Correspondent Banking and how it can be misused

What is Correspondent Banking?

The Wolfsberg Group defines Correspondent Banking as: “the provision of a current or other liability account, and related services, to another financial institution, including affiliates, used for the execution of third-party payments and trade finance, as well as its own cash clearing, liquidity management and short-term borrowing or investment needs in a particular currency.”

The customer of a correspondent is called a respondent .

One theme that is often brought up in relation to correspondent banking is de-risking (i.e., banks closing relationships to decrease their risk).  We have recently published a blog post on that topic here . Any reader that wants to dig deeper into de-risking within correspondent banking will find that World Bank, FATF and BIS have all written at length about it.

The key Modus Operandi

As part of Acuminor’s intelligence gathering and threat-led approach we have managed to identify three main modus operandi (MO) for how illicit financial flows are exploiting correspondents.

1. Insider(s) at correspondent in collusion with respondent

Illicit transactions are submitted by respondent knowingly and are processed, also knowingly, by insiders at the correspondent. Sometimes there is an understanding between the participating parties on how to structure transactions (e.g., amounts, numbers or transactions and recipients) or fill out (e.g., addresses, names and countries used) transaction requests to minimize the scrutiny of control functions at the correspondent and/or the risk to be discovered by authorities.

2. Corrupt respondent/captured institution

Illicit transactions are submitted by the respondent knowingly but are processed by an unknowing correspondent. The two main reasons as to why this could be possible are either:

• a respondent that is skilled in structuring transactions as to not arouse suspicion and circumvent controls, and/or

• a correspondent is lacking the needed controls to detect illicit transactions.

Important to notice here is that just because the head office of a respondent is trustworthy and has strong controls does not mean that all branches, subsidiaries, or affiliates of that bank should be given the same level of trust. The opposite is also possible, meaning branches, subsidiaries or affiliates can be trustworthy, but their head office can pursue illicit business. In those cases the branch, subsidiary or affiliate can be the correspondent of the head office, or the head office can use that entity for a nested relationship.

3. Respondent has weak or non-existing financial crime controls

Illicit transactions are submitted by the respondent unknowingly and are processed by an unknowing correspondent. The difference in this MO compared to the other ones is that neither respondent nor correspondent are knowingly complicit in laundering money and that the laundering is unknowingly facilitated due to weak controls at the respondent. The impact of this MO can also be magnified by lax controls by the correspondent or too much reliance being placed on the respondent by the correspondent.

The supervisory landscape

For any reader that wants to see a practical example of these three MOs should read the New York State Department of Financial Services (NYDFS) consent orders with BNP Paribas (2014), Commerzbank (2015) and Deutsche Bank (2020). There are many other cases that are worthwhile reading as well, since a bunch of similar cases have been pursued by other US state and federal authorities, starting with ABN AMRO (2005).

Supervisory action has not been as comprehensive in Europe, but we have seen a tightening legal framework regarding correspondent banking in both the last couple of the European AML Directives as well as in the Transfer of Funds regulation. The importance and risks related to correspondent banking has also been raised in the EBA risk guidelines, as well as in the German and British national ML and TF risk assessments.

Translating threats into risks and potential controls

Out of the 60+ risk indicators Acuminor has identified here is our top 5 to watch out for as a correspondent:

• Respondent is subject to enforcement, regulatory action, or other adverse events (i.e., negative news or adverse media).
• Transactions that are not proportional (size, payer, payee, geography or currency) to the respondent’s size and place in the market.
• Transactions are lacking the required information (information stripping).
• Respondent cannot or will not provide adequate information or rationale for transactions flowing through their accounts.

• Customer is in collusion with or has influence over an employee (insider risk).

Correspondent banking specific control measures that could be advisable:

• Communication is key. Good exchanges between correspondent and respondent are the best control. That gives the possibility for the correspondent to better understand the risk of the respondent and influence their control environment. This can be done through standing calls, on-site visits or even training for the respondent provided by the correspondent.
• Screening transactions for complete and coherent information. This will give the correspondent the possibility to spot cases where the respondent or their customer is trying to hide the payer or payee which can be a strong indicator for financial crime risk.

• Network/link analysis can assist the correspondent in spotting potential large scale money laundering or sanction evasion by discovering unusual or suspicious pattern on a systematic level instead of looking only at customer level transactions.

The landscape is complex, but the answer isn’t blanket de-risking

If you are exposed to correspondent banking risks, it is important to evaluate these risks with a true understanding of how correspondent relationships can be used to evade financial crime controls and perpetuate illicit finance. This can be challenging, but if you are able to distinguish between a legitimate relationship and one that is being misused, there is a huge upside for your business and for wider society.

At Acuminor we are constantly evolving our risk assessment platform to enable you to conduct a threat-led analysis of your environment. If you are interested in our new correspondent banking threats and risks, then please get in touch!