Thesis on Popularized Conventions
SPECIFIC CRITIQUES ON CONVENTIONS: RANGING FROM FATF TO PRIVACY LAWS AS A STATEMENT ON THEIR WORDING & POWER
?
PARKER S. GROSS
?
Table of Contents:
Title:???????????????????????????????????????????????Page Number(s) Abstract…????????????????????????????????????????????????1
Future Areas of Research… 34 Bibliography… 35-36
?
Abstract:
This critique argues that there should be changes made to guidance surrounding anti-money laundering, corruption, and cybersecurity. It explores this issue by using previous work done by scholars. Furthermore, it does this by including exact wordings of conventions like that seen in the United Nations Convention against Corruption. The historical review, after the introduction, is set to discuss the background of the information that is related in detail in the discussion chapter. Due to the fact that this area of research is so complex and vast, this is a 10,000-foot view. All of the scholarly articles present a road to recommending a better use of language to protect against the abuses of bad actors. This piece works with what should be more heavily utilized and how to make the wording of the conventions more powerful and less confusing. Overall, the system is flawed, even with the Foreign Corrupt Practices Act. The most crucial areas of the paper are the recommendations, like using the Organization of Economic Cooperation and Development’s wordings instead of other similar conventions. Additionally, the use of the Madrid Resolution, as an example in this thesis, is described as a step in the right direction for guidance. Several conventions are still workable like that produced by the Organization of Economic Cooperation and Development. The future area of research then points out the importance of numbers and statistical relationships.
Introduction:
?
?
?
“We must now wage an all-out war to prevent money laundering and the financing of terrorism. One and one is two. Two and two is four. I feel so bad [because] I am losing the war.”1 Richard Gordon aptly creates this picture from a quote he used in his article discussing the war against dirty money. It is also interesting because it is synonymous with conventions in general.
It is up to the regulators and businesspeople of the world to challenge the crooks of the world, and to stop corruption and money laundering that plagues the world economies. Money is going to terrorists and drug dealers because the net that was cast to catch these transactions is not bullet proof. What Charles Darwin has taught the world is that natural selection and mutations better a species. Therefore, it is prudent that the laws and enactments shift their might and adapt. It is important that the war waged against evil has a positive outcome. It is nearly impossible for society to continue without this.
What is next for FIUs (Financial Investigation Units) like FinCEN? Losing the War Against Dirty Money is one article that that highlights compliance. FATF (Financial Action Task Force) Recommendations have proven to be ambiguous, and AML (Anti-money Laundering) efforts have been threatened. That is why it is crucial to monitor DNFBPs (Designated Non-Financial Business or Profession) in a different manner; possibly by making the framework adjust and evolve as to who regulates it. In an international perspective, this may mean an overhaul of NCCT (Non-cooperative Countries or Territories) powers. Overall, the AML framework is weak and needs to be altered. Richard Gordon makes it clear in his article that the Methodology must be revised to better suit the AML domain. It is challenging to even understand whether the regime is voluntary or required. It is like the situation faced by the conventions aimed against corruption both foreign and domestic. The United Nations has devised a rulebook, but there are some bugs.
There are many questions to be asked. Are we prepared to combat money laundering? Does the combination of the UN Convention against Corruption, the Organization of Economic Cooperation and Development’s (OECD) Convention against Bribery and the Convention on Transnational Organized Crime really accomplish anything? What is the UN Convention against Corruption? All indicate that they are to end abuses globally to counteract corrupt entities. The OECD has their own convention and so does the UN. Are they redundant? What is their wording? Schroth details in another article how the wording of the UN’s convention includes optional wording and how the wording is akin to “termites wearing down the wooden framework” of our society. Due to the conventions, even asset recovery abuses arise. Clearly, more needs to be done and there should be alterations made to enhance the understanding and effectiveness of these vital players.
Haste makes waste, isn’t that the adage? What do the regulating bodies think of their regimes? It seems important to understand that the treaties discussed here are all overly complex and vague. The ideology is correct, there should be more done to combat terrorism
1 Richard Gordon, Losing the War Against Dirty Money: Rethinking Global Standards on Preventing Money Laundering and Terrorism Financing, Duke Journal (2011).
and criminal behavior. However, it seems that most of the content was created in haste or was created more so like the bible. It seems that the ten-commandment way of creating things to live by was taken too seriously with these conventions. Furthermore, there are many loopholes to each of the individual documents.
This is also seen within the strength of conventions surrounding privacy law. It is important to investigate because these laws have ramifications on banks and on commerce in general. A compliance officer that must deal with banking legislation in money laundering will also have to keep what is needed to be private, private. It is an overlapping concept that is apparent at this juncture.
Both AML and data privacy frameworks made to ensure the health of the economy and thwart illicit activity are ineffective; more needs to be done to end the corruption that they are proposed to prevent.
Historical Review:
?
?
Global Governance and Transnational Financial Crime
?
?
?
In the year 1970, it was the beginning of AML financial regulation in creating the Bank Secrecy Act.2 Then in 1986 in the US, the Money Laundering Control Act was established.3 Afterwards, there was a bit of a regulatory hiatus until the US Patriot Act and AML abatements in 2001.4 The Bank Secrecy Act was then restated in 2006.5 Over that time, there were other creations made by Europe, the private sector, and at the global level through guidance and conventions.6
?
?
Losing the War Against Dirty Money
?
?
?
Starting at this time, there has been a substantial increase in the global cause to reduce or stop money laundering.7 These reasons are not hard to see and are not complex in thought. “Law enforcement may be able to follow a money trail of criminal proceeds as evidence in a prosecution.”8 The area of origin for the money is where a state may also be able to confiscate the ill-gotten gains.9 Thus, felons will seek to mask the illegal origins of the profits of crime and their corresponding ownership.10 By effectively monitoring and implementing harsher law to prevent money laundering and dirty money, this will make it harder to benefit from crime.11
In the past forty years, anti-money laundering rules have been tightened and expanded at the same time.12 They have also been refined and rarely re-thought or substantially rewritten.13 A great majority of the world’s jurisdictions now endorse the newest versions of the FATF’s (Financial Action Task Force) 40 Recommendations on
?
2 Eleni Tsingou, Global Governance and Transnational Financial Crime: Opportunities and Tensions in the Global Anti-Money laundering Regime, CSGR Working Paper (May 2005).
3 Ibid.
4 Id.
5 Id.
6 Id.
7 Richard Gordon, Losing the War Against Dirty Money: Rethinking Global Standards on Preventing Money Laundering and Terrorism Financing, Duke Journal (2011).
8 Ibid.
9 Id.
10 Id.
11 Id.
12 Richard Gordon, supra.
13 Ibid.
Money Laundering (FATF 40 Recommendations.)14 There have also been little changes seen in the accompanying Methodology for Assessment.15 “Starting in 1990, these global standards have required financial institution to monitor the transactions of their customers and to report to special government authorities… those transactions they suspect might involve the proceeds of crime, and since 2001, the financing of terrorism. Financial intelligence units [FIUs] then analyze the reports along with other data and make recommendations to law enforcement as to which clients or transactions should be investigated.”16
September 11, 2001 greatly increased the activity on the global stage for AML and, for the first time, on terror financing.17?In 2002, the International Monetary Fund (IMF)and the World Bank adopted the FATF 40 Recommendations and Special Recommendations for the combating of illicit financing as a world standard.18?“They, along with the [FATF] and various regional AML groups, also began a joint global compliance program by assessing the extent to which individual [nations] were implementing those standards.”19?If there was a failure to implement effectively, the result would be that the actor would have broad applications of sanctions or countermeasures “including bans on doing business with financial institutions located within the border of non-complying jurisdictions.”20 The result was that a lot of suspicious transactions reports were filed with an unknown amount never reaching any real change to the global financial system.21
?
?
?
Re-Thinking FATF
?
?
?
Of the information presented, there is also the scope of the FATF. During the year of inception, the FATF published a vague and voluntary 40 Recommendations for building a better international AML regime.22 Scholars say that the FATF, on the subject of money laundering, was simply an empty effort by a G7 motivated institution to be seen as doing something, anything, to respond to the growing transnational illicit narcotics market. In the active years, FATF has become the main institution of a powerful financial governance regime.23 “Governments rely on its tools to counter crimes of all kinds, including transnational organized crime, terrorism, and weapons proliferation.”24 Almost all of the nations around the globe
?
14 Id.
15 Id.
16 Id.
17 Richard Gordon, supra.
18 Ibid.
19 Id.
20 Id.
21 Id.
22 Mark T. Nance, Re-Thinking FATF: an experimentalist interpretation of the Financial Action Task Force, Cross Mark (2017).
23 Ibid.
24 Id.
have agreed to its terms.25 A majority of states have joined iterations of the FATF.26 Many signatories to the regime have integrated standards of their own.27 The G20 of 2009 even applauded the framework.28 Once an oddity, the FATF is being held in high esteem.29
What must explain the rapid evolution from a fringe institution to a key body? “Most observers suggest that the impact stems from some mix of material and social—or coercive and persuasive—mechanisms. Socialization within a growing epistemic community is important, they argue, and may trickle up to the state.”30 The fear of being left out of markets ultimately outweighs the costs of complying.31 Much of all the programs are designed to have those who respond be those who comply, and this area of the world stage is no different.
?
?
The International Anti-Money Laundering and Combating the Financing of Terrorism Regulatory Strategy
?
?
?
Apprehensions over the risks of money laundering (ML) and terror financing (TF) reveal a factor of stability in the international financial system that has resurfaced in the context of the liquidity problems faced by financial institutions as a result of the recent credit crisis of 2008.32 Due to ML and TF evolving with new criminal activities and methodologies, ML and TF present systemic threats to the stability of the financial web.33 Addressing these new developments in ML and TF and their common risks requires a sufficiently flexible and adaptable international regulatory strategy.34 In an article by Navin Beekary, he examines the international anti-money laundering and combating the financing of terrorism (AML/CFT) regime based on softer forms of regulation and institutions. Additionally, they have shaped countries’ compliance with the Financial Action Task Force’s (FATF) international standards.35 The beginning of the regimes is located in the dual consequences of globalization, both in the rapid economic growth that stems from the increased financial and capital liberalization, and negative externalities undermining the financial system.36 As a supplement, there is the changing pattern in global governance toward new and more soft
?
?
?
25 Id.
26 Id.
27 Id.
28 Id.
29 Id.
30 Nance, supra.
31 Ibid.
32 Navin Beekarry, The International Anti-Money Laundering and Combating the Financing of Terrorism Regulatory Strategy: A Critical Analysis of Compliance Determinants in International Law, NW University Law School Journal (2011).
33 Ibid.
34 Id.
35 Id.
36 Id.
types of international regulation and institutions as alternative regimes to address issues of global concern.37
Where does this lead compliance? In this area, with the AML and CFT international standards, it is examined using the assumption that states’ behavior, or misbehavior, regarding their international obligations can be put under the microscope in terms of causality with varying points of interest.38 “Inspired by the regime and managerial approaches, one could argue that “ compliance is a function of specific determinants of which the regime is made acting on their own but more often with greater impulse arising out of their interaction. The present analysis relies on a mixed analytical-empirical methodology to analyze selected variables such as the soft law nature of the AML [and]CFT normative regime, its institutional design, compliance monitoring and sanction process, and legitimacy.”39
?
?
?
The United Nations Convention against Doing Anything Serious about Corruption
?
?
?
The United Nations Convention against Doing Anything Serious about Corruption highlights how these resolutions are based in constitutionalism. One of the greatest political achievements, as the article reveals, is the practical entrenchment of fundamental rights and freedoms.40 These are characteristically for the long term, and in the context of functional democracy, which is characteristically for the shorter term.41 The combination seen here is christened the “constitutional law of our country.”42 When it is then established, the protected rights and freedoms add strength to democracy, but democracy does not return by strengthening the rights; on the contrary, democracy’s tendency is to get out of its constraints in pursuit of immediate objectives.43 This is to say that the developments of the past conventions may have been hastily put together. It is often that the immediate goals out shadow the calm nature of a well thought out design.
What is the United Nations Convention against Corruption (UNCAC)? What does the UN think of its own creation? It is evident in the storytelling and historical overview on the UN’s website. The UNCAC is an international treaty formed by the UN General Assembly in October of 2003.44 The treaty entered into force in December of 2005, it displayed a remarkable achievement for its action: a global response to a global problem.45 Is it effective? According to the UN, there are 186
37 Id.
38 Beeka ry, supra.
39 Ibid.
40 Peter W. Schroth, The United Nations Convention against Doing Anything Serious about Corruption, Journal of Legal Studies in Business (2005).
41 Ibid.
42 Id.
43 Id.
44 Hanes Hechler, Mathias Huter and Ruggero Scaturro, UNCAC in a Nutshell, U4 (2019).
45 Ibid.
States Parties as of May 2012 and the Convention is inimitable “not only for its worldwide coverage but also for the scope of its provisions, recognizing the importance of both preventative and punitive measures.”46 Furthermore, “it also addresses the cross-border nature of corruption with provisions on international cooperation and on the return of proceeds of corruption. State Parties—countries that have ratified the Convention— are expected to cooperate in criminal matters and consider assisting each other in investigations of and proceedings in civil and administrative matters relating to corruption.”47 The UN touts this entirely without adopting a further evolution of the treaty, which is concerning. For instance, under acts and actors, it lists and defines a series of offences that should be criminalized and covered by legal provisions in every jurisdiction covered by UNCAC.48
?
?
International Association of Privacy Professionals
?
?
?
In the privacy law realm, there are several overarching laws as well. These too, have great impact on financial markets and compliance. Starting in the 1970s, fair information practices (FIPs), have been laws for organizing the multiple individual rights and organizational responsibilities that exist with respect to personal information.49 Their definitions have varied over time and by geographical location; nonetheless, strong similarities exist for major themes.50 In procedure, there are various exceptions to the clear statements provided and the degree to which they are legally binding.51 The FIPs are guidelines for handling, storing and managing data with privacy, security and fairness and this part of the information society is rapidly evolving.52 The practices used widely today date back to the 1973 report by the US Department of Health, Education and Welfare Advisory Committee on Automated Systems. It provided general standards.53
Meanwhile, as the world was developing, other privacy conventions sprouted up within the OECD, Council of Europe Convention, and the APEC Privacy Framework of 2004.
In 1980, the OECD, the international organization that originally contained the US
and European countries, but has since expanded, issued a set of privacy principle entitled “Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data.”54 These rules to live by, updated in 2013, were the most widely used FIPs and have
?
46 Id.
47 Id.
48 Id.
49 Pam Dixon, A Brief Introduction to Fair Information Practices,” World Privacy Forum (2008).
50 Ibid.
51 Id.
52 Id.
53 Records, Computers, and the Rights of Citizens: Report of the Secretary’s Advisory Committee on Automated Personal Data Systems, Records, Computers, and the Right of Citizens, US Department of Health, Education and Welfare (July 1973).
54?Guidelines Governing the Protection of Privacy and Transborder Data Flows of Personal Data, OECD
(September 1980).
been adopted by the US Federal Trade Commission (FTC) and numerous other governmental organizations.55
For the meantime, in 1981, the Council of Europe also passed the Convention for the Protection of Individuals with Regard to the Automatic Processing of Personal Data (Convention 108).56?This piece required member states of the Council of Europe that signed the treaty to instill certain data protection safeguards into their domestic law framework.57?Like the OECD Guidelines, its principles were important contributors to national data protection laws in Europe throughout the last two decades of the 20th century.58
During this period, there was also the work done by APEC. It is a multinational organization with 21 Pacific coast members in Asia and the Americas.59?Dissimilar to the EU, the APEC organization operates under nonbinding agreements.60?It was established in 1989 to enhance economic growth for the region.61?In 2003, the APEC Privacy Subgroup was created under the auspices of the Electronic Commerce Steering Group in order to develop a framework for privacy practices.62 This legal framework was modeled in order to support the APEC-member economic legislation that would both protect the individual interests and ensure continued economic flourishment of member economies.63 It was approved by the ministers in November of 2004 and it mirrors that of the OECD’s work.64
Possibly the best example not already examined here is the Madrid Resolution. Starting in 2009, this guide was approved by the independent data protection and privacy commissioners (not government) at an annual event called the International Conference of Data Protection and Privacy Commissioners, held in Madrid, Spain. 65“There were dual purposes for the Madrid Resolution: to define a set of principles and rights guaranteeing (1) the effective and internationally uniform protection of privacy with regard to the processing of personal data and (2) the facilitation of the international flows of personal data needed in a globalized world.”66
?
?
?
?
?
?
?
?
?
55 The OECD Privacy Framework, OECD (2020).
56 Convention for the Protection of Individuals with Regard to the Automatic Processing of Personal Data, Council of Europe (January 1981).
57 Ibid.
58 Bansiar and Davies, Global Trends, Emory International Law Review (2001).
59 APEC Privacy Framework, APEC (2015).
60 Ibid.
61 Id.
62 Id.
63 Id.
64 Id.
65 Madrid Resolution-International Standards on the Protection of Personal Data and Privacy, (2020).
66 Ibid.
Literature Review:
?
?
Eleni Tsingou, Peter Schroth, Richard Gordon
?
?
Many scholarly articles have been written on the topic of AML, terror financing, and privacy law. To narrow the discussion, it is important to examine the effectiveness of regimes that are used to minimize the threats to these crucial areas, specifically within the sphere of conventions.?Eleni Tsingou, like Schroth and Gordon, have stated that the current protections against these negative externalities have come up with little to show for. For one, Tsingou found out that most of all of the money that is laundered illegally is successfully executed by bad actors. Richard Gordon’s opus indicated that in the title of his article Losing the War Against Dirty Money. Peter Schroth indicated this in his seminal work on corruption as well. The title of his article was based on the UN convention, United Nations Convention against Doing Anything Serious about Corruption.
All of the articles that oppose the language of the conventions declare that nations are trying to conform simply for rewards. Tsingou highlights how money havens that are under international scrutiny are “downloading” compliance regimes. Meanwhile, these nations handle a quarter of the world’s financial assets and are under 1.2 percent of the global population. Gordon furthers the discussion with his pillars of success to enhance the FATF guidelines. Both agree that economic sanctions and incentives should exist rather than simply hoping that the illicit activity is diminished through ambiguous and unthreatening guidelines. Policy disruptions are abundant, and this is clear by all researchable material currently out there.
However, Richard Gordon does mention record-keeping as one of the areas that needs little effort to enhance because it is less of a problem. Nonetheless, it also creates a problem in compliance, customer identification and profiling requirements. Both Gordon and Tsingou mention similar beliefs on the private sector role. More accurate and incentivized reporting is needed as businesses are in compliance when they can make money. Firms must insist that their staff report only when the information could lead to investigations that bear fruit. Gordon deals with how the FATF recommendations—that have inspired only limited compliance—are hazy. Gordon, unlike Tsingou, goes by wording, and Tsingou goes by the 10,000-foot plane of view.
Peter Schroth is also against the language when it comes to conventions and use of guidance to effectively stop AML and other illicit movements of funds. Gordon strikes a more similar tone with Schroth than he does with any other researched scholars. One of the areas of disagreement with the conventions is with the concept of ambiguity within money thresholds. Both indicate that enforcement actions should be more specific when it comes to penalties. Nevertheless, Schroth—unlike all other articles in this thesis—indicate that corruption is analogous to termites. He draws parallels with these pests in the inner workings of the UN Convention Against Corruption. Essentially, he indicates that there are several
types of termites that are infesting or eating away at the safety net protecting against criminal behavior.
?
?
?
Navin Beekarry
?
?
?
Proponents like Navin Beekarry are not as plentiful but can cleverly twist the language of the Recommendations and Methodology in a different manner than those opposed to the wordings. Rather than go over the language in too much detail, he goes over how there is a greater increase in the compliance impulse. This does make sense but is hardly a superior result. Even those that support change indicate that there has been movement to a compliance impulse, it is just that the direction is merely too little. There is also no doubt that the rules created are extensive, but the wording is weak. The guidelines are simply, according to the work done here, speak a lot but do and say little.
?
?
Privacy in Relation
?
?
?
In the privacy realm there are also weaknesses in the guidance to firms, governments, and individuals. Too much of the Internet is a frightening experience where there are many ways that data privacy is threatened. A great number of people have had their livelihoods threatened by what conventions have aimed to prevent. This is why Peter Swire and Debrae Kennedy-Mayo’s work is crucial to this sphere. Both data privacy and financial compliance guides have to answer several similar questions. What is the general existence of policy to be considered? What do the terms, such as, “readily available” mean? For firms, what does vague policy do to answer a specific policy problem that a risk manager would have to face in making a compliance policy? Similar to federal civil procedure, what procedure determines things like usual residence?
?
?
?
IAPP
?
?
The International Association of Privacy Professionals (IAPP) text highlights most of the vital information to describe the current privacy frameworks. It is also a source for recommendations and information that has to do with the limits on private
sector collection and data use. It is also the centerpiece for several online courses. The source is a crucial guide to those who work or desire to work in the shifting privacy landscape. Although not mentioned here in this thesis, it covers medical, financial, educational, telecommunications and privacy issues in litigation and investigation. There are many aspects of the book they provide that builds a foundation to also to take their exam which is touted in the industry. For students that are interested in Cybersecurity and Data Privacy, it is a vital first read.
Discussion Chapter:
?
?
Eleni Tsingou on AML
?
?
When it comes to money laundering, it has been difficult to find the exact amount of money that has been illicitly circulated.67 The IMF and other estimates have put the total to between 2 percent and 5 percent of the world’s GDP (Gross Domestic Product).68 Of the total, around 40 percent of the upper range has been from illegal drug activity.69 Money laundering is a concern because the lines that include money laundering and tax havens, along with bank secrecy are often indistinct even with the fact that these are separate areas.70 “The drive towards building an AML regime is nevertheless connected with questions of competitive pressure and establishing a regulatory level playing field. AML measures are also fast becoming a potent foreign policy tool with the introduction of an officially sanctioned focus on problem countries and politically exposed persons.”71
The AML framework is moving forward on two main fronts, prevention and enforcement, and at three levels: nationally, regionally, and globally.72 Nonetheless, even though there is criminalization of money laundering and the enforcement agencies have been evolved within AML, the procedures for prevention are largely regulatory.73 The process of enforcement, however, is less developed, ranging from visible results and also as an institutional framework.74 The Methodology is especially like this on an international level.75
The world stage looks to America as the main actor and initiator for AML regimes.76 “There are good reasons for this interest: a 2001 report by the Federal Bureau of Investigation claims that approximately fifty percent of total money laundering goes through the US financial system while the US Treasury estimates that 99.9 per cent of such funds are laundered successfully.”77 Even with high profile cases in the 1980s, little has been done to stop bad actors.78
?
?
67 Eleni Tsingou, Global Governance and Transnational Financial Crime: Opportunities and Tensions in the Global Anti-Money laundering Regime, CSGR Working Paper (May 2005).
68 Ibid.
69 Id.
70 Id.
71 Id.
72 Eleni Tsingou, supra.
73 Ibid.
74 Id.
75 Id.
76 Eleni Tsingou, supra.
77 Ibid.
78 Id.
Furthermore, issues are presented when examining offshore centres that do not hold themselves accountable to the FATF.79 “As the FATF focus on NCCTs has shown, an important part of the global strategy against money laundering revolves around improving practices and promoting transparency in offshore centres. These represent 1.2 percent of the world population and account for 3.1 percent of the world’s GDP yet handle a quarter of the world’s financial assets.”80 It is troubling that most territories that are either developing or are widely considered “havens” are basically “downloading” a scheme to stop disruption from money laundering.81 These regions are simply following the guidelines of other member countries to a bare minimum.82
Having laid out the principle attributes of the AML framework, then it is clear that the next step is to establish some kind of legitimacy in its use.83 It is also necessary to reveal the gaps in the process.84 There are two discourses of legitimacy.85 One is systems of rules and the other are the normative principles that determine who is included.86 To do so there must be an assessment of policy priorities, the actors, and of the structure as a whole.87
Policy disruptions occur where states everywhere are affected through the loss of taxable income.88 Moreover, the concerns arise from the extent to which the funds are “cleaned,” and are used to affect global stability.89 Around 2005, “such concerns concentrated on the political situation in countries in the developing world; drug-trafficking centers such as Columbia and Afghanistan have also been politically unstable and violent, whereas ‘blood diamonds’ in Angola and Sierra Leone have helped finance civil wars.”90 It is similar to the September 11th attacks which shifted the focus of much governing attention to a more global scale, it rendered the fight against money laundering to be synonymous with the ‘economic war on terror.’”91 The crucial actor in this fight is the FATF which promoted global standards but is effectively a political organization in its membership and practices.92 As the tendencies of regulation generation indicate, the structure of the AML framework is defined that the asymmetries of influence and standard formulation.93 “In essence, the AML regime is trying to reconcile two rather different goals: compliance and results.94 This brings about contradictions and further hampers the effectiveness—and by extension—the legitimacy of the emerging regime.95” In another respect, there has been forensic work done by FinCEN that has shown that money laundering tools are ineffective
79 Eleni Tsingou, supra.
80 Ibid.
81 Id.
82 Id.
83 Eleni Tsingou, supra.
84 Ibid.
85 Id.
86 Id.
87 Id.
88 Eleni Tsingou, supra.
89 Ibid.
90 Id.
91 Id.
92 Id.
93 Id.
94 Ibid.
95 Id.
against spotting terrorist funding.96 The use of these tools, like reporting on current and future possible transactions made, is subjective and overly time-consuming. It can even create biases for customer discrimination.97
Private sector roles should also be within the discussion.98 The studies of the reactionary role of the private sector that shed light on the AML regime has a greater effect on small institutions.99 This highlights the legitimate concern of this part of the industry for policies that are rational in size to the effectiveness of the regime.100
?
?
Words to Further Discussion
?
?
?
In general, there are many actions that can be taken to prop up the effectiveness of conventions and the use of AML techniques. It is important to have law because without rules, there would be chaos. Without the appropriate degree of enforcement and guidelines that promote AML efforts, bad actors would continue to get away with the bulk of their crimes. The conventions in the area of finance to combat criminals, and similarly in privacy law, are made to model national and international law after them. They create binding law or become adapted as binding law. Thus, a critique of the conventions is warranted and is important because with rules, life can actually be better for those under its regime. The FATF is a great place to start with this type of discussion.
?
?
?
Richard Gordon Article on FATF Recommendations
?
?
?
Richard Gordon is on the forefront of the charge to save the FATF Recommendations from their own failings. He has a lot to say about the FATF Recommendations being that they are aimed at preventing money laundering through the AML framework. He reveals that in the compliance field, it seems that record- keeping is not the problem.101 Record-keeping is not the issue, but customer identification and profiling requirements are.102 Specifically, where using rules have
96 Id.
97 Id.
98 Eleni Tsingou, supra.
99 Ibid.
100 Id.
101 Richard Gordon, Losing the War Against Dirty Money: Rethinking Global Standards on Preventing Money Laundering and Terrorism Financing, Duke Journal (2011).
102 Ibid.
often been found to be inadequate or effectiveness has been lackluster, that it is mainly the fault of the ideas surrounding beneficial ownership.103 He is concerned about the workability of these requirements both on the effectiveness of the system that was created by the Recommendations and how the system was implemented. Richard Gordon verifies that these attributes are effective through these data that indicate that there is a lot of ambiguity among the FATF Recommendations.104 He utilizes the FATF Recommendations as criteria and that of the links to the world of AML.
One other issue that is proposed is Gordon’s belief of the private sector’s successes and failures. Gordon reveals that scholars have witnessed little data indicating that the Recommendations have affected money laundering prevention.105 “This is particularly true with respect to transaction monitoring and suspicious transaction reporting requirements, where both scholars and practitioners have raised serious doubts as to whether they actually work to catch money launderers and terrorist financiers.”106 FinCEN, from the reports, have not gone on to make any real advancements in the way of key investigations.107 Here, statistics indicate that through mutual FATF evaluations of other nations, also suggest that few successful investigations are attributable from these suspicious transactions reports internationally.108 “If reporting helps, it may only be at the ex post stage, when the authorities can use records to follow the money, not at the detection or ‘preventative’ stage.”109 FATF Recommendations also lead countries to reporting too many instances of suspicious activity that are less than warranted, making the Recommendations ineffective in the eyes of foreign cooperative nations.110 There needs to be work in the form of refinement on suspicious activity reporting.
Gordon uses the Methodology within the criteria of the FATF Recommendations to spot differences of effects and ambiguity. He states, “with respect to the effectiveness of implementation by financial institutions and DNFBPs of the [FATF’s] preventative measures, three effects appear to dominate: (1) the clarity and objectivity of the standard as supplemented by feedback from the implementing agencies, (2) economic incentives plus the effect of sanctions for non-compliance, and (3) objective capacity.”111 A lot is debated on the haziness of the Methodology. “While the Recommendations describe in some detail the five required components (establish customer identity, create customer profile, compare transactions with customer profile, examine those that do not fit, report those that are suspicious),” there are lacking details still.112 There is not enough guidance as to exactly how far—and what criteria—firms in the financial realm and DNFBPs should follow.113 The criteria in the Methodology is, thus, highly subjective.
One instance of ambiguity in the Recommendations lies within the wording of reasonableness.?Within the Methodology, financial institution and DNFBPs must take
?
103 Id.
104 Id.
105 Richard Gordon, supra.
106 Ibid.
107 Id.
108 Id.
109 Id.
110 Id.
111 Richard Gordon, supra.
112 Ibid.
113 Id.
‘reasonable measures’ to confirm an individual entity.114 What are they talking about? In this section it is determined that a reasonable measure must be taken when determining who is the account holder in a way that the organizations ‘are satisfied’ that they know who the real beneficial owner is.115 “This includes [the taking of] ‘reasonable measures’ to understand the ownership and control structure of the customer.”116 This can be seen in the ordering of words found in 10.11 of the Methodology:
?
“For customers that are legal arrangements, the financial institution should be required to identify and take reasonable measures to verify the identity of beneficial owners through the following information:
?
(a)??????????for trusts, the identity of the settlor, the trustee(s), the protector (if any), the beneficiaries or class of beneficiaries38, and any other natural person exercising ultimate effective control over the trust (including through a chain of control/ownership);
(b)??????????for other types of legal arrangements, the identity of persons in equivalent or similar positions.”117
?
In addition to the confusion, “’information’ on the purpose and nature of the business relationship should be obtained to ensure adequate profiling, as well as ‘where necessary,’ the source of funds.”118 Another example is apparent in Recommendation 11 where the FATF Recommendations require that there be “special attention” paid to the transactions that have no “apparent” economic or visible legal purpose, and the entity’s identifying characteristics and purpose be examined “as far as possible.”119 How must one conform when one couldn’t get away with the most basic level of understanding?
Within the article, it is suggested that there are other areas of ambiguity. It is true that the quoted phrases are less than clear and definable. This unavoidably gives rise to a more subjective implementation of their efforts to mitigate risks.120 For example, as Gordon puts it, “would a ‘reasonable measure’ to verify the identity of the beneficial owner be simply asking the client if there was a beneficial owner other than the person opening the account, or should a bank [go as far to] hire a private investigator?”121
Guidance is also not given as to other examples. As such, Gordon reveals, red-flag transactions vary in amount, from possibly one penny to billions. There is nowhere in the FATF Recommendations as how to treat these varying numbers.122 Institutions must calculate the idea as “while it might appear logical for financial
114 Richard Gordon, supra.
115 Ibid.
116 Id.
117 Ibid.
118 Richard Gordon, supra.
119 Id.
120 Richard Gordon, supra.
121 Ibid.
122 Richard Gordon, supra.
institutions to apply greater efforts to determine the probity of relatively larger transactions, there is no guidance to this effect.”123 To this idea, efforts to assist in defining and instilling feedback rarely give assistance in interpreting words or designing systems for profiling, monitoring, and reporting.124 There are only examples to live by that give rise to only a few worthwhile investigations reported to FIUs like FinCEN.125 These entities will simply find areas of the most abuse; much like typical tactics (for instance, using shell companies) and areas of higher risk of terrorism (for instance, Pakistan).126 Red flags like these only rarely give enough guidance as to how much due diligence a firm should use when dealing with certain beneficial owners of accounts.127
Gordon then goes on to outline incentives for the private sector to form a police function. Business needs to be incentivized to act effectively; these could be in the form of a general subsidy for carrying out an enforcement action or through a form of reward to assist in an investigation. There are pitfalls because business is run to make profit.128 “The private sector person will carry out such a police function to the extent that total benefits from reducing the adverse effects of crime on the private sector person, plus a subsidy or bounty exceed total costs involved.”129 There are also strong disincentives to the idea of sanctioning customers, which creates troubles in the reporting of possible money laundering.130
?
?
?
Schroth Article on UN Convention
?
?
?
What about the UN Convention against Corruption? It has already been said that the FATF Recommendations and Methodology are flawed. Here it is directly related to the language used. Peter W. Schroth details very early on that the UN Convention against Corruption has optional wording. Participation within the convention is demonstrated as optional—in one case of many—where the word “may” is used; it is in the document 14 times.
Similarly, there is the concept of joining a treaty without fully changing the ratifying country’s existing laws. “The Inter-American Convention Against Corruption provided the opportunity for a new approach to the problem of joining a treaty without changing [US] law.”131 Thus, within the provisions, the US was shielded from the article’s guard against
123 Ibid.
124 Id.
125 Id.
126 Id.
127 Id.
128 Richard Gordon, supra.
129 Ibid.
130 Id.
131 Peter W. Schroth, The United Nations Convention against Doing Anything Serious about Corruption , Journal of Legal Studies in Business (2005).
assuming an individual is innocent.132 Furthermore, there was a presumption without the need of a reservation.133 This carried on as a loophole and was seen again in the UN Convention against Transnational Organized Crime.134 Six times in this document it used these passive terms, namely, “fundamental principles [were to be used] of [the nation’s] domestic law.”135 The rhythm of the wording makes the principles of this convention—like that of the UN Convention against Corruption— blend into the background.136 It is made standard and innocuous.137 Even in the UN Convention against Corruption, there is an all-encompassing merging of these tortured wordings that ruin the foundation of the accords. One such wording showing up in clause 5.4 is, “as appropriate and in accordance with the fundamental principles of their legal system.”138
Here it is in more detail:
“States Parties shall, as appropriate and in accordance with the fundamental principles of their legal system, collaborate with each other and with relevant international and regional organizations in promoting and developing the measures referred to in this article. That collaboration may include participation in international programmes [,] and projects aimed at the prevention of corruption.”139
?
Schroth makes an important analysis using a termite analogy within the context or terms of the UN Convention. He also includes other matters that have infested the framework of anti-corruption. He incorporates three different types of termites. The three termites are the worker, the warrior, and the queen. Each termite has their corresponding characteristics. By termites, Schroth indicates with this analogy that he means to critique the heart of the language which eats away at the substance of the treaty. This is done by making obligations bear no real responsibility at all for parties involved. In one case, what he refers to as the worker termite, it is the physical manifestation of a lawyer discovering the cracks in the foundation of the accords and creating an endless loop of litigation.140 This termite is only going to be destroyed perhaps by expensive and time-consuming lawyering.
Next is the venomous warrior termite, which is indicated in the critique. These termites, as Schroth suggests, “damage the legal systems of susceptible State Parties.” Essentially, by abiding and implementing the provisions—the nations that deny a presumption of innocence within their constitution—can continue down this undesirable path and blame their lack of human rights on the treaty obligation.141 This is all formed by the illicit enrichment provision that first harbored this type of
132 Ibid.
133 Id.
134 Id.
135 Id.
136 Id.
137 Id.
领英推荐
138 Id.
139?????????????????????United??????????????Nations?????????????Convention??Against????????????Corruption,???????UN??(2020), https://www.unodc.org/documents/treaties/UNCAC/Publications/Convention/08?-50026_E.pdf.
140 Schroth, supra.
141 Schroth, supra.
termite. These termites also exist in the authorization of preemptive strikes on bad actors.142 Clause 31.1 allows governments to confiscate property of one who has not yet committed, “much less been convicted of, any crime, if the property is ‘destined for use in offenses established in accordance with the convention.’”143 Nevertheless, these actions are only to the extent possible within the borders and actions of that domestic legal system.144 Similarly, this type of interchange and language can be seen with special investigative techniques.
The queen termite appears in several areas and is of overarching rule within the Schroth critique.?Article 65 determines this termite’s area of dominion.145 It is first seen with the difficulty to be confident in what the first provision means. It is stated that, under this first portion, “each State Party shall take the [needed] measures, including legislative and administrative measures, in accordance with fundamental principles of its domestic law, to ensure the implementation of its obligations under this Convention.”146 Without guidance, it could be construed as meaning, “each State Party must do everything necessary to carry out its obligation set forth in the rest of the Convention, and the ‘in accordance’ wording is merely about the manner in which it is to be done; or[,] each obligation of a State Party set forth anywhere in this Convention is qualified by the limitation that it need comply only to the extent that doing so is in accordance with fundamental principles of domestic law.”147 It is also difficult to imagine what is not optional. Additionally, it is difficult to parse the meaning and it seems that the UN Convention was to set only minimum standards.148 There is only an obligation to make an effort and not to really accomplish anything through active persuasion.
The excerpt of article 65 is as follows:
?
1.??????“Each State Party shall take the necessary measures, including legislative and administrative measures, in accordance with fundamental principles of its domestic law, to ensure the implementation of its obligations under this Convention.
2.??????Each State Party may adopt more strict or severe measures than those provided for by this Convention for preventing and combating corruption.”149
?
?
?
FCPA and the POTUS
?
?
?
?
?
?
142 Ibid.
143 Id.
144 Id.
145 Schroth, supra.
146 Ibid.
147 Id.
148 Id.
149?????????????????????United??????????????Nations?????????????Convention??Against????????????Corruption,???????UN??(2020), https://www.unodc.org/documents/treaties/UNCAC/Publications/Convention/08 ?-50026_E.pdf.
The same critical analysis can be done of the Foreign Corrupt Practices Act (FCPA). With this, the water is also murky and there is error in its drafting, but the idea of what to do remains a question.
Back when Trump was running for POTUS, he saw issue with the FCPA.150?“As highlighted in [a 2012 post] Trump was unscripted and blunt when speaking of the [FCPA] in relation to Wal-Mart’s FCPA scrutiny focused on alleged payments in Mexico to obtain various licenses and permits.”151?On CNBC, Trump publicly made the opinion available to all that the US would be crazy to prosecute alleged FCPA violations in places like Mexico and China.152 He went on to say that the FCPA is putting the US at ahugedisadvantage.153?“In his criticisms, Trump confuses two issues: (1) the FCPA as passed by Congress and (2) the FCPA as enforced by the DOJ and SEC.”154?He like many in the field of hypothesizing on progressing other people’s work is missing the end goal, the solution. “Many of the concerns Trump raises were addressed by Congress when it elected not to capture payments to ‘foreign officials’ in connection with ministerial or clerical acts or licensing and permitting issues.”155 He gets that there is a problem, it is just misguided. “If he meant to say that certain aspects of the current FCPA enforcement landscape are absolutely crazy there are many people who would likely agree.”156
?
?
?
Beekarry on Pro-AML and FATF Methodology
?
?
?
However, there are proponents of keeping matters the same. The Recommendations according to Navin Beekarry, are working just fine. He goes on in his piece to say that “the FATF AML [and] CFT system has developed into a formidable international regulatory regime.”157 He reveals that it has had influence, strength in its normative structure, it is vibrant in its framework, and that it is further supported by other international and regional organizations to enhance its legitimacy.158 Moreover, these elements have generated a considerable compliance impulse.159 He does not doubt that there could be improvements, but attributes a lot to the rules. He states that “those features have over the years marked the compliance
150 Donald Trump: The FCPA Is a “Horrible Law and It Should Be Changed,” FCPA Professor (August 6, 2015), https://fcpaprofessor.com/donald-trump-the-fcpa-is-a -horrible-law-and-it-should-be-cha nged/
151 Ibid.
152 Id.
153 Id.
154 Id.
155 Id.
156 Id.
157 Navin Beekarry, The International Anti-Money Laundering and Combating the Financing of Terrorism Regulatory Strategy: A Critical Analysis of Compliance Determinants in International Law, NW University Law School Journal (2011).
158 Ibid.
159 Id.
performance of countries, resulting in a greater number of countries having either adopted, or made commitments to adopt, AML [and] CFT systems and subject themselves to the FATF assessment of their AML [and] CFT system.”160
?
?
?
Privacy Realm and Recognition
?
?
Privacy is an important compliance attribute for firms. It is also evident in recent attacks that it is crucial. An attack reported by Forbes in 2014 found that there was a leak of as many as 70 million customers.161 Then in 2015, in the USA Today they stated:
?
“As many as 80 million customers of the nation’s second-largest health insurance company, Anthem Inc., have had their account information stolen... The hackers gained access to Anthem’s computer system and got information including names, birthdays, medical IDs, Social Security numbers, street addresses, email addresses, and employment information, including income data.”162
?
CNN Money on September 23, 2016 then reported:
“Yahoo says 500 million accounts stolen… The account information may have included names, email addresses, telephone numbers, date of births, hashed passwords, and, in some cases, encrypted or unencrypted security questions and answers.”163
?
One year later Fortune said that:
“Equifax has revised its estimate for the number of people potentially affected by its recent massive data breach to a total of 145.5 million people, 2.5 million more than initially reported…. From mid-May through July, an as yet unidentified hacker group gained access to a large swathe of this data—including names, birthdates, street addresses, credit card numbers and Social Security numbers.”164
?
Data privacy, from these examples, reveal how evolving technologies in connected society have created not only new uses of data, but there are great pools of information that are vital to keep secret and locked away.165 “Because a large data breach in an organization can bring privacy professionals into direct contact with the most senior leaders in the
?
?
160 Id.
161 Peter Swire and DeBrae Kennedy-Mayo, US Private-Sector Privacy, IAPP (2018).
162 Peter Swire and DeBrae Kennedy-Mayo, supra.
163 Peter Swire and DeBrae Kennedy-Mayo, supra.
164 Peter Swire and DeBrae Kennedy-Mayo, supra.
165 Peter Swire and DeBrae Kennedy-Mayo, supra.
organization, understanding data breaches and how to reduce the risks related to them is an important task for many of them.”166
?
?
?
IAPP
?
?
?
In the US privacy realm, there are language flaws as well. Not much is being solved with the language included in the OECD Guidelines, Council of Europe Convention, and the APEC Privacy Framework of 2004. It is troubling that these conventions do not use cogent language to deter.167 Instead, they use optional language like “should” and “may.”168 They only provide a policy framework to collection limitations, data quality, purpose specification, use limitations, safeguard s for security, openness, individual participation, and accountability.169 For instance, here is an example of the language that weaves itself through the APEC Privacy Framework:
?
“All reasonably practicable steps shall be taken to ensure that such information is provided either before or at the time of collection of personal information. Otherwise, such information should be provided as soon after as is practicable. It may not be appropriate for personal information controllers to provide notice regarding the collection and use of publicly available information.”170
?
The wording is troubling to say the least. What do the articles here really mean? It in short is not something that can be taken one way or another. There are plenty of holes here that a compliance officer would not know what to do with and it is troubling. All of this is also under an important part of the APEC policy. It is under the notice section where there is a prevention of harm to the actors involved.
Should is also seen in the OECD Guidelines under many of the principles, including openness:
?
“There should be a general policy of openness about developments, practices, and policies with respect to personal data. Means should be readily available of establishing the existence and nature of personal data, and the main purposes of their use, as well as the identity and the usual residence of the data controller.”171
?
?
166 Ibid.
167 Peter Swire and DeBrae Kennedy-Mayo, US Private-Sector Privacy, IAPP (2018).
168 Ibid.
169 Id.
170Peter Swire and DeBrae Kennedy-Mayo, supra.
What is the general policy to be considered? What does readily available mean? Why so vague an answer to a specific problem that a risk manager would have to face in making a compliance policy? What is, for the most part at least, the usual residence?
It takes experts that spend most of their careers in the field to come up with policy.?Should the experts even write where others question their demands??Think of the man hours that has to be put into these frameworks and all of the money spent as well. Has there ever been a time for man to not have the option of privacy. New orders of technology and things like artificial intelligence have reshaped the global marketplace. “International developments affecting global multinationals and consumers are seemingly commonplace. All of this makes privacy a front-page news item, a central policy issue and, importantly, a thriving profession.”172 To be a compliance professional in this field, it means being steeped in an ever growing and constantly shifting body of material. Therefore, it is important that the changes are right for the people and those involved. It is important that the laws are adapted from forceful language. Forceful language results in better accuracy for what a law or convention aims itself at.
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
Conclusion:
?
?
?
In conclusion, much needs to be done to save the world from dirty money. Ambiguity can melt away if the powers of AML were shifted to the public sector. The public sector shift would also lessen the waste. In addition, or likewise, a shift to enhance the power of the NCCT can complement this effort globally. Upon the article’s main thesis, incentives could pair nicely with this solution as well. The world is ever changing, and ambiguities are the last thing institutions need when they are already operating for profit and not for the sake of the other guy.
Heads of state at the US General Accounting Office had the following words of the current AML regime; “no one would actually design it as it is; but it would be counterproductive to introduce something new.”173 While it may be a somewhat productive procedural approach, there is the legitimacy failure in the drive against money laundering and terror financing that calls for a more comprehensive assessment of the interests represented and promoted in the regime. Clearly, there is a need to address the complex problems involved such as with drug trafficking, corruption, terrorism. Nevertheless, a resulting policy would amount to little more than ambiguous rhetoric and bureaucratic solutions to ill-defined issues. At this juncture, the theoretical version of a “cost-benefit” analysis of the regimes is ultimately not a losing scenario. Many of the major players throughout the global sphere used this realm as an opportunity to develop sophisticated marketing techniques to consolidate their expertise. It seems like the AML framework needs to be worked on in a different manner and to hold off the more cosmetic approach.
To further conclude, the article The UN Convention Against Doing Anything Serious About Corruption, there clearly needs to be a reordering of the power the UN has as well. The termites within the convention need to be exterminated by using better tools. Likewise, this may mean that there needs to be a unification of the conventions. Courts must then get involved to set precedent. To rid this infestation, it may mean using the OECD’s approach to managing corruption. Asset recovery protections was mentioned among the benefits to this. What is currently being utilized is simply not working. One would whole heartedly agree with Schroth on his assessment. Only time will tell if the framework will be too hollowed out to be recoverable.
Even the FCPA is flawed. It is hard to master even for the POTUS. However, many would agree that there are certain aspects of the murky law that people would say are less than substantial enough to understand. This makes the analysis and recommendations for the evolution of these laws and conventions to change that much more important.
Much needs to be changed, nevertheless, Beekarry has some good points as to where the convention for AML is effective.?The compliance impulse and
?
173 Remark made during an interview, Washington, DC, June 2004.
reprimand should make its way into the furtherance of these paradigms. He does not doubt that there could be changes made to better the rules.
At the same time, the privacy law regimes should be bettered through unambiguity and in progressing. This would greatly improve the global economy because it is crucial that the world stage present itself as a law-abiding cohesive body. It would make sense to use a more comprehensive and strict law to encompass all that is needed. This is done in other regions of the world. Compliance departments and counsels would greatly improve and welcome laws that have more specificity so they can prove their own due diligence and conformity with the law.
Recommendations:
?
?
Questions to be Addressed
?
?
Are the flows of money to criminals or general illicit activity a threat to the firm? Is some of it acceptable?174 How is that company’s AML policy linked to that of public goals?175 Are the incentives for companies to comply strong enough?176 Are private firms becoming enforcers?177 What can be done to strengthen the link between public policy and its private counterparts?178 What is the appropriate amount of detection?179
?
?
?
AML and Corruption
?
?
?
Richard Gordon reveals a lot of information in his critique. The meat of the article creates limits on what the Methodology of the FATF Recommendations can do for the global effect of AML. It is here that there is a sense that things can be done to the wording of the Recommendations to make them stronger. It is imperative that the design of the Recommendations be suited for less uncertainty to make more positive AML investigations and discoveries.180
One solution that Gordon comes up with in his article is to de-privatize the system. This would be handing the public sector all the analytical tasks needed to safeguard the credibility of the market. Additionally, there would be no need for the private sector to design or implement a selection system.181 As he states, “the current system requires the government to examine reports from the private sector and determine which of those reports should be further investigated;” which in effect, the government is mainly providing themselves with an inadequate tool to see what is
?
174 Eleni Tsingou, Global Governance and Transnational Financial Crime: Opportunities and Tensions in the Global Anti-Money laundering Regime, CSGR Working Paper (May 2005).
175 Ibid.
176 Id.
177 Id.
178 Id.
179 Id.
180 Richard Gordon, Losing the War Against Dirty Money: Rethinking Global Standards on Preventing Money Laundering and Terrorism Financing, Duke Journal (2011).
181 Ibid.
suspicious.182 The division between FIUs and the private sector is highly inefficient. It makes sense that this unification could work because inefficiency stems from the disunion. It would likewise limit the problems associated with ambiguity of the responsibility of private entities within the economy that are crucial to the AML framework. Furthermore, “turning all responsibilities for monitoring and identifying suspicious transactions to [FIUs] would also eliminate the need for the private sector to develop expertise [or to design systems] in those areas.”183
This solution may work for the US, but there are other problems faced internationally.?Therefore, international concerns—a solution to them—should also be mentioned.?Initially developed in 1998, stands the NCCT regime.184 There should be an expansion of the NCCT system that could be utilized as an alternative countermeasure to money laundering.185 It is an effective non-confrontational and collective form of managing nations that fail to comply with FATF Recommendations.186 It has generated a greater compliance factor—or impulse—among countries that have been closely assessed.187 It has also created a method of “judicialization” for not conforming to the FATF system where nations get more than just policy considerations and, instead, are faced with reprimand.188 There is greater impact on behavior, and it could be greater with expanded effort and ferocity.189
Another solution for the international realm would be to combine an economic incentive with that of the NCCT program. It would give a reward to countries that continually advance themselves and expand their efforts to get off or remain off the list. The root of the issue is making a globalized economy where all nations conform to the same principles. It would work because the system would increase the ability for nations to afford to comply fiscally.
To further the discussion of the endless problems with the conventions mentioned, the OECD framework would be a noteworthy choice for combatting corruption. The UN conventions are too dull and untrustworthy to do anything impactful. Asset recovery, within the Schroth article highlights areas of possible change. One of the many reasons is the mutation of law on this very subject or topic of discussion.
Asset recovery also corresponds to this section of discussion from the critique. The OECD Convention provides some form of asset recovery.190 When a crime of corruption is committed, the proceeds are “framed in terms of confiscation of” the assets, “rather than of restitution… or vindication… of state property.”191 Crimes can come in different shapes and sizes. Proceeds from crime can come in two different types with varying consequences. “One is the property of another that is taken unlawfully and therefore should be restored to
182 Id.
183 Id.
184 Navin Beekarry, The International Anti-Money Laundering and Combating the Financing of Terrorism Regulatory Strategy: A Critical Analysis of Compliance Determinants in International Law, NW University Law School Journal (2011).
185 Ibid.
186 Id.
187 Id.
188 Id.
189 Id.
190 Peter W. Schroth, The United Nations Convention against Doing Anything Serious about Corruption , Journal of Legal Studies in Business (2005).
191 Ibid.
the owner; the other is the profits of a forbidden business, such as trafficking in unlawful drugs.”192 This leaves out stolen property.193 Like other provisions and conventions, the OECD Convention requires in its third article, that Parties that take on bribes must relinquish their ill-gotten gains; however, there is no mention of property.194 The OECD Convention, by doing so, does not lower the property rights of individuals unless there is a predicate crime to confiscate the funds from them.195 Thus, the OECD Convention, as it protects while covering the same material, is then a better alternative according to Schroth.
One would think that the UN Convention is not effectively managing asset recovery. Other conventions like the OECD’s also protect human rights more effectively and avoid preemptive attacks. The OECD Convention should be in the forefront, and one would agree with Schroth that it would help with public relations for the implementing nation. There is too much ambiguity in the materials within the UN Convention because it is written at the expense of any in-depth coverage. Many of the more mandatory subject headers are also of little impact to the negative forces the convention intends to combat. The existing conventions overlap and create redundancy when combined. Thus, it is not a shock that the nations that have adopted the OECD Convention have already considered what the UN Convention will do for their corporate governance matters. Meaning, the OECD Convention will work for them and they will likely ignore the UN Convention. On its own, the OECD Convention could do all the work that the UN Convention and the Convention on Transnational Organized Crime could.
The next thing that the international legal community should do is twofold. As the first action to take, they should make an international body to separate and parse the concepts in these conventions and create a singular treaty weighted toward the language within the OECD Convention. Second, the conventions should be upheld in courts. The strength of the wording would only be enhanced if there were decisions made in the international courts. Such ambiguities would be mitigated if there was more work done by, more specifically, the International Court of Justice. The termites that infest these conventions will only lessen their effectiveness and will erode them in their participating nations. It is up to those with the real power to alter the documents that run the globalized economy. By following these recommendations, it is clear that the picture will be less murky.
?
?
?
Role of the Private Sector Information Provided by the Entity
?
?
?
?
?
?
192 Id.
193 Id.
194 Id.
195 Id.
Due to reputational and legal issues, financial firms have incentives to take AML measures seriously.196 It is true that these firms have made steps to create procedures to combat money laundering and to comply, but there is more that needs to be done.197 They have already included “special identification measures, the ‘know your customer’ mantra applied to all financial services; monitoring processes based on internal systems and a comprehensive system of dealing with suspicious activity; up-to-date training programs; the implementation of auditing procedures and accountability measures such as signed attestations of knowledge of anti-money laundering measures, and evaluations; the setting- up of specialized anti-money laundering units; and the full participation and commitment of senior management.”198
Systemically important banks have further taken initiative to create appropriate measures in establishing the Wolfsburg Group of Banks.199 This group was formed in 2000 and issues guidelines for other banks by focusing on correspondent finance relationships.200 The thought behind this voluntary framework, through codes of conduct, generates a harmonization of principles that strengthen reputation and credibility.201
Even with these implementations, critical problems still remain. There is still an issue of the cost effectiveness of AML.202 The American bankers Association confirmed this in 2003.203 Likewise, the Patriot Act “has further increased requirements but it is claimed that financial institutions have yet to implement centralized customer-identification systems” that prove “training staff and building compliance expertise is a costly and lengthy process.”204 Occurring simultaneously, the legislation does little to provide a budget for enforcement agencies which conflicts with the effectiveness of the current system and incentivization.205
The concern is the private cost of public policy. To a great extent this “exemplifies how some regulatory measures are technical and difficult to implement as well as the growing tend towards passing compliance responsibility to the private sector.”206 Additionally, it highlights how upper-management—when they have to deal with legal guardians—there are fewer tangible costs associated.207 The uncontrollable volumes of suspicious activity reports are also combined with the growing need that companies assume the role of creating internal compliance policies.208 Meanwhile, there is greater burden on smaller institutions where “know your customer” is less automated.209 “With few exceptions and despite accepting the inevitability of the AML… regime, most participants remain
?
196 Eleni Tsingou, Global Governance and Transnational Financial Crime: Opportunities and Tensions in the Global Anti-Money laundering Regime, CSGR Working Paper (May 2005).
197 Ibid.
198 Id.
199 Eleni Tsingou, supra.
200 Ibid.
201 Id.
202 Eleni Tsingou, supra.
203 Ibid.
204 Id.
205 Id.
206 Eleni Tsingou, supra.
207 Ibid.
208 Id.
209 Id.
puzzled at the need to deal with these issues; this is a potent reminder that politics in [information provided by the entity] matters.”210
?
?
?
Madrid Resolution
?
?
?
For privacy framework, or conventions that contain vagueness, the use of the Madrid Resolution is a great answer. It uses much more binding language to set the scene for legislation.211 For instance, the personal data that is regulated must be fairly processed respecting that of the applicable national legislation as well as the rights and freedoms of their citizens.212?That which does not fall in line will be seen asunfair.213?Plus, specificity is aligned well with this model.214 The word “unambiguous” is used to show that the resolution will weed out processing that is incompatible with the purposes which personal data was collected and there must be clear consent.215 Finally, the use of the word “must” is used to describe personal data quality.216 “Personal data no longer necessary to fulfill the purposes that legitimized its processing must be deleted or rendered anonymous.”217 Further usage also stems from the openness principle.218 “When data is not collected directly from the data subject, the responsible person must inform him or her about the source of personal data.”219 The weakest form that is captured from the Madrid Resolution forms in the paragraph on accountability, it states:
?
“The responsible person shall take all the necessary measures to observe the principles and obligations set out in the resolution and in the applicable national legislation and have the necessary internal mechanisms in place for demonstrating such observance both to data subjects and to the supervisory authorities in the exercise of their powers.”220
?
Being that this is the most abstract of concepts, from the section on accountability, this is of no surprise that it is the weakest portion. It is amazing that there are so little effective legislation that have been adopted. The US should really
210 Id.
211 Peter Swire and DeBrae Kennedy-Mayo, US Private-Sector Privacy, IAPP (2018).
212 Ibid.
213 Id.
214 Id.
215 Id.
216 Id.
217 Id.
218 Id.
219 Id.
220 Peter Swire and DeBrae Kennedy-Mayo, supra.
look at this an example to take to heart in the future. It is ridiculous that it has not. “Because information privacy is concerned with establishing rule that govern the collection and handling of personal information, an understanding of what constitutes personal information is key.”221 This is why it is crucial that conventions that surround this domain be specific enough to correctly institute, manage, and inspire legislation. “A central issue to determine is the extent to which the information can be linked to a particular person. This can be contrasted with aggregate or statistical information, which generally does not raise privacy compliance issues.”222
?
?
Privacy by Design Recommendation
?
?
?
Another side note is the idea that firms should outwardly promote consumer privacy in their organizations.223 This should be at every stage in the development of their products and services. 224“They should incorporate substantive privacy protections into their practices, such as data security, reasonable collection limits, sound retention and disposal [methods], and data accuracy.”225 The tenants for this include, individual control, transparency, respect for context, security, access and accuracy, focused collection, and accountability.226
?
?
?
Information Security
?
?
?
An additional tool to be utilized in conjunction with privacy conventions like that of Madrid Resolution is information security (IS).227 It is the protecting of information for the sole purpose of preventing loss, unauthorized access or misuse.228 IS requires ongoing monitoring of threats and risks to information and the steps and controls to preserve the information, all consistent with the three key aspects.229 The aspects of IS are confidentiality, integrity, and availability (CIA). Confidentiality is the “access to data [that
?
221 Peter Swire and DeBrae Kennedy-Mayo, supra.
222 Ibid.
223 Peter Swire and DeBrae Kennedy-Mayo, US Private-Sector Privacy, IAPP (2018).
224 Ibid.
225 Id.
226 Id.
227 Peter Swire and DeBrae Kennedy-Mayo, US Private-Sector Privacy, IAPP (2018).
228 Ibid.
229 Id.
is] limited to authorized parties.”230 Integrity deals with “assurance that the data is authentic and complete.”231 Availability is the “knowledge that the data is accessible, as needed, by those who are authorized to use it.”232
There are also different types of security controls within CIA which include those that are physical, administrative, and technical.233?Physical controls include locks and things like security cameras.234?Using procedures and incident response plans along with training have to do with administrative controls.235 Lastly, technical controls deal with computer firewalls, antivirus software, and access logs.236
IS differs from information privacy slightly.237 “Generally, information security is the protection of personal or other types of information from unauthorized access, use and disclosure.”238?Meanwhile information privacy deals with who should have access to an individual’s information.239 Two concepts of these two areas are similar regardless.240 “Information security is a necessary component of privacy protection—if security is breached, then privacy controls will not be effective. Information privacy and information security both include the use and confidentiality of and access to personal information.”241 However, the difference is that information privacy also involves the data subject’s right to control the data, this includes notice and choice.242 Overall, the factor of sectoral law and not that of comprehensive law surrounding this issue, “some state legislatures have passed laws requiring companies to take information security measures to protect citizens’ sensitive information.”243 These states include California.244
?
?
?
?
?
?
?
?
?
?
?
?
?
230 Id.
231 Id.
232 Id.
233 Peter Swire and DeBrae Kennedy-Mayo, supra.
234 Ibid.
235 Id.
236 Id.
237 Peter Swire and DeBrae Kennedy-Mayo, supra.
238 Ibid.
239 Id.
240 Id.
241 Id.
242 Id.
243 Id.
244 Id.
Future Areas of Research:
?
?
There are other directions that research can take when involving privacy law and AML.?There must be more quantitative research done to provide statistics on the effectiveness of each convention. This can be done by gathering numbers and analyzing them through many statistical measurements of relationships. Basic knowledge of statistics is required. For instance, it is important to know how a comprehensive law like the GDPR has been doing over the past couple of years since it has been in effect. Conventions for AML can be individually scrutinized by assessing the effectiveness in companies that use them as guidance.?Not all companies use every convention or there would be unnecessary overlap. There could be a control and test group to further this endeavor.
Conventions, and their target subjects, are continually jousting for the greatest result much like that of the cheetah and the gazelle. It does not matter which one is which. It seems that law should be a part of this evolution as well. The governing body should stress the importance of being a harsher critic. The organizations that conserve that natural battle, the zookeepers, have to better understand how the wording of their guidance is truly affecting the race. IS, for one, should be scrutinized through numbers because it is theoretical in nature and is used extensively in the data realm. Of all the critiques, there was little use of numbers.
Bibliography:
?
?
?
APEC Privacy Framework, APEC (2015).
Bansiar and Davies, Global Trends, Emory International Law Review (2001).
Convention for the Protection of Individuals with Regard to the Automatic Processing of Personal Data, Council of Europe (January 1981).
Donald Trump: The FCPA Is a “Horrible Law and It Should Be Changed,” FCPA Professor (August 6, 2015), https://fcpaprofessor.com/donald-trump-the-fcpa-is-a-horrible-law-and - it-should-be-changed/
Eleni Tsingou, Global Governance and Transnational Financial Crime: Opportunities and Tensions in the Global Anti-Money laundering Regime, CSGR Working Paper (May 2005).
Guidelines Governing the Protection of Privacy and Transborder Data Flows of Personal Data,
OECD (September 1980).
Hanes Hechler, Mathias Huter and Ruggero Scaturro, UNCAC in a Nutshell, U4 (2019).
Madrid Resolution-International Standards on the Protection of Personal Data and Privacy, (2020).
Mark T. Nance, Re-Thinking FATF: an experimentalist interpretation of the Financial Action Task Force, Cross Mark (2017).
?
Navin Beekarry, The International Anti-Money Laundering and Combating the Financing of Terrorism Regulatory Strategy: A Critical Analysis of Compliance Determinants in International Law, NW University Law School Journal (2011).
?
Pam Dixon, A Brief Introduction to Fair Information Practices,” World Privacy Forum (2008). Peter Swire and DeBrae Kennedy-Mayo, US Private-Sector Privacy, IAPP (2018).
Peter W. Schroth, The United Nations Convention against Doing Anything Serious about Corruption, Journal of Legal Studies in Business (2005).
Records, Computers, and the Rights of Citizens: Report of the Secretary’s Advisory Committee on Automated Personal Data Systems, Records, Computers, and the Right of Citizens, US Department of Health, Education and Welfare (July 1973).
?
Remark made during an interview, Washington, DC, June 2004.
Richard Gordon, Losing the War Against Dirty Money: Rethinking Global Standards on Preventing Money Laundering and Terrorism Financing, Duke Journal (2011).
The OECD Privacy Framework, OECD (2020).
United??????????Nations??????????Convention?????????Against??????????Corruption,?????????UN?????????????????(2020), https://www.unodc.org/documents/treaties/UNCAC/Publications/Convention/08- 50026_E.pdf.