AUSTRAC’s ML/TF Risk Assessment Report on Foreign Subsidiary Banks [Part 4]
This blog covers the last chapter of our four-part series on AUSTRAC’s money laundering and terror financing risk assessment report, and particularly discusses the financial crime risk related to foreign subsidiary banks in Australia.
As per the report, seven foreign subsidiary banks are operating in Australia and providing services to around 4.8 million customers in the country. Every foreign subsidiary entity has its set of activities and attributes, and the level of money laundering and terror financing risk varies across the seven entities too. However, the overall risk of financial crimes assessed by AUSTRAC for this subsector is ‘medium’. On the contrary, inherent ML/TF vulnerability in this sector is said to be ‘high’. This part of the report highlights methods of money laundering, key predicate offences and vulnerabilities for foreign subsidiary entities.
What are Foreign Subsidiary Banks in Australia?
Foreign subsidiary banks are international institutions licenced by the APRA to operate in Australia. The top banking entities are:
- Bank of China (Sydney)
- Arab Bank Australia
- Bank of Sydney, subsidiary of Bank of Beirut
- Citibank Australia
- HSBC Bank Australia
- HDFC Bank Australia
- ING Bank
Money laundering threats facing the foreign subsidiary banks evaluated by AUSTRAC is medium. The assessment was based on a moderate number of Suspicious Matter Reports (SMRs) and these reports suggest that ML is predominantly related to cash and transaction account-based services. The report further revealed that foreign subsidiary sector is targeted at the placement and layering stage of money laundering because of the large retail banking footprint in the sector. Customers have the opportunity to place cash directly into the financial system.
Real-world Scenario for Suspected Money Laundering
Back in 2019, a foreign subsidiary bank identified a possible case of layering after multiple transitions were conducted through a new customer account. Multiple large deposits and incoming transfers followed by rapid flow of funds out of the account for home loans, luxury expenses, etc. That being said, the banking entity conducted enhanced customer due diligence (ECDD) on the customer and submitted an SMR to AUSTRAC. The regulatory body confirmed that the customer was a criminal who had been investigated by many other partner agencies. Suspicious financial activities identified included deposits that totalled $235,000.
Trade-based Money Laundering
Only one of the many suspicious matter reports was related to trade-based money laundering but this sort of ML is under-represented in reporting due to challenges in detecting it. Common red flags of trade-based money laundering include over or under-invoices, companies trading in high-risk sectors such as natural resources and commodities, extra complex company structures or directorship, funds from a foreign account are transferred to multiple domestic accounts immediately, and transactions from/to a high-risk jurisdiction.
Key Predicate Offences
The nature and extent of predicate offences assessed by AUSTRAC as high fo foreign subsidiary banks. Key offences include false-billing scams, romance scams, phishing and remote access scams.
20 per cent of the suspicious matter reports for scams submitted to AUSTRAC were filed for false-billing scams. Businesses issued fraudulent invoices via email and then clearance of the invoice in fictitious accounts. In other cases, email accounts were hacked and methods were the same as phishing and remote access scams.
Around 13% of the scam-related suspicious matter reports were submitted for romance scams. Accounts of the foreign subsidiary banking sector were used to launder the money from these scams. In some cases, the accounts were used for money mules or transferring funds to a high-risk jurisdiction. On the other hand, law enforcement agencies warned the customers that they were victims of romance scams but these warnings were denied or ignored.
Phishing and Remote Access Scams
AUSTRAC’s report revealed that 30-% of the scam-related SMRs were submitted for phishing and remote access scams. Stolen funds sent to third-party, exploitation of transaction accounts, use of self-destructing messaging services, public domain email addresses, and rapid flow of funds through accounts of a foreign subsidiary bank are some reported cases of phishing and remote access scams. Some of these cases led to financial losses, whereas many were identified by AML/CFT systems.
What Makes this Sector Susceptible to Criminal Activities?
The risk assessment report reveals that foreign subsidiary banks in Australia have high inherent money laundering and terror financing risk. Vulnerabilities have been broadly divided into four groups; customers, delivery channels, products and services, and exposure to high-risk jurisdictions.
This group poses a medium level of inherent ML/TF vulnerability. Although the ratio of high-risk customers is low, the foreign subsidiary banks are exposed to people who have been highlighted in PEPs, known and suspected criminals, DNFBPs, companies, trusts, temporary visa holders, and financial institutions.
Designated Non-Financial Businesses and Professionals (DNFBPs) are recognised by the Financial Action Task Force (FATF) as well as AUSTRAC. However, these entities are potential targets of criminals because of their role as a gateway to the financial sector, ability to create channels for layering and integration, and the capacity to obscure illicit activities.
In a Nutshell…
The threat of money laundering, terror financing and predicate offences continues to increase in Australia. After AUSTRAC’s risk assessment report on money laundering and terror financing for four subsectors of the banking industry, it is evident that the financial sector of the country is in dire need of an Anti-money Laundering (AML) solution that can screen every customer during the account opening process. Shufti Pro’s AI-backed AML screening suite is perfect for the Australian banking sector. Every identity is screened against 1700+ global watchlists including sanctions and Politically Exposed Persons (PEPs). In less than 30 seconds, businesses have 98.67% accurate verification results.
Ready to protect your business against money laundering and terror financing activities?