Wolfsberg Frequently Asked Questions (“FAQs”) on Selected Anti-Money Laundering Issues in the Context of Investment and Commercial Banking
Preamble
The Wolfsberg Group of International Financial Institutions (the “Wolfsberg Group”)1 has published global anti-money laundering (“AML”) guidance, statements and principles with regard to private banking, correspondent banking, terrorist financing, monitoring pooled vehicles and the risk bad approach. Whilst the Wolfsberg Group has not (until now), addresd investment banking or commercial banking per , much of the published guidance is also relevant to the business gments. However, certain aspects of the business undertaken by financial institutions engaged in Investment and Commercial Banking (referred to hereafter as “Financial Institutions”) rai specific AML questions, in particular regarding:
∙who is the Financial Institution's customer in common transaction scenarios;
∙who should conduct due diligence on the customer in certain scenarios;
∙what level of due diligence should be conducted in such scenarios (including particularly whether a
Financial Institution should "drill down" when dealing with certain types of customers such as institutional intermediaries and conduct any due diligence on their customer's customers); and
∙the Financial Institution's role in common and complex transactions.
The following FAQs ek to address some of the questions and contain guidance that may be applied by Financial Institutions in the context of a reasonable risk-bad approach to AML matters. The FAQs do not superde applicable laws and regulations where they are more stringent.
1 The Wolfsberg Group consists of the following leading international financial institutions: ABN AMRO, Banco Santander, Bank of Tokyo-Mitsubishi-UFJ, Barclays, Citigroup, Credit Suis, Deutsche Bank, Goldman Sachs, HSBC, JP Morgan Cha, Société Générale, and UBS.
The FAQs were prepared by the Wolfsberg Group in association with RBC Financial Group and SEB Group.
Definition of Investment Banking and Commercial Banking and Scope of the FAQs
For the purpos of the FAQs, investment banking and commercial banking are viewed as wholesale business. The clients and counterparties are corporate or institutional in nature. Retail b
rokerage, retail banking, private banking, and correspondent banking are not within the scope of the FAQs. More specifically, investment banking and commercial banking, whether conducted in a bank, broker-dealer or other entity, include, but are not limited to, the following activities: mergers and acquisitions; IPOs/underwriting; trading (including curities, derivatives, currencies, commodities); and credit/lending (including syndicated facilities). The FAQs consider lected issues with regard to the activities, as well as certain ancillary or “downstream” activities that merit consideration, namely, the activities of: administration companies (including transfer agents) supporting fund managers and funds; syndicated loan lenders, arrangers and agents; and paying agents and trustees with respect to debt curities.
The FAQs below are grouped under veral headings:
A. Beneficial ownership, institutional intermediaries, and private funds;
B. Investment banking and commercial banking transactions generally;
C. Loan syndications, participations and trading;
D. Letters of credit; and
E. Other questions: custody; paying agents and corporate trustees; and escrow agents.
A Risk-Bad Approach
It should be noted that, although investment banking and commercial banking have not historically been regarded as associated with money laundering risk, a Financial Institution should asss its customers for AML purpos using a risk bad approach to determine the appropriate level and degree of due diligence2 to be applied; the FAQs are predicated on the application of the risk bad approach to customer relationships, interaction with other third parties and transactions executed by Financial Institutions. Factors generally relevant to risk-asssing customers are considered in the Wolfsberg Guidelines on a Risk Bad Approach for Managing Money Laundering Risks.
Management and Monitoring of Client Relationships Generally
A Financial Institution should consider the role of its relationship managers in the client acceptance process. One relationship manager may have responsibility for the acceptance process with respect to a particular client, but it may not make n for that relationship manager to continue to be responsible at all times for that client if, the client’s activities with the Financial Institution change ov
er time. Additionally, a client may be referred to the 2The FAQs generally u the term "due diligence" rather than "know your customer" (or “KYC”) becau a Financial Institution may sometimes conduct due diligence on a third party who is not a “customer”, for example, with respect to a counterparty or partner in a deal (e.g., private equity firm, venture capital fund), so that the term "know your customer" is not really applicable. In the FAQs, the term "due diligence" may include identification, verification, or such other scrutiny as the Financial Institution deems appropriate to comply with applicable regulation or to manage AML and reputation risk (e.g., to satisfy itlf that risks to its reputation from association with such customers or parties is minimid).
investment bank or commercial bank from another business unit that originally accepted the client and/or, the relationship manager responsible for one aspect of the client’s business may move to another position within the firm. Finally, it may not be realistic to expect one relationship manager to monitor all business conducted by a particularly large or globally active client throughout a large or international institution. Rather, in such cas, there may be different relationship managers at any one time who have responsibility for the business activities of one client throughout different business or product units in the firm.
The Financial Institution should consider how to address the management of its client relationships i
n such contexts; how client information is received, updated, and made available to appropriate relationship managers; and how it would apply its monitoring policies and procedures with respect to such clients.
Monitoring of investment banking and commercial banking activities for money laundering should take into account the ways that such activities may involve money laundering practices that are different from tho en in other areas. It may be more appropriate to focus on clients rather than transactions becau the nature of investment banking or commercial banking transactions may make it difficult to define general transaction parameters. Additionally, while money laundering traditionally involves the attempted transformation of illicit funds to "clean" funds, certain capital markets transactions may be initiated with clean money, but ultimately involve proceeds that are illicit becau they are the product of illegal activities. Accordingly, when transaction monitoring leads to identification of transactions that may be unusual in this respect, such transactions should also be considered for their money laundering implications.
Certain criminal activity that may be carried out through an investment banking firm could give ri to money laundering concerns, but could also be subject to other requirements relating to market abu and insider dealing. For example, a transaction entered into shortly prior to a significant incide
nt such as a terrorist attack which appears to anticipate a fall in the market may be considered suspicious and therefore be reportable as a money laundering suspicion. However, such trading is covered in most jurisdictions by legislation relating to the u of inside information. Whilst there is an overlap between the two types of offences, the FAQs do not deal with indications of market abu and insider dealing. Part A: Beneficial Ownership, Institutional Intermediaries and Private Funds
A Financial Institution should, as a matter of general principle, u a risk-bad approach in performing due diligence with respect to its customers, and to the extent appropriate, “beneficial owners” of, or persons who exerci control over, its customers. The FAQs below specifically consider when, in a number of contexts, it is appropriate to perform due diligence with respect to beneficial owners.
Q1. Under what circumstances is it appropriate for a Financial Institution to perform due diligence with respect to the persons who exerci control over customers that are operating companies3?
3 The term "operating company," as ud in the FAQs, refers to commercial enterpris generally, such as manufacturing and industrial companies, grain traders, transport companies, utilities, softwa
re designers, etc. The term could also include not-for-profit enterpris such as hospitals, university endowments, etc. Operating companies are to be distinguished, for purpos of the FAQs, from institutional intermediaries and private funds, which are given additional consideration below.
Investment banking and commercial banking customers include operating companies, which usually take the legal form of corporations, but may also include, e.g., limited liability companies, limited partnerships, etc. A guiding principle in “knowing” such customers is to know, where appropriate, who exercis ultimate control over the customer. Except in cas where an operating company is determined to be sufficiently “transparent” as described below, appropriate due diligence should generally be performed on persons exercising the requisite level of control (as determined in accordance with the next paragraph) over the customer. Generally, such due diligence may entail verification of identity through documentary or other means, although a Financial Institution may wish to consider, using a risk-bad approach, whether there are circumstances where doing so might not be warranted.
Consistent with the requirements of local law, a Financial Institution should determine, using a risk-bad approach, which persons exerci control over a company. Relevant in this regard is the extent of such persons’ ability to influence directly the actions of a company or to make policy with re
spect to a company. Usually, control is exercid by members of nior management (which may include directors in some situations), and a Financial Institution should ascertain who tho individuals are. Control can also be a function of the level of ownership in a company. Ascertaining the identity of persons having control by virtue of their ownership interest in the company, frequently referred to as “beneficial owners,” goes beyond immediate levels of corporate ownership to ultimate natural persons who beneficial ownership exceeds a level that confers control. In cas of both nior management and beneficial owners who exerci control, due diligence includes determining, in relevant cas, whether such persons are “politically expod persons.” Where a company is transparent by virtue of its being a “public” company, or a majority owned direct or indirect subsidiary of a public company4, it would not be necessary or appropriate to drill down into beneficial ownership or to tho persons who exerci control over such a company. Further, it would not be necessary or appropriate to drill down into beneficial ownership in the event that a company’s ownership is sufficiently disperd so that no one beneficial owner exerts control (which may frequently be the ca for large companies, even if they are not listed or publicly traded, etc.). Largeness by itlf may entail various mechanisms ensuring transparency such that a Financial Institution may give consideration to treating sufficiently large reputable operating companies as "public" companies, even though they technically do not come within the definition of public company t out in footnote 4.
Certain types of companies, namely, institutional intermediaries and private funds are given additional consideration below.
4 “Public company,” as ud in the FAQs, means a company that is (i) listed on an exchange or (ii) registered with an appropriate governmental authority or (iii) under the regulatory supervision of the local authority or (iv) owned by a government; provided that the exchange, governmental authority, regulator or government meets the financial institution’s relevant risk-bad criteria. For the purpos of (ii) of this definition, a governmental authority may be deemed “appropriate” if registration with such authority results in the requisite level of transparency as to the business of the company and as to control and beneficial ownership. If registration entails sufficient measures promoting transparency (e.g., disclosure, audit, governance requirements), a Financial Institution may be in a position to determine that such a registration regime may provide sufficient information to satisfy their due diligence obligations. The FAQs, however, do not recommend that all companies in a particular jurisdiction should necessarily be subject to this level of regulation. In any event, it is recommended that governments establish registries within their jurisdictions that will provide information on control and beneficial ownership.
Q2. How should a financial institution perform due diligence with respect to an institutional intermedi
ary?
For the purpos of the FAQs, the term “institutional intermediary” refers to financial institutions such as banks, broker-dealers, investment advirs and other institutional entities that, when they transact with the Financial Institution, act on behalf of their customers.5Many investment and commercial banking customers are institutional intermediaries. A Financial Institution should determine the circumstances in which it may be reasonable to assume that an institutional counterparty, in its relationship with the Financial Institution, is acting as an institutional intermediary. “Knowing” an institutional intermediary entails consideration of a number of factors that would not generally be relevant in the context of operating company customers, including the following:6
∙Whether the institutional intermediary, bad on the level of regulatory supervision to which it is subject and the jurisdiction in which it is bad, is subjected to adequate AML regulation in the context of its dealings with clients and is supervid for compliance
with such regulation.7
∙Whether, even if the institutional intermediary is not subjected to adequate regulation as t forth in the prior bullet, the institutional intermediary applies AML (including customer due diligence) procedu
res that are equivalent to tho of institutional intermediaries subject to money laundering regulation that is deemed adequate.
(Example: the client’s parent is subjected to adequate regulation as t forth in the prior bullet and applies global procedures).
Generally, if the Financial Institution can determine, using its bad-bad approach, that an institutional intermediary is subjected to adequate AML regulation in accordance with the criteria t forth in the first bullet above, the Financial Institution may presume the institutional intermediary’s AML procedures to be of an acceptable standard. A Financial Institution may ascertain whether an institutional intermediary is subject to AML regulation, and whether it has implemented an AML program in accordance with such regulation, on the basis of reprentations furnished by such intermediary. However, if the institutional intermediary cannot be determined to be subject to adequate AML regulation as t forth in the first bullet above, then the Financial Institution should consider--and different Financial Institutions may develop different approaches in this regard--what steps it might take to mitigate money laundering risk. As noted in the example in the cond bullet above, this might include considering the possible relationship of the institutional intermediary to a parent that is subjected to adequate AML regulation (and whether the institutional 5 In general parlan
ce, banks or broker-dealers, even if they are acting on a proprietary basis, may be referred to as “intermediaries,” becau they typically have funds or other asts (e.g., deposits) furnished by others. However, for purpos of the FAQs, the term “institutional intermediary” will more narrowly refer to institutional counterparties that act on behalf of their clients. Institutional counterparties acting on a proprietary basis are considered in Q3.
6 Whether to perform due diligence on the beneficial owners, e.g., the shareholders of the institutional intermediary, should be approached in the same manner as described above with reference to operating companies. For instance, if the institutional intermediary is a corporation listed on an exchange meeting the Financial Institution’s relevant criteria, there is no need to drill down to the shareholders of the institutional intermediary. Moreover, if the institutional intermediary is regulated in a low risk jurisdiction and subject to that jurisdiction’s AML regulation, then there would be no need to drill down into ownership either.
7 Such a determination may be bad on a Financial Institution’s general risk asssment methodology, which may take into account the regulatory supervision of institutional intermediaries in particular jurisdictions, and would not necessarily entail discrete inquiries into the level of regulation of particular institutional intermediaries on a ca-by-ca basis.
