“Responsible Innovation” – What the coming regulation of FinTech will look like

By Christine Duhaime | May 15th, 2016

Financial regulators balance innovation and protection

Financial regulators serve two important functions for the financial system. 1. They support growth and innovation where it could improve access to finance, or the delivery of financial services or grow the economy. 2. At the same time,  they  protect consumers and society at large by supervising the financial services sector actors to ensure that the financial system is sound, risks are identified and mitigated, consumers are protected and financial crime is mitigated. The balancing act requires regulators to take a well-considered approach.

How US, UK and Canada rank in balancing regulation and FinTech

Generally speaking, the US does the best job at balancing these two interests, managing to lead the world both in financial innovation and in the regulation and enforcement of financial crime. The UK is quite strong in both, having recently agreed to adopt the sandbox model invented by Kosta Peric of the Gates Foundation.

The Etherium case

People say that Canada may have a way to go in balancing regulation with innovation but the jury is out. The most prominent example of an unbalanced approach that was likely unintended, is of Etherium, a Canadian Blockchain startup driven by Canadian tech brains which relocated to Switzerland when Canada announced it was implementing the world’s first law to regulate digital currency transactions. Canada was once (in 2013 and 2014), the global leader in Blockchain, now the hottest area of FinTech but no longer, as a result of it being unable to balance the promise of leading in global innovation in FinTech with what it perceived, under a previous government, as an imminent threat to international security from the Blockchain being used to transact with Bitcoin. Canada still has that law on the books but decided not to bring it into force and consequently is viewed as a jurisdiction where there is uncertainty among global investors in respect of FinTech. Sometimes a decision that may seem prudent at the time, tips the scale too much in one direction with unintended and unanticipated consequences.

Bank jobs will be lost with FinTech; different jobs will be gained

We know in the FinTech world that financial services will be delivered almost entirely on a mobile phone in a few short years and while that will substantially drive up the costs for banking in terms of investment in tech, innovation, AI and data centers, it correspondingly will drive down the larger costs of maintaining physical branches, tellers and back office employees. Moreover, banks have hundreds, sometimes thousands of compliance personnel whose jobs will be rendered redundant as banking becomes mobile, saving banks hundreds of millions of dollars per year in compliance personnel. So while innovation will cause mass unemployment  in the financial services sector, it will correspondingly create new employment in FinTech. Wall Street and Bay Street will disappear as we currently know them as financial centers (it will be too expensive to maintain bank towers for tech and AI) but tech centers will pop up all over as banking undergoes fundamental shifts.

Many developed countries have national FinTech strategies (Canada is an anomaly in not having one) to ensure that the tech and AI shifts affecting financial services result in startups being created in, and remaining in, their jurisdictions so that they develop FinTech for export as opposed to being consumers of the tech. With respect to Canada, it is already, for the most part, a consumer of FinTech at the large financial institutional level with banks investing in FinTech expertise in the US, Singapore and UK , and more marginally in Canada. R3CEV, a US based company, is an example of foreign FinTech being invested in by Canadian banks. Ironically, some of R3CEV’s techs are Canadian, despite being in New York.

Some promises and perils

To weigh innovation and regulation, financial regulators look at the promises and the perils of FinTech.

Some of the promises of FinTech are that it will drive down the overall costs of operating a bank and of providing services to consumers, while increasing access to financial services across a broader sector, and potentially solving the growing problem of financial inclusion for small businesses and individuals all around the world. It also promises to make banking more efficient and reduce customer friction.

Some of the perils of FinTech that are of concern to financial regulators will be obvious things like consumer protection and misrepresentations to investors of FinTech startups and of the services they offer and of less obvious things like if analytics and GPS locating are used to exclude people from financial services. For example, an online lender or online bank may make decisions based on demographics or geo-locations to exclude more impoverished sectors of the population.

Another peril is with respect to financial crime mitigation. FinTechs that are front facing, or customer-facing have anti-money laundering and counter-terrorist financing obligations governed by contracts with deposit-taking institutions, rather than imposed as a matter of law. Because they are not directly regulated by prudential regulators or subject to FIU audits, compliance is spotty, non-existent or not uniform. Terrorist financing has occurred through FinTechs, some deliberately and some by accident.

There are also privacy law, consumer protection, securities law and prudential concerns with FinTechs in the sense that most FinTechs plow ahead without considering what is required, legally speaking, to provide financial services in a regulated environment. Global banks in the UK routinely say that they are frequently pitched to by FinTechs who have developed great tech but the tech is completely useless to financial institutions because it does not comport with the law and is built on wrong assumptions on the law, or without considering, legal requirements of financial institutions.

AML & CTF law is rocket science

The anti-money laundering regime is particularly problematic with FinTechs, and often raised by global banks as an area where FinTechs are venturing without background knowledge or legal expertise to understand the regulatory landscape.

While analytics and AI can be used to improve processes for anti-money laundering law and counter-terrorist financing legal compliance, and undoubtedly will in time, we are facing a tech and knowledge gap in the sense that there is no existing technology that can deliver counter-terrorist financing or anti-money laundering legal compliance at any standard or level that is acceptable to a responsible regulator, or that any financial crime lawyer could sign off on.

I enormously respect FinTech startups and the work they do, but the truth is that FinTechs are just not there yet in this space and the jury is out among counter-terrorist financing and anti-money laundering professionals as to whether a FinTech could ever get there. One needs only to ask a FinTech in this space to describe how their systems deal with legal versus beneficial ownership at on-boarding; how their systems detect a politically exposed person from Vietnam, Austria, Russia, Brunei, or any other country; or to identify which terrorists lists they are using for their warning system. Most can’t have that conversation because anti-money laundering and counter-terrorist financing law is rocket science.

A financial institution using a system created without expertise in anti-money laundering and counter-terrorist financing detection, mitigation, reporting or terrorist property asset freezing, poses a security risk to everybody.

Bar associations may move into FinTech & LawTech regulation

It is likely that other regulators will emerge as well to have their say on the debate on innovation versus regulation and I suspect it will be the law societies and bar associations, especially on financial crime and increasingly on LawTech.

By law, only lawyers are permitted by state, federal and provincial legislation, to practice law, give legal advice or provide legal services, including in anti-money laundering and counter-terrorist financing law, even if it involves just the provision of tech for legal solutions.

A law firm owned by a lawyer licensed to provide services to the public (ergo, not one in-house) can create and sell tech that provides legal solutions such as compliance or legal forms, or auto-divorces, let’s say, but not a startup that is not owned by a licensed lawyer. FinTechs need to be cognizant of where they can go, and cannot go, in tech that is legal. The same is true for accounting services. FinTechs need to be careful to not be providing services that are accounting in nature.

LegalZoom, a tech company that sold online legal solutions and was not a licensed law firm, was required to hire lawyers to vet and approve all of its legal solutions in order to avoid protracted litigation over allegations that it was engaged in the unauthorized practice of law. A few months ago, LegalZoom, bought a law firm to acquire a license to sell legal solutions to the public without running into issues of the unauthorized practice of law. In time, we are likely to see more tech companies buying law firms in order to enter into the field of anti-money laundering and counter-terrorist financing legal tech compliance to avoid being sued by bar associations.

The direction financial regulators are likely headed in a few years on the financial crime front is to require that anti-money laundering law and counter-terrorist financing systems be tested and licensed to preserve the integrity of the financial system in the same was as we require gambling systems to be tested and licensed to preserve the integrity of gambling. A financial crime system that is tested and licensed balances innovation with regulation.

New era of  “responsible innovation”

Generally, we are heading into an interesting phase with FinTech. Financial regulator have taken a fairly hands off approach with FinTechs around the world, allowing them to grow to support innovation but there are signs that that is about to change. The mood seems to be swinging towards light regulation with a sandbox and in some cases, heavy regulation. The SEC is now looking at P2P lending and other FinTechs from the perspective of whether or not the disclosures to consumer are adequate and to investors.

The new buzz word for FinTech from regulators will be “responsible innovation” and that will mean that FinTechs will be regulated on a sliding scale depending upon the services rendered to the public and the risks involved.

US amends anti-money laundering law for beneficial ownership after Panama Papers, including to detect purchases of expensive real estate with illicit money

By Christine Duhaime | May 8th, 2016

Panama Papers Driven Changes

The US Treasury has announced several amendments, and proposed legislative amendments, to its anti-money laundering (“AML“) legislation in the wake of the Panama Papers scandal to tackle the disclosure of what is called “beneficial ownership.” Beneficial ownership means the beneficial, as opposed to the legal, owner of shares of a private company, foundation, trust or similar organization. A beneficial owner is one who actually owns or controls shares of a private company and who may or may not also be the legal owner. The legal owners of shares is the person who legally holds them.

The US announcement tackles three areas: (a) enhanced customer due diligence (“CDD“) requirements; (b) proposed beneficial ownership laws; and (c) new reporting obligations for expensive real estate purchases to detect money laundering.

1. Customer Due Diligence Laws

Under the CDD requirements, banks, brokers and securities dealers will have to collect and verify the personal information of the beneficial owners of private companies when they open bank or other accounts.  In parallel, the Bank Secrecy Act (“BSA“) regulations will be amended in respect of CDD for beneficial ownership at 25% or above, and for those shareholders who control the company irrespective obviously of the percentage of shareholdings.

With respect to the BSA aspect, financial institutions will be required to: (1) identify and verify the identity of the beneficial shareholders of private companies opening accounts; (2) understand the customer relationships and create risk profiles; and (3) monitor, on an ongoing basis, customer transactions for the purposes of reporting suspicious transactions.  The purpose of the CDD rule is to collect more information on international financial transactions for sharing with law enforcement and ties into the global FATCA regime that requires reporting to the IRA from most countries in the world by over 200,000 banks.

2. Beneficial Ownership Laws

The US will also be adopting new beneficial ownership legislation that is triggered at the time of incorporation of a private entity. The law would require that companies, as opposed to lawyers or corporate registries, retain records of their beneficial owners, file it with the US Treasury and make it available to law enforcement.

Interestingly, the proposed legislation authorizes the government to require every US entity to report beneficial ownership in respect of itself or others and therefore extends way beyond normal reporting entities captured under the BSA. The change is quite sweeping because a US entity is defined to include any company registered in the US and that uses the US postal service, wire services (essentially any Internet) or any facility (a venue, an office, a garage, a home) for interstate or foreign commerce for business.

As a result, every single business that is qualified, registered, organized or created in the US is going to be required to, as a matter of practice, become a reporting entity in the anti-money laundering legal sense for beneficial ownership purposes, including any foreign company.

There may be an exemption for foreign entities that are not created or registered in the US and conduct business there but that is doubtful because they may be caught by being “qualified” even though not registered in the US and also because it would otherwise not do much to capture information in respect of tracking the movement of proceeds of crime using beneficial ownership structures if it just applied to registered corporate entities operating in the US. The sole distinction here is between foreign entities doing business in the US that do so under registered companies in the US versus those that do business in the US without registering companies.

3. Reporting of Expensive Real Estate Purchases to Detect Money Laundering

The proposed law also contains  amendments to existing orders to clarify the authority of FinCEN to collect information on all cash purchases of mansions and high-value homes. The amendments are designed to allow the US government to  look at vulnerabilities in the real estate sector to detect money laundering.

The US is leading in the crack-down against proceeds of corruption being used for the purchase of mansions as a matter of financial crime by requiring real estate transactions of a high value in New York and Miami be reported to FinCEN.

Primer on Beneficial Ownership, Numbered, Shelf and Shell Companies

By Christine Duhaime | April 24th, 2016

Beneficial ownership, shell companies, shelf companies and numbered companies – What’s the Difference?

Since the Panama Papers, there seems to be an increasing interest in the concepts of beneficial ownership, numbered companies, shell companies and shelf companies and people often use some of these terms interchangeably but they are not the same things.

1. Shelf Companies

A shelf company literally means a company sitting “on a shelf.”

The way it works is this – large firms incorporate companies in which the  firm is the incorporator. The company undertakes no business activity and the Minute Book for that company sits on a shelf for a number of years. Eventually, the law firm will have a client who needs or desires a pre-existing company and it will sell or flip to the client, an asset of the law firm, namely one of its shelf companies. On the rare occasion, a person will create their own shelf company.

Once a shelf company is sold, it ceases to be a shelf company. It may become a shell or it may become a normal company. 

Large firms have a corporate records department, which is a library with the Minute Books for every company the law firm represents or acts maintains records for.

Large firms have another important collection of books – those are deal books, sometimes called closing books, which have the paperwork for M&A transactions and financings. The closing books are material in respect of beneficial ownership, because they often contain the documents evidencing beneficial ownership changes.

For example, if a British Columbia company pledges its shares for a bank financing, what happens behind the scenes is that the bank takes physical custody of the share certificates and in the event of a default, it can vote those shares, as the bearer of the shares. The pledge of shares and the physical transfer of possession of shares means that the shares now have a contingent beneficial owner. That information – the information that there is now a contingent beneficiary – is in deal or closing books. 

Shelf companies are rarely used for nominees because they literally just sit on a shelf to age and become more valuable until the law firm can flip the asset to a client for between $200,000 to $1 million a pop.

The picture, below, is of a real shelf company in England set up by a law firm which was then used by a Russian national. It has “shelf” as part of its incorporation name but that is rare – most shelf companies are not distinguishable in this way to the general public, and in British Columbia, companies never have “shelf” as part of the corporate name, which is unfortunate because it is one more facet that makes British Columbia a haven for corporate obfuscation techniques. 

Example of a real shelf company in the UK.

In terms of the history of law, the genesis of shelf companies was not nefarious. Before the advent of the Internet, firms pre-incorporated companies as a service for clients so that they would have a private company ready for the client to acquire because in earlier times, it would take weeks to incorporate a company by mail. 

Now shelfs are primarily a criminal tool.

In the video below on YouTube of an interview with Russian organized crime leader Semion Mogilevich, who is on an FBI list of the most wanted criminals, Mogilevich says he bought an “off the shelf company” (e.g., a shelf company). Later, two of the lawyers in the UK who sold that shelf to him were arrested. In the interview, Mogilevich is discussing the securities fraud case in Canada where an estimated $850 million was stolen from Canadian and US investors pursuant to a capital markets scheme he orchestrated from Eastern Europe in Canada. What is interesting about the interview is the realization that Russian organized crime leaders are buying and using shelf companies in the UK and Canada and are aware of their value as vehicles for money laundering. 

2. Numbered Companies

Some jurisdictions allow the incorporation of numbered companies, as opposed to a company that has a name. People object to numbered companies without any basis. There is nothing the matter with, or suspect about, a numbered company.

Every company, even those that have actual names, such as Pretty View Holdings Inc., also has a corresponding number and is legally also known as its number not its name, and therefore its legal name may be Pretty View Holdings Inc., ON1568797. It is no different than the company that is a solely numbered company.

The reason people object to numbered companies is because it’s harder for them to recollect the name of a numbered company compared to a company without a number. In terms of purpose, structure, shareholders and organization, there is no difference between a numbered and a non-numbered company.

3. Shell Companies – there are two meanings

A shell company has two meanings.

In the securities law context, it means a company that no longer has business activities, although it once did have business activities, hence it is now a “shell” of its former self, as in “an empty shell.” In the public company context and in the securities law context, a shell company is used for the listing or re-listing process, a reverse take-over, or sometimes when there is a change of material business activities.

In the corporate law and financial crime context, a shell company has a different meaning. A shell company in this context means a company created to obfuscate ownership of shares (the beneficial ownership issue) and the purpose may be criminal or not.

If a person sets up a company in the Cayman Islands, it is not necessarily a “shell company.” It all depends upon how the company is organized in a structural sense and what it is used for.

The key to determining whether a shell company was established with a criminal intent, or is used criminally or to obfuscate ownership for a criminal intent, is to look at beneficial ownership.

Not all companies created to obfuscate ownership are criminal either – many people who run companies purposely use nominees to protect their privacy.

It is important to note that the first type of shell, the securities law shell, which is usually a reporting issuer, may be used for criminality and often is when it involves a pump and dump scheme. In that case, the shell is part of a reverse take over where securities fraudsters pump and dump a revived old shell.

4. Beneficial Ownership

Beneficial ownership refers to the beneficial owner of the shares of a private company, as opposed to the legal owner of shares of a company, namely the de jure versus de facto ownership of shares.

Beneficial ownership is a common law concept used to distinguish rights held by persons with a beneficial interest in property from those who hold those interests legally (i.e., in name only). In the case of shares, a person can hold shares legally (in their name) or beneficially (as a nominee shareholder – meaning for the benefit of another person). The name on a share certificate is the legal owner and may or may not be the beneficial owner.

In Canada, in financial crime discussions and in some pieces of legislation, people have used the term beneficial owner to refer to the concept of requiring the identity of the natural person behind the shares of any private company but that is not technically what beneficial ownership is and moreover, a beneficial owner can be, in law, a natural or legal person. The confusion arises from the fact that policy makers are technically seeking to identify the control persons behind beneficial owners (the humans calling the shots of the persons or companies named on a share certificate).

Some shells and legitimate companies use nominees to hide the identity of a director, officer or shareholder and the purpose of nominees is to ensure that the name of the person whom someone desires to hide, does not appear on corporate paperwork (namely a share certificate, a securities register, a directors register and such). 

Here is an example, below, of a company that used a nominee to hide the name of an officer or director  – it registered Trent Nominees Ltd. as the human person fulfilling the role of director or officer under the Companies Act. 

Example of registering a corporate nominee as an officer.

Brazil’s former President, his wife and son charged with money laundering

By Christine Duhaime | March 13th, 2016

Brazil’s former president, Luiz Inacio Lula da Silva, and his wife and son were charged with money laundering and identity fraud in connection with real estate purchases. According to Brazil’s prosecutor, the former president used proceeds of crime to acquire real estate in Guaruja for he and his family that was destined for regular families in Brazil.  Prosecutors believe that the real estate was part of a bribery scheme to kick back benefits to, da Silva, a politically exposed person.

A spokesman for Lula da Silva admitted that he and his wife invested in the real estate but said they decided not to exercise an option to buy it entirely.

Brazil continues to undergo a massive corruption and money laundering investigation involving the state-owned oil company, Petrobras, and has implicated the current president, Dilma Rousseff. Brazilians think its a matter of time before she is ousted from power over the financial crime issues circling the government.

According to Brazilian news, the ruling party of Brazil is considering offering Lula da Silva a ministerial position to make him more immune from the charges.

 

Summary of the 2016 US Threat Assessment

By Christine Duhaime | February 20th, 2016

The Worldwide Threat Assessment of the US Intelligence Community (the “Report“) prepared by the Director of National Intelligence on February 9, 2016, is a very interesting read from a counter-terrorism perspective, and essential reading for any bank in respect of assessing client and regional risks.

Generally, the Report is dead on in respect of the connection between the refugee crisis, international terrorism and global instability.

Pursuant to the Report, the main focus of the US, however, appears to be on Iran, Russia and China, and emerging technology.

Here is a summary of the the most interesting parts of the Report:

The Danger of Tech

The Report identifies increased reliance on artificial intelligence (“AI”) for decision making as a security risk, such as in stock markets. It also notes the risks from the prospect of mass unemployment caused by AI, machine functions and risks of other countries becoming better than the US at artificial intelligence and having the capacity to compromise and take control of US based AI systems.

The Report believes that the growth of tech with minimal security requirements could lead to widespread vulnerabilities in US government systems and critical infrastructure.

ISIS

The Report discusses the threat of ISIS and notes that home grown terrorists pose the most significant Sunni terrorist threat to the US.

In respect of Syria, the Report believes that the Syrian government lacks the resources to defeat ISIS on its own.

It notes the growing number of ISIS countries such as, through Boko Haram, Nigeria, Cameroon, Niger and Chad. ISIS is also a threat in Bangladesh, Afghanistan, Tunisia, Egypt, Lebanon and Yemen. In the latter country, the Report notes that 80% of the population needs humanitarian aid – a whopping 17 million people.

In Libya, the ISIS presence poses a continuing threat to regional stability and is deteriorating Libya’s economy. After Syria and Iraq, Libya represents the most well developed branch of ISIS.

Iran

The Report believes that Iran is a threat to the US because of its support of the Assad regime in Syria and its advanced military capabilities. The Report notes Iran’s engagement in Syria to battle terrorists and similarly in Iraq and Yemen but it does not make it clear whether it considers Iran battling ISIS to be a positive or negative thing. Presumably, a positive thing.

The Report notes that Turkey has angst in respect of Russia and Iran because they are eroding Turkey’s leadership role in the region.

The Report noted Iran’s advanced tech capabilities such as in space launch vehicles. Interestingly, although the Report covers the risks of tech in relation to general risks, it avoids mentioning Iran’s significant lead in all things tech-related, in particular because it has the most highly educated STEM population.

Syrian Refugee Crisis & Global Insecurity

In Syria, the humanitarian situation continues to deteriorate. According to the Report, refugees are putting significant strain on countries around Syria and in the EU. Turkey, for example, has 2.2 million Syrian refugees. About 50% of Syria’s pre-conflict population is gone – 4 million are refugees and 6.5 million are IDP. The EU has 500,000 Syrian refugees and expects 1.5 million migrants to arrive in 2016.

The EU will face political, economic and security challenges from the refugee crisis and terrorist threats, as well as a slow economic recovery.

Lebanon is facing security threats from the civil war in Syria and faces security, political, economic and humanitarian challenges. The Syrian conflict has negatively impacted Lebanon in all aspects of life and is straining its political balance. Its most immediate threat is trying to keep ISIS terrorists out from the north and controlling Sunni extremist retaliation against the Hizbollah for intervening in Syria. There are more than 1.1 Sunni refugees from Syria in Lebanon which has “burdened the economy”. Regional tensions are growing as a result of Syrians entering Turkey, Jordan, Lebanon and the EU.

The US believes that there is a risk of the displaced refugee populations becoming violent extremists because of assimilation problems.

Funding for the refugee crisis continues to be a problem. In 2015, the UN received less than 50% of the money it said it needed. Increased refugee issues will mean that 2016 will be under-funded as well.

Insufficient capacity to respond to the refugee crisis and terrorists are contributing to global insecurity, and there is a real risk of waning support for human rights. In all, over 60 million people are IDPs or refugees, and half of them are children.

The refugee crisis will fuel an increase in human trafficking as refugees will be trafficked for sex, forced labour, debt bondage and will allow terrorist organizations and gangs to exploit the situation for revenues. Specifically, Boko Haram and ISIS are engaged in human trafficking and use this activity for terrorist financing.

Our most popular reads in 2015 in counter-terrorist financing and anti-money laundering

By Christine Duhaime | February 13th, 2016

What do people read on Duhaime’s Financial Crime site? 

Do you ever wonder what banks, law enforcement agencies and government agencies around the world are most interested in when it comes to financial crime (money laundering and counter-terrorist financing)?

Duhaime”s AML Law is quite widely read around the world. Every bank, financial institution, government agency, intelligence agency and other companies regularly read our articles and the most popular topics may surprise you. Here are some of our annual statistics for 2015:

Most popular story –> the story we wrote comparing how Chinese foreign nationals who move funds to Vancouver use a well-known money laundering technique called smurfing, which is similar to drug gangs. That article spawned numerous articles in the international media and brought the term “smurfing” out from use as a money laundering term into general use in the media.

2nd most popular story –> our story on HR158 involving the new US Visa Waiver Program Amendment restricting access to the US for foreign nationals or visitors who were in Iran, Iraq, Syria or Sudan. This story, which spawned a similar article in Quartz, resulted in humanitarian aid agencies and journalists taking up the issue of HR158 and had an impact in the Middle East, including in Iran.

3rd most popular story –> Our story on how China is hunting down assets and money launderers in Vancouver.

4th most popular story –> Our next most popular story was on the “Twitter Terrorist” and how ISIS engages social media to lure people to the caliphate, as well as a showcase of how ISIS uses social media. The story spawned numerous conference topics and further media attention to the story of how ISIS was using Twitter for terrorism.

Most popular search term –> The most popular search term on the site in 2015 was “HSBC” and the second was the author, Christine Duhaime. Next in line was “money and crime” followed by “what is terrorist financing?” In previous years, “money laundering” was the most searched term but it has dropped down the list. We had over 1,500 search terms entered in 2015.

Most visitors came from –> Canada, then the US, UK, India, Hong Kong, Australia, Singapore, Germany, Italy, France and then, surprisingly,  Iran. Most people from Iran visited us to read the story on HR158 as it relates to Iranians. Not surprisingly, the most read story in the US was also about HR158 but in Canada, the most popular story was about how Chinese foreign nationals move money to Vancouver by smurfing. Visitors from the UK came mostly to read about Iran and HR158. Russians who visited our site almost all went to learn about terrorist financing whereas people from China all went to read about money laundering.

Demographics –> Most of our readers were male between the ages of 25-34. The banks with the most visits were Bank of America, Bank of Montreal, TD Bank, Royal Bank, followed by global US banks. In terms of law enforcement agencies, American law enforcement visited our site more than any other country and they read mostly about ISIS.

Canada and the fake refugee passport issue

By Christine Duhaime | January 27th, 2016

Fake refugees — A crisis within a crisis

It seems to becoming clear that it is not reasonably possible to rely on the identity documents of any persons who claim Syrian or Iraqi refugee status from 2014 onwards, the time in which the Islamic State acquired the capacity to create authentic passports.

Since at least April 2015, the Islamic State has said that they will send their members back to the West with fake or no identity, pretending to be refugees so that they are admitted into the West. It’s no surprise, therefore, that this is happening. But for law enforcement, immigration officials and intelligence agencies to not be able to ascertain the real identity of certain persons from Iraq and Syria is a growing problem of international security.

Al Baghdadi’s wife and daughter moving to Turkey

The first known instance of a person with ties to the Islamic State who was a fake Syrian refugee, is al Baghdadi’s ex-wife, Saja al Dulaimi, who although an Iraqi foreign national, had a fake Syrian passport that she used to transit from Syria to Lebanon, allegedly to move money for the Islamic State with her children. In 2014, she lived in a Syrian refugee settlement in Lebanon, among Syrian refugees and humanitarian aid workers. In this story of her court martial in 2015 in Lebanon, she admits that she lied about being a Syrian refugee and used fake documents.

She was arrested by the Lebanese in December 2014, and although she is alleged to be a well-connected terrorist financier, and the former spouse of al Baghdadi, was released in a prisoner swap one year after being arrested in a Qatari-brokered deal. At the time of her release, it was reported that part of her deal gave her permission to move to Turkey with al Baghdadi’s child and to settle in Istanbul. Her brother is allegedly a member of al Nusra. Allegedly, $48 million was paid as part of her prisoner swap. The videos of her release from captivity  (there were two occasions) demonstrate the position of power she holds within the two groups (ISIS and al Nusra).

Some of the perpetrators of the Paris attacks used fake – real passports issued by ISIS to enter the EU. As Frontex head, Fabrice Leggeri, noted in this article, it is not possible for intelligence officials to detect whether a person is a fake refugee or a member of ISIS when they carry passports from areas controlled by ISIS.

Importantly, he also notes that in Syria, which has no effective government infrastructure in most parts, it is not possible to confirm the identity of anyone. Even if that was possible, the ID system in Syria is local, as opposed to central, so who will they call – ISIS?

Some agencies refer to the Iris scanning conducted by UNHCR as a way of confirming identity. As is evident in this video, the Iris scanning that is alleged to be capable of confirming ID of a refugee is an internal UNHCR scanning system to ensure that the person who appears for an interview is the person who registered with UNHCR – it does not confirm the actual identity of the person against government databases.

Canada is airlifting 25,000 Syrian refugees in an expedited process. Canada has said that it will take refugees mostly from Lebanon and Turkey for removal to Canada and UNHCR has said that those refugees will be processed only once they are in Canada. However, the government of Canada said here that it will be “confirming” the ID of refugees beforehand. There seem to be mixed messages as to where and when their identities will be confirmed and as against what database.

The end result may be that the US applies pressure on Canada in respect of refugees from certain areas because the risk is greater to the US than to Canada.

FinTech and Terrorist Financing – a major RegTech issue

By Christine Duhaime | January 27th, 2016

The news last month that the couple responsible for the San Bernadino shooting had received a P2P loan for $28,000 from an online lender, Prosper Marketplace, was cause for concern among financial crime regulators.

It was cause for concern because some financial regulators were of the view that a typology for terrorist financing is the liquidating of financial assets in the West in anticipation of a flight to the Middle East to join the jihadist movement. But that is not necessarily so. Would-be terrorists actually do the opposite – they borrow money to fund acts of terrorism, and sometimes make false welfare claims for money – but they do so usually only from what they view as unsympathetic (enemy) institutions, FinTechs or governments.

Other forms of FinTech besides P2P lending, have been used for terrorist financing – an American crowdfunding platform called GoFundMe was used by a Canadian man in Montreal to raise funds purportedly to free teenage girls held captive by ISIS in Iraq. GoFundMe shut down the campaign but only after $502,000 was paid by people around the world for the campaign who may not have realized that the law prohibits fundraising for terrorist groups, regardless of the reason. It is not known whether GoFundMe disbursed any money to the Montreal organization for terrorist financing.

Australian and French police have noted the increased use of store-value cards, lines of credit, small loans and credit cards by foreign fighters to fund terrorism. In Australia, regulators reported that cases of terrorist financing increased 300% in 2015, most of it from FinTech.

There is a growing problem of the lack of financial regulatory understanding on the part of FinTechs, which leads to failure of financial crime compliance, which in turn places the financial system at risk. Other RegTech issues include privacy law compliance and consumer protection.

The reality is that there is no FinTech in the world that comprehends the law of financial crime (whether it be anti-money laundering law, counter-terrorist financing, and sanctions) and therefore is capable of complying with it.

I often test this with FinTechs by asking any of them to explain how they conduct beneficial ownership due diligence for, lets say, a share pledge debt financed client or if they can tell me if Mei Wang Li is a politically exposed person, or if they can tell me whether one faxes the RCMP or CSIS in cases of the receipt of sanctioned funds in Canada. Try it — you will receive a blank look from every FinTech who believes that the acronym  “KYC” stand for anti-money laundering law and that they are compliant in respect thereof.

You can learn more about RegTech and FinTech at FinTech 2016 on April 14, 2016 in Vancouver.

New US law brands journalists and humanitarian aid workers as terrorist risk

By Christine Duhaime | January 9th, 2016

In this story in Quartz, we explore how a new US law, HR158, the Visa Waiver Program Improvement Amendment Act 2015, will result in journalists and humanitarian aid works, and many others being branded a terrorist risk for visiting Iraq, Syria, Iran and the Sudan, and how the new law will affect the ability of Iran to engage in trade with members of the EU.

“A new US law brands journalists and humanitarian aid workers as terrorist risk” –> Quartz article.

France’s top lawyer says there’s no reason to be optimistic on terrorism front

By Christine Duhaime | January 8th, 2016

Francois Molins, France’s top prosecutor, says that the risk of terrorism is becoming larger, more multi-faceted and complex. In this interview (en francais), Maitre Molins talks about the threat of terrorism in France and some of the investigation and prosecution challenges in respect of counter-terrorism.

No reason for optimism in terrorism

Mr. Molins said that there is no reason to be optimistic about the end of terrorism because the threat from ISIS is enlarging and multi-faceted and while it may be hard for people to hear that, the better policy is to be honest about the threat and to inform the public that this is a new phenomena that will last many years.

Risks to high profile politicians, lawyers, law enforcement

In the interview, Mr. Molins notes the risks from attacks by ISIS to high profile politicians, law enforcement, lawyers and judges and that is one area in which France is now taking into consideration in its counter-terrorism efforts.

Fake identity documents

In part of the interview, Mr. Molins discussed yesterday’s incident in Paris where a man wielding a knife and wearing a fake vest of explosives was killed by police. He said that the person remains unidentified but that he was in the country illegally with fake identity documents. The police recovered his smartphone and are attempted to crack it open for identity and affiliation purposes. Although the man claimed to be from Tunisia and later from Morocco, his smartphone had a chip from Germany.

He also talks about the prosecution of persons who are creating and trafficking fake identity documents for terrorists.

November 13 attacks involved fake refugees from Syria

With respect to the November 13, 2015 attacks in Paris, he says that they were planned, organized and coordinated from ISIS in Syria and involved ISIS teams in France and Belgium with the participation of persons who entered France from Greece through the Island of Leros, clarifying  that at least two people behind the November 13 attacks in Paris were fake refugees sent by ISIS (it has promised to send its people to the West guised as fake refugees to commit acts of terrorism).

Every terrorist has an encrypted smartphone

He notes that every ISIS terrorist has a smartphone which is vital to carrying out their activities that are locked and encrypted. Law enforcement is having difficulty unlocking terrorists’ encrypted smartphones when they cannot get the passwords to the phones. France is working with investigators  in New York, Spain and London on ways to decrypt smartphones for access to terrorists’ communications but the issue is the valuable loss of time that takes – time that could prevent further terrorist attacks. There are 8 smartphones belonging to terrorists that France still cannot unencrypt, leaving them “blind.”

 Counter-terrorism jurists

The interview is newsworthy, not just for the counter-terrorism content but also because it’s an important example of why France leads in counter-terrorism on many fronts globally, namely that unlike other countries, it has counter-terrorism specialists, including jurists and counter-terrorism judges, who work as a team with law enforcement in counter-terrorism efforts. The advantages, he explains, of having specialized terrorism judges in France for rapid, competent judicial responses, is explained here.

He also explains, in the interview, why it is necessary and desirable for the public prosecutor to speak to the media regularly to give information and balance and to ensure there remains confidence among the public with the counter-terrorism judicial and enforcement process.