Which way to learn compliance is better? You decide!

This is a topic near and dear to my heart. I have been in compliance training for a better part of my career. I learned at an early point in my career that you have to make training impactful, memorable, and digestible. This was not the case in most corporate environments early in my career. Compliance training was simply something to tick the box and can be limited in duration as possible. I understood. Employees do not want to take time off their busy schedule to learn something new or some type of refresher training.

Being in a non-revenue producing area, I knew that I had to be some type of revenue enabler. Teaching people concepts that can help them be better in their positions and of course, overall life. Regardless of the pushback I received along the way, I stated my desire and passion to do something different. Something that others can see can be a great return on an investment. But also, the impact it can have on the compliance culture of the firm. I was always determined!

I enjoyed trying to push the envelope and proving that if done right, it could have a nice impact. Anyone can do the same if you have a plan, great business case and the passion to deliver.

There is so much information out there from the public view that we can leverage and use for learning purposes, especially real-life events.

To me, the best way to learn is to study events that have occurred and ways we can learn from them. Believe it or not, there are so, so many. One example is Frank Abagnale. He circumvented the globe committing fraud on various levels. But did you ever think about how he did it? Frank understood the inner workings of a bank, the process, the operations and so much more. Yes, he is an ex-con, but we can learn how he went about his criminal escapades. The forgery, dealing effectively with bank tellers, understanding how the back-office operations worked and more.

We can take examples such as Frank and learn from them. This is just one example. There are many others.

My goal with this article is to show you the options that are out there and where we can learn to do bigger and better. I know that all corporate environments will not be open to these suggestions, but if you have the right plan, business case, desire and passion, anything is possible.

Corporate Environment

Since we all live in a corporate environment, we need to know what occurs on the inside. This is a must! You are required to understand most, if not all, the internal workings of your organization. What does this mean? Let’s break it down.

Everyone has a different position in a corporate environment. It means that sometimes we must learn about the same regulations and sometimes not.

For example, if I work in a transaction monitoring role. Not only do I have to be conscious of how the systems works, the information derived from monitoring, but also the regulations that occur within your position and team.

This could be vastly different than someone working within a different AML role. In the past when I trained staff on transaction monitoring, most of the discussions revolved around identifying reg flags and when to escalate.

Imagine a customer conducting illegal activities with your financial institution. Such as transactions being conducted from a dormant account, transactions are sent to or from a high-risk country or region, or payments are sent to or come from a person or organization on a sanctions list. What would you do?

That is why training on rules & regulations must be tailored based on the position that employees work in while using real-life examples. There is nothing better! Here is a good example that we can learn from:

Ross Alderson was a whistleblower and leaked information to the media about suspected dirty cash in the province’s casinos, which to that point had denied any systemic problems. Alderson reached out to a law enforcement unit specializing in transnational organized crime. a time when bags of suspected drug cash (duffle bags stuffed with hundreds of thousands of dollars’ worth of $20 bills) were routinely deposited in a Metro Vancouver casinos with impunity.

To learn more about this, you must think about the following questions:

1. What did he actually see that caused the red flags?

2. How was the money laundered?

3. Where are there any controls in place to stop the laundering of money?

This is another example of a case we can learn from and use in our learning environments. In order to use a case such as this, you must research the answers to your questions and get more clarity.

This is how I determine whether a case is worthy of using for training purposes. Not all will work, but you need a process to determine if it is the right fit.

Regulatory

This is another must. But let me add a nice caveat. You do not need to know every rule & regulation, but only the ones that are pertinent to your position. Everything else is a nice to have. The question you must ask yourself is what rules and regulations are pertinent to your position? With the help of legal & compliance, you can determine what you need to know.

But what can we learn from regulators?

One thing we can learn from examiners is what they have done with recent exams. This is a big learning lesson. Not only should you review your prior examinations and see what was done and not done, but others in the industry.

This provides a lot of insight into what others are doing, right or wrong.

Another aspect which provides direction and elements that you can use for learning purposes, is releases from regulators on examination priorities and observations based on recent examinations. This provides everyone with an overview of:

• What are the regulators looking at?

• What have they found recently?

• And sometimes, how to go about it.

For example, the Consumer Financial Protection Bureau published its spring 2022 Supervisory Highlights report. This particular report addresses observations made in examinations completed by the CFPB in the relevant period. The Supervisory Highlights report touches on recent supervisory program developments, including announcements, examination manual updates and bulletins, and summarizes enforcement actions arising from supervisory activities. Plus, areas of a financial institution have found particular issues.

This is only one example of an issuance from a regulator. Most regulators issue guidance on a periodic basis. Whether it be monthly, quarterly, or annually.

This is a gold mine for financial institutions. Obviously, you need to pick out the relevant points that apply to your institution. I mean, come on. The regulators are telling you what they are looking for in detail. I am not sure why some organizations do not study this guidance in heavy detail.

The information supplied by regulators is an important learning element. But there is more. The repercussions from financial institutions not obeying the law of our land can create great learning opportunities. Here is one example:

ABN Amro became prey to criminals who exploited weaknesses in their infrastructure. They settled with Dutch authorities for $574 million. Despite extensive efforts to investigate suspicious behavior, the company took a huge hit at the start of 2021. Detection of criminal behavior was not enough to halt the penalties. It demonstrated that their compliance and risk management processes did not meet the necessary standards.

This is another good example of what we can use in the right learning environment.

Law Enforcement

This is a very nice to have but depending on your situation it could be a must have. We can learn a lot of law enforcement. Not only the end result, but what techniques did they use to catch an alleged criminal.

Most law enforcement agencies have a mantra, “Follow the money.” Since the 1970s, the U.S. government have emphasized a three-pronged approach to fighting crime: prosecute the underlying crime, follow the money trail through money laundering investigations, and forfeit the proceeds and instrumentalities of the crime. By following the money, the full scope of a crime can be discovered, and a criminal organization can be eliminated. That is the goal.

Here is another example that we can utilize. The story of Bob Mazur!

Bob spent five years as a deep undercover agent for US, UK, French and other government law enforcement, gathering evidence that led to some of the largest money laundering prosecutions in history. The only undercover agent in the world to have infiltrated so deeply into the inner circle of financial crime, his experience is unique. He saw how the system works from the inside, and the insights he holds are so valuable that the criminal world offered $1/2 million for his death.” Speaking & Consulting | Robert Mazur

Bob Mazur is the only person who worked for law enforcement and has seen action in the field. Imagine if you could pick his brain and understand from his view, how the criminal mind operates. Can this better prepare your financial institution for eliminating external threats? I think so! The more you know about how law enforcement conducts operations and the “Follow the Money” mantra, you can adjust the inner workings of your financial institution.

Our job in a corporate setting is to reduce the risk as much as possible. This is another way we can look at the experts who have done it. Plus, hearing real-life stories from a retention standpoint is huge. We usually remember these stories when in our environment we see something similar.

Ex-con’s – White Collar

This is a nice to have, but a very interesting one. We can learn so much from people who have been incarcerated for crimes. I am only talking about white collar crimes. Do you realize how much we can learn? Think about it.

If we understood how criminals can or have infiltrated an organization. That could help us immensely to design better controls and overall risk framework.

Have you ever heard of Franklin Jurado?

In 1996, Harvard educated Franklin Jurado pleaded guilty to laundering $36 million on behalf of Colombian drug lord José Santacruz-Londoño. Using his economic smarts, Jurado moved the cocaine profits far and wide in an effort to make them seem like legitimate earnings. After being funneled through various European banks and companies, the funds would eventually make their way back to Santacruz-Londoño’s businesses in Colombia. Eventually, a bank collapse in Monaco highlighted Jurado’s connection to several accounts. An extremely noisy bank counting machine at his house in Luxembourg did not help his cause, either. He was sentenced to seven-and-a-half years in jail. Franklin Jurado | Narcos Wiki | Fandom

This is a great example of how someone who you would not expect to be involved in crimes did so. You have to ask yourself the appropriate questions to determine if this learning opportunity is the right fit for your organization. Remember, not all will fit.

Conclusion and lessons learned

During my career, I have had the opportunity to learn from law enforcement, regulators, and even excons. Beforehand, I thought I knew everything about the risk to a financial institution. I soon realized that it was not true. I had the pleasure of listening to many of these experts over the years and have been able Visit us at Highriskeducation.com 5 to take the lessons learned to my place of employment. Learning comes in different shapes and sizes. We need to open our mind

Lessons learned

• Do not underestimate learning opportunities for your financial institution

• If you want to create change, especially to enhance your compliance culture, find the right learning opportunity for your staff

• We can always do better, but sometimes we have to look harder for those great learning opportunities.

About the Author

Justin Muscolino, CEO, High Risk Education

Justin brings over 20 years of wide-arranging experience in compliance, training and regulations. Most recently, he served as Head of Compliance Training at Bank of China where he led the compliance training function and created and monitored the annual training plan through a thorough training needs analysis. Previously he served as Macquarie Group’s Head of Americas Compliance Training and JPMorgan Chase’s Compliance Training Manager. Justin also worked for FINRA, a US regulator, where he created Examiner University to train examiners on how to perform their function.