AML/CFT rules are intended to assure and monitor compliance with the Bank Secrecy Act (BSA) with a view to protecting the financial system from criminal abuse and safeguarding the national security of the United States.1 In the interest of making the rules cost-effective and efficient, the BSA calls for these rules to be “risk-based” in the sense that financial institutions should devote most attention to higher-risk customers and activities. AARO applauds these objectives.
Nevertheless, from the perspective of Americans resident overseas there is great scope for improvement in the design of AML/CFT rules. In their current form, these have contributed to serious problems of high costs of overseas American’s access to, or even exclusion from, U.S. financial markets and services. AARO calls for major improvements in at least two areas:
I. Revise FATF international standards to end discrimination against expatriates
AML/CFT rules are substantially aligned internationally around standards2 agreed by the Financial Action Task Force (FATF), an inter-governmental group whose U.S. representative is the Treasury. FATF standards and recommendations do not have any status as international law, but they have been well-integrated into national laws and regulations, at least in the United States and Europe.
The most important feature of these standards is that, with no explanation, they formally embed discrimination against expatriates by deeming all non-resident customers to be “higher-risk”.
In addition, their treatment of physical distance as suspicious seems archaic in the internet age with “non-face-to-face business relationships and transactions” similarly deemed higher-risk. Furthermore, the section on “Preventative measures” includes a recommendation3 explicitly requiring supplementary “due diligence” of correspondent banks. Since the U.S. tax code effectively forces Americans resident overseas looking for brokerage and funds management services to “buy Wall Street”,4 while their every-day financial activity is mostly in local currency, expats’ personal financial management often involves foreign exchange transfers. Since these nearly all require correspondent banks, serving expats becomes an un-rewarding, high- cost activity for expats’ own banks. Finally, the rules oblige compliance officers in banks to deem accounts and transactions higher risk on the basis of highly subjective judgements they are often not competent to make.
We are aware of no requirements for probable cause before a transaction or an account is deemed “higher-risk”. But once this happens the account inevitably becomes vulnerable. “Enhanced” Customer Due Diligence (CDD), usually involving intrusive information gathering and other general harassment, becomes required and has often become the prelude to the account’s suppression.
These standards need to be revised5 at both the international, i.e. FATF, level and in their transposition to laws and rules of the United States. The biases which have made non-resident Americans unwelcome customers in U.S. financial markets should be eliminated.
II. Make Customer Due Diligence (CDD) methodology transparent
AML/CFT rules require financial institutions to undertake “Customer due diligence” (CDD) with regard to its entire client base. This involves (i) risk-profiling customers both when establishing a business relationship and via continuous monitoring an on-going basis; (ii) monitoring large classes of transactions and collecting detailed information about many that exceed a very low threshold, especially transfers that begin or end in the United States6; (iii) following alerts up with investigations; and (iv) reporting any activity or transaction deemed “suspicious”. Any transaction suspected of money laundering or terrorist financing must be blocked. As noted above, there are many features that can necessitate an “enhancement” of this CDD.
From the perspective of bank customers these CDD rules and procedures, even if not “enhanced”, are extremely opaque. The standards often target “factors” that are defined in very general, often subjective, terms that bank compliance staff, usually poorly placed to judge, can find difficult to interpret coherently. Given the volume of transactions that banks are obliged to monitor, and these limits to human judgement, AML/CFT compliance has increasingly relied on computer algorithms. But computers have even less judgmental capacity than human compliance officers. And incorporating concepts like “suspicious activities” and “unusual patterns of transactions” in algorithms that distinguish criminal behavior from innocent everyday activity is more art than science. The very high rate of false alerts (up to 98%) that is typical in large banks trying to identify suspicious transactions is indicative of the scale of the problem7.
Greater transparency would make the implementation of AML/CFT rules more cost effective as bank customers would be able to minimize inadvertent triggering of false alarms. Banks’ methodology should be made public, expressed in clear and accessible language, as it pertains to: (i) risk-profiling of customers; (ii) thresholds and transaction characteristics that generate alerts calling for follow up; and (iii) criteria for deeming transactions to be “suspicious” or “unusual”. Where due diligence relies on artificial intelligence – in which case algorithms are often proprietary and even the banks do not know what is in them - meaningful guidance about the underlying logic should be provided.
Given the damage financial exclusion can cause, no expat account closures should proceed except on the basis of probable cause.
1 31 USC 5311 (as amended by Section 6101(a) of the AML Act).
2 FATF (2012-2021), “International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation”, FATF, Paris, France.
3 Recommendation 13.
4 Specifically, non-U.S. savings vehicles often require filing Forms 8621 (foreign collective investments) and/or 3520 (Foreign trusts), which treat the investments punitively. The Government Accountability Office has summarized the issues well in GAO-18-19, “Workplace Retirement Accounts”, 2018, pp.12-14. GAO issues
5 Specifically, Section H (“Risk based approach”) in the Interpretive Notes applying to Recommendation 10 (Customer Due Diligence). In addition, the extraordinary measures beyond normal due diligence required in Recommendation 13 for dealing with Correspondent Banks should be lightened.
6 $3000 is a common threshold. For international transfers that begin or end in the United States, reduction of the threshold to $250 is under consideration.
7 98% is a European number but false alerts are unlikely to be less of a problem in the United States. See the CEPS-ECRI Task force Report, “Anti-Money Laundering in the EU, Time to get Serious”, CEPS, Brussels 2021.