A very well attended meeting saw two presenations from industry experts working in the financial sector but with different roles and repsonsibility regarding governance.
Andrew Carrington, of Carrington & Associate, proposes that of all the many perils that failing to exercise sufficient IT governance can incur, perhaps the one that strikes the greatest chill is that of opening your company to the charge of money laundering.
Falling foul of the soon to be announced Proceeds of Crime Act is definitely to be avoided, for it carries, warns lawyer Carrington, a maximum sentence of 14 years imprisonment under English law. Even if you are not a company regulated by the Financial Services Act, points out Carrington, you still need to be aware of processing money-laundering transactions, however inadvertently.
So what should a company do if it thinks that a financial transaction coming its way could be dirty money in for a wash? Carrington is clear. You have to tell the National Criminal Intelligence Service (NCIS) of your suspicions about the transaction. "You do not commit an offence if you tell NCIS and disclose your suspicions," he says.
Having made this disclosure, "you then wait seven days and if you hear nothing back from NCIS in that time, you can then process the transaction".
You may also, he says, process the transaction if NCIS tells you to do so but to keep them informed, and under those circumstances you will not be committing an offence.
If NCIS instructs you not to proceed with the transaction, you must not do so - but you must not tell the party who wants to make that transaction that you are not allowed to proceed. Under those circumstances NCIS may well not want the party alerted to the fact that it is under criminal suspicion or investigation.
Having disclosed your initial suspicion to NCIS, you do not have to tell the party who wants to make the transaction that has aroused your suspicions that you have made any such disclosure to NCIS. However, in practice, points out Carrington, telling those parties that before you process their transaction that you will need to make such a disclosure to NCIS very often has the effect of filtering out any money-laundering transactions straight off!
"Some years ago a lawyer from an African country told me that his client wanted to buy a company, but he was not much concerned about conducting any due diligence before purchase. I mentioned money-laundering laws to him, and the transaction did not go through," recalls Carrington.
"Similarly, a North American company wanted to deposit money in an account in London, and pay sums out to different people. We asked them some questions and they withdrew from the transaction."
What about colleagues who may be involved in processing criminal proceeds? Again, you should alert NCIS of your suspicions, says Carrington.
However, if, as an employee, you have suspicions that colleagues are involved in money-laundering, and you disclose your suspicions to NCIS, you cannot be dismissed or sued even if that suspicion proves not to be correct.
"It's whistleblowing," says Carrington, and if you are dismissed because of it, "there is no limit on compensation".
What about getting involved in money laundering as a purchaser?
There is, says Carrington, a 'good faith' allowance made by the law for those who purchase goods or property which have themselves been purchased by criminally-sourced funds. Providing the value of the goods or property is appropriate to the market - i.e., that you are not buying a Rolls Royce for the price of a banger - and providing there is no reason not to think the goods or property criminally acquired, "a bona fide purchaser acquires a title," says Carrington.
However money laundering is done, whatever schemes and scams it adopts, one thing is for sure. In today's global economy, at some point, 99.9% of all money - including dirty money - goes through a computer. You don't want to be in charge of the one that processed criminal funds.
Andrew Carrington was speaking at Computer Weekly 500 Club's March 2004 meeting.
This was first published in December 2004