UBO
– You have Gathered all of the Ownership Information- Now What?
Part
Three in a Series
We have discussed the UBO rule and the changes that
will be required when the both parts of the rule are passed- but one thing that
we have yet to get into is the how to us ethe information that is collected in
a manner that is effective for the overall AML monitoring program. Put another way- so now that you have the UBO
information on your customers- So what?
The gathering of the information that is required is the
first basic step- it is what you DO with that information that can make the
rule game-changing. Incorporating UBO
information in to both risk-rating and monitoring plans for customers is a key best practice. It is also the overall goal of the UBO
rule.
The Reason for the Rule
Before the UBO rule was enacted, the ownership of established
companies as well as shell corporations was an area that we missed in our
overall information gathering used for risk assessment purposes. While we often did a background check on the company
itself, we did not focus on the ownership
of the company. The ownership of a
business can and should make a huge difference in your risk profile of a
customer.
Owners can present additional risks in many ways such
as:
·
Cash
intensive related businesses
·
Ownership
that is potentially OFAC sanctioned or otherwise compromised.
·
Ownership
that is engaged in illicit activities such as trade-based money laundering that
could be blended into the operations of the established business
Risk and Ownership
How can the ownership of a company impact risk? A small example may help illustrate. Suppose we have a local owned and operated
flower shop that specializes in the Sky-blue Orchid that grows almost
exclusively in Tasmania Australia-
Our customer specializes in selling this rare plant to
the many admirers in the local area and throughout the country. Our risk profile of this customer would
include business flow expectations that
would include:
·
A
combination of cash checks and credit/debit card payments as deposits.
·
Wires
to the suppliers primarily in Australia
·
Payments
to other suppliers, utility bills, rent or lease payments, insurance, etc. by debit card and /or ACH
·
Minimal
wires coming in
·
Incremental
growth
Now suppose our customer is joined by a 51% owner who
is also a casino owner; does the risk
profile of the company change? What else
would you look for as a result of this change in ownership or control?
The risk profile of the company has not necessary
changed, but it would be a best practice to consider that any change in the cash
flow or other activities of the flower shop might indicate that the new owner is
changing the operation of the company. This is not to infer that a change in
ownership itself is a problem; but the risk profile of the company must be
re-considered.
Risk Profiles and UBO
When risk rating customers and administrating the list of customers considered ‘high risk” it is important that the UBO information
including who the controller people/persons are is part of the overall risk
assessment and monitoring program that results.
The whole point of risk assessing customers should be
to determine how your monitoring program will be used to mitigate risks. In the above example, the monitoring program
would be altered to look for potential changes in the nature of the cash flow
of the company including:
·
Higher
cash deposits
·
Wire
activity in countries s different from the past
·
Incoming
wires
·
Bulk
sales of flowers
·
Customers
from regions outside the established base
UBO information collection should be dynamic -at least
annually and must be built into the overall risk assessment and subsequent
monitoring program. Once the information
is collected, it should be incorporated in to the overall risk assessment of
customers and the monitoring program designed to mitigate risk.
***James DeFrantz is Principal at Virtual
Compliance Management. For More
information please visit our website at www.vcm4you.com ***