Law Firms: A Target for Money Launderers?
In October 2018, the Law Society working with Accuity, a global provider of risk and compliance, payments and know-your-customer solutions, conducted a survey among both Singapore law practices and foreign law practices to understand and identify the challenges facing law firms in meeting their AML obligations.
- There are marked differences in the AML practices of the smaller and largest firms in Singapore, with small firms showing particular cause for concern;
- A third of small firms surveyed do not have documented AML procedures in place;
- Suspicious Transaction Reports (STRs) may be under-reported by law firms – and half of small firms do not document the process of filing suspicious transactions at all; and
- The data that firms use to screen clients may be unreliable and out of date.
The results of the survey indicated that small law firms and firms with an emphasis on conveyancing might unwittingly be targets of money launderers and terrorism financing partly due to an absence of a framework to deal with AML and counter terrorism financing (CTF) and partly due to a lack of awareness about how financial criminals might leverage on law firms’ services to achieve their outcomes.
Why are Law Firms Vulnerable?
Lawyers are a vulnerable point of attack for money launderers and other financial criminals for a number of reasons:
- There is significant convergence between the services that law firms offer and the methods that criminals use to launder money and hide the proceed of crime – including conveyancing and the creation of trusts and private companies;
- Firms routinely handle significant amounts of money on behalf of clients. Passing this money through a law firm’s account “cleans” the money and allows criminals to disguise where it came from;
- The engagement of a licensed law firm adds a semblance of respectability to the transaction; and
- Lawyer-client confidentiality may pose an ethical dilemma to many lawyers as to whether to maintain their confidentiality obligation or to report their clients for suspected money laundering.
Small Law Firms and Exposure
There is vulnerability to risk across all types of firm, large or small.
Law firms that have poor systems and controls, inadequate training and lax due diligence will make them an attractive target to money launderers.
The survey found that while all of the largest firms taking part documented their AML/CFT practices, 36 per cent of small firms and 13 per cent of mid-sized firms have no policies, procedures or controls in place (Figure 1).
Figure 1: Does your law practice have documented AML/CFT policies, procedures or controls?
The fact that a firm is small does not protect it from the attention of financial criminals; money launderers will actively look for the weakest point, and exploit it.
The Low Rate of Suspicious Transaction Reports Filed
The Law
Part VI of the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act (CDSA) says it is an offence to help another person retain, transfer or use the benefits of criminal conduct. Section 39(1) of the CDSA says that when a professional person knows or has reasonable grounds to suspect a property may be connected with criminal activity, it must be reported to a Suspicious Transactions Reporting Officer as soon as is reasonably practicable.
The number of Suspicious Transactions Reports (STRs) filed by law practices is extremely low in Singapore. Only five firms taking part in the survey said they filed an STR in 2017, and while this increased to 14 firms in 2018, this represents just five per cent of the total sample of firms surveyed.
The survey also suggests that some firms simply do not have the necessary apparatus in place to facilitate an STR filing. Fifteen per cent of small firms and 10 per cent of medium-sized firms, for example, said they had no processes in place for determining when a suspicious transaction should be filed, and by whom. Half of small firms and a third of medium-sized firms said that the process of filing STRs, if they had one, was not documented (Figure 2).
Figure 2: Is your process for filing STRs documented?
Suspicious Transaction Reports Gaining in Importance
Regulators are beginning to take a tough line against law firms that fail to file STRs. In 2018 Kang Bee Leng, a former director of Sterling Law Corporation in Singapore, was fined $10,000 for failing to notify the authorities of a suspicious property transaction handled by the firm. Kang was responsible for the conveyance work on the purchase of a $23.8m property by a Chinese national, Zhang Min, former president of Yucheng International Holdings. Kang carried out an online search on the client, which revealed news reports that the Yucheng Group was under investigation for fraud, but failed to file a suspicious activity report. Kang pleaded guilty and was fined, even though the transaction was never completed.
In November 2018, the Singapore government confirmed its plans to increase the penalties for failing to report suspicious transactions under the CDSA. The maximum fine for failing to file an STR – which previously stood at $20,000 – has been increased to $250,000 for an individual plus up to three years’ imprisonment, while the corporate penalty has increased to a maximum fine of $500,000.00.
The increase in penalties reinforces the argument that this is an issue that needs to be tackled urgently. The legal profession needs a transparent debate of why more STRs are not filed, and the filing of STRs as best practice needs to be properly enforced.
Challenges Facing Law Firms in Implementing AML/CFT Measures
(i) Unreliable Data
The quality of the data used to screen clients is particularly relevant, as unreliable or out-of-date information considerably raises the risk of missing a red flag. Ideally, clients should be screened against regularly updated official sanctions lists and reliable negative news databases.
When asked how they currently conduct customer screening, 82 per cent of participants said their main source of information was public websites; 40 per cent use sanction screening lists provided by third parties, and 40 per cent use their own data that they had gathered in-house and built up through their own experience. Only 10 per cent had an automated workflow or client on-boarding process in place (Figure 3).
Figure 3: How do you conduct customer screening?
In addition, 63 per cent say they find establishing the source of a client’s wealth challenging, while 55 per cent say that tracing ultimate beneficial ownership is a problem.
(ii) Lack of Automation
Forty-eight per cent of survey participants raised “making AML less manual” as a problem. As of now, AML and screening processes across law firms are not routinely automated. The effective use of enabling technology would considerably increase effectiveness and accuracy of KYC and watchlist screening processes.
Conclusion
The survey results indicate that the level of compliance with AML obligations vary in relation to the size of the law firm. Overall, the larger law firms have more robust controls and screening in place. The firms with the weakest controls stand a higher risk of being targeted and exploited by financial criminals.
Greater regulatory oversight and more stringent compliance requirements are inevitable, but it is also clear that the mind-set within the legal profession towards AML needs to change. Greater cost-effective automation of AML compliance, along with the routine use of reliable third-party databases for customer due diligence would enhance the identification, measurement and monitoring of money laundering risk more effectively. This should also be supplemented with sector-wide support, good internal processes, and solid education for employees. When good AML compliance becomes habitual for all law firms, Singapore will be a safer place.
