Having policies and controls for the prevention of money laundering is of vital importance for organizations (whether supervised or not) to avoid incurring administrative or criminal liabilities, taking into consideration that the Criminal Codes regulate this crime in its intentional and reckless modalities. Legal persons are obliged to implement policies and controls when they are going to carry out a commercial transaction, the provision of a service with a client, with their suppliers, collaborators, or when they intend to associate with other natural or legal persons in the provision of services or any other commercial activity.
In the case of clients, it is important to design a Know your client policy, which implies carrying out due diligence to identify the client before initiating the commercial relationship or the provision of a service. For this purpose, the respective documentation or information on the client will be necessary, to accredit its real existence, partners, shareholders, final beneficiaries, legal representative, its line of business, address, place of operation, whether there are any civil or criminal lawsuits against it, verification in international lists, among others. Then, it is necessary to carry out an evaluation process to verify the information provided.
Once the information has been evaluated and the customer has been categorized depending on the risk (normal, simplified or increased), it is determined whether the information is sufficient to know whether it is necessary to request additional documentation, in order to then take the decision to initiate the business relationship or the provision of the service, as well as to take measures in accordance with the customer’s categorization. Since it is evident that the increased risk is the one that implies greater diligence, i.e. more rigorous procedures and controls and, therefore, greater diligence in the process of monitoring or follow-up of its activities that allows having updated information or knowledge about the customer, it is of vital importance to demand, in case of doubt or increased risk, the necessary and timely information in order to decide on the continuity or termination of the relationship. Due diligence policies in relation to suppliers should contain the corporate decisions regarding the acquisition of goods and services that allow the initiation and maintenance of a business relationship without risk of being used for money laundering. Therefore, at least the following information should be requested before initiating the business or commercial relationship:
- Fill out a form.
- Document of incorporation as a sole trader or company.
- In the case of social traders, the partners, administrators, legal representative, and final beneficiaries.
- Business activity.
- Address and telephone numbers,
- Whether it has contracts with the State or only with the private sector.
- Whether it has family or personal ties with PEP.
- Whether it operates locally or also internationally.
- Consideration should be given to requesting financial statements, taking into consideration the supplier’s categorization.
- Research international listings and credit bureaus, subject to prior written authorization.
It is important to maintain due diligence during the business relationship, as this provides the opportunity to be certain about the integrity of the suppliers in their activity, which will allow an informed decision to be taken on the renewal or termination of the business relationship, and depending on the risk categorization of the supplier, the frequency with which the information should be updated should be established, with a prudent or reasonable time to do so on an annual basis. It is also advisable to share the obligation to carry out due diligence, so it is important to include in contracts a clause containing the obligation to prevent money laundering, and another on the supplier’s knowledge of the organization’s code of conduct. Likewise, the obligation to have a compliance program should be considered, a requirement that should also be considered in relation to clients.
In terms of employee policy, the organization should adopt a culture of hiring, promotion, and dismissal to prevent money laundering and labor lawsuits that could have a significant economic impact that could seriously damage the organization’s finances.
Regarding money laundering, the organization must carry out due diligence in the hiring of personnel, since criminal organizations try to permeate companies and institutions to locate or introduce their members, members or sympathizers, in order to facilitate criminal activities, including money laundering. For this reason, the following information should be required in the selection process:
- Application for membership.
- Personal identification document.
- Personal and employment references.
- Declaration of assets.
- Source of income.
- Family or personal relationships with public officials.
- Criminal record.
Once the information provided has been corroborated, it is essential to carry out the corresponding induction, in order to inform them about the values and ethical culture of the organization. On the other hand, when it is decided to hire them, controls should be established to monitor the behavior of those employees with customer service and administrative functions. Similarly, it should be observed whether the standard of living they lead is congruent with their income, as well as the friendly relations they maintain. On the other hand, the need for constant training should not be overlooked, as well as knowledge of the channels of collaboration or denunciation, so that they can report any illicit act of which they are aware.
Finally, it is important to take into consideration the great contribution that Artificial Intelligence can provide, which provides technological tools that help to improve due diligence processes, because it allows:
- Process large amounts of data quickly.
- Analyze transactions to detect suspicious or abnormal activity.
- Identify new techniques used to launder assets.
- Build profiles of customers and their transactions.
All this allows us to detect suspicious transactions, as well as to assess risks associated with customers and transactions.
It is worth mentioning that there is a variety of artificial intelligence technological tools that can help compliance officers as well as the administrators of the organizations, being advisable to seek advice from experts in the field, so that they can recommend the technological tools that adapt to their needs and legal regulations in force in their country, in order to avoid incurring liability for issues of infringement of data protection laws.