RBA Cookie Cutter Templates Increase Legal & Criminal Risk

If you own or manage a specified party or an accountable institution in Botswana, you will know that it must comply with the Financial Intelligence Act (the Act) and Financial Intelligence Regulations (Regulations). Referred to by supervisory bodies as AML/CFT&P, which is an acronym for anti-money laundering, counter financing of terrorism and proliferation financing; they are a mandatory requirement for which there are no short cuts.

The AML/CFT&P requirements in Botswana are regarded as some the most onerous in the world with perhaps some of the harshest penalties for non-compliance. No doubt as an owner, manager, or AML/CFT&P Compliance Officer, you or your organisation have been head hunted by various “experts” who are pushing their services upon you. Many of these AML/CFT&P firms advocate the use of template policies and procedures which have not been grounded on a Risk-Based Assessment (RBA), this is not the route any specified party or accountable institution would want to go. If an RBA exists, it too is very likely based on a template document, which has not been well planned and tailored to identify and address the specific financial crime risks facing the organisation using it.

Template RBA’s and AML/CFT&P policies have their use. They can act as an aid memoire to an organisation that is about to undertake its first RBA and implement its initial AML/CFT&P policy and procedures. On that basis, they can alert an organisation to issues it might not have thought about. More often, they are promoted by AML/CFT&P “experts” as being a cost effective and cheap option to enable a specified party or an accountable institution to comply with its AML/CFT&P obligations and it is thought, save them time and money. The emphasis on these documents is compliance, with promoters advising clients that provided they “comply” with the law, then they will be okay with any relevant regulator. Unfortunately, that is not the international standard and the international standard is there for good reason. Specified parties and accountable institutions must demonstrate that their policies and procedures are effective. In other words, they work in preventing financial crime. Tick the box or “cookie cutter” RBA and policy templates, which have not been customised to the financial crime threats facing an organisation and to the services it provides and how it provides them to their customers, rarely comply with AML/CFT&P Law and are usually not effective. A risk assessment must be specific to the individual circumstances of a business, its customers, and activities, with the risks then managed and mitigated through its AML/CFT&P programme.

Template documents fail to comply because the AML/CFT&P framework in Botswana and around the globe, require specified parties and accountable institutions to design and implement AML/CFT&P policies and procedures in response to the financial crime risks that have been identified in the RBA. While organisations operating in the same industry or profession will have some similar financial crime risks, they will also have many different risks, or similar risks but having a different impact. This is due to the different or unique services or products provided; different markets they operate in, including offshore; different customers, including those in offshore jurisdictions; or use of delivery channels or systems that are unique. Even minor variations in services, products, customers, geographical locations (including high risk jurisdictions) or delivery channels will produce different and diverse financial crime risks. Even two identical organisations offering similar services in the same geographical location will have substantially different financial crime risks because they have different employees and perhaps different suppliers.

There is a reason why there is no international or nationally specified format or method for conducting an RBA and that is because of the diverse industries, professions and organisational types that must comply with AML/CFT&P law, it is not possible to design one. Template documents offered by some experts suggesting they are a simple, easy, and cheap solution for organisations to meet their AML/CFT&P compliance obligations fail to understand why the law and procedures are being implemented and more importantly could pose a serious risk to the accountable institution or specified party because they encourage them not to undertake an RBA and identify the actual risks faced by the entity. Not only does this pose a noncompliance risk but could have severe commercial implications such as reputation risk and failure to identify possible business opportunities.

The FI Act and Regulations of Botswana are designed to prevent financial crime, particularly money laundering and terrorism financing harming the community, the financial system of the country and all organisations that are a specified party or an accountable institution. Often associated with corruption and organised criminal behaviour, money laundering if left unchecked, can cripple a country. Merero Partners have worked in countries where almost nothing works, and people exist without any assistance from their government. The rule of law is not enforced and only the elite and privileged live fruitful lives. No one wants that to occur in Botswana.

It is not only the country and the community that benefits. Organisations that implement effective AML/CFT&P frameworks harden themselves against financial crime because they have identified all the risks they face and have developed measures to mitigate them. The policies and procedures that they implement are linked to their RBA which guide staff on how to undertake critical processes such as customer due diligence, enhanced due diligence, monitoring and reporting, testing, and auditing of systems and record keeping. Policies and procedures that have not been designed and implemented to meet the specific risks that an organisation faces will be ineffective and expose a specified party or an accountable institution to greater risks.

Three of those risks involve the use of the organisation by criminals to engage in financial crime, particularly money laundering, increased legal risk and reputational risk. Template documents will never capture all the financial crime risks an organisation faces, which means appropriate and effective countermeasures will not be implemented. If an increase in criminal risk is not enough to have a specified party or an accountable institution review their use of template documents, then perhaps the risk of legal action undertaken by a supervisory body might succeed in doing so. In Botswana, enforcement action by regulatory authorities is still in its infancy. International experience offers valuable lessons. For example, in the UK the Solicitors Regulation Authority (SRA) asked 400 law firms to demonstrate their compliance with the AML regulations by forwarding to it their risk assessments. 83 firms or 21% were found to be not compliant, primarily because they did not address all of risks they faced. Alarmingly, 64% of the firms were using risk assessment templates which were generally of low quality and were merely cutting and pasting information without regard to the risks that they faced. A similar situation with reporting entities has generally been observed by the AML/ CFT regulator in New Zealand.

Specified parties and accountable institutions found to be non-compliant with the FI Act and Regulations face significant reputational damage. Being associated with money laundering, is a serious blot on the reputation of any organisation and those that own it or manage it. Any charge, whether is stands in court or not, is subject to the court of public opinion. The cases which have been widely covered by the media in Botswana over the last few years has no doubt caused reputation and operational risk for all firms which have been subject to the charges. The moment an entity is involved in such coverage, their focus is deviated from operating their businesses to defending their charges and reputations.

Firms and people associated with a money laundering scandal are usually subject to closer scrutiny when they apply for a financial service including a loan, seek a new job, or apply for a visa to travel abroad. The personal impacts can be significant. If those outcomes are not bad enough then owners, managers and compliance officer should take note of the serious offences contained in the FI Act for non-compliance and the criminal penalties that apply if they are charged with a money laundering offence.

Trying to save time and money by using template documents is a fool’s harvest. When an organisation is found to be non-compliant, not only might they be subject to a financial penalty, but they may also have to throw out much if not all the work that was done previously and which they paid for and start the entire process properly from scratch – costing them more time and money which could have been avoided. There is a common misperception that adopting the internationally accepted approach legally required in Botswana comes at significant cost. This is not the case. Working with the right professionals who understand the requirements and have the experience and expertise to guide you through the process need not be financially out of reach, in fact, it will likely provide you significant insights into your own business and create value.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button