We have spent the last year or so coming to terms with the Covid-19 pandemic, which has changed our daily lives beyond recognition. While we keep thinking mainly about the restrictions and outbreak statistics, it would be useful to figure out whether companies are now subject to a heightened risk of money laundering and terrorism and proliferation financing (“ML/TPF”) and whether the internal control systems set up by persons subject to the Anti Money Laundering and Counter Terrorism and Proliferation Financing Act are still as effective as they were before the pandemic.
Given the diversity of persons subject to the Act (from external accountants with a few customers to credit institutions with several hundred thousand customers) we need to consider whether they can still uphold adequate standards in managing ML/TPF risks during the pandemic and whether certain sectors have become more vulnerable as the existing risks keep transforming and new ones arise in a constantly changing risk environment.
Are individuals subject to a heightened risk of crime during the pandemic?
Studies conducted by the Financial Action Task Force and Europol in 2020 point to a number of predicate offences being committed during the pandemic. Below are a few crimes typical of the period:
- Fraud in the medical sector, given the high demand for various medical and personal protection devices. This can involve delivering medical goods that fall short of the promised quality or delivering none at all.
- Various types of personal fraud – telephone fraud involving offers of various non-existent goods or investment services in the hope of tricking credulous people, such as urging someone to invest in developing a non-existent miracle cure for Covid-19 where the investment offer is unfortunately nothing more than a financial pyramid.
- Online fraud – unlicensed games of chance and various cyberattacks.
Criminals are also taking advantage of the pandemic to carry out various fraudulent activities online, for instance, offering goods that do not exist or easy money from dubious investment projects or illegal online casinos.
Some online shoppers may have become careless about various signs of risk when shopping, for instance:
- Bad reviews of the website;
- Prices that are obviously lower than the market;
- Dubious methods of paying for goods.
Criminals can aim to obtain some sensitive personal data that could be later used in unlawful activities.
It is important to note that persons subject to the Act (especially financial institutions) should be able to identify potential crimes in order to stay away from money laundering. For example, financial institutions should be alert to suspicious customer transactions involving payment for medical or healthcare goods, or carry out a due diligence review when providing merchant acquiring services. And financial institutions still have to ensure the continuous monitoring of customers and their transactions under the remote working conditions for a secure flow of information.
To ensure that the internal control system of a person subject to the Act is still able to efficiently manage their inherent risks, quickly respond to changes in the external risk environment and conditions, and to suitably adjust their risk management mechanisms, it is important to promote the overall understanding in your organisation of the new risks and challenges you face during the global pandemic, for instance, by providing relevant staff training or distributing educational information material within your organisation.
When it comes to assessing their inherent risks, persons subject to the Act would also need to assess any risks that international organisations have identified in their published studies relating to the global pandemic, or to revise their earlier risk assessments in the light of possible adverse effects of the global pandemic. If you find any risks that can endanger your organisation, then you need to develop efficient mitigation processes to manage those risks.
PwC has a team of experienced professionals standing by to provide companies with support in risk assurance. You are invited to learn more here.