IS COMPLIANCE RELIANCE UPON DATABASES OF HIGH-RISK INDIVIDUALS AND ENTITIES A MISTAKE, AND HAS TECHNOLOGY RENDERED THEM OBOLETE AGAINST MONEY LAUNDERING AND TERRORIST FINANCING?

We note this week that a hacker group has, once again, reportedly stolen a well-known (and often relied upon) database used by compliance officers to detect unsuitable individuals and companies at account opening, and is demanding a large payment to refrain from releasing it on the Internet. Having spent many years working for two of those companies during much less complicated AML/CFT times, I understand their widespread utility as a major compliance tool. Unfortunately, the advance of technology, and greed and corruption on the part of many amoral government officials in the developing world, have, in my humble opinion, rendered their use ineffective against professional money launderers and terrorist financiers.

Laundrymen, and their terrorist financier cousins, can obtain legitimate official identity documents (passports and ID cards) from corrupt government leaders which, together with supporting official material such as drivers' licenses, real estate deeds and professional certificates, established them as legitimate individuals. These documents survive any attempts to disprove their accuracy, because they are actually genuine. How on earth can a legacy open-source database cope with such documents? The answer simply is, it cannot.

Add to the problem that proliferation of Citizenship by Investment (CBI/CIP) passport sales, conducted by needy or greedy jurisdictions, has resulted in tens of thousands of what are documents, complete with aliases and bogus places and dates of birth, which are used by money launderers and terrorist financiers to open accounts in laces where, with a nod and a wink, placement of money that should have been blocked is admitted into the global financial structure, only to traverse the world with impunity.

We now have a perfect storm for the success of money laundering, thanks to these two tools for laundrymen determined, and able, to defeat traditional compliance tactics. Only through the use of facial recognition software, backed up by an impressive image database, and supported by a vigorous enhanced due diligence investigation each time, can success at customer identification be assured, with any degree of consistency and accuracy, and I do not see that happening at most banks and non-bank financial institutions in 2024.

Therefore, please stop your blind faith that any legacy commercial-of-the-shelf database will protect your bank from professional money launderers, and their terrorist financier brethren, and move forward, using these effective tools, notwithstanding their expense, and the additional time and trouble involved, if you truly want to be an effective compliance officer at CIP, and keep out the financial barbarians at the gates, because right now, your toolbox isn't working.