh even through these challenging times when people were not able to get into the office um you know in every single scenario so critical functions were able to operate we were able to switch between different locations as needed to be able to continue to offer you know the right level of service and to be able to meet client needs so so i'd say that that was that was important and what it did do of course is make us review uh our bcp and our resiliency programs even to a greater degree and also ensure that we didn't have them just on a global basis on a vertical basis but thinking about it on a horizontal basis right um sometimes that gets lost right i mean everybody looks at it from their own particular you know line of business or function but the need to be able to manage that in this way during this crisis i think was much more uh important than ever before so i think that that's been very helpful in terms of the rest of the business um i think asia was again fortunate that we opened up faster than um the us and even europe and i think it was done in a way where um i know you know whilst there were different um situations in each of the countries where there's second wave third waves which did impact um how each country then you know continue to open up or not in general by the second and by the third by the second and third quarter we pretty much saw at least transaction volumes returning to levels that were in in 2019 at the same period and so then the focus from our side became how do we make sure that we stay in front of clients and asia is a very relationship driven region and so face-to-face meetings and visits is so important uh to the overall not just risk management because i know we're talking about risk management and by the way each relationship memo that comes to me for approval i am looking to see what type of due diligence and meetings have taken place to be able to get comfortable but people were able to i think generally address that issue pretty quickly with zoom meetings and and find a way to manage the risk aspects and get the information that was needed it wasn't ideal it wasn't um exactly the way that you know we would have done it previously but it was manageable breaking the part that in asia was more important and we were able to do much more over the last few months is allow for in certain markets very restricted meetings that were necessary to continue to be able to support that you know relationship element that's so important here but to do that in a way that you know again doesn't you know put the team members at risk and certainly uh you know clients at risk in terms of making sure that we're following our protocol so we have some very strict guidelines um and approvals that were required to be able to you know engage with clients meet clients and that was managed very very tightly but i think you know i would say that that's been helpful for us in here in the region from a business perspective because the overall business has actually performed very well all right thanks jeffrey and looks like you're already back in the office right well most of us on this side of the pacific are sitting in basements or home offices still well it's a good point michael i don't want to i don't want to make it sound like that everybody's actually back in the office i'm probably the only one on this side of the floor that's in the office here in hong kong as you know we're in the fourth wave here and so one of the things that we are have been doing is that we are adjusting very quickly and responding to the situation and it's really only critical functions that are in the offices we're taking a much more conservative view than many of our peers and so again it's i don't know if i'm a critical function or not but i kind of suggested that i since i'm in an office and the only person on this side of the floor um you know i should be able to get special approval thanks well let's let's turn our attention to some questions that came by email and just encourage the audience you know if you have certain questions to uh to the panelists please email them in um so a specific question i would like now to direct again to to dinesh is if and the person is asking here if we can share specific cases of where we've seen aml fraud or cyber incidents that occurred or raised concern during the working from home time right versus being in the office and these issues that would make might not have happened right if if the staff performed maybe some of these tasks at home instead of in the office instead of instead of home so dinesh maybe you can comment on that okay so um i think we need to break this up into two parts one is of course the impact of somebody working from home versus somebody working from the office and quite honestly we haven't really seen a material difference in the way staff has operated the way we had structured or the way the banks here tended to have structured their staffing is that they had divided them up into three broad groups one was the frontline staff who had to be at the office because they needed direct connectivity to the systems or they needed to be customer facing for whatever reason the second was a category of people who say for example like me who needed to go to the office once in a while but don't necessarily have to be at work all the time and the third was support staff who didn't necessarily have to be in the office at all if they didn't want to be unless they wanted to have team meetings etc and could work from home so the first part is what we felt was the most critical to manage our operational risk including fraud and that stayed in the office right through the through the pandemic so that that was that part but the interesting there were some other flow on if impacts of the travel restrictions for example that uh coverage led to which if i if you've got a few minutes i might just touch on them so what we there were patterns that we were trying to see as were happening what we found was that the the first thing was about the financial institutions ourselves and what we found was that the number of cyber attacks uh against the financial institutions which we were bracing for a massive increase in actually didn't happen they remained roughly the same no material change the amount of ransomware demands that actually occurred in this part of the world were relatively few compared to what has happened elsewhere in the world so that was the financial institutions then we look at the the client base however the amount of time spent on computers and internet has obviously shot up so we've seen a corresponding increase in phishing attacks and id takeovers as a consequence of that travel overseas has been restricted because nobody can really travel so there's been a drop in credit card and debit card fraud because nobody is using their cards overseas which is a typical place where you you you use it in the home country itself where you have when the kobe thing first lockdown first started there was this usual panic hoarding that takes place so there was a spurt in cash withdrawals which rapidly tapered off and i think that's pretty much what has been seen elsewhere as well how the criminals are managing their cash flow and money funding is of course a different question you must be having other innovative ways of dealing with it but coming back to the to the to the client base what has also happened is that the stock market has been fluctuating rather wildly and the property market has gone down so despite the fact that people are out of jobs and are on government support systems or support payments of the platforms or whatever what their a number of them are looking for is other kinds of investments and the investment scams appear to have gone up particularly in virtual assets that's what we're finding in the covid related scams there's been another spurt of fake products coming into the market like test kits vaccines etc being caught and those are basically being used to take away identity idea to perpetuate identity theft really first they're fraud they're 49 products because they don't they're not really agree and they don't do anything and second they are you know ideal takeover attempts so that's what we're seeing there and then of course you've got the government support payment systems which are also being misused or you know being fraudulently used so there we tend to work with the government agencies themselves we've had to tweak our typologies a bit in our scenarios and transaction monitoring to try and fed these out we've had some success but the good thing has been that the the collaboration with the government and amongst the major banks has tended to go up as a consequence of all this happening and that has been a major improvement yeah thanks dinesh it looks like banks overall right from global perspective have done a good job to invest in cyber security and and training especially of their staff right how to react to email fraud and so it looks like that the financial service industry itself some exceptions has feared much better right right now in in this time from that perspective than a lot of our customers we have seen the same here in the in the u.s that some industries got hit very hard right different scams and they're not used to supporting so many remote employees the banks seem to be much much better prepared yeah okay let me let's go to another email question that just just came in which i would like to direct you to james earlier here this this week is part of gpac we had ravi hanspell from the boston consulting group spoke to us about changing trade corridors due to supply chains diversifying away from china and other geopolitical stresses and due to covet right amongst other factors and you know ravi showed an increase in trade from asean countries to the us and and latam so james do you expect to see a suspicious transaction flows there would be standard topologies in for example for for some other parts in asia like china showing up in asean thanks michael um great question so similar to legitimate trade we do have to pay close attention to supply chains for criminal activity uh particularly illegal drugs and while every country has its own unique problems with respect to illegal drugs whereas over the last say five or ten years there was a lot of focus on fentanyl coming out of greater china you know there has there's a long-standing supply chain from southeast asia particularly the golden triangle area um for and and that that supply chain has only become more prominent uh recently and including this year it's it's a well-known area for production of both heroin and synthetic drugs such as methamphetamine and um while i can't say that the shift is directly related to um the the overall shift in global trade you know as a general matter um it is uh easier to launder money where there are bigger legitimate trade flows and so it does make sense um you know it's easier to hide a needle in a very big haystack than a small haystack so um you know what we've observed with that particular typology in is that perhaps for some of the synthetic drugs the precursor uh the precursors will sometimes be uh produced in in greater china and then moved into the golden triangle area where the drugs themselves are produced and then uh passed on not directly from that area to the the drug consuming countries but often actually they make their way from there to major cities throughout southeast asia and um where wholesalers are located in that in that that supply chain uh there are a number of links and a number of them are typically done in currencies other than us dollar and so as um you know being a a a big us dollar player at wells fargo um you know we would tend to see the later legs in that type of a transaction where between the major cities in southeast asia and the drug producing countries but not necessarily the earlier legs which might be done with banknotes themselves using something like a casino or other businesses in the area getting the funds back and forth between the the major cities in southeast asia and the drug producing areas but i i think that you know as supply chains move we will always continue to see money laundering move you know we've we've seen this in a number of other areas whether it's the garment trade from uh asia to the west coast of the united states um or even something like precious metals well precious metal funny should mention it that's sort of the next topic that we wanted actually to to to to cover uh that would like to direct to to to travis right some of the current economic contraction has also caused this rush into these other asset classes like precious metals maybe travis maybe you can talk a little bit about to the audience what some of the eml issues are that are connected with with the precious metal industry sure thanks michael so you know as uh gold has essentially increased and uh you know dollarized prices by about 25 in 2020 as attributable to you know certain market forces driven by covid uh what we've seen is um you know uh bad actors uh and we learn about this you know through certain benchmarking or what we've you know suspected to have seen you know in our correspondent network globally that bad actors r
2021-03-03 18:25
