Forgot your password?
Please enter your email & we will send your password to you:
My Account:
The Institute of International Banking Law & Practice (IIBLP), the London Institute of Banking & Finance (LIBF), and Coastline Solutions conducted their 2024 Trade Finance Compliance Annual Meeting on 14 February in New York City. Hosted and co-sponsored by S&P Global Market Intelligence, the event featured more than 15 compliance experts from the operations, regulatory, and private sphere. Conversations will continue at the next Trade Finance Compliance Annual Meeting in Singapore, 10 May 2024.
Professor James E. Byrne Memorial Keynote Address
Tom CARDAMONE of Global Financial Integrity delivered the event's keynote address on risk factors, recommendations, and feedback surrounding vessel ownership and suspicious vessel behavior. Drawing on an April 2023 study of data on nearly 70,000 vessels, Cardamone's remarks focused on some 8,300 of those vessels who had unknown ownership information of which 69% had adverse (either “warning” or "severe") compliance status. Of the vessels with an unknown owner, more than one- third (35.8%) use "flags of convenience" (FoC) of Liberia, the Marshall Islands or Panama. From the report's findings, Cardamone posits that vessel ownership is a primary risk indicator and the clear correlation between vessel flags and unknown ownership renders it a risk factor as well. He then referenced unpublished research suggesting that 27% of vessels fly FoC and half of government-seized illicit goods from vessels involve this 27%.
In terms of recommendations, having a global beneficial ownership registry for vessels would be advantageous. There have also been efforts to convince countries to require beneficial ownership data for vessels seeking access to their ports. Following Cardamone's address, attendees commented on FoC. One banker said their institution no longer considers it a red signal because FoC are so common. Very few vessels are US-registered, but to change this would likely necessitate a reduction of fees and lowering of standards which is not probable. Similarly, putting pressure on FoC jurisdictions like Liberia to strengthen their registration policies is also unrealistic.
Executive Order 14114 and Non-US Financial Institutions
Issued 22 December 2023, U.S. Executive Order 14114 (Taking Additional Steps with Respect to the Russian Federation's Harmful Activities) authorized imposition of secondary sanctions against foreign financial institutions.1 EO 14114 makes it incumbent on US entities to ensure foreign financial institutions they deal with are following the policy and that they know their customer's exposure. Foreign financial institutions are advised to review the Order and "follow all lines of it".
Speakers also addressed the elevated importance of the US Department of Commerce's Bureau of Industry and Security (BIS) enforcement of export controls. BIS maintains on its website a “Common High Priority List” (CHPL) of 45 items [by late Feb, the list grew to 50] identified by six-digit Harmonized System (HS) Codes that Russia seeks to obtain for its weapons programs. Constructed in cooperation with the EU, Japan, and UK, the list is an international effort and anyone dealing with the specified items, regardless of jurisdiction, is subject to the policy. Reference was made to General Prohibition 10 and knowingly selling an item that has an export control.
US Treasury's Critical Items list is similar to US Commerce's CHPL. Both are meant for due diligence purposes for banks to review their customer relationships for exposure to Russia and banks to update their internal controls as needed. Banks are urged to be proactive in their own investigations, including conducting key word searches on documents they are handling. Regarding FinCEN & BIS Joint Alerts on Russian Export Control Evasion Attempts, banks are encouraged to not overlook the bottom of the Alerts which contain key instructions. Of note, the Alerts contain a select list of potential "red flag" indicators of export control evasion. US officials have seen shipments of high priority items diverted through third countries. While third party countries may not yet be identified as a red flag, it is an area to watch. Regarding entity lists, it was recommended that banks screen Treasury's SDN list and the Consolidated Screening List available on the BIS site. Brief mention was made of derisking and attendees were informed to consult Russia-related General License 6C which covers authorized activities regarding agricultural commodities, medicine, and other specified transactions. As regards guidance for tying in brand names to HS codes, exporters providing services in the relevant areas should take heed of such. Speakers ended by commenting that enforcement colleagues are interested in cooperation with the private sector and information leads to address the Russian diversion problem. In July 2023, the US. Departments of Commerce, Treasury, and Justice released a Joint Compliance Note describing their voluntary self-disclosure policies.
Sanctions Evasion
The panel delved into sanctions evasion tactics employed by Russia. In the maritime space, Russia uses a dark fleet of vessels to transport oil and compliance specialists have seen an explosive growth in deceptive practices, including a rapid rise in spoofing. Spoofing is likely to be a predominant evasion technique going forward. Some contend that banks do not have the time, technology, or training to adequately detect spoofing practices. Mindful of limitations, some financial institutions are taking a targeted approach and utilizing deeper due diligence requirements for entities in highlighted locations, tied to random countries, with ties to sanctioned parties. They have received significant pushback from some customers who maintain that other institutions are not asking for such detailed information but have refused to onboard customers without the information. Often such situations have been resolved.
Other areas of concern expressed by compliance specialists include smaller US companies or companies freshly incorporated dealing with sophisticated products and serving as third party intermediaries in trade. Semiconductors are still ending up used on the battlefield. For instance, companies, perhaps too small to understand export controls, are exporting to small buyers in Hong Kong and the PRC. Additional concerns surround whether US and non-US FIs have robust programs for detecting sanctions evasion and abnormal transshipment practices.
Anticipating the prospects of a new wave of regulatory requirements, the panel said that FIs need to revisit their client questionnaires and expand the level of detailed information requested. In the past, FIs screened for sanctions but now need to do more as regards entity list screening and export controls. The discussion closed with a question about derisking. One attendee remarked that it is possible for FIs to come up with creative solutions and develop controls to support authorized business. Another commenter added that FIs need to be aware of what their correspondents are doing.
Fraud and Money Laundering Detection Strategies
More is being asked of banks in combatting financial crime and the panel discussed the viability and effectiveness of certain detection strategies. While a large segment of the compliance community within banks contends that price checking of goods and services in underlying trade transactions is unfair, it has been advanced as a risk control. Banks have bemoaned the costs and affordability of compliance resources, but panel members pointed out freely available sources such as OpenCorporates and International Maritime Organization (IMO) information have proven useful.2 Certain banks subscribe to ICC International Maritime Bureau (IMB) for services and products which aid in transport document the authentication, tracking down transshipments, and other safeguards. Although blockchain initiatives to date have largely failed to meet expectations and OCR has not delivered, cloud computing is increasingly being used and trade finance registries are helping with identifying multiple invoicing and other fraud typologies.
Hot Topics for 2024 and Beyond
Starting with the premise that one can learn from bad experiences, the panel referenced details of The Abyss. The Vietnamese-flagged tanker engaged in a ship-to-ship transfer of Iranian oil with a tanker owned by Belgian company Euronav which had no idea it was taking on illicit goods and lost the cargo when its vessel was seized. The bad actors involved use a variety of deceptive practices (fake documents, spoofing tracking data, and concealing the true origin of the cargo). The case illustrates the need for all stakeholders to “close the loop” on their transactions.
Within banks, interaction between trade finance operations and compliance departments is key. One trade finance specialist said he was able to get transactions approved through close collaboration with his compliance colleagues. From an education standpoint, some banks dealing with staff retention challenges are pivoting more aggressively to AI as tool to help empower specialists to make compliance decisions.
Returning to further discuss The Abyss, commenters suggested that whoever was purchasing the cargo was not using AI and should have known The Abyss had been used in the past for deceptive practices. Another red signal should have been the vessel’s transponder going dark in the Strait of Hormuz in the vicinity of Iran. One attendee asked: Do banks need to track vessels in real time? Commenters pointed out that OFAC has been warning stakeholders to look at deceptive shipping practices and general practices for effective identification of sanctions evasion include monitoring ships throughout the entire transaction lifecycle. While financial institutions are unnamed, the matter is coming to a head and the expectation is that banks now need to look at vessel tracking. Other commenters referred attendees to the paper (perspectives on evaluating potentially unusual vessel behavior) available to BAFT members, highlighting its suggestion that a bank’s practice should match its risk profile and banks should be prepared to explain the choices that they make.
Asked to comment on UAE, the panel noted that UAE leadership's edict to its banks essentially is that they need to "get their act together" by improving its AML/CFT regime and off FATF's grey list of jurisdictions subject to increased monitoring [UAE was removed from grey list on 23 Feb 2024]. The panel closed by commenting that implementing AI is about addressing the problem an FI is looking to solve. Toward that aim, FIs should seriously test out the technology. One panelist opined that the biggest impediment to AI is data protection considerations.
Export Controls: HS Codes and Dual Use Goods
This panel looked at key takeaways from the BIS' Common High Priority List (CHPL) and OFAC's list of Critical Items that support Russia's military-industrial base. The CHPL comprises HS Codes and descriptions, including items designated under Export Control Classification Numbers (ECCNs), and there is slight misalignment between it and the OFAC list that has no HS Codes. Both lists need the attention of exporters, banks, and other service providers. While there has been emphasis on searches of key word phrases from the lists, panelists cited a recent study of goods descriptions on shipping documents which indicated that a very small percentage of shipping documents contain those phrases, causing a significant difference between descriptions on the lists and descriptions appearing in shipping documents. Banks cannot be fixated on HS Codes, nor can they look at individual pieces in isolation. KYC, data, and use of technology are all vital. Panelists suggested that 1%-2% of trade involves strategic goods, but regulators still expect financial institutions to use innovative tools effectively to identify that portion of suspicious transactions involving possible export control evasion or violations. Attendees commented on the challenge facing them to monitor many data pieces and processes. Speakers referenced the ICC paper addressing dual-use goods as one resource to consider.
Living with "Perpetual Risk" When Systems were Built for "Reactive" or "Occasional" Risk
This panel discussed characteristics and considerations for FI’s compliance programs in assessing and dealing with risks. To open, the panel referenced OFAC’s enforcement action against daVinci Payments, a financial services firm which had a program for screening Internet Protocol (IP) addresses, but the program was not used properly or tuned to prevent services to persons in sanctioned jurisdictions. Compliance systems cannot be static and collected data needs to be utilized. Panelists noted that historically compliance operations have been siloed in AML and fraud departments. These divisions use the same tools and regulators expect compliance to pull together and work in a coordinated effort. Issue-spotting is key and compliance operations need to confront risk across the full spectrum. This includes being attuned to the UK, EU, and policies of other jurisdictions. For instance, the EU has restrictions on exporting IT services to Russia.
Because sanctions and export controls are foreign policy and security-driven, FIs need to be proactive and pivot based on geopolitical conditions. Where might the next geopolitical situation be? Commenters suggested it could be China, although the US would unlikely take the lead, barring something extraordinary, because the economic ties between the two countries are so intertwined.
In terms of regulatory expectations, panelists noted officials have asked why certain tools are not used for high-risk customers. FIs need to demonstrate they have documented policies in place and their controls are commensurate with their risk. Regarding reputational risk, some US companies and banks have completely derisked from Russia after looking at fence-sitting entities or customers involved in Russia. Additionally, human rights programs have prompted banks to avoid doing business in certain regions.
Panelists also addressed bank relationships with OFAC. As banks are expected to document the controls they put into place and rationale for them, "getting out in front" and showing OFAC their program can be prudent. OFAC wants to hear from banks about their compliance programs. One commenter suggested it signals to OFAC that the bank is not perfect, but is making a concerted effort. Conversely, the panel opined why banks do not approach OFAC. Reasons include: OFAC may give an answer the bank does not want to hear; a bank may not know where all its collected data goes; or a bank's program may be deficient.
In Q&A, one attendee remarked that there can be underappreciated exposure regarding standby LCs. One scenario: A bank knows the beneficiary in an underlying transaction involving heavy oil & gas equipment in a region rife with corruption. Will the banker who received details in an email retain the message? Commenters responded that banks will never receive perfect information, but should recognize the touch-points on risk. Banks conducting a thematic review of their operations across all sectors and use of detailed customer questionnaires can help shed light.
The Future of Trade Compliance as Seen through AI
In an interactive discussion, panelists and audience members shared their challenges and views on the evolution of sanctions and compliance list screening. For starters, banks are cognizant of the need to recognize and utilize smarter technology. In one case, a bank which manually imputed vessel and port information was able to implement reasonably priced technology for screening ports. Some compliance specialists mentioned experiences working with multiple vendors and systems which has created complexities and not yielded anticipated results. From a vendor perspective, it has proven difficult to build one standard and get everyone on that standard. One compliance specialist said their FI uses a whole suite of tools and been successful in demonstrating to regulators their structured approach toward meeting expectations. Concluding with a discussion on Chat GPT and generative AI, these tools offer tremendous potential but are still evolving and cannot solely be relied upon without safeguards and human intervention. One cited example, generative AI could not distinguish between UCP600 rules and what people thought the rules were.
1For OFAC's interpretation of “foreign financial institution” and other terms, see OFAC FAQ 1151, reprinted at p. 11.
2Links to other free vessel and airplane search sites are available here.