ACAMS Today Europe editorial interviewed Matis Mäeker, head of the Estonian Financial Intelligence Unit (FIU) and a member of the MONEYVAL Bureau. Mäeker has been the evaluator and reviewer of many mutual evaluation reports conducted by MONEYVAL. He is also a member of the Estonian delegation to MONEYVAL and a member of the Heads of FIU of the Egmont Group. He has also been an alternative member of the European Banking Authority’s AML/CFT Standing Committee on anti-money laundering and countering terrorist financing (AMLSC).
Mäeker has extensive knowledge of anti-money laundering (AML) and combatting the financing of terrorism (CFT) from both angles—the preventative and the criminal side. He is the author of the Estonian Financial Supervision Authority’s AML/CFT public guideline and internal guidelines, the Estonian Financial Supervision Authority’s risk-based approach model, as well as the co-author of The AML Compliance Book: 150 Golden Rules.
ACAMS Today Europe (AT Europe): What inspired you to pursue a career in AML/CFT?
Matis Mäeker (MM): I have a master’s degree in law, but in high school, I received a mathematics- and physics-focused education. The Estonian Financial Supervisory Authority, where I started ten years ago, was the perfect fit for my background. Like I always say, AML/CFT is nothing more than a logic exercise—find the deviation and you’ll find the perpetrator. And criminals always make a move; you just have to be patient and find it. Therefore, from the beginning, I started utilising my experience from my mathematics class. I started following the money and finding places where criminals made a wrong move. Over the years, I progressed from doing hard supervisory cases to managing my team that continued my work, and here, my legal skills were of great help. As can be seen, the career in AML/CFT is a perfect combination of my past education. The results started coming in quickly, and so I knew from the beginning that it was my dream job, something that I had always wanted. Today my job is to lead even bigger teams and guide the country in fighting financial crime.
AT Europe: What is the most rewarding part of your job?
MM: You are not always the most loved person when working in AML/CFT. It does not matter whether you are a banker, a supervisor or an investigator. People criticise you because you are always between the possibilities and the people’s right to do business. AML/CFT professionals are risk-oriented, and they always think one step ahead. Today you might be a villain, but after a year or more, the public will realise that you have worked for the greater good. I have had so many cases where I have been told that I was overreacting, but years later, when the truth was revealed, the same critics would nod with respect. That said, there is nothing more satisfying than cracking down on a criminal scheme and freezing the criminal’s money. For me, working in the AML/CFT profession is and has always been a passion that you do for the greater good. My life’s goal and motto has always been to do the right thing and do it with passion. Do things right and with passion, so when you are on your deathbed, you can smile when you look back at your life and accomplishments and see that you have made a difference.
AT Europe: As head of the Estonian FIU, what would you like to accomplish during your tenure?
MM: I have a five-year term, and the first year is almost over. On 1 January 2021, the Estonian FIU became an autonomous and independent authority under the Ministry of Finance. Before, it used to be a department in the National Criminal Police. Also, with the new position came additional funding and possibilities. When I stepped into the office, the Estonian FIU had just made the transition, and my first order of work was to employ a significant number of people and department heads to start building the next generation FIU. My primary goal is to modernise as much as possible and to build an IT-oriented FIU that has one of the best analysis capabilities in Europe.
The second order of business is to guide the Estonian FIU and the country through its ongoing MONEYVAL mutual evaluation. I was one of the first experts in MONEYVAL to participate in an evaluation in 2016. I was the team member reviewing the Isle of Man. Today, I am utilising my experience in the AML/CFT industry to help Estonia show its effectiveness in the best way possible. I am really proud of what we have achieved.
The third element is connected to my supervisory work, where the EFIU has some responsibilities. Today, we supervise virtual asset service providers (VASPs) that are increasingly becoming an extremely important conduit for criminals. By the end of 2020 and June 2021, when I stepped into office, we managed to completely revamp the way we approach the supervision of VASPs and have only granted one new license but managed to withdraw around 250 licenses. Today, we are down to approximately 380 licenses, but the work is far from over.
AT Europe: As a reviewer of MONEYVAL’s fifth round of mutual evaluation report of the Holy See, what notable moment can you share from this experience?
MM: Reviewing reports is always a great responsibility. People do not do this for fun or to get additional information about a country. They do it to get the correct outcome of the assessment. Assessments are like court battles. The country, as the defendant, always holds the opinion that it is doing better than it is being pictured. The assessment team, as the prosecutor, is there to represent the community to find out the truth, weigh the positives and negatives and come out with an analysis (the indictment). The reviewers and the plenary are the judges that must assess both parties and decide whether the report reflects the true picture and whether the rating (the sentence) is correct or should be harsher or more lenient. When I see that the country is being treated too conservatively, I will speak out, and vice-versa. When the report is too lenient and not in line with global practice, I highlight it as well. To me, the report of the Holy See was, therefore, business as usual, but business that I really love!
AT Europe: With increasing global financial operations, how can AML/CFT professionals best prepare themselves to be more effective in preventing financial crime?
MM: Being an AML/CFT professional is not easy. To be effective in preventing financial crime, one must know the Financial Action Task Force (FATF) standards, preferably all the mutual evaluation reports made, guidance given, typology products produced, how geopolitics work, how terrorists move and change territories and so forth. Otherwise, it is simply impossible to make decisions on a risk-sensitive basis. To be knowledgeable and better than your close associate, one must read everything at hand, including posts on social media, participate in different conferences and be part of different working groups and partnerships.
AT Europe: Estonia was one of the first countries to enact a formal registration process for cryptocurrency exchanges and businesses. What were some of the benefits for Estonia as an early adopter?
MM: Clearly, our benefit today is that we have learned so much from the mistakes made, and we have had the opportunity to correct our actions more than three times by making changes to the law. It has also allowed us to correct our supervisory activities as risks have evolved. Other countries seem to be learning and making the mistakes that Estonia did a couple of years ago. Second, we have benefited greatly from the knowledge that the service providers have, who, through discussions, have also educated us. Numerous data, reports, analyses and case studies have expanded our knowledge base about the sector, and we gladly distribute this gained competence to the FIUs across the world. Moreover, it has forced us to learn and achieve more. Otherwise, as supervisors, we would not be proper partners and supervisors who can manage risks.
AT Europe: Your jurisdiction changed the criteria to register cryptocurrency exchanges and businesses. What are some of the key changes and what should other jurisdictions consider when creating a similar criterion?
MM: The most important change has been taking VASPs as financial institutions. The risks with VASPs, for example, are really similar to payment service providers or electronic money institutions. Therefore, the guarantees for the state and customers should be similar. We are not only taking measures to protect against money laundering and terrorist financing risks, but we are also dealing with other aspects of operational risks, such as cybersecurity, as well as liquidity risk through capital requirements. We ask about business plans, whether they are really viable or not and where the funds will be generated to meet the capital requirement (ranging between 100,000 euros and 250,000 euros). These new aspects also protect against money laundering and terrorist financing risks because we will license service providers who want to provide services and receive proper supervision. As such, there will be fewer companies that do not have a connection to Estonia and that only use our license. By doing that, we can also protect our market from perpetrators and people’s opaque plans.
AT Europe: With VASPs operating across borders, what can individual countries do to regulate cryptocurrency operations that might be used for money laundering?
MM: I have told the FATF that we should not be writing new global rules, but we should start enforcing existing ones properly. The global mutual evaluation cycle is too long to guarantee a required level for the playing field and proper implementation in all countries. VASPs, as the new source of money laundering and terrorist financing risk, were incorporated into the standards halfway through the evaluation round. Thus, only a limited number of countries will be assessed during this round, and for many, it will take up to five or more years to catch up. In Estonia, we see that perpetrators are moving from one country to another, always choosing those that have the laxest laws. We should make an extraordinary assessment of all countries and their approaches to licensing VASPs. Those that do not have proper laws should be given a very specific timeline to bring themselves in line.
AT Europe: What has been the biggest challenge for Estonia in regulating cryptocurrencies?
MM: There is a really short answer to this. The biggest challenge is striking a balance in the law to show those who should receive a license and be welcomed to Estonia and that they are not going to find more lax and lenient countries. I believe that we have a good balance. The key is not the strictness of the regulation but the quality of supervision and thus how protected the customers can be by “banking” with the service provider.
AT Europe: What is your most significant achievement in fighting against terrorist financing?
MM: My years in the AML/CFT fight have been an immense learning process. I have been at the heart of uncovering internationally well-known landmark cases and cutting them off. I have seen up close the patterns, causes and unthinkable behaviour that leads to failure. I have seen what has happened behind the scenes in FIUs and law enforcement authorities and how the international fight against money laundering and terrorist financing still has a significant way to go. That being said, I am most proud of the book I have written together with my former colleague Andre Nõmm—The AML Compliance Book: 150 Golden Rules. This book is our contribution to the fight against money laundering and terrorist financing—giving back to the market to prevent similar cases from happening in the future.
AT Europe: Any advice you would like to share with our readers about career success?
MM: Knowledge does not grow on trees. To be the best, you must learn and work with yourself each day. Go to events, speak with people and think out loud because otherwise, you’ll never know whether your thoughts are right or wrong. And most importantly, remember others are not better than you. Strive for the best and you’ll be the best!
Interviewed by: ACAMS Today Europe editorial, ACAMS, email@example.com