New FIAU publication to guide banks on the use of cash
The local anti-money laundering regulator, the Financial Intelligence Analysis Unit (“FIAU”) has recently issued a new guidance note, primarily targeting the banking industry players (deemed as one of the main entry points for cash to infiltrate the financial system) but also other subject persons carrying out activities involving cash deposits and/or withdrawals, aimed to provide a blueprint for the compliance of anti-money laundering obligations under the Prevention of Money Laundering and Funding of Terrorism Regulations, S.L. 373.01 of the laws of Malta (“PMLFTR”) within the context of cash transactions.
It comes with no surprise that with cash remaining prevalent as a common payment means in Malta, the regulator has provided further guidance on specific red flags for banking sector to look out for. As a medium, cash is extremely prone to be an untraceable vehicle for money laundering and funding of terrorism (“ML/FT”) purposes. In Malta’s MONEYVAL 2019 Mutual Evaluation Report, the permanent monitoring body of the Council of Europe, specifically highlighted the use of cash as one of the major exposures which the country is vulnerable to – hence warranting enhanced measures for its mitigation.
Both the PMLFTR as well as the Use of Cash (Restriction) Regulations, S.L. 373.04 of the laws of Malta (“CRR”) introduce a restriction on the use of cash for certain payments and transactions with a view to combating money laundering and other criminal activity. The CRR (i) impose thresholds and limits both relating to making and receiving a payment in cash in respect of certain purchase or sale of the goods outlined therein, and (ii) criminalise any person who makes or receives a payment or otherwise carries out a transaction in cash amounting to, or exceeding the limit of EUR10,000 (or its equivalent in any other currency).
As subject persons, banks are required to build a business and customer risk profile for each of their customers through the collation of data and information at the initial stages of the business relationship, which will in turn be essential for the ongoing monitoring of the customer transactions. At the outset of the bank-customer relationship, the institution can already roughly anticipate:
- if the banking activity will involve use of cash deposits or withdrawals;
- the level of activity, value and frequency of cash activity; and
- the channels through which cash deposits or withdrawals will likely to be made.
The FIAU highlights how banks should utilise any information, insights, comparative analysis, expertise, or know-how it may hold internally, so as to tailor and mould (in the most accurate and representative possible) the risk profile of their customers, and the corresponding cash activity projections.
Furthermore, the FIAU also highlighted the significance of obtaining a holistic overview of each customer’s transactions, including cash transactions. Therefore, it is essential that an institution maintains an effective system, which captures any cash deposit made through various channels available to the customer, whether through an ATM or at a branch. The AML regulator stressed that institutions are to actively pursue unusual deposit patterns based on their customers’ profiles, while highlighted some of the red flags related thereto:
- If a considerable number of cash deposits are made without a reasonable explanation;
- If a customer has made several deposits, which separately do not trigger the EUR10,000 cash threshold, but of which is done on a regular basis or in quick progression using different channels or locations;
- Cash deposits of large denomination notes which do not tie in with the activity of the customer; or
- Cash deposits which are followed by prompt withdrawals, whether single or multiple.
Another important facet of mitigating against ML/FT through the medium of cash is the monitoring of cash withdrawals. The FIAU focused on two main aspects being (i) when funds have been deposited with a credit institution from the same place they were withdrawn and (ii) ensuring that all institutions apply a risk-based approach throughout their monitoring. It is essential that the institution is always knowledgeable of where the funds originated from and how they accrued. Any suspicion over the legitimacy of the funds should have appeared when the funds where being placed into the account, before a withdrawal takes place. Red flags related to withdrawals include:
- Frequent withdrawals from different locations, through different channels, commenced through a short period of time, that when added together, lead to substantial amounts of funds;
- Repeated withdrawals by third parties and not by customer, should be queried;
- Withdrawals made by a customer who is always accompanied by a third party at the institution’s branch.
While highlighting that not all significant cash deposits should lead to reporting or filing a suspicious transaction report (“STR”), unless there are reasonable grounds of suspicion by the bank, the FIAU noting that neither the CRR nor the authority itself impinge on banks to implement cash deposit limits. However, it is key to note that such thresholds would not prevent the mitigation of ongoing monitoring of smaller frequent amounts of cash being transferred.
Although the way we pay is becoming increasingly digital, cash still remains one of (if not, the) most accessible models or forms for payments used by the public. Although we have all witnessed a surge in contactless, cashless and online payments during the pandemic, banks are nevertheless faced with physical deposits and withdrawals of banknotes – which reality has to be managed and dealt with to mitigate as much as possible AML/CFT exposures.
The author wishes to thank Rebecca Iversen for her support during the preparation of this article.