Home Chapter 1 Chapter 2 Chapter 3 Chapter 4 Chapter 5 Chapter 6
Chapter 7 Chapter 8 Chapter 9 Chapter 10 Chapter 11 Chapter 12 Downloads

 

Chapter III                               

              3          Threat Matrix

Before being able to tackle the issues surrounding these Notes it is first essential that the threat environment to which Gibraltar’s finance centre activities are subjected to is understood.  This enables firms and customers to understand what risks are being mitigated and why particular actions are required to be taken by firms to mitigate these risks.

The following threat matrix is to be read in the context of the overall AML/CFT environment.  Each firm may have different views of these threats as their own systems of control may already mitigate the risks posed by the threat.  As such, reading of these Notes and their interpretation must always be caveated by the particular circumstances of a given firm.

      3.1          Money Laundering and Terrorist Financing

In order to better understand the threats it is first necessary to explain the nature of activity which the processes in these notes are mitigating.

The term “Money Laundering” has traditionally been used in the context of handling cash proceeds from drugs smuggling and sales.  For over a decade the term has had a much wider meaning and includes proceeds of all types of criminal activity.

Most criminal activity occurs so that the criminals can gain some form of financial advantage, for themselves or their crime syndicates.  A stolen car needs to be “fenced”,a bribe needs to appear to have come from a legitimate source, a kidnap ransom into funding for a lifestyle.  It is the process that permits this to happen that is loosely called “Money Laundering”.

Being involved in Money Laundering is a criminal offence and there are various offences contained in the Crime (Money Laundering and Proceeds) Act 2007 (CJA) relating to the different aspects of the money laundering process.

A money launderer may be the criminal himself or a third party who makes his profession from laundering the proceeds of other people’s criminal activity.  The more sophisticated money launderers are difficult to spot amongst legitimate trades and professions.

The main thrust of anti-money laundering measures (AML) is two fold. First it is aimed squarely at depriving the criminal from profiting from the criminal activity.  If the incentive for committing the crime is removed by having powers to confiscate and forfeit assets and cash then the criminals would think twice about committing the crime in the first instance.  The second thrust of AML measures is to provide a paper trail which leads investigative authorities from the assets to the criminals.

A primary objective of criminals is to distance themselves as much as possible from the proceeds of their criminal activity by adding layers of complexity and opacity between themselves and their assets.  There are a variety of measures through which these can be done and the financial service sector provides many opportunities for this to take place.  Hence the emphasis of these Notes on “Customer Identification Documentation” and “Source of Funds” to mitigate these risks.

When it comes to Combating the Financing of Terrorism (CFT) a different mindset is required.  In this scenario firms are not dealing with the conversion of criminal funds into realisable property but the complete opposite.   Legitimate businesses and individuals may choose to provide funding (or raise funds from other persons) to resource terrorist activities or organisations for ideological, political or other reasons.   

Firms therefore must ensure that [a] its customers are not terrorist organisations themselves and additionally that [b] it is not providing the means through which terrorist organisations are being funded.  The first of these is adequately handled through the systems of control implemented to prevent money laundering but determining the destination of funds requires additional controls primarily in the monitoring of transactions and understanding the ultimate beneficiary to whom funds are being made available.  For effective CFT measures it is necessary to conduct ongoing monitoring of the customer base against the consolidated list of known or suspected terrorists and designated organisations.

As a firm’s reputation can be immediately and irrevocably damaged by association with money laundering or terrorist financing it is imperative that it puts into place effective measures to mitigate these risks.

      3.2          Threat Matrix for Gibraltar’s Finance Sector

It is necessary to adopt a risk-based approach to the threats posed to the jurisdiction so that these may be properly identified and mitigated against.  For the purposes of the threat matrix the risk profile of threats will be measured in terms of their likelihood-V-impact.  The chart below provides an outline of the threat matrix and fuller descriptions of the reasons are given below;

AML/CFT Threat Matrix 2010

Figure  Threat Matrix

A description of how the threat matrix is constructed and its implications can be seen in Appendix 1 – Explanation of the threat matrix and its construction. 

      3.3          Description of threats and risks

 3.3.1          High Impact & High Likelihood Threats

Smuggling:           The recent past of Gibraltar’s tobacco smuggling created a network of underground connections and systems which supported efficient logistical mechanisms to integrate the cash generated from these activities.  Such networks and systems could easily be used and maintained to support other less visible smuggling activities.  As such, firms must be on their guard to prevent such organisations from making use of the financial system for these purposes.

Fraud:                  Use of legal structures in Gibraltar could be used to hide or obscure fraudulent activities perpetrated, in particular, outside of Gibraltar.  

Corruption/Bribes:           Recent events in nearby Spanish municipalities point to alleged irregularities in the payment of amounts to persons connected with the granting of planning and other permissions.  Because of the geographic proximity of Gibraltar to the alleged committal of such activity, it is possible that Gibraltar could be used as a conduit for these payments even though evidence to date does not suggest that this is the case.  The prosecution of a number of high profile cases by Spanish judicial authorities has increased the awareness of this crime and reduced both the likelihood and impact of further cases.

Sanctions/Proliferation:    Without adequate processes to identify the customer for which a firm is acting, nor their country of origin or source of funds, a firm can easily become a party to a breach of UN, EU or other sanctions imposed by the international community.  The likelihood of individuals being caught are low as sanctions are seldom passed against named individuals (with the exception of known or suspected terrorists). 

It is more likely that  firms could get caught by sanctions against countries by providing facilities (e.g. flow of funds through a corporate vehicle, invoicing, etc) for part of a transaction to supply goods or receipt funds from sanctioned countries to acquire goods or services.

More recently a number of international measures have been introduced to prevent the proliferation of nuclear technology.  This could extend to technical knowledge to the supply of parts or material.  Again, firms need to be aware that the use of corporate or legal structures could form part of the supply chain and find themselves involved in high impact transactions.  

Mis-use of corporate and trust vehicles:            Corporate vehicles and trusts could be used to provide an additional layer of opacity between perpetrators of a criminal activity and the act itself.  Firms should always be wary of customers wishing to seek to establish such structures which have no apparent economic reason or link to the jurisdiction.

Legal structures are frequently used in the layering and integration stages of money laundering or can be used to conceal terrorist financing. Extreme care must be taken when establishing business relationships for legal structures, and subsequent monitoring, to prevent them from being mis-used.

Mis-use of Client Accounts.  Professionals (e.g. lawyers, accountants, real estate agents, notaries) make frequent use of pooled client accounts for legitimate purposes.  However, because funds from a number of different sources are pooled in these accounts it is sometimes difficult for a firm to ascertain the true nature of the underlying transaction.  Criminals may wish to take advantage of this layer of opacity for their benefit. 

Firms who operate pooled or segregated client accounts must ensure that the accounting of client monies is in full compliance with best practice to facilitate transaction monitoring and subsequent reporting of any suspicious transactions.

Integration:             This is the process through which criminally obtained funds are used to purchase, support or acquire legitimate business interests either as seed capital or through which other criminal funds can be funnelled.   Integration of large quantities of criminal funds in the local economy would be easily spotted but when made in smaller and regular intervals, it may be harder to spot.

Care must be taken when making a determination in this regard as to income or wealth that has been derived from the exportation of tobacco from Gibraltar.  Whilst this activity is not an indictable offence, and therefore does not fall under the definition of criminal activity for the purposes of the CJA, association by a firm with this activity may have a negative impact on the firm.

 

 3.3.2          Low Impact & High Likelihood Threats

Layering:                 Layering is the term used through which the profits of criminal activity are disguised by changing their nature.  For example, a series of transactions which convert amounts into a bank account which are then transferred to a different person in order to confuse the paper trail.  Because of the variety of products available in Gibraltar and the increased sophistication of the market, there is an increased risk that firms may become unwilling participants in the layering process and must therefore guard against it.

Cash Conversion:    Cash is the biggest by-product of criminal activity with a need to change, layer or integrate it.  Cash conversion frequently arises as the criminal and their customers may operate in different markets (e.g. drug pushers sell drugs in £ but need to purchase from their suppliers in Euro, or in Gold).  With a cash based economy in Spain and the large number of tourists that visit Gibraltar legitimate bureau business may easily become tainted with criminal activity.

Identity Theft:        This is becoming more and more prevalent in today’s society.  Criminals making use of another person’s identity may wish to seek a jurisdiction outside of the stolen person’s country of residence to transact their business as this is perceived to weaken ID checks and therefore heighten their chances of success.  The increased use and availability of pre-paid credit cards and on-line wallets is making id-theft more likely.

Tax Evasion:            Because of the historical linkages made between “offshore” financial centres and tax evasion, those seeking to evade tax would naturally be attracted to international finance centres to perpetrate their criminal activity.  Firms must guard against customers who purposely obfuscate their real reasons for establishing a business relationship in Gibraltar where there is no real or apparent reason for doing so.  The implementation of Tax Information Exchange Agreements in Gibraltar has reduced the likelihood and impact of this threat.

 

 3.3.3          High Impact & Low Likelihood Threats

Organised Crime:    The establishment of a number of organised crime syndicates on the nearby Spanish coast heightens the likelihood score, due to its proximity, for this threat which would otherwise be practically non-existent in the Gibraltar context.

Financing of terrorist activity:  Modern day terrorism has moved away from a command and control structure, which often required fund raising activities for its maintenance, to loosely co-ordinated cells connected primarily by shared ideology, therefore requiring limited resources to maintain.  Increasing restrictions on movement (e.g. through enhanced ID checks at borders) means that Gibraltar’s geographic proximity may increase its risk.  However, the existing controls of the Gibraltar requirements have already mitigated most of the risks from this threat, hence why the matrix shows this threat as low likelihood.  The impact, should a firm be associated with terrorist financing is perceived to be high both for the firm itself and the jurisdiction. 

The highest risk arises from a Gibraltar legal structure being used to flow funds through the jurisdiction rather than as a fund raising jurisdiction.

People Trafficking: Although physically close to the activity of people smuggling that takes place between North Africa and Southern Spain the transactions tend to be made mainly in North Africa.

 

 3.3.4          Low Impact & Low Likelihood Threats

Placement of Cash: Although no longer a major threat, the cases of a customer wanting to place substantial amounts of cash in the their account still take place.  Firms must guard against large cash placements and be vigilant over a number of smaller, but related, cash transactions for customers that are cash based when they would not normally be considered to be cash-rich customers. 

Money Transmission/Wire Transfers:  The growing sophistication and availability of on-line payment systems increases the risk that money laundering or terrorist financing will occur through the legitimate payment systems as small, irregular payments may not be identified.

The FSC has recently been made responsible for the regulation and supervision of authorised Money Services Business.  Through the implementation of the supervisory regime, it is anticipated that the likelihood of these business being used for money laundering or terrorist financing will be reduced.

Market Abuse:       The potential exists for Gibraltar legal structures being used to disguise some form of market abuse on recognised exchanges.  Firms must therefore be aware of this risk and monitoring of the activity should guard against the materialisation or early detection of this activity.

On-line banking/Phishing : As on-line presences move away from a static advertisement to web-sites where the full panoply of transactions can be conducted, the temptation of fraudsters to establish “fake” sites becomes increasingly popular.  Firms may be used to provide corporate structures, banking or even web-hosting facilities.

HAWALA/Alternative Remittance Systems:  The existence of small/informal payment systems used for payments of dowries, etc have the potential to be abused to finance terrorism but are perceived to present a low likelihood of materialisation in the Gibraltar context.

      3.4          Firm’s threat matrix

            R1           In order to properly address the threats that a firm faces and the action required to mitigate these a firm needs to document what its own threat assessment is.

To meet this requirement firms may wish to adopt the threat matrix shown in Figure 1, adapt Figure 1 with their own view or use their own methodology to identify and document the threats it faces.