De-risking - OCC Releases Risk Reevaluation Guidance for Foreign Correspondent Banking
The growing problem of de-risking in correspondent banking cannot be eliminated through regulatory instruments like the U.S. Office of the Comptroller of the Currency's (OCC) recent Risk Management Guidance on Periodic Risk Reevaluation of Foreign Correspondent Banking.
The guidance issued earlier this month is a response by American authorities to de-risking – that is, a trend among major correspondent banks of terminating their relationships with small respondent banks – due to a high perceived risk of violating anti-money laundering and/or anti-terrorist financing (AML/ATF) regulations. Among other things, it asks banks to document their consideration of the consequences of de-risking decisions for large customer groups and regions likely to be affected.
Issuing such impractical guidelines merely confuses the issue further, rather than addressing simple equations of supply and demand, and the need for frank transparency when truly examining the subject of AML/ATF risks and economic sanctions.
Impact on emerging markets
Public-sector policy makers such as the OCC are reacting to the negative effects of de-risking on emerging markets. Yet despite their pleas to correspondent banks that de-risking may not be necessary, many policy makers fail to address the fundamental rationale on why global correspondent banking networks are shrinking: regulatory risk.
Without an honest discussion on the motivations behind de-risking, the conversation devolves into mere talking points issued by both sides. Under such circumstances, no definitive solutions are likely to be produced.
De-risking prevents consumers in emerging markets from accessing U.S. dollar payments, rendering tourism more expensive and limiting international trade. Without U.S. dollar correspondent banking relationships, respondent banks in emerging markets face great difficulty in providing basic wire transfers, letters of credit, or facilitating securities transactions. Economic activity can stagnate and incomes can drop. Being shut out of U.S. dollar transactions has real consequences in a globalised economy.
Double-standard
For years, economic sanctions against Iran, imposed by the United Nations and the G7 countries, were due to Iran's nuclear program and the threats it made against its neighbours in the Middle East. Sanctions against North Korea were reinforced every time Pyongyang detonated a nuclear device. Travel restrictions and economic sanctions against various members of Russian President Vladimir Putin's regime were in response to corruption and the murder of Sergei Magnitsky, a lawyer killed by Russian police in a state prison.
Financial institutions who make it possible to launder funds in order to evade these sanctions are punished by banking regulators in G7 countries. Fines and settlements have run into the billions of dollars.
Sanctions are financial weapons deployed by states to achieve political goals without risking a military clash. Yet the enforcement of economic sanctions does not follow a moral code, and there are many examples of financial institutions facing few repercussions for breaking them. For example:
Moving targets
In such a chaotic geopolitical environment, it is nearly impossible to create accurate metrics for the purposes of managing correspondent banking risk.
For example, after the attacks of September 11, 2001, the American government designated the Kurdish Marxist militia, known as the PKK, as a terrorist organisation. Sanctions against the PKK went into force. Now, in 2016, the PKK is helping the U.S. fight against ISIL in Syria and western Iraq, often with the aid of American military support. Once an enemy, now an ally.
Building a sound and profitable correspondent banking business takes time. Decades can be spent developing a brand in foreign markets, forging relationships with domestic institutions, and proving to respondent banks that the correspondent partner is one with whom a prudent financial institution can trust with its transactions. Shifting quickly to match changing political trade winds, therefore, is not accomplished easily by a correspondent bank. Negotiating the nuances and double-standards of international relations is no small feat, either.
Politically exposed persons running banks
Outside the G20, the concept of the politically exposed person (PEP) in international banking becomes a moot point. Shareholders and directors of banks in emerging markets are almost always PEPs. Rising to an income level where owning a significant stake in a financial institution often means an individual has skated the grey area between government and private industry that is common in emerging markets. At some point in those markets, the PEP classification for respondent bank shareholders and directors becomes meaningless.
If PEPs are embedded within the respondent bank, their information will automatically be swept up by the due-diligence process of correspondent banks looking to assess and mitigate money laundering or terrorist financing risks. Adding the PEP label to a major individual shareholder's name would serve little purpose at that point, yet from an AML compliance standpoint, it creates mountains of paperwork. Furthermore, regulators are almost always sure to find some irregularities in the resulting mountain of information. Such discoveries can then lead to regulatory action.
Respondent-bank risk must be examined as a whole, not as fragmented pieces of AML compliance sections. JPMorgan Chase, for example, was the prime banker to Bernie Madoff, who perpetrated a massive Ponzi scheme on investors, and it was fined more than $2 billion. But were they subsequently shunned in their banking relationshipts for it? As evidenced by their $24.4 billion net income as of 2015 (PDF), that answer is surely, "no".
Consequences crush compassion
The OCC's recent risk-management guidance contains an interesting passage about consequences. Decisions to terminate correspondent accounts should be communicated regularly to senior management, "with consideration given to the extent to which account closures may have an adverse impact on access to financial services for an entire group of customers or potential customers, or an entire geographic region," it said.
What is an appropriate metric for measuring the "adverse impact" on potentially thousands of people from severing correspondent banking relationships? Banks will have to document their rationale for future auditors, and they could face huge penalties for getting it wrong. They are faced with a choice: Run the gauntlet or avoid the business? An easy decision.
Paperwork doesn't deter de-risking
The OCC bulletin suggests best practices for documenting all the various risks of a correspondent banking relationship, including original and continuing due diligence, various risk assessments, and then a series of procedures that will produce an audit trail on why a respondent bank was de-risked.
At the beginning of the bulletin, the OCC states that the correspondent bank must acknowledge that it is in full control of its compliance destiny. However, requiring a flurry of paperwork to demonstrate a sound rationale behind a de-risking decision will not stop a correspondent bank from simply stating: "risk is greater than reward.” If the risk of maintaining a particular respondent relationship causes sleepless nights, a bank will terminate it regardless of how many reports must be emailed between the business line and compliance function.
If the correspondent deems the business relationship unlikely to produce a decent risk-weighted return, then they have plain justification for acting accordingly. No bureaucratic paper avalanche will prevent the correspondent bank from acting.
Fines and settlements for failures in correspondent banking AML regimes have been pushed into the billions of dollars. HSBC is still fighting the monkey on its back created by the U.S. Senate Permanent Subcommittee on Investigations in 2012. Standard Chartered Bank keeps rubbing up against correspondent banking failures in the eyes of American banking regulators. BNP Paribas is the current record holder for fines at $8.9 billion.
Correspondent banks see these examples as indicators on what could happen to them should they fail to meet regulatory expectations in New York and Washington. If margins are thin, then the manual costs of managing respondent risk simply will not suffice. De-risking would be easier than juggling unquantifiable and unpredictable relationship factors.
The problem will be contained when correspondent banks perceive the risk-weighted return on business to be worthwhile, and no amount of regulatory edicts will change this calculus.
The guidance issued earlier this month is a response by American authorities to de-risking – that is, a trend among major correspondent banks of terminating their relationships with small respondent banks – due to a high perceived risk of violating anti-money laundering and/or anti-terrorist financing (AML/ATF) regulations. Among other things, it asks banks to document their consideration of the consequences of de-risking decisions for large customer groups and regions likely to be affected.
Issuing such impractical guidelines merely confuses the issue further, rather than addressing simple equations of supply and demand, and the need for frank transparency when truly examining the subject of AML/ATF risks and economic sanctions.
Impact on emerging markets
Public-sector policy makers such as the OCC are reacting to the negative effects of de-risking on emerging markets. Yet despite their pleas to correspondent banks that de-risking may not be necessary, many policy makers fail to address the fundamental rationale on why global correspondent banking networks are shrinking: regulatory risk.
Without an honest discussion on the motivations behind de-risking, the conversation devolves into mere talking points issued by both sides. Under such circumstances, no definitive solutions are likely to be produced.
De-risking prevents consumers in emerging markets from accessing U.S. dollar payments, rendering tourism more expensive and limiting international trade. Without U.S. dollar correspondent banking relationships, respondent banks in emerging markets face great difficulty in providing basic wire transfers, letters of credit, or facilitating securities transactions. Economic activity can stagnate and incomes can drop. Being shut out of U.S. dollar transactions has real consequences in a globalised economy.
Double-standard
For years, economic sanctions against Iran, imposed by the United Nations and the G7 countries, were due to Iran's nuclear program and the threats it made against its neighbours in the Middle East. Sanctions against North Korea were reinforced every time Pyongyang detonated a nuclear device. Travel restrictions and economic sanctions against various members of Russian President Vladimir Putin's regime were in response to corruption and the murder of Sergei Magnitsky, a lawyer killed by Russian police in a state prison.
Financial institutions who make it possible to launder funds in order to evade these sanctions are punished by banking regulators in G7 countries. Fines and settlements have run into the billions of dollars.
Sanctions are financial weapons deployed by states to achieve political goals without risking a military clash. Yet the enforcement of economic sanctions does not follow a moral code, and there are many examples of financial institutions facing few repercussions for breaking them. For example:
- Chinese financial institutions have been working with the North Korean government for years. None of the four largest state-owned banks in China face sanctions from the West. Since China, with its considerable economic might, could wage a trade war across the Pacific, its state-owned banks face little push-back for facilitating the despotic regime of Kim Jong-Un.
- Russian banks launder huge sums of money for oligarchs and organised criminal groups, while somehow avoiding the wrath of Her Majesty's Treasury in United Kingdom and the New York Federal Reserve in the United States.
- Egyptian banks served the Muslim Brotherhood during their reign of Cairo, yet those banks never faced any consequences from Western banking regulators.
- Pakistan's Inter-Services Intelligence (ISI) agency is well known by the intelligence community for supporting the Taliban, but the Pakistani firms financing this relationship have little to fear.
- Money from Saudi, Kuwaiti, and Bahraini donors pours into the coffers of the Islamic State of Iraq and the Levant (ISIL, ISIS, Daesh), transferred through banks that are protected by regional governments able to leverage their energy resources for protection against Western sanctions.
Moving targets
In such a chaotic geopolitical environment, it is nearly impossible to create accurate metrics for the purposes of managing correspondent banking risk.
For example, after the attacks of September 11, 2001, the American government designated the Kurdish Marxist militia, known as the PKK, as a terrorist organisation. Sanctions against the PKK went into force. Now, in 2016, the PKK is helping the U.S. fight against ISIL in Syria and western Iraq, often with the aid of American military support. Once an enemy, now an ally.
Building a sound and profitable correspondent banking business takes time. Decades can be spent developing a brand in foreign markets, forging relationships with domestic institutions, and proving to respondent banks that the correspondent partner is one with whom a prudent financial institution can trust with its transactions. Shifting quickly to match changing political trade winds, therefore, is not accomplished easily by a correspondent bank. Negotiating the nuances and double-standards of international relations is no small feat, either.
Politically exposed persons running banks
Outside the G20, the concept of the politically exposed person (PEP) in international banking becomes a moot point. Shareholders and directors of banks in emerging markets are almost always PEPs. Rising to an income level where owning a significant stake in a financial institution often means an individual has skated the grey area between government and private industry that is common in emerging markets. At some point in those markets, the PEP classification for respondent bank shareholders and directors becomes meaningless.
If PEPs are embedded within the respondent bank, their information will automatically be swept up by the due-diligence process of correspondent banks looking to assess and mitigate money laundering or terrorist financing risks. Adding the PEP label to a major individual shareholder's name would serve little purpose at that point, yet from an AML compliance standpoint, it creates mountains of paperwork. Furthermore, regulators are almost always sure to find some irregularities in the resulting mountain of information. Such discoveries can then lead to regulatory action.
Respondent-bank risk must be examined as a whole, not as fragmented pieces of AML compliance sections. JPMorgan Chase, for example, was the prime banker to Bernie Madoff, who perpetrated a massive Ponzi scheme on investors, and it was fined more than $2 billion. But were they subsequently shunned in their banking relationshipts for it? As evidenced by their $24.4 billion net income as of 2015 (PDF), that answer is surely, "no".
Consequences crush compassion
The OCC's recent risk-management guidance contains an interesting passage about consequences. Decisions to terminate correspondent accounts should be communicated regularly to senior management, "with consideration given to the extent to which account closures may have an adverse impact on access to financial services for an entire group of customers or potential customers, or an entire geographic region," it said.
What is an appropriate metric for measuring the "adverse impact" on potentially thousands of people from severing correspondent banking relationships? Banks will have to document their rationale for future auditors, and they could face huge penalties for getting it wrong. They are faced with a choice: Run the gauntlet or avoid the business? An easy decision.
Paperwork doesn't deter de-risking
The OCC bulletin suggests best practices for documenting all the various risks of a correspondent banking relationship, including original and continuing due diligence, various risk assessments, and then a series of procedures that will produce an audit trail on why a respondent bank was de-risked.
At the beginning of the bulletin, the OCC states that the correspondent bank must acknowledge that it is in full control of its compliance destiny. However, requiring a flurry of paperwork to demonstrate a sound rationale behind a de-risking decision will not stop a correspondent bank from simply stating: "risk is greater than reward.” If the risk of maintaining a particular respondent relationship causes sleepless nights, a bank will terminate it regardless of how many reports must be emailed between the business line and compliance function.
If the correspondent deems the business relationship unlikely to produce a decent risk-weighted return, then they have plain justification for acting accordingly. No bureaucratic paper avalanche will prevent the correspondent bank from acting.
Fines and settlements for failures in correspondent banking AML regimes have been pushed into the billions of dollars. HSBC is still fighting the monkey on its back created by the U.S. Senate Permanent Subcommittee on Investigations in 2012. Standard Chartered Bank keeps rubbing up against correspondent banking failures in the eyes of American banking regulators. BNP Paribas is the current record holder for fines at $8.9 billion.
Correspondent banks see these examples as indicators on what could happen to them should they fail to meet regulatory expectations in New York and Washington. If margins are thin, then the manual costs of managing respondent risk simply will not suffice. De-risking would be easier than juggling unquantifiable and unpredictable relationship factors.
The problem will be contained when correspondent banks perceive the risk-weighted return on business to be worthwhile, and no amount of regulatory edicts will change this calculus.
The views expressed here are the author's own. Kim R. Manchester is the founder and Managing Director of ManchesterCF, a Toronto-based firm that provides financial crime risk management training programs and advisory services to financial institutions and public-sector agencies around the globe