anti-fraud and money-laundering procedures

slopemaster

When Santander blocked my account without warning, refused to say why, and basically said ‘see you in court, sucker’ when I tried to complain – see my thread https://forums.moneysavingexpert.com/discussion/2866788=
I thought this was just Santander and their famously appalling customer service.

But then I read NotAFraudster’s thread https://forums.moneysavingexpert.com/discussion/2755346
about something similar happening to her/him when the Co-op refused to open an account, refused to explain why, and generally behaved badly – even tho the Co-op is generally OK.

So it seems to me there is a wider issue about the procedures followed when automated systems throw up a suspicion of fraud or money-laundering because of a ‘discrepancy’.

NotAFraudster suspected that the ‘discrepancy’ was because s/he had moved several times – but did not know for sure because the bank would not say, and they would not budge even when s/he provided proof of every address. In my case too they started out asking for ID, but then claimed that even a whole file full of ID was not acceptable. I suspect that the ‘discrepancy’ is that they have an old a/c in the same name as my OH with same DOB. (But in that case, how does anyone called Jane Smith ever get an account?) But in my case too I am guessing, because they will not say what the problem is. And they still have my money.

But the thing is, when I looked up about the anti-fraud systems National Hunter and SIRAN, they are not supposed to do automated decision-making. It is just supposed to flag stuff up so it can be looked at by a person. But it seems that automated decision-making is what is happening here, with the total refusal to reconsider.

I know also that the banks are not supposed to ‘tip off’ anyone who might be trying to do money-laundering. But surely it is a principle of natural justice to know what you are accused/suspected of? It is truly Kafkaesque trying to disprove something when you can only guess at what it is – and when whatever you do and say is ignored anyway.

I wonder whether anyone involved in the banks anti-fraud / AML procedures would care to comment?

zppp

slopemaster wrote: »

When Santander blocked my account without warning, refused to say why, and basically said ‘see you in court, sucker’ when I tried to complain – see my thread https://forums.moneysavingexpert.com/discussion/2866788=
I thought this was just Santander and their famously appalling customer service.

But then I read NotAFraudster’s thread https://forums.moneysavingexpert.com/discussion/2755346
about something similar happening to her/him when the Co-op refused to open an account, refused to explain why, and generally behaved badly – even tho the Co-op is generally OK.

So it seems to me there is a wider issue about the procedures followed when automated systems throw up a suspicion of fraud or money-laundering because of a ‘discrepancy’.

NotAFraudster suspected that the ‘discrepancy’ was because s/he had moved several times – but did not know for sure because the bank would not say, and they would not budge even when s/he provided proof of every address. In my case too they started out asking for ID, but then claimed that even a whole file full of ID was not acceptable. I suspect that the ‘discrepancy’ is that they have an old a/c in the same name as my OH with same DOB. (But in that case, how does anyone called Jane Smith ever get an account?) But in my case too I am guessing, because they will not say what the problem is. And they still have my money.

But the thing is, when I looked up about the anti-fraud systems National Hunter and SIRAN, they are not supposed to do automated decision-making. It is just supposed to flag stuff up so it can be looked at by a person. But it seems that automated decision-making is what is happening here, with the total refusal to reconsider.

I know also that the banks are not supposed to ‘tip off’ anyone who might be trying to do money-laundering. But surely it is a principle of natural justice to know what you are accused/suspected of? It is truly Kafkaesque trying to disprove something when you can only guess at what it is – and when whatever you do and say is ignored anyway.

I wonder whether anyone involved in the banks anti-fraud / AML procedures would care to comment?

It is against the law for a firm to tip off a customer that they suspect money laundering. The definition of firm, applies to financial organisations, solicitors, barristers, estate agents etc.


You may want to have a look at the SOCA website. Here is an extract about the Proceeds of Crime Act 2002:

Proceeds of Crime Act 2002
The Proceeds of Crime Act is UK primary legislation. Part 7 of the Act outlines the money laundering offences; what constitutes criminal property; sets out the legal requirement to make a disclosure or Suspicious Activity Report (SAR) and the offences of failing to disclose; and details a requirement to obtain consent to carry out a prohibited act, placing time restrictions on SOCA and Law Enforcement to issue consent. The three main money laundering offences are:

• concealing, disguising, converting, transferring, or removing criminal property (s327)
• arranging or facilitating criminal property (s328)
• acquiring, using or possessing criminal property (s329)

Under primary legislation, a conviction for one of the three money laundering offences can incur a 14-year sentence and an unlimited fine. It also requires any individual or company in the regulated sector who either: a) knows or suspects or b) has reasonable grounds to know or suspect, that another person may be engaged in money laundering, or that any or all of the property they are dealing with may be criminal property to report their suspicion of money laundering to a constable, a customs officer or nominated officer (MLRO or equivalent) and is made in the form and manner (if any) prescribed for the purposes. The nominated officer must report their suspicion to SOCA. For those firms or individuals outside the regulated sector, the legislation only requires the nominated officer to make the disclosure if they know or suspect that another is engaged in money laundering or criminal property: the 'reasonable grounds' condition does not apply. The UKFIU acts as the 'constable' and is the central receiving point for SARs within the UK. The legislation protects firms and individuals from legal action resulting from their breach of customer confidentiality. Under primary legislation, a conviction for failing to disclose suspicion of criminal property/money laundering can incur a 5 year sentence and an unlimited fine.

I wouldn't comment what we do as an organisation, however I would say more generally that there are normally warning signs that trigger such reports.

chattychappy

zppp sums it up well.

I would add that the legislation has resulted in financial institutions "playing safe" and raising suspicious activity reports when perhaps they don't need to. This has led to a lot of material with law enforcement authorities (SOCA etc).

But if you were a compliance officer choosing between potential criminal sanctions for not actioning something and a "customer service" problem, what would you do?

slopemaster

chattychappy wrote: »

if you were a compliance officer choosing between potential criminal sanctions for not actioning something and a "customer service" problem, what would you do?

Well, yes, take your point.
But what is common to my case and NotAFraudster's is that the customer service and complaints people were also unhelpful, confrontational, or dismissive. It seems that when they know its a fraud / money laundering query they assume the customer is 'guilty' and basically tell them to p1ss off. Whereas they could explain the general situation and the law etc without giving specifics, grovel apologetically, see if there was anything they could do to make amends etc, no?

slopemaster

Could anyone tell me whether all this AML legislation could or would be used as an excuse / reason to avoid a subject access request under the data protection act?
Would that not potentially place a company in the position of having to break one set of rules or the other? Or would they have some kind of exemption from providing the info under the data protection act? And if so, would they say so overtly, or just "edit" the data they provided?

worried_jim

If one bank has completed a money laundering or suspicious account activity report other financial institution's are not aware of this, in fact if one dept of a bank completes it very often other depts will not be aware or able to find out to prevent tipping off the customer as this is a crime punishable with a large fine.
If you have been turned down by other banks after you have had an account closed I suspect it is because your account has been used for fraudulent activity, most common is the receipt of fraudulent funds in the shape of a stolen or washed cheque or an authorised electronic funds transfer. If this is the case give up trying to get a bank account as no bank will now go near you as this information is shared and can be seen by other financial institutions. Get your credit file as this may point in the right direction but I suspect you have burnt your bridges and even if you profess your innocence there is a perceived risk there to other banks and they will not be interested.

pqrdef

zppp wrote: »

I wouldn't comment what we do as an organisation, however I would say more generally that there are normally warning signs that trigger such reports.

But how many false positives do these warning signs produce? Law-abiding citizens have a right to go about their legitimate business.

If there is suspicion, somebody should either decide to ignore it, or decide to pursue an investigation to settle the matter one way or the other.

In any case, if there is suspicion that somebody might pass the proceeds of crime through an account, the most obvious thing would be to let that person continue to operate the account, and keep an eye on it. This is also the thing that is least likely to tip anybody off. If the bank suddenly starts acting weird, anybody who's up to no good can't fail to get the message.

saf87

slopemaster wrote: »

Could anyone tell me whether all this AML legislation could or would be used as an excuse / reason to avoid a subject access request under the data protection act?
Would that not potentially place a company in the position of having to break one set of rules or the other? Or would they have some kind of exemption from providing the info under the data protection act? And if so, would they say so overtly, or just "edit" the data they provided?

This is covered by S.29 of the DPA and home office guidelines which allows data to be omitted from a disclosure request if it is likely to prejudice any AML investigation.

This exemption would only apply if the institution considers it necessary to make an AML suspicion activity report to SOCA which normally only occurs with active accounts where a suspicious transaction has occurred, and not at the account opening stage.

If you get turned down at account opening stage and you want to have an understanding of why the best thing to do is get a copy of your credit report and make subject access requests direct to CIFAS, National Hunter and SIRAN, provided the data controllers of the databases themselves are not investigating you (which they wont be) they wont be able to refuse a request.

Additionally if an institution suspects you of money laundering they will NEVER freeze you account or do anything that would constitute tipping off unless instructed to do so by SOCA.

slopemaster

pqrdef wrote: »

If there is suspicion, somebody should either decide to ignore it, or decide to pursue an investigation to settle the matter one way or the other.

If the bank suddenly starts acting weird, anybody who's up to no good can't fail to get the message.

Exactly.
This is spot on in my view.
Whereas it takes the law-abiding citizen some time to even get an inkling of what it's all about, any criminal would know straight away

slopemaster

saf87 wrote: »

Additionally if an institution suspects you of money laundering they will NEVER freeze you account or do anything that would constitute tipping off unless instructed to do so by SOCA.

AHH, OK
That actually makes a lot more sense.
So they must suspect fraud then, rather than money laundering?

slopemaster

saf87 wrote: »

S.29 of the DPA and home office guidelines allows data to be omitted from a disclosure request if it is likely to prejudice any AML investigation.
This exemption would only apply if the institution considers it necessary to make an AML suspicion activity report to SOCA which normally only occurs with active accounts where a suspicious transaction has occurred, and not at the account opening stage.
If you get turned down at account opening stage and you want to have an understanding of why the best thing to do is get a copy of your credit report and make subject access requests direct to CIFAS, National Hunter and SIRAN, provided the data controllers of the databases themselves are not investigating you (which they wont be) they wont be able to refuse a request.

That is useful, thanks very much.
In my case, unfortunately the account has been opened and funded, but is now frozen. Nothing shows up on Experian/Equifax.
So it may be Santander themselves who have found a "discrepancy" (as I suspect) or, it may be something on CIFAS, National Hunter or SIRAN.
I would think that a subject access request to Santander would cover anything received from (or sent to) CIFAS, National Hunter and SIRAN though? But perhaps I should write to them too, to be on the safe side.