IIROC Imposes $250,000 Fine on Laurentian Bank Securities Inc.

IIROC Imposes $250,000 Fine on Laurentian Bank Securities Inc.

IIROC Imposes $250,000 Fine on Laurentian Bank Securities Inc.

The Investment Industry Regulatory Organization of Canada fines Laurentian Bank Securities Inc. US$250,000 for not using a transaction monitoring system

What Happened?

April 16, 2020: Laurentian Bank Securities Inc.–a regulated investment dealer under the jurisdiction of the Investment Industry Regulatory Organization of Canada (IIROC)–was charged with failing to implement and maintain an adequate trading supervision system, which resulted in the organization failing to comply with AML obligations.

In a hearing that took place on April 24, 2020, the IIROC Hearing Panel accepted a settlement agreement, according to which Laurentian Bank Securities Inc. agreed to pay US$250,000 in fines.

Source: https://www.iiroc.ca/Documents/2020/227d22f8-bca1-49f9-8161-157d63ea9ffd_en.pdf

Who Is Impacted?

Businesses that facilitate the trading or exchange of regulated assets–including equities, debt, derivatives, and cryptocurrencies.

Why This Matters?

Failing to have a transaction monitoring system in place creates the risk of money laundering going unnoticed within your business.

Transaction monitoring is a requirement that, when overlooked, will result in staggering fines, sanctions, and damage to the integrity of your brand’s reputation.

What’s Next?

IIROC’s Trading Conduct Compliance department (TCC) is tasked with regularly examining and testing their participant’s transaction monitoring systems to identify any problems or concerns.

Laurentian Bank Securities Inc. will be required to address these concerns and to correct the deficiencies. Going forward, the firm can expect to face increased scrutiny and reputation damage and will continue to appear in AML screening for Adverse Media and Watchlists for years to come.

learn more

Is your AML compliance too expensive, time-consuming, or ineffective?

iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

Request a demo today.

Challenges and Solutions in FATF Travel Rule Compliance
Challenges and Solutions in FATF Travel Rule Compliance

Complying with the Financial Action Task Force (FATF) Travel Rule presents several challenges for financial institutions. These challenges can hinder the effective implementation of compliance processes. This article explores...

Implementing FATF Travel Rule Compliance
Implementing FATF Travel Rule Compliance

The Financial Action Task Force (FATF) Travel Rule is essential for preventing money laundering and terrorist financing. Implementing compliance with this rule requires a strategic approach to ensure all regulatory requirements...

Understanding the FATF Travel Rule
Understanding the FATF Travel Rule

The Financial Action Task Force (FATF) Travel Rule is a significant regulation in the global fight against money laundering and terrorist financing. It mandates that financial institutions share certain information about the...

US SEC Charges Dropil and team for Fraudulent and Unregistered ICO

US SEC Charges Dropil and team for Fraudulent and Unregistered ICO

US SEC Charges Dropil and team for Fraudulent and Unregistered ICO

U.S. Securities and Exchange Commission (SEC) charges founders and issuer of Dropil, Inc. with securities fraud

What Happened?

April 24, 2020: Between January and March 2018, Jeremy McAlpine, Zachary Matar, and Patrick O’Hara of Dropil, Inc. marketed the DROP token offering online to investors around the world.

In promoting the offering, Dropil promised to pool the capital raised for building and investing with their algorithm-based “Dex Bot”. Dropil promised investors the “Dex Bot” would provide returns from this activity in the form of DROP Tokens deposited into their wallets every 15 days. However, Dropil never made any deposits to investors’ wallets, nor performed any development of the aforementioned “Dex Bot”.

The U.S. SEC (United States Securities and Exchange Commission) also found that Dropil claimed to have raised a total of USD $54 million from 34,000 investors–despite only raising $1.8 million from no more than 2,500 investors. In addition to this falsified evidence and testimony, the founders of Dropil were found to have used the money raised to fund other projects, as well as their own personal bank accounts.​

Source: https://www.sec.gov/litigation/litreleases/2020/lr24804.htm

Who Is Impacted?

Any issuer of a virtual asset who has failed to properly register their offering as a security, or has chosen to market it with false and misleading statements, or promises of potential returns.

Why This Matters?

2,500 investors lost $1.8 million in this scheme. The action taken by the SEC is evidence that they have both the authority and technical ability to monitor, investigate, and take action against the bad actors operating illegally in the digital capital markets, without prejudice.

What’s Next?

Issuers of “utility tokens”, security tokens, cryptocurrencies, etc., who used their virtual asset to either raise capital, secure investment, or generate pre-sales will continue to fall under scrutiny.

  • Was the offering registered with the proper authority?
  • Was the opportunity marketed in a lawful manner and with integrity?
  • Are the funds that were raised being used in the manner that they were presented to potential purchasers?

Such firms should seek independent legal advice to consider whether they may be exposed to this type of risk.

The SEC action against the Dropil ICO is yet another case study in what can put an issuer offside–and land them in court–in the U.S. market.

learn more

Is your AML compliance too expensive, time-consuming, or ineffective?

iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

Request a demo today.

Challenges and Solutions in FATF Travel Rule Compliance
Challenges and Solutions in FATF Travel Rule Compliance

Complying with the Financial Action Task Force (FATF) Travel Rule presents several challenges for financial institutions. These challenges can hinder the effective implementation of compliance processes. This article explores...

Implementing FATF Travel Rule Compliance
Implementing FATF Travel Rule Compliance

The Financial Action Task Force (FATF) Travel Rule is essential for preventing money laundering and terrorist financing. Implementing compliance with this rule requires a strategic approach to ensure all regulatory requirements...

Understanding the FATF Travel Rule
Understanding the FATF Travel Rule

The Financial Action Task Force (FATF) Travel Rule is a significant regulation in the global fight against money laundering and terrorist financing. It mandates that financial institutions share certain information about the...

IIROC Imposes $250,000 Fine on Laurentian Bank Securities Inc.

BCSC Advisory Regarding Pegasus Global Trading Limited

BCSC Advisory Regarding Pegasus Global Trading Limited

BCSC (British Columbia Securities Commission) adds Pegasus Global Trading Ltd. to the province’s Investment Caution List

What Happened?

April 23, 2020: Pegasus Global Trading Ltd., which claims to be a UK-based online trading platform, was found to be advertising their services to the residents of British Columbia without the required licensing

Pegasus is neither registered to trade in, nor advise on, securities and derivatives in Canada. According to Canadian legislation, Pegasus’ activities were regulated and the firm has been added to the IOSCO warnings list.

Source: https://www.bcsc.bc.ca/Enforcement/Investment_Caution_List/Pegasus_Global_Trading_Ltd_/

Who Is Impacted?

Any Canadian citizen who may have utilized Pegasus Global for advisory or investment-related services. North American businesses engaged in similar business activities or direct business relationships with Pegasus.

Why This Matters?

The BCSC’s Investment Caution List helps Canadian investors identify if they are at risk of a total loss of capital–with no recourse for recovery–when dealing with unlicensed service providers operating outside Canada’s regulatory oversight.

What’s Next?

By adding Pegasus Global Ltd. to the Investment Caution List, the BCSC has sent a clear message that these unlawful practices of promoting an unlicensed business can result in public enforcement. Appearing on these lists will damage a companies reputation and create barriers to their growth.

learn more

Is your AML compliance too expensive, time-consuming, or ineffective?

iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

Request a demo today.

Challenges and Solutions in FATF Travel Rule Compliance
Challenges and Solutions in FATF Travel Rule Compliance

Complying with the Financial Action Task Force (FATF) Travel Rule presents several challenges for financial institutions. These challenges can hinder the effective implementation of compliance processes. This article explores...

Implementing FATF Travel Rule Compliance
Implementing FATF Travel Rule Compliance

The Financial Action Task Force (FATF) Travel Rule is essential for preventing money laundering and terrorist financing. Implementing compliance with this rule requires a strategic approach to ensure all regulatory requirements...

Understanding the FATF Travel Rule
Understanding the FATF Travel Rule

The Financial Action Task Force (FATF) Travel Rule is a significant regulation in the global fight against money laundering and terrorist financing. It mandates that financial institutions share certain information about the...

SFC Fines BOCOM US$19.6 million for Internal Control Failures

SFC Fines BOCOM US$19.6 million for Internal Control Failures

SFC Fines BOCOM US$19.6 million for Internal Control Failures

Hong Kong’s Securities and Futures Commission (SFC) has reprimanded and fined BOCOM International Securities Limited (BISL) for a range of regulatory breaches

What Happened?

April 20, 2020: BOCOM International Securities Limited (BISL) was reprimanded and fined by Hong Kong’s Securities and Futures Commission (SFC) for a total of US$19.6 million due to a range of regulatory breaches and internal control failures.

The SFC found that third-party deposits made to client accounts in 2009, 2011, and 2015 by way of cheques and bank transfers were not identified until 2016. BISL’s failure to ensure compliance with the guidelines on Anti-Money Laundering and Counter-Terrorist Financing is a significant reason for their 8-figure fine.

Source: https://www.sfc.hk/edistributionWeb/gateway/EN/news-and-announcements/news/enforcement-news/doc?refNo=20PR36

Who Is Impacted?

BISL’s clients, because the firm failed to ensure that:

  • transactions conducted in client accounts were properly authorized;
  • it could be satisfied on reasonable grounds about the identity of the person ultimately responsible for originating the instruction in relation to a transaction, and that order instructions were properly recorded;
  • client identities and transaction details were properly confirmed in trade confirmations;
  • it reported its representatives’ failures to record order instructions to the SFC immediately; and
  • a client complaint was adequately investigated and promptly responded to.

Why This Matters?

The lack of AML, CTF, and KYC due diligence on the transactions from 2009 to 2015 put both the clients of BISL at risk of financial fraud, as well as the public at risk of money laundering and terrorism financing, as transactions went unchecked and unmonitored until 2016.

What’s Next?

The SFC took into account all relevant circumstances, including the following:

  • BISL has an otherwise clean disciplinary record;
  • BISL has taken steps to revise its policies and procedures in relation to the areas where deficiencies were identified;
  • BISL has agreed to engage an independent reviewer to conduct a review of its internal controls; and
  • BISL’s failures are serious, extensive, and lasted for a substantial period of time.

The SFC concluded its decision with the following statement:

“A clear message needs to be sent to the industry that the SFC will not hesitate to take action against licensed corporations that fail to put in place appropriate internal controls to protect their operations and clients.”

learn more

Is your AML compliance too expensive, time-consuming, or ineffective?

iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

Request a demo today.

Challenges and Solutions in FATF Travel Rule Compliance
Challenges and Solutions in FATF Travel Rule Compliance

Complying with the Financial Action Task Force (FATF) Travel Rule presents several challenges for financial institutions. These challenges can hinder the effective implementation of compliance processes. This article explores...

Implementing FATF Travel Rule Compliance
Implementing FATF Travel Rule Compliance

The Financial Action Task Force (FATF) Travel Rule is essential for preventing money laundering and terrorist financing. Implementing compliance with this rule requires a strategic approach to ensure all regulatory requirements...

Understanding the FATF Travel Rule
Understanding the FATF Travel Rule

The Financial Action Task Force (FATF) Travel Rule is a significant regulation in the global fight against money laundering and terrorist financing. It mandates that financial institutions share certain information about the...

Improving Business Resilience with Intelligent Compliance Automation

Improving Business Resilience with Intelligent Compliance Automation

Improving Business Resilience with Intelligent Compliance Automation

How financial services providers can take advantage of the new contactless culture

With new measures in place that require remote work and social distancing, the broader finance industry is set to look very different going forward. For board executives, management teams, and compliance officers, now is the time to rethink the most basic aspects of how financial services work.

Distribution channels that previously relied on branches or face-to-face meetings are becoming increasingly redundant. Strains on personal and business finances means financial service providers have to act quickly and with conviction when disbursing new capital. With both channels, financial services providers will still have to maintain compliance requirements, even when these core business operations were not designed to work digitally. 

Financial services providers could use this time to fundamentally overhaul the relationship with their customers while maintaining business and operational resilience. Businesses that successfully implement digital services for a new contactless culture will be rewarded in the long-run.

So what does the future look like for financial service providers? And where are the opportunities to improve internal operations and the overall customer experience?

In this post, we answer the above questions focusing on retail and commercial banking verticals. This article can be used as a checklist for compliance teams, boards, and product managers who are looking for ways to reduce costs, risk, and complexity or to improve staff capacity, effectiveness, and customer experiences.

 

Comparing Today to the Future

Most people are familiar with the process of opening a personal and/or business bank account. Will that familiar process be used in the months and years ahead? Likely not. While much of the client experience in financial services today is digital, there are a few core business processes that remain manual or require face-to-face business. 

Here are some key processes that we see boards and management teams reevaluating as they compare the old landscape with the new.

 

Client Onboarding

This is the first step of the process where financial service providers gather information on their clients. 

 

Standard Operating Procedures

  • Client must attend branch or meet agent in person
  • Physical and operational security measures in place and abided by
  • Data protection, privacy, governance, and cybersecurity measures in place and abided by
  • Training for frontline staff to validate client eligibility
  • Internal procedures for enhanced due diligence when needed, usually by email or additional in-person meetings

Non Face-to-face

  • Client goes to secure website or mobile application 
  • Data protection, privacy, governance, and cybersecurity measures are in place to prevent manipulation from bad actors
  • Onboarding logic includes validation and segmentation for additional KYC requirementsin real-time while the client is still in the onboarding process
  • Enhanced due diligence requests can be automated, reducing onboarding time and costs

Identity Verification

Financial service providers, through their “Agents”, must verify and document the identity of the client for KYC and AML requirements.

Standard Operating Procedures

  • Agent views ID documents, signs attestation of authenticity, and visually confirms identity match
  • Documents need to be transported and stored securely
  • Client information is processed manually or via batch refresh
  • Agents require document authentication training and typically can only authenticate local documents
  • Document authentication processes include manually viewing templates or using document authentication software
  • Identities can be verified in 5 minutes, when a qualified agent is available

 Non Face-to-face

  • User documents are validated using machine vision
  • Address and identity are confirmed by qualified third-party data sources
  • Secure client-side verification enables user data to be processed without leaving the user’s device
  • Compliance managers configure controls in online identity verification services to support documents from over 200 jurisdictions
  • Automated document verification detects fraud, low image quality, and user errors before the document leaves the user’s device
  • Identities can be verified in under 20 seconds

Risk Screening

Once the client’s identity information is verified, financial service providers search for potential risks such as adverse media mentions, sanctions, watchlists, relations to politically exposed persons, and more.

Standard Operating Procedures

  • Compliance teams log in to back-office systems to conduct searches and manage cases. Searches must be thorough, as names such as “John” can have varied spelling and homonyms: “Johnathon, Jon, Johan, Juan, etc.”
  • Each search must be documented for future audit and reporting. Any search result must be analyzed according to the firm’s policies to determine whether it is a True or False positive
  • True Positives will be calculated against the firm’s risk assessment program in preparation for Risk Classification
  • Data sources are reviewed and updated periodically (typically every 1-3 years) by risk analysts

Non Face-to-face

  • Client information is passed directly through artificial intelligence (AI) processing systems to analyze the results of thousands of searches simultaneously; any potential results are escalated to the compliance teams for analysis 
  • False positives are reduced using fuzzy matching and Levenshtein distance algorithms, and escalated for analyst review
  • True Positives are used to update Risk Classification in real-time
  • Documentation of all functions are generated autonomously. Data sources and profiles are reviewed and updated every night via AI; potential matches are escalated to risk analysts for final review

Risk Classification

Clients are assigned a risk rating and risk score, and segmented based on “red flags” such as jurisdiction, industry, risk screening results, and internal data sets.

Standard Operating Procedures

  • Compliance teams review the client case, any risk identified, and classify the risk level of the client
  • Quality assurance is conducted after the fact, usually during annual or periodic reviews

 Non Face-to-face

  • Scoring systems and automation thresholds automatically update risk scores, rating, classification
  • Quality assurance triggers create escalations for compliance teams to review

Low-Risk Clients

The client profile is reviewed for completeness and red flags before final approval.

Standard Operating Procedures

  • Compliance or account teams review the client profile.
  • Missing information may require additional client meetings or trigger enhanced due diligence procedures 
  • Account is opened manually or via API

 Non Face-to-face

  • Client profile has already been validated for completeness with onboarding controls 
  • Account is opened manually or via API

High-Risk Clients

Red flags may require enhanced due diligence, risk assessment, and potential reporting.

Standard Operating Procedures

  • Manual procedures include data management, additional risk screening, physical document processing, and reporting for SARs and filings
  • Account managers are notified of additional requirements from the client
  • Materials are typically submitted physically or via unsecure email
  • Fragmented or legacy technology solutions do not support remote staff or client operations
  • Total decision time per case: 48-72 hours
  • Account is opened or declined

 Non Face-to-face

  • Automated data processing and AI in risk screening enable unique search profiles to reduce errors due to manual procedures
  • Account managers and clients can be notified through push or email notification
  • Materials are submitted through secure and encrypted client portals
  • Intelligent AML solutions support remote operations, automate configurable workflows, and generate SARs and reports for filings
  • Account is opened or declined

Transaction Monitoring

Each transaction must be screened across multiple factors such as country, industry, beneficiary name, volume, and value of transactions.

Standard Operating Procedures

  • Threshold-specific procedures are maintained in company manuals and training sessions
  • Periodic reviews identify risk after the fact and increase remediation costs

 Non Face-to-face

  • Threshold-specific workflows trigger unique due diligence requirements, screening profiles, and generate reporting documents
  • Compliance teams can focus on exceptions, not data entry

Ongoing Monitoring

Risk screening data must be updated, not only to onboard new users but also to rescreen your existing clients for new risk.

Standard Operating Procedures

  • Risk data updates are done manually, often without re-screening of existing clients
  • Re-screening procedures face the same challenges as the initial risk screening

Non Face-to-face

  • Risk data is refreshed each night
  • Re-screening procedures identify net new risk for every client in your KYC software, reducing noise and improving productivity for compliance teams

KYC Data Refresh

Knowing your customer requires that you maintain accurate and current records. Clients may change their name, address, citizenship, or need to update KYC documents on file.

Standard Operating Procedures

  • KYC document templates require version control and physical document destruction for stale documents
  • Clients send sensitive personal information over mail, courier, or unsecured email
  • Expired data may require face-to-face meetings with licensed agents and transaction freezes, which increases client frustration

 Non Face-to-face

  • KYC document template versions are managed by system admins and pushed into client workflows in real-time
  • Clients submit personal information securely through an encrypted KYC portal in your website or mobile app
  • Data expiry dates trigger refresh requests to clients through email or push notifications in your website or mobile app

Ongoing Access Management

Verifying a user’s password only ensures the user has access to your client’s password.

Standard Operating Procedures

  • Online access security questions can be bypassed if hackers or thieves have enough of your client’s information
  • Face-to-face meetings with tellers or agents include manual identity verification
  • E-signature fraud creates risk, liability, and requires additional identity assurance in material agreements

 Non Face-to-face

  • Live face matching quickly enables the user to easily perform biometric authentication more securely than security questions
  • Identity verification processes can be witnessed during video meetings to enable contactless meetings
  • Biometric authentication enables “Smile to sign”, live face matching, and fraud monitoring to ensure strong client authentication at all times

In Closing

Most financial services providers spend over 10% of their gross annual revenues to complete their standard operating procedures. As we have seen, there is ample opportunity to apply new regulatory technologies to name screening, risk scoring, portfolio risk assessment, and AML reporting. Client data management enables financial services providers to reduce cost, risk, and complexity while improving staff capacity, effectiveness, and customer experience.

Migrating customer onboarding and compliance workflows to digital-first channels can be challenging. Costs have mushroomed and complexity increases with each additional jurisdiction you serve. Customer expectations on user experience, contactless availability, and KYC friction are changing rapidly. 

Compliance teams, boards, and product managers should regularly re-evaluate their KYC and AML systems to identify weaknesses, better manage risk, improve staff capacity, reduce vendors, cut costs, and improve their client’s KYC user experience. We hope this article can serve as a valuable resource for your business. 

 

Thanks for reading!

The iComply Team

About iComply

iComply Investor Services Inc. (“iComply”) is a regtech company that provides automated KYC and AML compliance solutions for non face-to-face financial and legal interactions. iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

learn more

Is your AML compliance too expensive, time-consuming, or ineffective?

iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

Request a demo today.

Challenges and Solutions in FATF Travel Rule Compliance
Challenges and Solutions in FATF Travel Rule Compliance

Complying with the Financial Action Task Force (FATF) Travel Rule presents several challenges for financial institutions. These challenges can hinder the effective implementation of compliance processes. This article explores...

Implementing FATF Travel Rule Compliance
Implementing FATF Travel Rule Compliance

The Financial Action Task Force (FATF) Travel Rule is essential for preventing money laundering and terrorist financing. Implementing compliance with this rule requires a strategic approach to ensure all regulatory requirements...

Understanding the FATF Travel Rule
Understanding the FATF Travel Rule

The Financial Action Task Force (FATF) Travel Rule is a significant regulation in the global fight against money laundering and terrorist financing. It mandates that financial institutions share certain information about the...

IIROC Imposes $250,000 Fine on Laurentian Bank Securities Inc.

Canadian Regulators Issue Warning for Halifax & Associates

Canadian Regulators Issue Warning for Halifax & Associates

Multiple Canadian regulators issued investor alerts against online trading platform Halifax & Associates for selling illegal securities

What Happened?

April 7, 2020: Manitoba, Nova Scotia, British Columbia, and other Canadian securities commissions have issued a warning that Denmark-based Halifax & Associates–claiming to be a cryptocurrency trading platform–has been defrauding Canadian investors. The Manitoba Securities Commission (MSC) claimed that a resident was scammed out of CAD$8,000, while the Nova Scotia Securities Commission (NSSC) notes that multiple investors in that province were defrauded.

Source: https://nssc.novascotia.ca/sites/default/files/docs/2020-04-06-NSSC%20Halifax%20and%20Associate%20Investor%20Alert.pdf

Who Is Impacted?

Financial services providers targeting Canadian residents.

Why This Matters?

The Investor Alert helps Canadians assess the credibility of the firms they deal with, or intend to deal with. Investors who do not heed these warnings may be at risk of a total loss of capital–with no recourse for recovery–when dealing with fraudulent and unlicensed service providers operating outside of Canada’s regulatory oversight.

What’s Next?

By issuing the Investor Alert on Halifax & Associates, the NSSC has sent a clear message that these unlawful practices of promoting an unlicensed business can result in public enforcement. This alert could damage a company’s reputation in the public and create barriers to their future growth and development.

learn more

Is your AML compliance too expensive, time-consuming, or ineffective?

iComply enables financial services providers to reduce costs, risk, and complexity and improve staff capacity, effectiveness, and customer experience.

Request a demo today.

Challenges and Solutions in FATF Travel Rule Compliance
Challenges and Solutions in FATF Travel Rule Compliance

Complying with the Financial Action Task Force (FATF) Travel Rule presents several challenges for financial institutions. These challenges can hinder the effective implementation of compliance processes. This article explores...

Implementing FATF Travel Rule Compliance
Implementing FATF Travel Rule Compliance

The Financial Action Task Force (FATF) Travel Rule is essential for preventing money laundering and terrorist financing. Implementing compliance with this rule requires a strategic approach to ensure all regulatory requirements...

Understanding the FATF Travel Rule
Understanding the FATF Travel Rule

The Financial Action Task Force (FATF) Travel Rule is a significant regulation in the global fight against money laundering and terrorist financing. It mandates that financial institutions share certain information about the...