Something
Old, Something New:
Money Laundering and Precious Metals
by John Bullock[1]
as
presented at the International Precious Metals Institute 27th Annual Conference,
16 June 2003
, San Juan
,
Puerto Rico
I.
INTRODUCTION
Precious metals have a long association with money – they have served
as official money, or as its unofficial practical equivalent, for millennia.
Indeed, many people would still say that precious metals are still the
only true money, a universally accepted medium of exchange with real underlying
value, not just the promise of a temporary government.
Precious
metals unfortunately have a similarly long association with crime – they have
been stolen for millennia, not just for their value, but also because they are
so transportable from the scene of the crime.
And because they are almost the equivalent of money, stolen precious
metals may be readily used within world financial systems, to make crime pay in
the real world.
The criminal associations of precious metals have recently come into a
higher level of government attention. The
terrorist attacks two years ago in New York and Washington have inspired a great
number of protective measures by the United States government, one of which is a
requirement that all “financial institutions” must have anti-money
laundering (AML) programs, to deter, detect and assist in prosecution of
money-laundering and terrorist finance.[2]
And one category of “financial institution” encompassed by that
requirement is at the heart of our industry – a “dealer in precious metals,
stones or jewels.”
The United States Treasury (Treasury) has issued proposed regulations
that will, when final later this year, require every “dealer in precious
metals, stones or jewels” to take certain specific actions to detect and
combat money laundering.[3]
Comments by regulated and interested parties have been received, and the
issue of a final regulation is imminent.[4]
Within a short period of time, many precious metals businesses will need
to create and implement an AML program, and will be subject to civil and
criminal penalties for a failure to do so.
This paper reviews the background of this new requirement, and its
proposed applicability, i.e. the proposed regulatory definition of a “dealer
in precious metals.”[5]
It then reviews what is likely to be
required. Likely, rather than
certain, not only because the AML Rule is not yet final, but also because
the content of an AML Program will necessarily vary from company to company, and
from transaction to transaction. Treasury
is going to give “dealers in precious metals” the flexibility, and the
responsibility, to decide how we can best detect and deter money laundering and
terrorist finance from abuse of our industry.
II.
BACKGROUND
Money laundering is the hiding of the proceeds of a crime within the
legitimate financial system, so that those criminal proceeds can later be
withdrawn and used for ordinary purposes, without revealing their true source.
Money laundering has been a target of law enforcement throughout the
world for decades. And within the
last decade, governments have found that international terrorists also use many
of the same techniques to finance their activities.
The money used to finance terrorism may not always be derived from crime,
but terrorists and their financiers want to make money available through the
legitimate financial system, while hiding its origins.
In 1970, the U.S. Congress enacted the Bank Secrecy Act (BSA), laying a
framework for national anti-money laundering efforts.
The BSA lists twenty-six types of “financial institution,” and
requires certain of them – most notably banks – to maintain records and file
reports regarding particular transactions that might be associated with money
laundering. At the same time,
Treasury was authorized to require any of the other listed financial
institutions to take similar measures, including a category described by
Congress as “dealers in precious metals, stones or jewels.”
Treasury did not initially use the full scope of authority granted by
Congress to regulate dealers in precious metals.
It decided instead to focus its resources upon banks and other depository
institutions that were more vulnerable, or more notorious, for use by criminals
to launder criminally derived assets. But
Treasury was not unaware of the association between precious metals and money
laundering. Precious metals have
been found in a number of money laundering and terrorist finance schemes.[6]
And as Treasury has recently said:
Precious
metals, precious stones, and jewels constitute easily
transportable,
highly concentrated forms of wealth. They serve as
international
mediums of exchange that can be converted into cash
anywhere
in the world. In addition, precious
metals, especially gold,
silver,
and platinum, have a ready, actively traded market, and can be
melted
and poured into various forms, thereby obliterating refinery
marks
and leaving them virtually untraceable. For these reasons,
precious
metals, precious stones, and jewels can be highly attractive
to
money launderers and other criminals, including those involved in
the
financing of terrorism.[7]
Two
years ago, Treasury was told by Congress to expand its reach.
The USA PATRIOT Act,[8]
in Section 352, directed Treasury to require every
“financial institution” to establish an AML program.
Treasury began to issue a series of new regulations encompassing the
twenty-six categories, and on
29 April 2002
it issued notice that it was
studying our industry and would soon propose regulations.[9]
On
21 February 2003
Treasury issued those regulations,
covering “dealers in precious metals, stones or jewels” (the “proposed AML
Rule”).[10]
That
rule is not yet final. In accordance
with the Administrative Procedure Act,[11]
Treasury requested comment upon its proposal from interested parties.
Twenty-nine comments were received and are now being considered by
Treasury. Final regulations are
being prepared, with publication in the Federal Register anticipated before the
end of this year.[12]
The
final AML Rule will not necessarily look exactly like the proposal, so this
paper can not set forth every final requirement.
But the proposed AML Rule, as well as direct contact with Treasury
officials, review of the twenty-nine comments, and examination of anti-money
laundering regulations for other types of financial institutions, provide strong
indications of what is likely be required.
These
strong indications are that Treasury is not going to issue a long list of
specific do’s and don'ts. This is
not going to be a rule with an exact formula or precise numerical limits.
Treasury recognizes that money laundering is not so simple as to be
captured in a short description or formula.
Treasury also recognizes the enormous diversity in the many businesses
that are encompassed by that seemingly simple phrase, “dealers in precious
metals, jewels or stones.” There
are enormous differences in size, complexity, products and business practices.
And so Treasury has given our industry extraordinary flexibility, and the
lion’s share of the hard work, to regulate ourselves, to discover our
vulnerabilities to money laundering, and to implement whatever steps that we
determine to be protective, steps that will detect and deter our abuse by
criminals and terrorists.
III.
APPLICABILITY OF THE AML RULE
Who will have to comply with the new AML Rule?
That is not yet certain. It
is the universal desire of businesses in the precious metals industry not to be
the victim, or an unwitting agent, of criminals.
We have too much at stake, for one thing, to deal in stolen property or
contract with people who we do not know to be trustworthy.
So an AML program is a logical step for anyone dealing with precious
metals. But it is also logical, and
sound business practice, to know what legal obligations we have.
Therefore the first step to ensure compliance with the new AML Rule will
be to determine if it is applicable. It
certainly may not be. In the view of
Treasury, not everyone who deals in precious metals is a “dealer in precious
metals.” But everyone who deals in
precious metals must study the regulation and make that first determination.
The real first step is to direct someone
within your business to look into this issue.
As a practical matter, that person should be someone who would, if
necessary, become the Compliance Officer for your anti-money laundering program,
i.e. someone with ability and expertise. You
may, of course, want the advice of an outside consultant or lawyer, but you
should, in any case, designate a person within your company who knows and
understands your business, and who is of relatively high management standing or
whose judgment is respected at that level. Because
if you are a “dealer in precious metals” required to have an AML program,
and subject to penalties for not having one, you need to know, and you do not
want to fail to make the correct threshold decision.
Your designated person then needs to compare your company to Treasury’s
view of a “dealer in precious metals.” That
view has several facets, a few twists and turns, and, for the moment, some
ambiguity. Treasury first proposes
to define a “dealer in precious metals” as, in a straightforward way, “a
person engaged in the business of purchasing and selling .. precious metals ..
or jewelry composed of .. precious metals.”[13]
But the proposed AML Rule then defines precious metals in a way that is
not exactly how our industry would do it, and some precious metal businesses
will find that they are not within the scope of the Treasury definition.
Treasury proposes, for purposes of the AML Rule, to define “precious
metal” as gold, silver and the platinum group metals,[14]
or any alloy of these metals – at
a threshold purity of 500 parts per thousand.[15]
Treasury received one comment suggesting that the threshold purity should
be lower, noting that ten karat gold jewelry, at 417 parts per thousand, might
be used for money laundering but would be outside of the definition.[16]
So the final AML Rule might change somewhat.
But Treasury clearly intends to exclude materials of low value, materials
that are not likely to be candidates for money laundering and terrorist finance.
The proposed definition obviously encompasses good delivery bullion and
other forms of pure metal, as well as precious metal coins, and 14 karat
jewelry, but it excludes all transactions that the industry describes as “low
grade” or “low value.” Treasury
will almost certainly retain this distinction, either at .500 or 400.
Materials such as jewelry rags and wipes, petroleum catalyst, electronic
circuit boards, and many others, are not going to be “precious metals” for
purposes of the proposed Treasury regulations.
So if you deal only with such “low
grade” or “low value” materials, you are not going to be a “dealer in
precious metals” within the within the view and regulation of Treasury.
Now for a point of
ambiguity. Are you similarly
excluded if you purchase “precious metals” but don’t sell them?
Or, conversely, what if you sell “precious metals,” but don’t
purchase them? Note that the initial
part of the definition of a “dealer in precious metals” is someone who is
“purchasing and
selling.” So it would seem that a
“dealer” has to do both. A gold
mine, for example, does not purchase gold. It
extracts gold from ore. So it is a
seller of precious metals, but not a purchaser.
Is it a dealer? As another
example, a smelter/refiner might only purchase electronic circuit boards, which
are low grade materials and not “precious metals” under the AML Rule.
It sells the extracted and refined gold.
So, like a mine, it too is a seller of “precious metal,” but not a
purchaser. Is it a dealer?
The proposed AML
Rule is not clear on this point, and Treasury should provide clarification when
the final rule is published. But for
now it should be noted that Treasury has made a broad “determination that all
segments of the industry are vulnerable to money laundering and terrorist
financing. Thus, the anti-money laundering requirement contained in the proposed
rule covers entities including manufacturers, refiners, wholesalers, retailers,
and any other entity engaged in the business of purchasing and selling jewels,
precious metals, precious stones, or jewelry.”
Furthermore it has
should be noted that Treasury has proposed to exclude manufacturers who purchase
“precious metals” for fabrication in minor amounts in other kinds of
products, such as electronic circuit boards, or photographic film.
Because their products are low grade precious metal-bearing materials,
these manufacturers do not sell “precious metals” within the meaning of the
proposed AML Rule. If the Rule
itself was intended to exclude them from definition as a dealer, there would be
no need for Treasury to provide a special manufacturing exclusion within the
rule. Thus the manufacturing
exclusion may show the intent of Treasury to deem any business that either
purchases or sells “precious metals” to be a dealer.
And this
“either-or” interpretation is reinforced by the next part of the definition
– the small business exclusion. Even
if you purchase and sell high grade precious metals, you will still not be a
“dealer in precious metals” if you have not, in the prior year, “(A) [p]urchased
more than $50,000 in .. precious metals, .. or (B) [r]eceived more than $50,000
in gross proceeds from transactions in .. precious metals.”
Note that the conjunction in that sentence is “or”
– a dealer is a person who “purchased .. or .. received”
more than $50,000 worth of precious metals.
Hopefully this
point will be clear when the final AML Rule is published.
For now, the most literal interpretation of the two parts of the
definition, applied together, is that you must both
purchase and sell some
amount of “precious metals,” and either
your purchases or
your sales of “precious metals” must exceed $50,000, before you will be
deemed to be a “dealer in precious metals.”
If
your business comes within that definition, there are two proposed exclusions
that should also be examined before you finally conclude that you will be
subject to the AML Rule. First,
there is a qualified exception for a “retailer” – a person who purchases
“precious metals” from “dealers,”[17]
and who then sells precious metals at retail to the public.
The rationale for this exception is that there is substantially less risk
that a retailer who purchases goods from dealers who implement their own AML
programs covering those purchase transactions will be abused by money
launderers.[18]
The second proposed exception, mentioned above, is for manufacturers of
fabricated goods with minor precious metal content, such as photographic film or
computers. Treasury believes that,
while these manufacturers may purchase quite substantial amounts of precious
metal, they are not at any substantial risk of being abused by money launderers
or for terrorist finance.
So, to sum up, as best as can be done for the moment, on the first issue
of the proposed AML Rule – its applicability – Treasury deems you to be a
“dealer in precious metals” who must have an AML Program if:
·
You are in the business of purchasing and selling “precious
metals” of .500 or higher purity;
·
You purchase or sell more than $50,000 per
year of those “precious metals;”
·
You are not a qualified retail seller buying
almost exclusively from “dealers;” and
·
You are not a manufacturer of fabricated
goods with minor precious metal content.
Once
again, as a caveat, the definition may change in the final AML Rule, and while
you should be aware of what may be required, some of you may want to wait before
making large compliance expenditures. But
in any case, in going through this list of qualifications, or the final list,
you will probably want to take a cautious approach before excluding yourself
from the regulation. And you will
want to document such a decision, describing the relevant facts and your
reasoning as applied to those facts. The
USA PATRIOT Act carries substantial criminal and civil penalties for
non-compliance.[19]
You will certainly want to be sure that, if you decide not to have
an AML program, you are not subsequently deemed by Treasury, or a court, to be a
“dealer in precious metals.”
IV.
AML OBLIGATIONS OF DEALERS IN PRECIOUS METALS
If you have determined that you are a “dealer in precious metals,”
what are you now required to do? In
the broadest terms, the proposed AML Rule requires that a dealer in precious
metals must “develop and implement a written anti-money laundering program reasonably
designed to prevent the dealer from being used to facilitate money
laundering and the financing of terrorist activities.”[20]
The requirement of an AML Program comes from Congress in the USA PATRIOT
Act, Section 352, and it will not change in Treasury’s final AML Rule.
Expanding on the broad requirement of an AML program, Treasury then sets
forth four general obligations for such a program.[21]
An AML program must include, at a
minimum:
(A) development of internal policies, procedures, and controls;
(B) designation of a compliance officer;
(C) an ongoing employee training program; and
(D) an independent audit function to test programs.
Again,
these four obligations are part of the USA PATRIOT Act, Section 352, and they
will not change in the final rule. Each
of these general obligations requires explanation in greater detail.
It
should be noted at this point that the proposed AML Rule does not refer, in
setting forth this requirement, to “precious metal” with its definition of
.500 assay as a limit to its scope. If you are a “dealer in precious metals”
because you purchase and sell high grade materials within that definition, your
AML obligations will apparently not be limited to those high grade transactions.
You will be required to develop and implement a program that encompasses
all of your transactions, at least those that involve some precious metal.
As set forth below, pursuant to an assessment of your business and its
vulnerabilities, you may determine that some or all of your transactions
involving low value materials – below .500 assay – are not vulnerable, and
need no special attention. But the
proposed AML Rule does not automatically exclude any transaction of a “dealer
in precious metals” from consideration. And
as a practical matter, basic AML Program steps such as good customer
identification are sound business practices for all of your transactions, and
their broad incorporation into an AML program should not be an undue burden.
Designation
of a Compliance Officer
As
a practical matter, you should start with obligation (B) – designate a
Compliance Officer. This person will
then follow through with the development and implementation of your AML Program.
The proposed regulation expressly provides that the Compliance Officer
“will be responsible for ensuring that:
(i)
The anti-money laundering program is implemented effectively;
(ii)
The anti-money laundering program is updated as necessary to reflect changes in
the risk assessment, current requirements of this part, and further guidance
issued by the Department of the Treasury; and
(iii)
Appropriate personnel are trained.[22]
As set forth above, and as that list of
duties should make clear, the Compliance Officer should be a person who
understands your company and your business, and who is of relatively high
management standing or whose judgment is respected at that level.
Depending upon the size and complexity of your business,
it may be necessary to establish an AML Committee, with delegation of some asks.
It may also be necessary to provide staff assistance to the Compliance
Officer. And as a practical matter,
whatever the size of your business, unless the Compliance Officer is good at
documentation, it may be wise to provide the assistance of someone with that
skill. An AML program must be a
written document,[23]
actually a collection of written documents.
The steps you take in creating an AML program should also be documented,
so that, for example, the reasons why you made a decision to take a certain
action, or not to take a certain action, will be on paper, ready for Treasury to
review. Implementation and training
will involve substantial documentation. Not
all persons with experience, expertise and management responsibility are also
good at documenting what they do, so it is worthwhile seeing to satisfaction of
that requirement at the outset of the project.
It
is worthwhile to next ensure that there is documented senior management support
for the Compliance Officer. This is
a specific requirement of the proposed regulations,[24]
and is unlikely to change. Treasury
explains in the preamble to the proposed AML Rule that such support must be in
writing, and that it considers “senior management” to mean the owner or
majority partners, or the board of directors, or an authorized committee.[25]
Furthermore, a one-time board resolution should not be the end of senior
management involvement and participation. Senior
management should expect reports from the Compliance
Officer, perhaps to a member of the Board of Directors but in any case to a high
level executive officer. This senior
officer or director should, in turn, work with the Compliance Officer to
communicate with company employees on AML issues and to further demonstrate the
company’s commitment to AML Rule compliance.
Development
of Internal Policies, Procedures, and Controls;
After
your Compliance Officer has been selected, and has been given appropriate
authority and support, the other three general obligations can be started.
The first listed obligation is to develop internal policies, procedures
and controls. But there is a
mandatory preliminary step to that – a self assessment to determine what those
policies, procedures and controls will be.[26]
This highlights the key factor in Treasury’s thinking
and planning – that the multitude of varied businesses that are “dealers in
precious metals” will find their own vulnerabilities, and then will find their
own solutions. This approach
to USA PATRIOT Act compliance is not likely to change when Treasury issues its
final AML Rule.
Self-Assessment
Every precious metal company is unique, and there is no
single, universal set of “policies, procedures and controls” that will
perfectly fit every regulated dealer in precious metals.
Your “policies, procedures and controls” must be made to fit your
business, starting with a risk assessment specific to your business.
You must evaluate your business practices to determine where they might
be vulnerable to use in money-laundering or terrorist finance.
How do you do that?
Essentially, by looking for types of transactions that might be used by
criminals, to which you might have to pay extra attention.
In looking for such transactions, keep in mind that “money
laundering” is the hiding of the proceeds of a
crime within the legitimate financial system, so that those criminal proceeds
can later be withdrawn and used for ordinary purposes, without revealing their
true source. That requires obscuring
or hiding the identity of the persons putting assets into your business and of
the persons taking them out. Your
assessment will be looking for types of precious metal transactions that might
accomplish that.
With that in mind, you should then review some
considerations that Treasury, in the proposed AML Rule, dictates in a risk
assessment:
(A) The
type(s) of products the dealer buys and sells, as well as the nature of the
dealer's customers, suppliers, distribution channels, and geographic locations;
(B)
The extent to which the
dealer engages in transactions other than with established customers or sources
of supply; and
(C)
Whether the dealer
engages in transactions for which payment or account reconciliation is routed to
or from accounts located in jurisdictions that have been identified by the
Department of State as a sponsor of international terrorism under 22 U.S.C.
2371; designated as non-cooperative with international anti-money laundering
principles or procedures by an intergovernmental group or organization of which
the United States is a member and with which designation the United States
representative or organization concurs; or designated by the Secretary of the
Treasury pursuant to 31 U.S.C. 5318A as warranting special measures due to money
laundering concerns.[27]
Those considerations require expansion and
explanation in greater detail, and it is easiest to take them in reverse order.
Consideration (C) requires, essentially, that you check any foreign
countries that are involved in a transaction against three lists of designated
“bad” countries:
·
Sponsors of international terrorism,
·
Non-cooperative with international
anti-money laundering efforts, or
·
Warranting special anti-money laundering
measures.
The jurisdictions that are currently designated as sponsors of
international terrorism by the U.S. Department of State are
Cuba
,
Iran
,
Iraq
,
Libya
,
North Korea
,
Syria
, and
Sudan
.[28]
The proposed Treasury regulation does not prohibit you from dealing with
a customer located or dealing in one of these jurisdictions, but your AML
Program should require additional scrutiny of any transaction involving these
countries. And it should require
that you maintain a current awareness of new designations.
The jurisdictions that are currently designated as non-cooperative by the
Financial Affairs Task Force (FATF), an international organization of
twenty-nine countries concerned with money laundering, are Cook
Islands, Egypt, Guatemala, Indonesia, Myanmar, Nauru, Nigeria, Philippines, St.
Vincent and the Grenadines, and
Ukraine
.[29]
Again, the proposed Treasury regulation does not prohibit you from
dealing with a customer in one of these jurisdictions, but your AML program
should require additional scrutiny of any transaction, and should require that
you maintain a current awareness of new designations.
The only jurisdiction currently designated by
Treasury as warranting special measures due to money laundering concerns is
Nauru
, an island in the
Pacific Ocean
.[30]
The special measures actually imposed by Treasury are limited to a
prohibition of maintaining a correspondent account with a financial institution
licensed by
Nauru
, and a precious metals transaction will probably not involve such an account.
But the designation of
Nauru
alone triggers your AML obligations. As
with the other classifications of “bad” countries, the proposed AML Rule
does not prohibit you from dealing with a customer in
Nauru
, but your AML program should require additional scrutiny of any transaction,
and a current awareness of new designations.
Consideration (B) requires, essentially, that you look at how your
business engages with new customers. The
assumption by Treasury is that your regular, established customers, especially
long-established customers, are already known to you, and, more important, are
known to be in legitimate precious metals businesses.
That isn’t to say that long-established customers may not engage in
money laundering, or be victimized by money launderers, and it does not remove
such customers from the scope of your AML Program.
But this consideration effectively directs you to focus first upon new
customers, those that you do not know, and to recognize that transactions with
new, one-time customers may be particularly vulnerable to attempts at
money-laundering. But you should
then definitely go back to look at established customers, with the same point of
view.
Consideration
(A) broadly requires that you look at your customers and transactions for types
that may suggest vulnerability. This
is not a direction that any type of customer or transaction is prohibited, but
is intended to focus your attention. The
specific assessment considerations listed in the proposed regulation –
“type(s) of products the dealer buys and sells, as well as the nature of the
dealer's customers, suppliers, distribution channels, and geographic
locations” – require expansion and explanation in greater detail.
·
“The type(s) of products the dealer buys and sells” - Recall
the points made by Treasury about the use of precious metals in money laundering
– precious meals are “transportable, highly concentrated forms of wealth ...
international mediums of exchange that can be converted into cash anywhere in
the world … [with] a ready, actively traded market … [that] can be melted
and poured into various forms … virtually untraceable.”
So a precious metal transaction involving higher metal value, with little
or no design or fabrication value, in small, readily negotiable forms, would
seem to be vulnerable. Thus a
transaction in government-issued gold coins, or in gold grain, for example,
should be considered vulnerable, and should require AML attention.
A refiner’s purchase of karat gold jewelry scrap for refining should
seem to be vulnerable, and quick settlement, or a substantial advance, would add
to that risk. A refiner’s purchase
of silver flake from photo developing would seem to be less vulnerable.
It would not be excluded from your AML Program, but would probably not
require additional attention.
·
“the nature of the dealer’s customers” – An established
business, reasonably known to use or deal with precious metals for legitimate
purposes, is less likely to be laundering criminal proceeds through its precious
metal transactions. A precious metal
transaction with, say, a bullion bank, or a jewelry manufacturing company, is
less vulnerable than a transaction with an individual, particularly one who is
unknown and with no apparent business affiliation.
·
“the nature of the dealer’s suppliers” – Acquisition of
precious metal scrap refining lots from jewelry manufacturers, for example,
should be less vulnerable than acquisition of similar refining lots from
unaffiliated collectors.
·
“the nature of the dealer’s distribution channels” –
Distribution of precious metals directly to local, established jewelry
manufacturers, or of good delivery bars to repositories for precious metal
exchanges, would be less vulnerable than distribution to individuals.
Distribution at long distances and n foreign jurisdictions, where
legitimate purposes may be difficult to establish, may require more attention.
·
“the nature of the dealer’s geographic locations” – There
are no areas that are immune from money laundering, but there are areas where
money laundering is more prevalent. A
refiner’s office in
Columbia
may require greater attention to
potential money laundering. And
within the
United States
,
Miami
, for example, was once known as a center for laundering of drug proceeds
through banks.
Los Angeles
and
New York City
have been locations of precious metal money laundering schemes.
Locations that are suspect will change from time to time.
Buffalo
,
New York
, was for a time a major import location for precious metals, and those imports
were suspect.
While not expressed by Treasury in the proposed AML
Rule, there are other considerations that might be made within the precious
metals industry:
·
the value of a transaction – Individual, isolated small
transactions are less likely to be used for money laundering.
But money launderers will structure their activities into many small
transactions, hoping to keep below visibility thresholds, and you will need
not just to be aware of the possibility of such structuring, but to
specifically look for it as a sign of possible money launderiing.
the use of currency – A purchase or sale of precious metal with anonymous
currency, or with other monetary instrument that does not adequately identify
the offering party, is vulnerable. There
is undoubtedly a certain safe threshold for such purchases, below which the use
of cash is not an issue, but attention to structuring of such small purchases
will be necessary. In general, if
you engage in any transactions using currency, these transactions should be
deemed vulnerable.[31]
·
payments or returns to persons other than the owner – If one
person delivers precious metal for refining, and asserts ownership of the metal
and authority to sell it, but directs that payment be made to another person,
that transaction is vulnerable. The
“dealer in precious metal” is being used to transfer an asset not only from
one form into another, i.e. unrefined gold to refined gold or money within the
international finance system, but also from one person to another.
·
precious metal pool accounts – Precious metal pool accounts are
maintained by a small number of large and sophisticated precious metal
companies, and have world-wide scope. They
receive and hold precious metal credits for a customer, and can be drawn on by
that customer for return of that precious metal, or for sale and return of
monetary proceeds, or for delivery of precious metal to another person.
A refining customer in one country can deliver gold scrap for refining,
establish a gold credit in the refiner’s pool account system, and subsequently
have delivery made by the refiner to another person, based upon that credit.
That type of transaction is vulnerable, and requires additional
attention.
It should be
emphasized that a vulnerable transaction is not a prohibited transaction.
It is a transaction that requires additional attention, such as
additional verification of a customer’s identity, or determination of who is
the real or beneficial owner of a customer, or where a customer’s money or
gold really come from. The level of
your attention will increase with the level of vulnerability that you find.
And that attention may, of course, lead you to reject a customer or
transaction, but it may not. That
decision comes not in the initial risk assessment, but later in the operation of
your AML Program. Read on.
Internal Policies, Procedures, and Controls
After
you have assessed your business operations for vulnerability to money
laundering, you must then establish the “internal policies, procedures and
controls” that the USA PATRIOT Act and AML Rule require.
To
start, your AML Program should contain a written statement, general in nature,
that it is your policy to prohibit the use of your services for money laundering
and terrorist finance, and that full management support will be given for all
efforts necessary to deter and prevent any such acts.
You should then establish specific written procedures that address five
activities:
·
identification and
verification of customers;
·
monitoring
of customer activities;
·
compliance
with BSA requirements;
·
detecting
and responding to red flags; and
·
responding
to Treasury or other regulatory requests for AML information;
These
procedures should designate the positions or persons responsible for carrying
them out, e.g. inside account representative; indicate when and how frequently
they must be performed, e.g. upon initiation of an account, and annually
thereafter; and state how they should be documented, e.g. a form, copies of
relevant documents, etc.
Procedure for Identification and
Verification of Customers
The key to your AML program will be your knowledge of your customers,
primarily who they are, but also, where appropriate, what they do and what are
their interests in precious metals. A
know-your-customer policy is already common within the precious metals industry,
because every business dealing in precious metals needs be sure that it is
dealing with a lawful owner and is acquiring good title to precious metals that
it purchases. A customer
identification procedure (CIP) that you will institute for compliance with the
new AML Rule should be consistent with your existing practices – although it
may require greater formality, detail, and documentation.
Your CIP should, at the basic level, provide standard operating
procedures for:
·
identifying and
verifying the identity of a potential customer;
·
creating
and maintaining records.
The
kinds of identifying information that you should receive from a customer, and
should record, include:
·
customer name,
·
date
of birth (if the customer is a natural person),
·
address
(both mailing and street addresses) of a place of business, and
·
a
government-issued identification number, e.g., social security number or
employer identification number, or an alien identification card number, or a
passport number.
For
a corporation
or partnership, you will need:
·
address (both mailing
and street address) of a principal place of business, and
·
names
of any persons who will be authorized to transact business on its behalf.
Your CIP should require that this information be verified from
trustworthy sources - for persons by original government-issued photo-ID
documents, such as a driver’s
license or passport, and for a corporation or partnership by articles of incorporation, a
government-issued business license, or a partnership agreement.
Your CIP should also describe additional steps that should be taken
when the customer identity and proposed transaction fall into a higher
vulnerability category. That is,
these additional steps will be triggered by your self-assessment for
vulnerability, which should result in two or more tiers of risk.
Your business may identify a basic level of customer and transaction with
very little risk, and a second level for customers associated with higher risk.
A bank, for example, considers all transactions with lawyers to involve
higher risk of money laundering. Again
depending on your vulnerability assessment, you might a have a third tier of
risk for transactions involving certain countries.
Each vulnerability tier should then include ways that
you may use to further identify and verify a potential customer.
For example, even in routine customer accounts, even if you have received
original documents, you might check them for consistency of information.
Do all of the documents contain the same name, street address, ZIP code,
telephone number, date of birth, and social security number? You
can check further for internal consistency, such as whether postal zip code and
telephone area code conform to the same location.
You might contact a customer by mail or telephone to assure the accuracy
of contact information. A second
tier, with a higher level of vulnerability, might lead you to obtain a bank
statement, or check against fraud and bad check databases, or obtain a report
from a credit bureau or other business information database.
A criminal background check may be appropriate.
You might visit a customer’s place of business, both to see if the
address is correct, and to see if it is commensurate with the customer’s
assertions of type and volume of business. It
may be necessary in a high risk tier to determine the beneficial owner of a
customer, i.e. who is the real person behind the prospective named customer.
It may be necessary to inquire, and check, on the real source of funds
that will be used in a transaction. In
all of these cases, the level of scrutiny that your CIP will require will depend
on the vulnerability or risk that you have determined in your self-assessment.
And, in all of these cases, at any level, if there are discrepancies, you
will need to inquire if there are rational explanations.
As a part of your AML Program CIP, you should also check government lists
for persons and circumstances that would raise suspicion.
Some of these lists have been referred to above, i.e. the designated
“bad” countries that are sponsors of international terrorism,
non-cooperative with international anti-money laundering efforts, or warranting
special anti-money laundering measures. There
are also lists of individuals with whom you should be wary, such as the list of “Terrorists”
or “Specially Designated Nationals and Blocked Persons” (SDN List),
maintained by Treasury’s Office of Foreign Assets Control (OFAC).
The proposed AML Rule for “dealers in precious metals” does not
require checking such lists, but you should do so.
While there is not yet a consolidated collection of such lists, there are
commercial services that will facilitate an internet search through many of
them. The
Treasury OFAC SDN list is available on the internet at www.treas.gov/offices/enforcement/ofac/sdn/index.html.
It is a long list, currently 101 pages in .pdf file format, but it is in
alphabetic order and is machine searchable.
Treasury will provide notices of changes by email or fax.
All of these CIP steps should be completed at the beginning of the
business relationship with a prospective new customer, or within a relatively
short time period thereafter (e.g., within five business days). They
should not be postponed until you detect a red flag in an ongoing customer
transaction. You should consider,
depending on the nature of a proposed transaction, not performing any work, or
making any payment, prior to completion of these procedures.
For your existing customers, you should continue performing work in the
ordinary course, but you should obtain the same kind of identification and
business information within a reasonable amount of time.
Your AML Program CIP must
provide for creation of records showing the steps that you have taken to
identify and verify a customer, and retention of all of the information,
including copies of all documents and reports that are used in identifying and
verifying a customer, and notes of the
absence of information where it was requested but was unavailable or denied.
You should include notes and internal records that describe how you
resolved problems. These records
must be kept for five years.
Procedure
for Monitoring of Customer Activitie
Your
CIP should provide a procedure for an initial inquiry about a potential
customer’s type of business and use of precious metals, and likely precious
metal transactions. You are almost
certainly doing this in an informal way, as a sales and marketing tool for
evaluation of the customer, to set pricing for transactions by metal, size and
required processes, and to assist planning the allocation of your resources.
This sales and marketing process should be incorporated into your AML
Program, with appropriate record-keeping, and a schedule for follow-up
monitoring of actual transactions. You
will need this information to check for significant deviations, which might be
red flags.
Procedure for Compliance with Bank
Secrecy Act Requirements
Your AML Program must include compliance with the Bank Secrecy Act.
All financial institutions, indeed all persons engaged in a trade or
business, have long been required to report a transaction in which they have
received more than $10,000 in cash, money orders, travelers’ checks,
cashiers’ checks or bank checks. This
requirement can not be easily overlooked or evaded by making a number of smaller
transactions, or receiving a number of smaller payments.
The requirement specifically includes the cumulative receipt of more than
$10,000 in multiple smaller payments at different times as much as one year
apart. And it similarly includes
multiple “related transactions,” automatically if they are within 24 hours,
or over any time period when you have “reason to know” that the multiple
transactions are related. Such
structured methods of payment may be indicative of money laundering, and must be
reported as if one transaction with a single payment had been made.
These reports must be made to both IRS and FinCEN using IRS/FinCEN Form
8300.[32]
Procedure
for Detecting and Responding to Red Flags
Closely
related to ongoing monitoring of customer transactions is a required AML Program
procedure to detect red flags. A red
flag can be anything that occurs in a customer relationship that raises
suspicion, or just doesn’t make sense. On
this point the proposed AML Rule provides specific direction as to what Treasury
considers to be red flags:
Factors
that may indicate a transaction is designed to involve use of the dealer to
facilitate money laundering or terrorist financing include, but are not limited
to:
(A) Unusual payment methods, such as the use of
large amounts of cash, multiple or sequentially numbered money orders,
traveler's checks, or cashier's checks, or payment from third-parties;
(B) Unwillingness by a customer or supplier to
provide complete or accurate contact information, financial references, or
business affiliations;
(C) Attempts by a customer or supplier to maintain
a high degree of secrecy with respect to the transaction, such as a request that
normal business records not be kept;
(D) Purchases or sales that are unusual for the
particular customer or supplier, or type of customer or supplier; and
(E) Purchases or sales that are not in conformity
with standard industry practice.[33]
These, and other considerations that you may
find appropriate, should be part of a written procedure in your AML Program, to
be checked in a review of a potential customer or ongoing transactions.
That procedure must then address what is to be done when a red flag has
been detected. On this point,
Treasury is very serious, and you must be as well.
If you find a red flag, you must take action.
As Treasury puts it, “a dealer's program must incorporate procedures
for making reasonable inquiries to determine whether a transaction involves
money laundering or terrorist financing. A
dealer that identifies indicators that a transaction may involve money
laundering or terrorist financing should take reasonable steps to determine
whether its suspicions are justified and respond accordingly, including refusing
to enter into, or complete, a transaction that appears designed to further
illegal activity.”[34]
Treasury’s seriousness is particularly indicated by the following
footnote, which is repeated here in full:
“18 U.S.C. 1956
and 1957 make it a crime for any person, including an individual or company, to
engage knowingly in a financial transaction with the proceeds from any of a long
list of crimes or types of ``specific unlawful activity.'' Although the standard
of knowledge required is “actual knowledge,” actual knowledge includes
“willful blindness.” Thus, a
person could be deemed to have knowledge that proceeds were derived from illegal
activity if he or she ignored “red flags” that indicated illegality. See,
e.g.,
U.S.
v. Finkelstein, 229 F.3d 90 (2nd Cir. 2000) (owner of jewelry/precious metals
business convicted for participation in money laundering scheme; sentence
enhancement based on willful blindness of certain funds received derived from
narcotics trafficking).”[35]
That does not mean that every discrepancy in
a customer’s record or response is an indication of criminal activity that
will effectively bar a transaction.[36]
Many red flags can be resolved by follow-up questions.
It does mean, however, that your AML Procedure must include procedures
for filling information gaps and following up on discrepancies.
And it must provide that, when the circumstances reasonably dictate, the
business relationship between dealer and customer must end.
Procedure
for Responding to Treasury and Requests for AML Information
One
other response to a red flag might be a report to Treasury, more specifically to
its Financial Crimes Enforcement Unit (FinCEN), giving customer identity and
transaction details to law enforcement. Treasury
has not proposed to require that dealers in precious metals report suspicious
activity. But it has expressly
encouraged dealers “to adopt procedures for voluntarily filing Suspicious
Activity Reports with FinCEN and for reporting suspected terrorist activities to
FinCEN” using its Financial Institutions Hotline (1-866-556-3974).[37]
While the telephone hotline for suspected terrorist activity is available
now, you may want to wait at least until the final AML Rule is issued before
attempting to file written Suspicious Activity Reports (SARs) with FinCEN.
There has been no elaboration or advice by Treasury of forms to use or
procedures to follow for such reports. When
that information is available, your AML Program can incorporate it into a
procedure for such a report, while also, in particular, designating who will do
so, upon what circumstances, after what internal consultations.
As you no doubt recognize, reporting a person to a law enforcement agency
is a serious matter, and requires caution. Your
procedure for reports must provide for their confidentiality, and the
maintenance of records of SARs for a five-year period. To
assure the confidentiality of those records, they should be maintained apart
from other books and records of the company. You will be prohibited from
notifying any person, other than law enforcement agencies or securities
regulators, that a suspected transaction has been reported.
And you will be required to deny any outside requests for information
about such a report, including any subpoena requests, and must inform FinCEN of
any subpoena received.
The same person who is designated to report suspicious transactions
should also be designated to respond to enforcement authorities, and your AML
Program should establish procedures for prompt response.
Some of those requests will be straightforward, such as whether you have
done business with a particular person or business entity, and you should be
prepared to respond promptly with identifying and transaction information,
including by e-mail or telephone. Your
AML Program itself must be made available to Treasury upon its request.[38]
Reporting
to persons other than Treasury or other law enforcement agencies will be
prohibited in most cases, or at least problematical.
The precious metal industry has a long tradition of sharing information
about thefts of metal from a customer or refiner that might appear for sale at
another.[39]
That activity can continue. You
may also want to exchange AML information, however, with other “dealers in
precious metals” about specific persons or proposed transactions that might be
suspicious. You should be very
careful in doing so, under very strict procedures, limited to other financial
institutions, while protecting the confidentiality of such information.
Section 314 of the USA PATRIOT Act authorizes and protects sharing of
certain information, for very limited purposes, between and among financial
institutions, but it is important to remember that not all dealers in precious
metal are “dealers in precious metal” and financial institutions under the
BSA, and thus the transmission and receipt of information may not be fully
protected. It would be wise to wait
until the precious metals industry adapts to AML regulation before sharing
sensitive and confidential information within the industry.
Establish
an Ongoing Training Program
The
proposed AML Rule requires that you provide on-going education and training to
appropriate employees. AML employee
training will, of course, follow your AML Program, and thus will vary based on
the type of company and your size, customer base, and resources. Training
will differ from employee to employee, depending upon duties, and you should
consider providing an overview to every employee, so that any customer contact
or process circumstances will be covered. A
loading dock supervisor, for example, might have no assigned customer contact
responsibilities, but might be a first line of defense, because he or she might
be the first observer of suspicious circumstances regarding an incoming
material.
Appropriate
topics for an anti-money laundering program include, but are not limited to:
·
overview of money
laundering and precious metals;
·
overview
of the Bank Secrecy Act and its requirements
·
overview
of the company’s AML program;
·
what
each employee’s role is in the company’s program;
·
how
to perform their roles;
·
how
to identify red flags;
·
what
to do when a red flag is identified; and
·
the
company’s AML record retention policy.
It
should be emphasized in your training that the adverse consequences to your
company, if it is deemed to have participated in a money-laundering scheme, can
be severe. Indeed, even if your
company is found to have no liability for such participation, the notoriety of
an accusation of an association with money laundering can have adverse business
consequences. Therefore your
training should convey the importance of your AML Program, and the possibility
of disciplinary action against employees who do not fulfill their assigned
responsibilities.
It
might also be pointed out in training that the failure of an employee to fulfill
duties assigned by your AML Program could indicate the participation of that
employee in a money laundering scheme. Your
employees should be assured that they can report
suspected violations of the AML Program procedures and policies to management,
confidentially, and without fear of retaliation.
This
training should be promptly given to new employees, and should be refreshed from
time-to-time, particularly as company vulnerabilities or legal circumstances
change. This training should also be
recorded, as to content, recipients, and date.
And your training program should be evaluated as part of the AML audit.
Establish
an Independent Audit Function
In addition to the supervisory responsibility assigned to your Compliance
Officer, you must also have an independent audit function, to review and assess
the adequacy of and level of compliance with the company’s AML Program. You
can assign this task to an employee, but it can not be the Compliance Officer or
any employee involved in operation of your AML Program.
You can also, of course, use an outside auditor.
The scope and frequency of an audit are not specified in the proposed AML
Rule. Like your AML Program itself,
your audit schedule may vary with the vulnerabilities found in your risk
assessment.[40]
As a practical matter, you should not let your AML Program go more than a
year after its initial creation before it is independently evaluated.
The auditor’s report should be made to senior management, or to a
director to whom the Compliance Officer reports.
You should then ensure that the auditor’s recommendations are given
consideration, and that corrective action is taken as the case may warrant.
V.
CONCLUSION
The long relationship among