Training is such an integral part of the Bank Secrecy Act (BSA), anti-money laundering (AML) and counter-terrorist financing (CTF) arena that it has been designated as one of the five pillars of BSA/AML. Every year, compliance officers and law enforcement teams identify and train for new regulations, new money laundering trends and evolving typologies. In 2017, these may include enhanced due diligence, beneficial ownership, or even the resurgence of classic money laundering schemes like bulk cash smuggling. However, in addition to these hot topics, there are some training challenges that may not be on your radar and there are questions you may not be asking, but should.
This article is based on my more than 26 years of investigative and training experience, including work as a special agent in the Office of the Inspector General (OIG) community, building and running a computer crime laboratory and a cybercrimes investigations program at the U.S. Environmental Protection Agency (EPA), and from my past six years developing and providing specialized AML/CTF training to military, government agencies, law enforcement and compliance offices.
When I entered the field, I was astounded by the variety and number of AML/CTF training programs available. Since then, new programs have continued to emerge. As these programs continue to build and grow, there are challenges we have to consider. In addition, we must be watchful that our wonderful training programs help and do not hinder our overall objectives to protect government institutions, businesses and financial institutions.
The most significant challenge is to build training that reaches to the unknown. Money laundering, terrorist financing and other financial crimes are currently evolving. During my time as a special agent, I focused on discovering how actors worked against the U.S. using new or previously undiscovered criminal techniques. My motivation was to investigate and explore this new terrain for criminal misuse. In 2010, I was excited to have the opportunity to build and deliver training that extended against illicit actors internationally. Presently I am equally as excited to grow in that perspective and expand again to the business and financial sectors. From that point of growth, I can appreciate the challenges we have faced, but even more, the challenges that are coming. I would like to provide an overview of the challenges I see as we build on today’s training.
Who are we training?
Trust me when I tell you that the bad guys already know how we do business. They know all of our rules and are learning them to build their own networks with effective countermeasures. Where do they gain this knowledge? One major source is by attending our conferences and associations where they learn about our tools. I am not being critical of any organization that has a training conference as an element of its mission, but it is a risk. I have been to conferences where my students in law enforcement and intelligence communities have come to me and told me they have seen the subjects of their investigations or targets of intelligence operations. There is a good chance that at any large conference there is at least one bad guy in the audience learning about what we do and how we do it.
So, we know that bad guys attend our conference and we attend theirs as well. While I was the director of special operations at the EPA OIG, I would regularly send my special agents to Las Vegas to attend a law enforcement conference where we would share methods and technologies in computer forensics and cybercrime investigations. Immediately following that conference was another conference that was also in Las Vegas called Black Hat, where cybercriminals and the hackers of the day would also come and share exploits and malware, techniques, etc. Attendees would sit at computers for hours to show what they could do, hack into networks and show how they did it, and more. Did we send our folks to attend Black Hat? Absolutely, and the Black Hatters knew it. The “challenge” at Black Hat was for them to “spot the fed.” When detected as a member of law enforcement, that individual would be called on stage, given a t-shirt saying that they had been “outed” and then shown the door. Why did we go? We wanted to learn what the bad guys knew and what was coming over the horizon.
We learn from them and they unfortunately learn from us. How do we mitigate this risk? Serious consideration in training deliveries needs to include a vetting process of customers. This is a tough one as we need to take a measured approach to encourage training to those running BSA/AML conferences and training sessions, but also ensure they are not training the wrong people. One method could include more effective vetting of applicants who attend training and conferences by taking the best effort to ensure attendees have a legitimate reason to be there. Another method might include random follow-ups with attendees and encouraging the “see something, say something” approach. As we experienced at Black Hat, who better to identify those who do not belong than the ones that do?
Training for Application
Effective training builds from general knowledge to the direct application of that knowledge by the student. Training that is one-size-fits-all is limited because it does not answer the question, “What do I do with this?” It is true that AML/CTF training needs to carry the basic learning objectives so students understand the AML/CTF world of today, the elements of money laundering, prepaid cards, mobile banking, and the like. In addition, training needs to drill to the specific application needs of its audience. The training requirements for law enforcement, which needs to take actions with tools and methods at their disposal to collect and understand the evidence they acquire to build cases for prosecutions, will differ from the application of tools and methods within the shadowy, “secret squirrel” world of intelligence. And the application of knowledge in the banking sector differs yet again, with financial institutions’ processes for know your customer (KYC), due diligence, and 314(a) and (b) communication capabilities.
Focused training can yield the best results. In a recent law enforcement-oriented training delivery, two students who worked as analysts at a High Intensity Drug Trafficking Area (HIDTA) task force unit increased their knowledge about fronts and shells. The training described, from an investigative perspective, the illicit nature and red flags. Upon their return to the HIDTA, the students challenged each other to see who could identify more fronts in a two-day period. One student found two, the other identified three. The above training was effective from a law enforcement perspective. But would the training have been equally as effective if bankers or real estate or insurance professionals had been included in the training? Would they have left asking, “How did that help me do my job?” I would challenge instructors to test this point by approaching students after a delivery for a side conversation or during breaks and ask them about their own unique situation with a fact pattern aligned to their own experience. When that happens, the instructor should measure whether the information was delivered in the best way to meet the needs of that class. The questions posed by the students could be indicators that the instructor did not understand the needs of those students. As training is delivered, it needs to be done in consideration of its value to the needs of each student.
Keeping Training Relevant in a Turbulent World
Think about the Broadway shows from long ago that are brought back for a run today. It is just as we remember and we revel in those memories. But a member of the Millennial generation sitting in the next row might not understand the political references, the names or events in the script. Similarly, I remember when I started as an AML/CTF instructor in 2010, I was directed to take an online training course that was considered state of the art. I was excited and interested to see the content until I actually got started. While the objectives and elements of the training were excellent and the information was great, the material was from 2007 and it had never been updated. I was reading names, events and stories that went back to before 2001. In particular, much of the information dealt with the terrorism network operated by Osama bin Laden. Only one problem: By the time I took the course the attack on bin Laden’s com-pound had been accomplished and he was long gone.
Keeping training relevant to current times is one of the biggest challenges. What often happens is that when an organization designs and builds its own training they collect the best and brightest and have them build a training course that is bright, shiny and exciting. After completion, the best and brightest go back to their day jobs and the training program ages without maintenance.
In the AML/CTF field this is particularly relevant. Think about all the changes that have taken place in rapid succession of just the last few years and in the immediate future. The near future will be met with what will probably be significant changes in international laws and treaties. We have global events with Brexit and the recent U.S. elections. How will current world changes impact enforcement of the EU Directives? How will the U.S. President-elect affect the AML/CTF field? We have heard the stated desire to move forward with what is yet to be determined in deregulation. In addition, we know the anticipated changes that are coming in de-risking, customer due diligence, KYC, politically exposed persons, and last but not least, beneficial ownership. Or, as in many elections and political actions around the world, will some statements and resolve soften? Whichever way this goes there will likely be a big change in how value is perceived and moved around the world.
Training to these new environments must be managed to meet these new needs. Training is like a garden. It needs to be tended and updated. The training team should constantly update information and case studies to make them relevant to today. To stay relevant, you should:
Review your training regularly
Update training so that it transitions from old to new
Include the impact of global political events when updating information. We are entering a year of what could be some of the most volatile actions impacting national and international finance with Brexit, the EU directives and a change of administration in the U.S. You may want to include the impact of these events in your training.
Training How to Think, Not Just What to Think
Finally, the Holy Grail for training and its most significant challenge. Today, training—especially training that is on a large scale—uses a fact-based approach. It includes lists of red flags, the phases of money laundering and explanations of how under-invoicing works. Well, guess who also knows about the red flags and how the business process works? Of course, the objective of a criminal would be to build their networks in a way where no flags are generated, and that they answer every process question asked satisfactory. It is like a chess game where they know every move in advance or a baseball game where the batter knows the pitch that is next.
Training needs to extend beyond the knowns and become more dynamic and insightful. Specifically, elements of training in critical thinking can be essential, encouraging students to challenge what looks to be a reasonable business and financial activity and pre-pare them to develop new approaches and hypotheses, effective elements of proof and premises, to support probabilities and arguments for more effective decision making. As the goal of an illicit network is to remain undetected, they will employ the tools and resources that are designed to appear to operate in the legitimate world. They will have the best answers during onboarding, they will produce the necessary documents to satisfy due diligence for a letter of credit and they will have identification to get a $5,000 money order. Training needs to prepare the communities to extend beyond red flags and build skills to recognize and respond to those actions that the traditional red flags may not apply to, but are nonetheless supportive of illicit networks.
Too often this challenge is paired with training to the latest and greatest electronic system. If the student is trained on how to push a button and issue a report, success! But even today the greatest computer in the world remains the human brain. The greatest challenge is in updating that software.
For example, it is understood by AML/CTF professionals today that trade-based money laundering is to be the most effective method of money laundering in the world, inclusive of variants such as the Black Market Peso Exchange system, bulk cash smuggling and free trade zones, which serve as transshipment points for narcotics, smuggled contraband and other illicit cargos. The very nature of the free trade zone helps to circumvent many of the rules and tariffs that countries have in place to encourage commerce. Think about this, if a free trade zone decided that they were going to inspect every container coming through their port how long would that zone exist? The amount and veri-table weight of trade as the lifeblood to international commerce protects it from any substantial or sustained changes. Training to the understanding that “time is money.”
The challenge of providing training to meet the needs of today and for all involved sectors worldwide in government, finance and business, is important. If we understand that the world of illicit actors and their networks will make their changes as they learn from their mistakes, we can meet these hidden challenges so that training remains both flexible and focused to prepare our compliance, law enforcement and intelligence communities to respond—or maybe get a step ahead.