<?xml version="1.0" encoding="UTF-8"?><rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" > <channel> <title>Lorin Derwish – Projective Group</title> <atom:link href="https://www.projectivegroup.com/written-by/lorin-derwish/feed/" rel="self" type="application/rss+xml" /> <link>https://www.projectivegroup.com</link> <description></description> <lastBuildDate>Mon, 12 Feb 2024 10:28:16 +0000</lastBuildDate> <language>en-US</language> <sy:updatePeriod> hourly </sy:updatePeriod> <sy:updateFrequency> 1 </sy:updateFrequency> <image> <url>https://www.projectivegroup.com/wp-content/uploads/2023/07/ProjectiveGroup_favicon-150x150.webp</url> <title>Lorin Derwish – Projective Group</title> <link>https://www.projectivegroup.com</link> <width>32</width> <height>32</height> </image> <item> <title>EBA Guidelines: onboarding the vulnerable client</title> <link>https://www.projectivegroup.com/eba-guidelines-onboarding-the-vulnerable-client/</link> <dc:creator><![CDATA[ellemijndijkema]]></dc:creator> <pubDate>Mon, 08 Jan 2024 13:35:41 +0000</pubDate> <category><![CDATA[Risk & Compliance]]></category> <category><![CDATA[77]]></category> <category><![CDATA[aml]]></category> <category><![CDATA[netherlands]]></category> <guid isPermaLink="false">https://www.projectivegroup.com/?p=3125</guid> <description><![CDATA[The European Banking Authority (EBA) published new AML-related guidelines on 31 March 2023, which took effect on 3 November 2023. These guidelines impose additional requirements on the controls that institutions have for effective management of Money Laundering & Terrorist Financing (ML/TF) when providing access to financial services. As such, they mainly focus on customer acceptance. […]]]></description> <content:encoded><![CDATA[ <p>The European Banking Authority (EBA) published new <a href="https://www.eba.europa.eu/sites/default/files/document_library/Publications/Guidelines/2023/EBA-GL-2023-04/Translations/1061470/GLs%20on%20MLTF%20risk%20management%20(EBA%20GL%202023%2004)_NL.pdf" data-type="link" data-id="https://www.eba.europa.eu/sites/default/files/document_library/Publications/Guidelines/2023/EBA-GL-2023-04/Translations/1061470/GLs%20on%20MLTF%20risk%20management%20(EBA%20GL%202023%2004)_NL.pdf" target="_blank" rel="noopener">AML-related guidelines</a> on 31 March 2023, which took effect on 3 November 2023. These guidelines impose additional requirements on the controls that institutions have for effective management of Money Laundering & Terrorist Financing (ML/TF) when providing access to financial services. As such, they mainly focus on <a href="https://riskandcompliance.projectivegroup.com/glossary/client-acceptance/" data-type="link" data-id="https://riskandcompliance.projectivegroup.com/glossary/client-acceptance/">customer acceptance</a>. The focus of these guidelines is very much on the vulnerable client.<br></p> <h3 class="wp-block-heading" class="wp-block-heading" id="background"><strong>Background</strong></h3> <p><br><em>Who do these guidelines apply to?</em><br>The guidelines are mainly addressed to banks, investment fund managers, investment firms, payment service providers, financial service providers, leasing companies and life insurers. The guidelines therefore do not apply to all Wwft institutions.</p> <p><br><em>Why these guidelines?</em><br>In a <a href="https://www.eba.europa.eu/sites/default/files/document_library/Publications/Opinions/2022/Opinion%20on%20de-risking%20(EBA-Op-2022-01)/1025705/EBA%20Opinion%20and%20annexed%20report%20on%20de-risking.pdf" data-type="link" data-id="https://www.eba.europa.eu/sites/default/files/document_library/Publications/Opinions/2022/Opinion%20on%20de-risking%20(EBA-Op-2022-01)/1025705/EBA%20Opinion%20and%20annexed%20report%20on%20de-risking.pdf" target="_blank" rel="noopener">2022 report,</a> the EBA wrote that recent sector-wide ‘de-risking’ has led to vulnerable clients being denied access to financial services in some cases without a valid reason. The offboarding of certain categories of clients (without due consideration of individual risk profile) is unjustified, according to the EBA, and a sign of ineffective ML/TF management. So to counter this, the regulator is now introducing new guidelines. </p> <h3 class="wp-block-heading" class="wp-block-heading" id="mandatory-adapted-kyc-policy-for-refugees-and-asylum-seekers"><br><strong>Mandatory adapted KYC policy for refugees and asylum seekers</strong></h3> <p><br>The new guidelines indicate that a customer can be refused on ML/TF grounds only after other options – such as a tightening of control measures – have been considered. This should include both the grounds for refusal and the requirement to document refusal. Also, after refusal, the customer should be informed of his right to contact a relevant competent authority or designated dispute resolution body.</p> <p><br>Credit and financial institutions should have policies and procedures that include an onboarding process for the following cases:</p> <ul class="wp-block-list"> <li>The client is an asylum seeker who cannot provide a traditional form of identification (passport, ID card);</li> <li>The client is a refugee who cannot hand over a traditional form of identification and/or has no address. Alternatively, (expired) documentation provided by an agency such as the Red Cross can be used (as long as national law allows);</li> <li>The client has no residence permit but deportation is not possible due to legal or factual reasons. This can be proved with documentation from migration services, among others.<br>If it concerns the provision of prepaid cards and it is a simplified client screening, the policy should state that the client screening can be postponed to a later date. </li> </ul> <p>When it concerns a payment account for a customer with a low risk profile, the policy should include the alternative identification options. The policy should also state when customer due diligence may be deferred until after the business relationship has been established.</p> <h3 class="wp-block-heading" class="wp-block-heading" id="controlling-higher-risks"><strong>Controlling higher risks</strong></h3> <p>The EBA indicates that lower customer due diligence requirements may create higher risks. These risks are mitigated by offering a restricted product. Here, the EBA lists options of restrictions on products, an assessment of which should be included in the procedures:</p> <ul class="wp-block-list"> <li>Restrictions on lending</li> <li>Monthly turnover limits</li> <li>Limits on the amount, type and number of transfers</li> <li>Limits on the number of transactions to and from third countries</li> <li>Limits on the size of deposits</li> <li>Limits on payments to and from third parties</li> <li>Prohibitions on withdrawals of funds from third countries<br></li> </ul> <p><em>What this means for you</em><br><a href="https://eur-lex.europa.eu/legal-content/NL/ALL/?uri=CELEX:32010R1093#d1e1604-12-1" data-type="link" data-id="https://eur-lex.europa.eu/legal-content/NL/ALL/?uri=CELEX:32010R1093#d1e1604-12-1" target="_blank" rel="noopener">Under Article 16(3) from the Regulation establishing the EBA</a>, credit and financial institutions must make “best efforts” to comply with these guidelines. This means that if your institution falls within the scope of the guidelines, the utmost effort should be made to align the organisation’s policies and their application with the guidelines. National regulators have indicated that they see these guidelines as clarifying and specifying existing standards. Failure to meet the regulator’s expectations can have dire consequences.<br></p> <h3 class="wp-block-heading" class="wp-block-heading" id="find-out-more"><strong>Find out more</strong></h3> <p>Projective Group is happy to help you interpret and implement new laws and regulations, such as the EBA guidelines on onboarding the vulnerable client. For instance, we can help by conducting a gap analysis. Here, we map out the extent to which your organisation already complies with the requirements from the EBA guidelines and which steps you still need to take to be fully compliant. We also offer an e-learning on conducting customer research through our training institute, The Ministry of Compliance. Please contact us for this without any obligation.</p> <div class="wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex"> <div class="wp-block-button"><a class="wp-block-button__link wp-element-button" href="https://www.ministryofcompliance.nl/en/courses/wwft-customer-investigation/" target="_blank" rel="noopener"> Wwft Customer Investigation e-learning</a></div> <div class="wp-block-button"><a class="wp-block-button__link wp-element-button" href="https://www.projectivegroup.com/lets-talk/">Contact us</a></div> </div> ]]></content:encoded> </item> <item> <title>Money laundering via cryptocurrency – the red flags</title> <link>https://www.projectivegroup.com/money-laundering-via-cryptocurreny/</link> <dc:creator><![CDATA[ellemijndijkema]]></dc:creator> <pubDate>Wed, 27 Sep 2023 11:19:23 +0000</pubDate> <category><![CDATA[Risk & Compliance]]></category> <category><![CDATA[77]]></category> <category><![CDATA[aml]]></category> <guid isPermaLink="false">https://www.projectivegroup.com/?p=948</guid> <description><![CDATA[Cryptocurrencies are regularly used to launder money. As a financial institution, you have a gatekeeper function and should be alert to integrity risks. Above all, it remains important to conduct thorough customer due diligence. But what behaviours should you look out for? In this article, we provide an overview of indicators that may indicate money […]]]></description> <content:encoded><![CDATA[ <p>Cryptocurrencies are regularly used to launder money. As a financial institution, you have a gatekeeper function and should be alert to integrity risks. Above all, it remains important to conduct thorough customer due diligence. But what behaviours should you look out for? In this article, we provide an overview of indicators that may indicate money laundering via virtual currency, and how you can deal with them in practice. </p> <h3 class="wp-block-heading" class="wp-block-heading" id="red-flags"><strong>Red flags </strong></h3> <p>The Europol Financial Intelligence Public Private Partnership (EFIPPP) is the first international information-sharing mechanism for combating money laundering, terrorist financing and economic crime. Within this partnership, financial institutions and investigative bodies, among others, exchange information on observed money laundering phenomena. </p> <p>At the Europol Platform for Experts (EPE), EFIPPP has published a document with red flags. In other words, indicators in the field of virtual currency that may indicate money laundering. The EPE is a platform for specialists in different areas of law enforcement. Some indicators will be explained in more detail below. The EFIPPP stresses that the list of indicators is not exhaustive. </p> <p>The following two KYC indicators of potential money laundering activities are distinguished by EFIPPP: </p> <ul class="wp-block-list"> <li>Inconsistent statements about the source of funds used for transactions and purchase of crypto assets. </li> <li>A customer is affected on e.g. open source forums or other sites that link the customer to darknet markets. </li> </ul> <p>In the remainder of this article, we will discuss these indicators and how to recognise it in practice. </p> <h3 class="wp-block-heading" class="wp-block-heading" id="paying-high-commissions"><strong>Paying<em> </em>high<em> </em>commissions </strong></h3> <p>A key transaction indicator is paying and/or willingness to pay high commissions for converting (selling) virtual assets in exchange for fiat money. Based on transactions alone, it cannot be determined whether the commission paid was too high. </p> <h4 class="wp-block-heading">In practice </h4> <p>Combine price information on the exchange used with the value of the commission paid. In this way, it can be determined whether the commission paid was high and thus whether there is an indicator of money laundering. </p> <h3 class="wp-block-heading" class="wp-block-heading" id="sending-or-receiving-large-sums-of-money-to-or-from-a-cryptocurrency-platform"><strong>Sending or receiving large sums of money to or from a cryptocurrency platform</strong> </h3> <p>Sending and receiving large sums of money to or from a cryptocurrency platform can also be a red flag. What can be understood by large amounts depends on several factors. </p> <h4 class="wp-block-heading">In practice </h4> <p>For instance, the interpretation of this indicator can vary greatly from one financial institution to another. For instance, the type of products and services offered by the institution plays a role, as well as the customer segments the institution deals with. Important here is that the financial institution has and complete and up-to-date customer profile on the basis of which it can be determined whether a ‘large amount’ is involved. </p> <h3 class="wp-block-heading" class="wp-block-heading" id="smurfing-techniques-to-split-and-deposit-funds"><strong>Smurfing techniques to split and deposit funds</strong> </h3> <p>A similarly common indicator is called smurfing. This involves a technique to split and deposit funds into a large number of bank accounts with funds that are eventually used to purchase cryptocurrency from private sellers located in different countries. </p> <p>Smurfing is quite difficult to detect in practice. It is a technique to ensure that transactions remain below the reporting limit of the financial institution. Together, these transactions make up a high, reportable amount, but in part they remain below that limit. This is why many different accounts are used. In the names of different individuals (‘smurfs’) and at different banks. In the case of professional money launderers, also in different countries. This usually takes place in the first phase of the money laundering process (placement). </p> <h4 class="wp-block-heading">In practice </h4> <p>In practice, smurfing is notable for a relatively high volume of transactions for relatively low amounts to the same beneficiary. It will also stand out if the customer has several accounts where the same pattern can be recognised. For example, multiple accounts may still occasionally be opened at an institution in the name of the same person, or a number of related persons (family members), which are used for money laundering purposes. Due to poor customer due diligence, the necessary links are not made and the transaction patterns are not linked, so the practices go undetected. Today, with a partnership like <a href="https://tmnl.nl/en/" target="_blank" data-type="URL" data-id="https://tmnl.nl/en/" rel="noreferrer noopener">TMNL</a>, it has become easier for the major Dutch banks to gain insight into such practices. </p> <h3 class="wp-block-heading" class="wp-block-heading" id="multiple-quick-transactions-between-multiple-crypto-exchange-platforms"><strong>Multiple quick transactions between multiple crypto exchange platforms</strong> </h3> <p>Another indicator is when multiple transactions are carried out in quick succession between different crypto exchange platforms, with no clear link between the transactions. Such transactions may indicate attempts to break the chain of custody around the respective blockchains. Or on continuing the transaction further in disguise. The chain of custody is the term that refers to the chronological paper trail that documents how and by whom individual items of physical or electronic evidence were collected and analysed. </p> <h4 class="wp-block-heading">In practice </h4> <p>A key indicator is the use of a relatively large number of different crypto exchange platforms. Not all platforms offer all types of crypto. Often, however, a few major platforms, such as Binance, KuCoin and Coinbase, will suffice, together covering the vast majority of crypto-currencies. Still, if it appears that a customer is depositing and receiving funds to and from 10 to 15 different platforms, this could indicate money laundering. </p> <h3 class="wp-block-heading" class="wp-block-heading" id="unexplained-crypto-assets"><strong>Unexplained crypto assets</strong> </h3> <p>Finally, the last indicator. Here, the amount of crypto assets purchased is not economically or financially explicable, given the average usage by the customer. The customer has unexpectedly made a larger transaction than was previously the case. </p> <h4 class="wp-block-heading">In practice </h4> <p>You can approach this indicator from two angles. On the one hand, if the customer suddenly starts buying crypto for a large amount, it is noticeable even though this does not quite fit the profile the institution has of this customer (assets etc.). </p> <p>Reasoning in the other direction, funds (often relatively high amounts or a high volume of small amounts) may be deposited into an account from a crypto platform. The money launderer could then argue that these are returns obtained from previous investments in cryptos. As crypto has a high volatility (strong fluctuation), it can happen that an investment in crypto can generate a lot of money in a short period of time. However, proof of this should always be requested as part of an investigation into the origin of funds. This can very easily be printed out on the crypto platform. A crypto account can easily be supplemented with transfers of crypto funds from other platforms. It is therefore important to request such a statement. This shows what has been contributed and how the assets have grown. </p> <h3 class="wp-block-heading" class="wp-block-heading" id="darknet"><strong>Darknet</strong></h3> <p>To transfer money to and from darknet marketplaces, cryptocurrency is often used. The following ways can provide insight and help identify when funds are directly or indirectly sent and/or received from a darknet wallet address. </p> <ul class="wp-block-list"> <li>A user often receives funds from, or sends funds to, darknet wallet addresses that accumulate to large values; </li> <li>A significant percentage of a user’s deposits on an exchange originate from darknet marketplaces; </li> <li>A significant percentage of a user’s withdrawals from an exchange result in transactions with darknet marketplaces. </li> </ul> <h3 class="wp-block-heading" class="wp-block-heading" id="want-to-know-more"><strong>Want to know more? </strong></h3> <p>Do you recognise the red flags that may indicate money laundering, terrorist financing, fraud or corruption? Our new <a href="https://www.ministryofcompliance.nl/opleidingen/fec-awareness/" data-type="URL" data-id="https://www.ministryofcompliance.nl/opleidingen/fec-awareness/" target="_blank" rel="noreferrer noopener">Financial Economic Crime (FEC) Awareness e-learning</a> helps you recognise suspicious signals or transactions in practice and teaches you what to do with them. Or do you want to speak to one of our consultants? Feel free to <a href="https://www.projectivegroup.com/lets-talk/" data-type="page" data-id="413" rel="nofollow">contact us</a> without obligation</p> <div class="wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex"> <div class="wp-block-button"><a class="wp-block-button__link wp-element-button">Contact us</a></div> </div> ]]></content:encoded> </item> <item> <title>An update on the Whistleblower Protection Act</title> <link>https://www.projectivegroup.com/an-update-on-the-whistleblower-protection-act/</link> <dc:creator><![CDATA[ellemijndijkema]]></dc:creator> <pubDate>Fri, 17 Mar 2023 09:56:00 +0000</pubDate> <category><![CDATA[Risk & Compliance]]></category> <category><![CDATA[compliance]]></category> <category><![CDATA[netherlands]]></category> <guid isPermaLink="false">https://www.projectivegroup.com/?p=1227</guid> <description><![CDATA[Back in late 2021, we wrote about the impending Whistleblower Protection Act (the Act), which aims to further protect whistleblowers who report wrongdoing. On Feb. 18, 2023, the Act went into partial effect. The new rules apply to almost all financial companies. What are the main concerns? Partial entry into force At the time of […]]]></description> <content:encoded><![CDATA[ <p>Back in late 2021, we wrote about the impending Whistleblower Protection Act (the Act), which aims to further protect whistleblowers who report wrongdoing. On Feb. 18, 2023, the Act went into partial effect. The new rules apply to almost all financial companies. What are the main concerns?</p> <div class="wp-block-rank-math-toc-block" id="rank-math-toc"><h2>Table of Contents</h2><nav><ul><li><a href="#partial-entry-into-force">Partial entry into force</a></li><li><a href="#internal-reporting-procedure"> Internal reporting procedure</a></li><li><a href="#prohibition-of-approach">Prohibition of Approach</a></li><li><a href="#external-hotlines">External hotlines</a></li><li><a href="#want-to-know-more">Want to know more?</a></li></ul></nav></div> <p><br></p> <h3 class="wp-block-heading" id="partial-entry-into-force"><strong>Partial entry into force</strong></h3> <p>At the time of writing, the full Act has not yet entered into force. Provisions dealing with anonymous reporting to an employer and the enforcement and sanctioning powers are not yet in effect. This is because further regulations have yet to be issued, and an implementation and enforcement test has yet to be conducted regarding the sanctioning duties and powers.</p> <p>In addition, work is already underway on another bill to improve the position of whistleblowers. This follows the evaluation of the House for Whistleblowers Act and an initiative note by Mr. Omtzigt. In the note, Omtzigt argues that whistleblower protection falls short in a number of areas. Therefore, he makes 15 proposals to expand the Act. The proposals concern, for example, the definition of the public interest or certain additional legal obligations.</p> <p>All other provisions have been in force since Feb. 18, 2023.</p> <h3 class="wp-block-heading" id="internal-reporting-procedure"><br><strong>Internal reporting procedure</strong></h3> <p>The Act states that employers with at least 50 employees must have an internal procedure for reporting suspected wrongdoing. (Almost) all small financial enterprises with less than 50 employees* are also covered by the Act.</p> <p>What is covered by wrongdoing under the Act? It must involve a (danger of) violation of Union law or an act/ negligence in which the public interest is at stake. This is the case of:<br>1) a violation of a legal or internal regulation; or<br>2) danger to public health, persons, environment or the functioning of public service or enterprise.</p> <p>Private companies with 50-249 employees still do not have to comply with the Whistleblower Protection Act until December 17, 2023. Small financial companies* have already had to comply with the Act since Feb. 18, 2023.</p> <p>In some cases, staff consent is required for the reporting procedure. If an organization is not required to establish a works council or employee representation, the reporting procedure must be approved by more than half of the employees. Employees can also enforce in the district court that the employer must have a reporting procedure.<br>Almost all small financial enterprises are covered by the Act<br></p> <h3 class="wp-block-heading" id="prohibition-of-approach"><strong>Prohibition of Approach</strong></h3> <p>Employees, investigators, or legal entities assisting a reporter may not be harmed by making a report. Detriment includes dismissal, transfer and reduction in pay. It also includes refusal to provide a reference, denial of promotional opportunities and threats of disadvantage. Unlike before, the burden of proof regarding disadvantage as a result of a report lies with the employer. The employer must prove that the action adverse to the employee was not the result of the report made.</p> <p>Previously, only employees who reported suspected wrongdoing were protected. Under the Act, the prohibition of disadvantage applies to a larger group of people and in more cases. A reporter can be an employee, civil servant, or other persons performing activities for an employer such as self-employed persons, interns, volunteers, job applicants, shareholders or suppliers. People who assist a reporter, such as a confidential advisor or union representative, are also now protected. This includes colleagues or family members who are related to a reporter and may be aggrieved.<br></p> <h3 class="wp-block-heading" id="external-hotlines"><strong>External hotlines</strong></h3> <p>Finally, under the Act, it is possible to report directly externally. Designated inspectorates and regulators, such as the AFM, DNB and the AP, must adapt their reporting channels. Previously, these were intended only for reports of Union law.</p> <p>Employees thus no longer have to distinguish between violation of Union law and wrongdoing.<br></p> <h3 class="wp-block-heading" id="want-to-know-more"><strong>Want to know more?</strong></h3> <p>For a full picture of the changes, please refer to the <a href="https://www.wetbeschermingklokkenluiders.nl" target="_blank" rel="noreferrer noopener">Whistleblower Protection Act.</a></p> <p>Projective Group is happy to help you with the interpretation and implementation of new legislation, such as the Whistleblower Protection Act. For example, we can help you with drafting a whistleblower policy, setting up an internal procedure for reports of suspected abuse, or setting up a whistleblower register.</p> <p>Want to keep up with current and future laws and regulations for financial institutions? We’ll keep you up to date with our monthly Risk & Compliance newsletter.<br></p> <div class="wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex"> <div class="wp-block-button"><a class="wp-block-button__link wp-element-button" href="https://www.projectivegroup.com/lets-talk/">Contact</a></div> <div class="wp-block-button"><a class="wp-block-button__link wp-element-button" href="https://share-eu1.hsforms.com/1l36yzfouS0agbWCkPtBJng2dbcm6" target="_blank" rel="noreferrer noopener">Subscribe to our newsletter</a></div> </div> <p><br><em>*It concerns the following financial enterprises: banks, investment firms, managers of UCITS and AIFs, (professional) pension funds) payment institutions, crypto service providers, mortgage providers, financial service providers that advise or mediate in mortgage credit, life insurers, premium pension institutions, non-life insurers and issuers.</em></p> ]]></content:encoded> </item> </channel> </rss>