Financial Crime Control Failings in Trade Finance Activities
Lessons learnt from regulatory reviews
- In September 2021, the FCA and the PRA sent a joint letter* to CEOs of firms engaged in trade finance activity to warn them to take action in response to failings identified and to reiterate their expectations of firms when undertaking such activities.
- The regulators noted that, during the past 18 months there have been several high-profile failures of commodity and trade finance firms with significant financial loss.
- The FCA and the PRA expressed that firms often have insufficient focus on the identification and assessment of financial crime risk factors, and that assessments have been too generic to cover the different types of risk exposures that may exist in trade finance client relationships
- Firms are asked to carry out a financial crime risk assessment to demonstrate that they have taken a risk sensitive approach to their control environment that ensures the relevant risks are effectively mitigated.
Trade Finance Activity Requirements
- Identification of financial crime risk factors
The FCA and PRA are critical of firm risk assessments and note that there is insufficient focus on the identification of financial crime risk factors. As a result, firms can have insufficient detail on their financial crime risks exposure.
“As a firm that undertakes trade finance activity, you should, if you have not already, undertake a holistic assessment of the associated financial crime risks. These risks include money laundering, sanctions evasion, terrorist financing and fraud.”
- Assessment of Financial Crime risk factors
Firms are not adequately assessing their risk / mitigating controls or recording the rationale to support their conclusions drawn on the level of residual risk to which they are exposed.
“We have found that firms have either failed fully to assess these risks, are unable to evidence the checks they have undertaken, or in some cases discounted them inappropriately. Failure to assess or understand these risks can lead to insufficient due diligence being undertaken.”
- Generic Customer Risk Assessments
Risk exposure must be assessed for all different types of relationships, risks, as well as methodology applied for risk ratings.
“At the client risk level, assessments have been too generic to cover the different types of risk exposures that may exist in trade finance client relationships, such as the industry or jurisdictions in which the client operates.”
- Evidence of investigation
The regulators have reiterated that firms must clearly evidence what analysis was undertaken and any follow-up action undertaken as a result.
- Analysis of all trade finance counterparts
Firms are required to undertake assessments on all counterparts to the transaction
“This analysis should include all parties with an interest in the transaction and not be limited to the borrower i.e., the end-buyer, credit insurer and other parties, where relevant, should form part of the analysis.”
- Policies and procedures
The FCA expects firm policies and procedures to set out clearly when it is appropriate / necessary to conduct an analysis on the counterparts. This will enable firms to identify whether the rational for the transaction, the client, or the activity is what is expected or if there any red flags.
“We identified examples where firms had facilitated transactions with no sensible business rationale given the jurisdictions, or industry of other parties involved in the transaction. This could be an indicator of fraudulent activity, collusion or money laundering. ”
- Purpose and intended nature of transaction
The FCA and PRA highlight the importance of seeking and assessing information on the purpose and nature of the transaction. Firms should evidence that the activity is in line with expectations or that an appropriate investigation has been made where information is lacking.
“Prior to individual transactions being approved, we expect firms to determine if further specific analysis is required. This should include, but not be limited to, consideration of the financial and non-financial risk on the end-buyers and the rationale for the transaction.”
- Policies and Procedures
The regulators Highlights the importance of firms having sufficient procedures in place to ensure a consistent process is followed and EDD / escalation is universally conducted where appropriate.
“Firms should identify instances of higher risk which require enhanced due diligence. Conducting a more structured assessment of risks and red flags, as well as clearly defined policies and procedures, helps trade finance specialists in the business to identify transactions that require additional due diligence or escalation to the second line.”
- Risk Management
Firms must ensure that they have robust risk management controls and that they are complying with any requirements set out in the agreement / transaction and that they have effectively assessed the risk of the transaction security.
“Robust risk management would ensure that the security is appropriately valued, perfection of security is correctly applied, appropriately maintained, including in respect of segregation as well as consideration of how to realise the underlying security in the event of non-payment.”*
Financial Crime Risk Assessment
The FCA letter prompts firms to review their current trade finance activity and asks that they carry out a financial crime risk assessment to demonstrate that they have taken a risk sensitive approach to their control environment that ensures the relevant risks are effectively mitigated.
GDFM can support you and your team addressing this challenge in a pragmatic way.
Assessing the current state of anti-money laundering framework, raising team awareness and identifying key next steps.
Financial crime systems and control assurance
Assessing anti-money laundering framework and ensuring that it is in line with the firm’s risk profile and MLRs requirements.
Reviewing common failings, identify risk areas, gaps and remediation requirements.
Document remediation approach, prioritisation and execute remediation plan.