£100 million money laundering conviction: Lessons for accountants
In 2022, Emirati national Abdulla Alfalasi was jailed for nine years, following a conviction for leading the biggest...
READ MOREInside the Wise Russia sanctions breach – plus lessons for accountants
Wise Payments, a UK fintech that facilitates cross-border payments, made headlines when the Office of Financial Sanctions Implementation (OFSI) reported that Wise had breached financial sanctions.
On 20 July 2022, Wise made a report to OFSI, revealing that, on 30 June 2022, a withdrawal was made from a Wise business account, operated by a ‘designated person’ under the Russia sanctions, which relate to finance, trade, aircraft, shipping and immigration.
A designated person is listed by the Government because of involvement in specified activities, who is banned from receiving any payments from the UK – including legitimate payments.
Here, we delve into the details of how Wise allowed the transaction to occur, how OFSI responded and what the case can teach accountants about compliance.
Two main failures are clear from the timeline. First, Wise’s failure to block the debit card immediately enabled the designated person to use it.
Second, the sanctions team’s absence over the weekend meant it took Wise four days to react comprehensively to the name match alert – allowing the designated person continuous ability to transact.
How OFSI responded
OFSI places breaches in one of three categories: less severe, moderately severe and serious.
Wise’s breach was determined to be moderately severe. Consequently, a monetary penalty was not issued; however, OFSI required a disclosure.
OFSI made this determination on the basis of several mitigating factors:
- The value of the breach, £250, was low.
- Wise voluntarily disclosed the breach to OFSI and responded completely to all requests for information.
- The breach was not deliberate.
- Wise took remedial actions following the breach. These included closing the designated person’s account, hiring extra staff and scheduling the sanctions team to work on weekends.
Further, Wise changed its policy, so that, as soon as a name match occurs, the person’s account and cards are blocked immediately. This block remains until the sanctions team conducts a review.
What can this case teach accountants and finance teams about compliance?
“The fundamental problem was that Wise didn’t have appropriate systems in place,” says Tim Pinkney, Director of Professional Standards, IFA.
“It didn’t have the resources to deal immediately with an issue arising over a weekend, when the sanctions team wasn’t working. This left Wise open, and its procedures should have reflected that.
“The big takeaway for accountants is to make sure your policies and procedures are up to date, and review them regularly to ensure they’re robust enough to deal with new issues, such as sanctions.”
Further, it’s not enough for policies and procedures to be written down. Companies must ensure that, in practice, they’re effective.
Before the breach, Wise was hesitant to block debit cards upon discovering a name match, because, often, such alerts are false alarms.
However, this left a gap that a designated person could use to their advantage.
“I often say, ‘If it’s not written down, it doesn’t happen’,” Pinkney says.
“But, if it is written down and it still doesn’t happen, there are usually issues with staffing.
“Staff must be appropriately trained and given the resources they need to execute policies and procedures.”
For big companies such as Wise, the challenge is ensuring consistency in training across the whole team.
However, for small businesses, the challenge might be keeping up to date with changes that affect policies and procedures.
Pinkney suggests diligent attention to alerts.
“We issue numerous alerts to our members, about money laundering, terrorism, financial threats and sanctions reporting,” says Pinkney.
“We’re also at the end of the phone and have dedicated email enquiries, and have contacts we can approach as well. We’ve helped firms with sanctions issues.”
Finally, the case indicates the importance of self-reporting. By going straight to OFSI, Wise mitigated its punishment.
“Don’t bury your head in the sand,” says Pinkney.
“Take responsibility. If you have an issue, look at it head on, review it and engage your professional body. We can provide help and guidance.
“Even if you don’t receive a financial penalty, a sanctions breach can do serious damage to your reputation.”
Tim Pinkney co-hosts the IFA’s AML Matters webinar series, a programme of practical webinars addressing compliance, risk assessment, policies and procedures, and more. Find out more.
How to ace a compliance review
We spoke with IFA Director of Professional Standards Tim Pinkney about how firms can best prepare for compliance...
READ MORE
The language of insolvency: why getting it wrong can harm struggling...
Business failures are on the rise in Britain, with several high-profile names lost already this year. But since the...
READ MORE