Legal requirements for adverse media screening

 Adverse media screening is one of the most effective safeguards that financial institutions have against criminal efforts to launder money by funneling it through legitimate banking systems. And because it is so useful, financial regulatory authorities around the world have made screening for negative media an essential legal requirement for know-your-customer (KYC) onboarding protocols, continued customer due diligence (CDD), and Enhanced Due Diligence (EDD) on potentially high-risk customers.

For financial institutions, adverse media screening involves scanning global media sources for evidence of a customer’s involvement in suspicious activity, including associations with people connected to drug syndicates, human trafficking, terrorist financing, or other illegal endeavors.

The primary purpose of adverse media screening is to create an accurate customer risk profile, but continuous media monitoring also helps protect against fines, penalties, loss of consumer confidence, negative press, and other potential threats to the institution’s reputation and brand. The consequences of not conducting adequate media screening are also getting more serious. Regulatory bodies around the world are cracking down on people and organizations that turn a blind eye to suspicious financial activity and are enforcing harsher penalties to discourage it.

For example, the European Union’s Sixth Money Laundering Directive (6MLD) — which must be implemented across the EU by June 3, 2021 — introduces several new penalties for companies and institutions that fail to detect and prevent money-laundering activity. Among these stricter penalties is an aggressive expansion of criminal liability to executives and other “legal persons” (such as lawyers and accountants) who aid and abet money-laundering activities, either through deliberate malfeasance or negligence.

These measures and many others are part of a broad international effort to strengthen anti-money-laundering protocols by leveraging the power of digital information. And because the legal ramifications of inadequate media screening represent a growing reputational risk for both companies and financial institutions, it’s important to understand what the law requires.

A risk-based approach

First, it should be understood that adverse media screening is only one component of a comprehensive set of policies, procedures, and controls that financial institutions typically use to combat money laundering and terrorist financing.

Since 2012, the Financial Action Task Force (FATF) — an inter-governmental body that establishes international regulatory standards for anti-money-laundering (AML) compliance — has backed a “risk-based approach” to customer relations that makes financial institutions responsible for “identifying, assessing, and understanding” money-laundering risks and taking appropriate actions to mitigate them. Under FATF guidelines, adverse media screening is considered one information-gathering tool among many that financial institutions are expected to use to develop accurate customer risk profiles. FATF specifically cites adverse media screening as part of an effective EDD program, where politically exposed persons (PEPs) and other high-risk clients receive extra scrutiny.

FATF guidelines are not legally binding, but they are recognized as the international standard for AML policy, and countries and institutions are expected to adhere to them as much as possible.

More thorough due diligence

In the United States, the federal government’s Financial Crimes Enforcement Network (FinCEN) adds some sharper teeth to FATF guidelines by enforcing what’s known as the Customer Due Diligence (CDD) Final Rule. This directive requires covered financial institutions to maintain “appropriate risk-based procedures” for conducting customer due diligence, to continuously monitor and update customer information, and to report any suspicious financial transactions to FinCEN in the form of Suspicious Activity Reports (SARs).

The CDD Rule applies mostly to U.S. banks, mutual funds, and investment brokers, all of whom are required by law to identify and verify the identities of their customers. In addition, the CDD Rule requires I.D. verification of all of a corporate entity’s “beneficial owners,” which is defined as any individual who owns or controls 25% or more of the entity.

Beyond simply verifying customer identities, the CDD Rule also requires financial institutions to understand the “nature and purpose” of a customer’s business and to be aware of their customers’ extended network of associates. The reason: criminals who are engaged in money-laundering activities are often very good at creating businesses that look legitimate on the surface and whose true purpose is only revealed through secondary associations with known criminals or other suspicious actors.

The push for greater transparency

The underlying purpose of these directives is to encourage financial institutions to investigate and understand precisely who their customers really are, because it is easier than ever in our digitally distanced world for people to hide their identity or pretend to be someone they are not. Consequently, regulatory agencies are insisting on greater ownership transparency for all types of businesses, especially shell companies, subsidiaries, and other corporate tax strategies designed to conceal owner identities. Some countries are considered “high risk” as well, so transactions involving them also receive greater scrutiny.

The most aggressive push for greater transparency and more open information sharing between government regulators and businesses comes from the EU, where companies must implement the aforementioned 6MLD by June 2021.

The 6MLD is an update of the 4MLD and last year’s 5MLD, which primarily addressed cryptocurrencies and data sharing among member states. The 6MLD does not address negative media screening directly, but it does provide plenty of incentive for financial institutions to review and strengthen their AML procedures.

By expanding the scope of criminal conduct to include negligence by C-level executives and introducing harsher penalties for money-laundering offenses, the EU is clearly interested in strengthening accountability and enforcement in its efforts to safeguard the global financial system. The 6MLD also specifies 22 new “predicate offenses,” or offenses that lead to or enable a money-laundering crime. These newly defined offenses include cybercrime, environmental crimes, insider trading, and certain tax crimes, all of which media-monitoring systems need to screen for. Failure to do so can result in fines and penalties, loss of consumer confidence, or even shuttering of the company.

In each of these cases, it is the financial institution’s responsibility to conduct media screening on new customers and continuously monitor the media landscape for information relevant to existing high-risk customers. The media in need of monitoring isn’t just traditional print outlets, either — it also includes television, radio, web posts, blogs, social media, e-newsletters, and other sources of online information.

AI search tools

Strangely, though regulatory agencies such as FATF and FinCEN expect financial institutions to conduct comprehensive adverse media screening on high-risk customers and can hold financial institutions legally liable for failing to do so, there is no universal standard for how this information should be obtained. In general, companies and financial institutions are free to develop methods for media screening that make sense for their customer base and risk appetite.

As a practical matter, however, it is all but impossible for human beings using publicly available search engines such as Google to conduct anything close to effective financial due diligence, especially on a continuous, ongoing basis. Criminals rely on such lax procedures to conceal their illicit activities, which is why more financial institutions are turning to media-monitoring solutions that utilize artificial intelligence (AI) to sift through the daily torrent of online information. The most effective AI tools also allow users to set search parameters, create filters and dashboards, and score media “hits” according to the risk level any given media mention represents. Such solutions are not only more thorough, they save time and money in the long run by automating an essential process that financial institutions cannot afford to have fail.

Indeed, when it comes to adverse media screening, the most dangerous thing a financial institution can do is miss important information on a customer because of inadequate systems and procedures. Organizations that embrace more thorough adverse media screening protocols are making themselves more technologically resilient, certainly, but also more responsible and trustworthy stewards of the global financial system.