4 min read

Threat Finance Spotlight on the Democratic People’s Republic of Korea

North Korean nuclear warhead

Last time we detailed a methodical approach for US financial institutions (“FI”) in the development of an effective anti-money laundering (“AML”) transaction monitoring strategy, concluding with tuning and optimization of the AML monitoring environment. But why is frequent and ongoing tuning and optimization of monitoring rules and/or detection scenarios essential? In this post, we closely examine the current global threat environment and more specifically, the innovative tactics, techniques and procedures (“TTP”) exploited by illicit actors to launder US funds through evasion of US economic sanctions against the Democratic People’s Republic of Korea (“DPRK”). Ask yourself as you read this article whether or not your FI’s AML and OFAC compliance programs have the appropriate safeguards in place to avoid such exploitation.

We begin by highlighting recent examples of how US FIs have been exploited by the DPRK as vehicles for money laundering, notwithstanding US sanctions against the DPRK. We then examine how the current administration has responded to the sanctions violations and conclude with an illustration of measures you can take to maintain the financial integrity of your institution.

TTP Example 1

In September 2016, China-based company Dandong Hongxiang Industrial Development Co. Ltd. (“DHID”) and four Chinese nationals who were executives of DHID were criminally charged with conspiring to evade US economic sanctions against the DPRK and violating the Weapons of Mass Destruction Proliferators Sanctions Regulations (“WMDPSR”). The Chinese defendants established front companies globally in high-risk offshore jurisdictions and subsequently opened Chinese bank accounts to conduct financial transactions through the US financial system when completing sales financed by a DPRK bank connected to weapons of mass destruction (“WMD”) proliferators. In this manner, the DPRK bank was capable of performing US dollar transactions through US correspondent banks without being detected by these banks.

TTP Example 2

In June 2017, the US filed a civil complaint to forfeit approximately $1.9 million from China-based company Mingzheng International Trading Limited (“MITL”), alleged to be a front company created for the purpose of laundering US funds on behalf of sanctioned DPRK entities. MITL allegedly conspired to evade US economic sanctions against the DPRK by facilitating the movement of funds, via wire transfers, through the US on behalf of a sanctioned DPRK-based bank, and conspired to subsequently launder the resulting proceeds through US FIs. The sanctioned DPRK bank was operated by a Chinese national who was historically connected to the bank.

TTP Example 3

Most recently, in July 2017, US authorities filed seizure warrants with eight global FIs in an attempt to seize millions of dollars associated with front companies connected to the DPRK – Bank of America Corp, Bank of New York Mellon Corp, Citigroup Inc., Deutsche Bank AG, HSBC Holdings PLC, JPMorgan Chase & Co., Standard Chartered PLC, and Wells Fargo & Co. These banks allegedly processed more than $700 million of prohibited transactions on behalf of entities related to the DPRK since 2009. Transactions were processed for a China-based company and four related front companies that attempted to evade US economic sanctions through transactions facilitated to benefit the DPRK, including DPRK’s military and weapons programs. The “damming” warrants ordered the banks to accept incoming wire transfers from the five aforementioned companies for 14 days, and to subsequently seize the funds.

North Korean nuclear warhead

Secondary Sanctions – US Government Response

The DPRK’s consistent and continued utilization of China to gain access to the global financial system has raised serious concerns pertaining to whether the US Department of the Treasury (“US Treasury”) should place economic sanctions on China. The DPRK’s maintenance of correspondent bank accounts and representative offices abroad, at which foreign nationals are employed and establish front companies to channel US funds through, has simplified illicit conduct perpetuated by the DPRK.

In June 2017, the current US administration took action. The Treasury, through the Financial Crimes Enforcement Network (“FinCEN”), issued a notice of proposed rulemaking pursuant to Section 311 of the USA PATRIOT Act to prohibit the opening or maintenance of a correspondent account in the US for, or on behalf of, China’s Bank of Dandong, which FinCEN finds to be a Financial Institution of Primary Money Laundering Concern. The Bank of Dandong acts as a financial conduit between the DPRK and the US and global financial systems.

In early 2016 alone, the Bank of Dandong was used to conduct millions of dollars of transactions by companies purchasing ballistic missile technology and for DPRK entities that are designated WMD proliferators by the US and UN. Insofar as the Bank of Dandong has conducted legitimate US dollar transactions, approximately $800 million of the $2.5 billion in “legitimate” activity also involved transactions facilitated by US and UN sanctioned DPRK entities, along with transactions processed by DPRK front companies that FinCEN was unable to identify.

These “secondary sanctions” aimed at China’s Bank of Dandong are just the beginning. As the DPRK threat to the US and UN continues to escalate, contemporary TTPs will be unearthed by illicit actors in their endeavors to exploit legitimate financial channels. As these TTPs may be at the hands of legitimate countries with which the US maintains agreeable relations, secondary sanctions may likely resurface in an effort to curtail money laundering efforts.

AML/OFAC Compliance Risk Mitigation

As the global threat environment evolves, so must US FIs’ compliance and risk management initiatives. Your AML and OFAC programs and policies should be continually evaluated and strengthened to ensure your institution has safeguards in place to mitigate the current and/or potential risks associated with existing global events and threats, such as the DPRK threat we are currently in the midst of. This includes constantly revisiting your Customer Risk Rating (“CRR”) Methodology and your Country Risk Rating Methodology to gauge if revisions are necessary. If your institution maintains an international presence, consider how sanctioned individuals and entities can gain access to your institution through secondary channels.

It is also imperative to provide detailed training to AML and OFAC personnel. Today, wire transfers associated with DPRK-sanctioned front companies are being frequently manipulated to launder millions of dollars. Tomorrow, illicit actors may discover another TTP through which they move their illicit funds through US FIs. It is important for financial crimes compliance and risk management professionals to remain knowledgeable of current events and to be proactive in risk mitigation practices, as opposed to reactive.

Your institution’s day-to-day financial crimes compliance and risk management operations serve as an integral component of risk mitigation. A dedicated group of OFAC personnel should be properly and frequently trained on sanctions screening, especially in light of the current regulatory landscape. As global developments occur that impact laws and regulations, OFAC staff should be informed and accordingly trained on screening processes, particularly those involving high-risk individuals and entities. Additionally, your KYC program should be well-integrated into your AML/OFAC program, with clearly defined policies and procedures on a Customer Identification Program, Customer Due Diligence, and Enhanced Due Diligence.

As we discussed in the last article (Developing an AML Transaction Monitoring Strategy), your transaction monitoring strategy should also be methodically developed and revisited from time to time to determine if tuning and optimization opportunities present themselves. For example, if your institution has cross-border activity involving jurisdictions like China, are you targeting the appropriate transactions to mitigate the DPRK threat? Are your monitoring rules dedicated to high-risk transaction types, such as wire transfers, effectively capturing suspicious activity? As we just discussed, when criminals learn that a TTP is in the spotlight, it is highly likely that they will find another TTP to enable their criminal agenda.

Our Financial Crimes Advisory practice at AML RightSource, a Gabriel Partners Company, is always well-informed of the global threat landscape and is continually helping FIs with initiatives that incorporate global objectives and that are tailored to their own risk profiles. Let us help you create a unique and forward-thinking program.