Regulatory Update: Middle East Edition – October 2022

Consultation Paper 143 – Regulation of Crypto Tokens (“CP143”) was released by the Dubai Financial Services Authority (“DFSA”) in March 2022, the paper set out proposals for regulation of persons wanting to provide financial services in respect of Crypto Tokens in or from the Dubai International Financial Centre (“DIFC”).

Following on from CP143 the DFSA has now published a feedback statement to explain:

• the thought process behind the changes introduced or where there were reasons not to make changes
• plans for implementation of the crypto token regime, including how the DFSA will assist firms applying to be licensed in this area
• plans for future work in the crypto area to further develop the DFSA regulations.

Here is a summary of some of the key highlights from the feedback statement:

Classification of Tokens

• token taxonomy
  • the DFSA has updated the chart of token taxonomy in the DIFC
• crypto tokens
  • fiat crypto tokens must undergo a recognition process for them to be permitted to be used in the DIFC, tokens must also meet additional requirements in GEN 3A.3.4(4)
• gaming tokens
  • firms will need to understand whether the token meets the narrow definition of a non-fungible token (“NFT”) or utility token (“UT”)
• registration as a designated non-financial business or profession (“DNFBP”)
  • a person who carries on the business or profession of issuing, or providing services related to, a NFT or UT must apply to the DFSA to be registered as a DNFBP or face potential enforcement action
  • an NFT exchange would not be viewed as solely providing a technology service, because it would also be bringing together buyers and sellers who wish to transact in NFTs
• combining token business
  • the DFSA has prohibited authorised firms from providing services relating to NFTs and UTs. The only exception being that a licensed custodian in the DIFC may safeguard and administer these tokens on behalf of their clients
• prohibited tokens
  • the use of the following tokens – algorithmic tokens, privacy tokens and privacy devices remain prohibited

Recognition of Crypto Tokens

• the DFSA highlights that no financial services or activities can be undertaken with a crypto token unless it is recognised by the DFSA, this extends to derivatives transactions relating to crypto tokens, and to funds or portfolio managers that invest directly or indirectly in crypto tokens

Recognised Jurisdictions

• the DFSA may recognise another jurisdiction as having an equivalent regime, a list will be published on the DFSA’s website of equivalent regional and foreign jurisdictions

Financial Service Activities

• DIFC incorporation and branches: authorised firms in the DIFC, who are already operating as a branch of a foreign financial institution before the commencement of the new regime, may be permitted to continue to operate as a branch and provide services relating to crypto tokens without needing to establish a DIFC body corporate
• trading venues – only a multilateral trading facility (“MTF”) be permitted to be used as a trading venue for crypto tokens.

Miscellaneous Requirements

• a firm that has most of its operations relying on the use of technology and, must have good technology governance and ensure there is a regular review of the adequacy of these arrangements by a qualified and independent third party
• crypto tokens and devices that are used to hide, anonymise, obscure, or prevent the tracing of information are prohibited.

Transitional Arrangements

• a six-month transitional period will commence on 1 November for authorised persons in the DIFC who have already been engaging in crypto token activities, after this period no financial services activities relating to crypto tokens may be undertaken without the correct permissions.

The feedback statement can be found here.

The rules came into force on 1 November 2022, a summary will be provided in the November Regulatory Update.

The report titled ‘The Resilience of DIFC-based Financial Institutions to the Covid-19 pandemic’ was released by the DFSA in October 2022. The DFSA conducted an exercise to understand the overall resilience of DIFC financial institutions, during the pandemic. The purpose of the report is to acknowledge the resilience of firms, despite the challenges faced.

The report focuses on the key trends in business activity across various sectors of financial services, the operational resilience of firms, and regulatory relief measures provided to firms, allowing for more flexibility and support required to deal with the challenges.

The main report findings include:

• the insurance sector saw an increase in the premiums underwritten by DIFC reinsurers and underwriting agents, as well as the level of reinsurance capacity
• the banking sector successfully continued to grow its operations while providing support to clients and the economy, robust resilience was demonstrated by the sector
• the brokerage sector observed an increase in the revenue and volume of trading activity and the number of brokerage firms setting up in the DIFC
• the fund and investment management sector revealed healthy growth in the number of active funds and assets under management
• the largest number of innovative testing licence (“ITL”) applications were received during 2020 and 2021, compared to the period since the ITL programme was launched in 2017.

A small number of firms were contacted by the DFSA during the period to take part in a study relating to operational risk management, the main findings of the study were:

• business continuity plans were adjusted to adapt to work from home scenarios, to ensure the continuity of business
• solutions were successfully adopted to replicate traditional processes as part of the remote working environment
• no material changes to risk management practices were identified
• digital adoption was accelerated, this was seen particularly in the areas of electronic know your customer (“eKYC”), onboarding and use of collaboration tools
• operational risk management remained largely unchanged with only minor adjustments.

The study highlighted that firms successfully adapted to the ‘new normal’, taking necessary precautions to ensure a smooth transition to the remote working environment, in a way that did not negatively impact their operations.

The outcome of the report overall showed recognition that DIFC financial institutions were able to withstand the challenges and impact of the pandemic. Business activity in the centre expanded and a minimal number of firms thought it necessary to take advantage of the regulatory relief measures.

The full report can be found here.

On 13 October 2022 His Highness Sheikh Mohammed Bin Rashid Al Maktoum enacted DIFC Laws Amendment Law, DIFC Law No. 4 of 2022 to come into force on 1 November 2022.

The amendments to the DIFC Law No. 4 of 2022, will include the following additions:

• The DFSA may create rules for the regulation of crypto tokens, following the literature pertaining to the prohibition of endorsements
• the DFSA will publish and maintain a register for crypto tokens
• the DFSA will also include a set or definitions for crypto tokens, distributed ledger technology, recognised crypto tokens and tokens.

The amendments to the Markets Law 2012, will include the following:

• paragraph 2 under article 8 will be deleted and replaced in its entirety to accommodate the rules in relation to:
  • offer for crypto tokens in or from the DIFC
  • licensing and supervision of authorised market institutions
  • maintenance of official lists of securities
  • governance of reporting entities including corporate governance and related party transactions
  • takeovers, mergers, and acquisitions of reporting entities
  • the prevention of market abuse, including any code of market conduct
  • recognised persons.
• a new article in relation to the application of law to crypto tokens, specifically provisions of the law which do not apply
• the general prohibitions will be replaced to accommodate provisions regarding what a relevant person must not do in relation to crypto tokens
• a part of the ‘supervision of authorised market institutions’ is replaced to accommodate the activities the DFSA might direct to an authorised market institution
• the following articles and/or parts are deleted and replaced in its entirely:
  • fraud and market manipulation
  • false or misleading statements
  • use of fictitious devices and other forms of deception
  • false misleading conduct and distortion
  • insider dealing
  • providing inside information
  • inducing persons to deal
  • misuse of information
  • definitions for this part, in relation to investments, crypto tokens or related investments
  • defences for market manipulation, insider dealing and providing inside information
  • Chinese wall arrangements
  • orders in the interests of the DIFC
  • jurisdiction of the Financial Markets Tribunal.
• Insertion of the definition of crypto token.

The full article can be found via this link.

A Memorandum of Understanding (“MoU”) has been signed between Bangladesh Securities and Exchange Commission (“SEC”) and the DFSA.

The purpose of the MoU, entered into on 28 October 2022, is to create an open dialogue and exchange of information in order to fulfil their respective regulatory mandates.

Further details of the MoU can be found here.

On 18 October the DFSA signed a MoU with Thailand SEC to enable open communications in relation to the innovation in financial services, including financial and regulatory technologies.

The MoU will enable co-operation between the two supervisory authorities on policy, and regulatory trends in financial services and markets.

Further details of the MoU can be found here.

Abu Dhabi Finance Week will take place between 14 – 18 November 2022. The platform hosts 5 days of engaging and innovative events covering a broad range of important economic matters. The event brings together business professionals, financial communities, regional experts and global leaders from the following sectors:

• start-ups and enterprise
• financial technology and innovation
• economic policy and regulation
• venture funding and investment
• asset management and capital markets.

Organised events include:

• Fintech Abu Dhabi on 15 November
  • the 6th edition of the event concentrates on the latest developments emerging from the fintech space
  • attendees of the conference can expect to see the focus on cybersecurity, global payments and Web3 amongst other things.
• Crypto Abu Dhabi on 16 November
  • exploring the next era of advancement for digital assets
  • the focus of the Crypto conference will be blockchain and cryptography technologies, tokenisation of private market assets, and the regulators’ role in influencing the future of digital assets.
• A.C.E Abu Dhabi on 17 November
  • the conference takes place during a significant time as COP27 conference in Egypt concludes, with the UAE taking over in 2023 as host of COP28
  • attendees can expect discussions on the topics of financing the transition of net zero, climate regulation and frameworks, and international cooperation towards the net zero coalition target.

Further details of the events can be found here.

As part of the ADGM’s commitment to sustainable finance, and to show support for the development of the index, the ADGM and the Z/Yen Group has announced their partnership with Global Green Finance Index (GGFI).

The GGFI rates the quality and depth of green finance undertaken in financial centres worldwide. Tracking the development of sustainable finance is considered vital to delivering on the UN Sustainable Development Goals, and challenges of climate change and biodiversity.

Further details of the announcement can be found here.

The UAE Financial Intelligence Unit (“FIU”) has published the Quarterly Feedback Report Q3/2022. The report highlights areas of improvement as well as issues noted during the period, from the review of reports submitted by Reporting Entities (“REs”).

Reports submitted via goAML include Suspicious Transaction Reports (“STR”), Suspicious Activity Reports (“SAR”), Additional Information File (“AIF”) and Additional Information File with Transactions (“AIFT”).

Key points to note:

• the number of reports submitted in Q3 was 20,890, compared to 9,856 during Q2
• majority of SARs and STRs were raised by Financial Institutions, including banks and exchange houses
• growth in the reporting from DNFBPs is healthy
• the FIU has noted that based on raised reports, DNFBPs may not be conducting sufficient KYC and/or customer due diligence (“CDD”) checks & therefore may be prone to be used by illicit actors to launder money
• in cases where the DNFBP is asked to act as means to conduct indirect transactions between client and third party, the DNFBP has the responsibility to understand the rationale of such situations and raise a report to the FIU where necessary
• DNFBPs should be aware of their unique position as both REs under the law but also as entities that may manipulated into participating in the movement of illicit funds.

During the quarter, the FIU disseminated intelligence packages to Law Enforcement Agencies (“LEAs”) located in all 7 emirates. Intelligence from a total of 485 reports were shared with the LEAs. The intelligence packages highlighted certain typologies, hypotheses, and potential leads to LEAs.

Typologies constituting a higher level of money laundering risk were included in 89% of the dissemination.

The main typologies identified by the FIU during the period included:

• trade-based money laundering
• complex money laundering methodologies and/or companies/businesses in higher risk sectors including cash
• laundering the proceeds of drugs
• networks of third-party laundering or professional/third-party money laundering.

The FIU, urges all sectors to raise both STRs/SARs, adhering to sector specific thresholds, as well as the specific supervisory authorities’ requirements.

Further suggested actions:

• CDD/enhanced due diligence (“EDD”) should occur not only at the time of client onboarding but also periodically afterwards (depending upon the risk rating)
• REs should raise appropriate and high quality reports in the goAML system, in case of imminent threat of financial crimes, contact the FIU via goAML message board by selecting the ‘disseminated typologies’ message type
• REs should raise appropriate and high quality reports and where necessary, contact the FIU via the goAML message board, in high risk situations select the ‘request to prioritise’ message type
• DNFBPs should ensure they are conducting adequate KYC and CDD checks
• REs should ascertain the sources of funds of clients, and be able to identify that they are from legitimate sources.

The report has been shared with all REs registered on goAML.

In collaboration with K2 Integrity, the Executive Office for Control and Non-Proliferation (“EOCN”) has rolled out to the UAE financial community a global e-learning platform Dedicated Online Financial Integrity Network (“DOLFIN”). The platform has been utilised to enhance stakeholder’s learning experience.

Users registered on the platform will be able to complete three initial training modules, each module will be followed by an exam. Following the successful completion of all three exams, a ‘Certified Risk Management Specialist – Targeted Financial Sanctions (“TFS”)’ certification will be issued.

The current modules include:

• Module 1
  • UN Sanctions Obligations & FATF Recommendations
• Module 2
  • TFS Guidelines for FIs, DNFBPs, and virtual assets service providers (“VASP”)
• Module 3
  • Guidance on Counter Proliferation Financing (“CPF”)

Individuals and entities subscribed to EOCN will receive a registration email directly from DOLFIN.

Fraud in the UAE is one of the most common crimes faced by the financial sector, with fraudsters continually developing more sophisticated ways to commit these crimes.

The strategic analysis report released by the FIU aims to:

• identify trends typologies and repeated fraud types
• increase the knowledge of characteristics and fraud types
• promote awareness and knowledge of fraud crimes to the public and private sectors
• understand the environment in which fraud occurs.

The report features the following alarming statistics, which further highlight the importance of raising awareness and knowledge around the topic of fraud crime:

• total losses of financial crime worldwide have exceeded US$3Tn
• losses of online payment fraud worldwide during 2021 are estimated to be at US$20Bn
• the UK estimated that dating scams in 2021 caused a loss of £92M
• losses related to international fund transfer fraud are approximately AED132M in 2021
• losses related to domestic fund transfer fraud is approximately AED162M in 2021.

Repeated trends and fraud types or activities identified include:

• funds transfer fraud or money transfer fraud
  • commonly involves a cyber-attack enabling the fraudster to illegally obtain credentials to enable fraudulent transfers of a significant amount of funds to be made electronically or via wire transfer, these are generally followed by a recall request from the remitting bank to the beneficiary bank, however, perpetrators rapidly make withdrawals or an ongoing transfer
• business email compromise
  • usually a hacking or phishing attack involving the impersonation of a company official to conduct unauthorised transactions
• scam fraud
  • scammers use sophisticated techniques developed to obtain confidential information from victims, in order to make monetary or personal gains, these techniques may include:
    • fake products or fake websites fraud
    • fake visa or ticketing fraud
    • investment scam or fraud.
• phishing or vishing
  • victim’s sensitive information or credentials are obtained either online (phishing) or by phone call (vishing), phishing may involve the victim clicking a malicious link and they will be led to provide information, vishing on the other hand involves social engineering techniques to convince victims to reveal personal information
• forgery or counterfeit
  • unlawfully altering a document with intent to deceive the victim, for example, this could involve signature forgery, counterfeit involves the imitation of a document.

Firms should be aware of the red flags which may highlight the risk of fraud occurring:

• a customer uses a trick or scheme to knowingly falsify, conceal or cover up a material fact or makes a false statement or representation
• high number of mistakes made by an employee, particularly where financial loss through cash or account transactions is concerned
• documents submitted by a customer are suspected to contain fraudulent statements, or materially false or fictitious information
• discrepancies are identified between reported facts and supporting documentation/data
• suspicion of altered or inadequate supporting documentation
• inter-account transfers or unusual transactions.

The EOCN, FIU, and supervisory authorities held a virtual outreach session on 27 October 2022 titled ‘CPF Week – Combatting Proliferation Financing and Sanction Evasion’.

The topics of the outreach session included discussions on:

• proliferation financing (“PF”) risks
• PF preventative measures
• PF red flags
• expectations from the FIs and DNFBPs in relation to CPF
• the process to report PF via SAR/STRs
• feedback on the quality of SAR/STRs.

The Executive Office of Anti-Money Laundering and Counter Terrorism Financing (“EO AML/CTF”) held training workshops titled ‘patterns of abuse of legal entities’. The sessions, held on 17-18 October were the latest in a series accessible by officials working in the field of combatting financial crime.

More than 150 participants from Law Enforcement Agencies (“LEAs”), registrar offices, supervisory authorities and federal prosecution attended the two-day event, in Dubai.

The agenda for the event included:

• presentations on the UAE’s national compliance framework and FATF requirements, and typologies for the misuse of legal persons, delivered by senior executives from the EO AML/CTF
• the ADGM and DFSA delivered sessions on supervision and risk-based approach to FIs and DNFBPs to aid their understanding of sector-specific risks
• the Ministry of Economy delivered a presentation on the UAE’s legal framework for preventing the abuse of legal persons
• Dubai Islamic Bank, HSBC, PwC, Citi, and Ernst & Young presented case studies in efforts to build on the cooperation between the government and private sector in the relation to AML/CFT
• case studies were shared by various LEAs, registrar offices, supervisory authorities and federal prosecution.

Further details of the workshop can be found here.

The EOCN has announced the release of an updated version of the ‘Guidance on Targeted Financial Sanctions for FIs, DNFBPs, and VASPs’.

Minor amendments have been made to the guidance, which was last updated in November 2021.

The updates include:

• added reference to EOCN’s typologies document and CPF guidance
• updated Executive Office for Control & Non-Proliferation name
• added definition and example on ‘negative result’
• amended terminology of ‘potential match’ to ‘partial name match.

The 14^th MENA Regulatory Summit, organised by the London Stock Exchange Group and held under the patronage of EO AML/CTF, took place in Abu Dhabi on 25 October 2022.

The event was of interest to both the public and private sectors, with professionals working in financial services, regulation, risk, and compliance, as well as government and Law Enforcement Agencies (“LEAs”) attending. Approximately 150 delegates attended the event, with many delegates from Saudi Arabia, United Kingdom, Egypt, Bahrain and the UAE.

Topics of discussion included:

• the latest developments in the UAE’s fight against financial crime
• the most debated issues in AML/CFT today, such as global regulatory developments and FATF updates
• the latest developments in public-private sector partnerships, global sanctions, and virtual assets – opportunities and risks and technology developments to fight financial crime
• panel sessions featuring leading figures from international organisations at the frontline of the fight against financial crime.

The regulatory summit seeks to increase international cooperation and address key compliance themes impacting markets worldwide.

Further details of the summit can be found here.

A MoU has been signed between EO AML/CTF and the UN Office on Drugs and Crime (“UNODC”), to expand cooperation in relation to terrorist financing and money laundering.

The MoU will assist in creating a collaborative working relationship and provide a framework of cooperation and understanding to further the shared objectives of the EO AML/CTF and UNODC. Focus will be on sharing and developing guidance materials and tools, building capacity at the strategic, operational, and legislative levels.

Further details of the MoU can be found here.

The Federal Authority for Identity, Citizenship, Customs and Port Security (“ICP”) introduced an update to the validity of employment visas, as summarised below:

• all employment visas will be issued for a duration of one or two years only, instead of the previously standard three-year validity, this will apply to new visas, visa renewal, and visa transfers
• existing residence visas/emirates ID issued before 4 Oct 2022 will remain valid for three years
• fines have been increased by the ICP for late renewal or change of status of visa, the penalty varies, depending on the applicant’s visa status and overstay duration.
• all fees that were reduced during the pandemic have returned to normal, this applies to visit visa services, dependent and domestic helper visas.

The FATF is calling on stakeholders to provide feedback on the proposal to update Recommendation 25 and its Interpretive Note (R.25/INR.25). R.25 and INR.25 are in relation to the transparency and beneficial ownership (“BO”) of legal arrangements.

The FATF aims to improve R.25 and INR.25 to better meet the objective of preventing the misuse of legal arrangements for money laundering or terrorist financing. Amendments to the definition of beneficial ownership has also been proposed, to provide more clarity regarding legal arrangements.

The FATF requests stakeholders to comment on the following questions:

• are FATF proposals adequate to mitigate the risk of misuse of legal arrangements and to ensure access to BO information?
• are proposals clear and are there any issues which need further clarification or that should be addressed in guidance?
• what is the expected impact of the proposals on legitimate activity? in particular, what are the challenges for implementation?

Responses should be shared with the FATF by 6 December 2022, the submissions received and proposals for revisions will be considered during meetings taking place in February 2023.

Further details of the draft proposals can be found here.

The FATF has taken measures against Myanmar by adding the country to the group of high-risk countries on the ‘high-risk jurisdictions subject to a call for action’ list, also known as the ‘black list’. Deficiencies were initially identified in a report published in September 2018, many of the deficiencies remain following the August 2022 evaluation. Myanmar has so far failed to make progress in addressing illicit flows of money.

In June 2022, the FATF strongly urged Myanmar to promptly complete its action plan by October 2022. With the lack of progress and many of the action items still not being addressed FATF has called on its members and other jurisdictions to apply EDD measures proportionate to the risks arising from Myanmar.

Further details of Myanmar’s addition to the black list can be found here.

The Executive Office of the Committee for Goods and Materials Subject to Import and Export Control (“CGMSIEC”) has updated the UN Security Council (“UNSC”) sanctions list. One individual has been added and three individuals listed have been amended.

Firms are reminded to monitor geopolitical events and any resulting updates to the international sanctions lists so that they can assess their exposure to sanctioned individuals and entities. Sanction contraventions must be reported to the relevant authorities without delay, and regulators will expect to be notified of any sanctions matters that may result in reputational consequences for the firm.

The updated sanctions list can be found here.

An Arab national has been sentenced to 10 years imprisonment, followed by deportation, by the Abu Dhabi Federal Criminal Appeal Court.

Two companies which were owned by the defendant were convicted by the court on charges of forgery, money laundering and sanctions evasion.  A fine of AED500,000 was imposed on each company, as well as the confiscation of AED39M from seized bank accounts. Both companies were later closed down.

Successful co-operation between the UAE Central Bank, FIU and LEAs led to the sentencing.

The DFSA has taken action against DFSA registered auditor, KPMG LLP and a former audit principal, Mr Milind Navalkar. KPMG and Mr Navalkar were involved with respect to failings to follow applicable international auditing standards when performing audits of Abraaj Capital Limited (“ACLD”) for a number of years up to October 2017.

The DFSA imposed a financial penalty of US$1.5M on KPMG LLP and US$500,000 on Mr Navalkar.

In the DFSA’s view, had KPMG LLP performed a satisfactory audit of ACLD, it would have resulted in the firm identifying that, for more than five years ACLD:

• was concealing the true state of its finances from KPMG LLP
• financial statements did not conform to accounting rules
• had failed to maintain adequate capital resources.

Mr Navalkar’s primary role was as KPMG LLP’s audit principal, he was appointed to the audit of ACLD. Mr Navalkar’s responsibilities included ensuring the audits and reviews of ACLD’s financial statements and DFSA returns were carried out to the required standard, and signing off the audit report for ACLD’s financial statements.

The DFSA’s decisions are currently provisional as KPMG LLP and Mr Navalkar dispute the findings and have applied to the Financial Markets Tribunal (“FMT”) for a review of the decisions.

Further details of the DFSA’s decision can be found here.

In June 2021 the DFSA published a Decision Notice concerning Mr Waqar Siddique, former Chief Operating Officer (“COO”) of Abraaj Group, for serious failings in respect of Abraaj Group.

Mr Siddique was a senior manager of the Abraaj Group, and a licensed director of ACLD. In those roles, Mr Siddique was knowingly involved in certain breaches by ACLD and Abraaj Investment Management Limited (“AIML”), including AIML misleading and deceiving investors and ACLD’s contraventions of not maintaining its capital requirement.

Mr Siddique has been prohibited and restricted from performing any function in or from the DIFC, as well as receiving a fine of US$1,150,000. Mr Siddique initially referred the Decision Notice to the FMT requesting a review of the findings. Mr Siddique later withdrew the request on 14 October due to reaching a settlement with the DFSA.

Further details of the DFSA’s decision can be found here.

An ‘Enforcement and Supervision’ section has been added to the DIFC data protection website. This provides a helpful insight into the work of the data protection Commissioner and enforcement action taken against firms.

Q3 2022 statistics in summary:

• total inspection in 2022 (end Q3): 55
• total investigations in 2022 (end Q3):3
• total complaints in 2022 (end Q3): 3
• total number of fines issued in 2022 (end Q3): 31

The fines mentioned above are a collection of those resulting from notification renewals, investigations of complaints or findings of non-compliance identified from inspections or thematic reviews.

Firms are reminded that the Commissioner conducts 100 inspections per year, as a minimum. All DIFC entities processing personal data must have adequate systems and controls in place.

For details of how we can support you with your UAE data protection needs please contact us.

Elia Investments Limited and Mr Babar Abbas have been fined US$155,000 by the ADGM Registration Authority. Mr Abbas, Elia’s sole shareholder and former director has also been banned from being a director for 15 years.

The findings which led to the proceedings include:

• two instances that include fraudulent trading and a false statement contrary to the Companies Regulations 2020
• the license scope exceeded in two instances contrary to Commercial Licensing Regulations 2015

Members of the public and potential investors should be vigilant of firms who appear to:

• misrepresent the scope of their license in the ADGM
• falsely purport to be licensed to undertake commercial activity in the ADGM

The ADGM’s online public Register of Companies may be searched to review the scope of an ADGM entities commercial licence by clicking here.

Further details of the decisions can be found here.

In its drive to hold firms accountable for poor AML systems and controls, the Financial Conduct Authority (“FCA”) has fined one firm £1,584,100. Gatehouse Bank Plc were fined due to significant weaknesses being identified in its anti-financial crime framework.

The original penalty of £2,263,084 was discounted by 30% due to the firm’s agreement to settle at an early stage of the investigation.

It was found that between the period of June 2014 and July 2017 the firm’s inadequate systems and controls resulted in:

• failure to undertake sufficient checks of customers identified as Politically Exposed Persons (“PEP”)
• failure to conduct sufficient checks on its customers based in higher-risk countries
• an account with aggregate customer funds, was funded by customers to the sum of US$62M, without the firm collecting any evidence of customers’ source of funds or wealth, which was against internal policies.

Following the enforcement action, the firm has made significant progress towards improving its financial crime prevention systems and controls.

For further details, the decision notice can be found here.

‘Black Axe’ cyber group were subject of an investigation by Interpol’s AML rapid response protocol, resulting in arrests, and the seizing of cash and luxury goods across 14 countries.

As part of the investigation known as ‘Operation Jackal’ Interpol successfully co-ordinated with police agencies in 14 countries to bring an end to the organised crime groups illegal operations.

It is thought that Black Axe and similar cyber crime groups are behind the majority of the world’s cyber-enabled financial fraud as well as other illegal activities including human trafficking, drugs, gun crime and murder.

The operation included the deployment of Interpol’s new global stop-payment mechanism known as the AML Rapid Response Protocol. The tool assists police agencies to submit and handle requests to follow, intercept or provisionally freeze illegal proceeds of crime.

Operation Jackal successfully resulted in:

• €1.2M intercepted in bank accounts
• 49 property searches
• 7 Interpol Purple Notices (detailing criminal modus operandi)
• 6 Interpol Red Notices (issued for internationally wanted fugitives)
• 75 arrests.

For further details of the Interpol operation, click here.