Name: 2024 Review & 2025 Outlook: The Good, The Bad & The Future
Uploaded: 2025-01-15T18:52:23.513Z
Duration: 58 min 24 s
Description: 2024 Review & 2025 Outlook: The Good, The Bad & The Future

Transcript for "2024 Review & 2025 Outlook: The Good, The Bad & The Future": Hi, everyone. Thank you for joining us for today's webinar. Today, we'll be reviewing the counter illicit finance developments of 2024 followed by a discussion of what's on the horizon for 2025 with our panel of experts. Today's webinar is hosted by the Institute For Financial Integrity, or IFI, which works to empower the professional community to protect the global financial system through cutting edge research, education, and training. It's very encouraging to see we have so many of you joining from all around the world. So good morning, good afternoon, and good evening to everyone. We appreciate that you're taking time out of your day to join us, and we hope you gain value from today's discussion. Before we begin, I'd like to cover a few housekeeping items. Please note today's webinar is being recorded. We'll be sure to share the link with you to revisit or share with colleagues after the event is complete. We encourage your comments and questions. You'll see a QA tab on screen in the console on the right hand side. So please feel free to submit questions throughout the webinar for us to address collectively during today's session. After the conclusion of today's event, you'll receive a follow-up email including the link to the webinar recording as well as other information for further reading if you're interested. And now I'd like to introduce you to our panel of esteemed industry experts. So joining us today, we have Danny McGlynn. Danny is president and chief integrity officer of the Institute For Financial Integrity. Dani works with the IFI team to provide training and resources to financial integrity professionals to help them meet heightened regulatory expectations in the areas of anti money laundering, sanctions compliance, and other financial integrity topics. Prior to IFI, Danny was a senior managing director at K2 Integrity for nearly 4 years and also served more than 20 years with the United States Treasury Department where he held a variety of positions, including leading the team of responsible leading a team responsible for gathering and analyzing intelligence related to the Treasury's mission to safeguard the international financial system from abuse and to combat threats to US national security. Next, we have Nikki Kenyon. Nikki is an associate managing director at IFI focused on content and training. She has more than 15 years of experience both in the private sector and in government service, including the Department of Treasury's Office of Intelligence and Analysis. During her time at the Treasury Department, she provided training on analytic techniques, teaching analysts to generate assessments on sanctions evasion, money laundering, and illicit finance. Nikki was also the director of risk intelligence for a technology company that provided compliance, know your customer, due diligence support and research, advisory services, and monitoring of regulatory developments in the financial crime sphere for the firm's clients. And last but not least, we have Catherine Woods. Catherine leads IFI's program on export controls, emerging technologies such as digital assets, and other counter illicit finance domains. Catherine has held senior and specialist positions in global banks and fintechs in London, Hong Kong, and Australia. Her roles include leading public private partnership initiatives at the United Kingdom joint money laundering intelligence task force, establishing Standard Chartered Banks financial crime frameworks for digital assets, and building the due diligence department at a crypto Fintech. She has been a speaker at Interpol, the Royal United Services Institute, and various other client and industry events. So I will turn it over to Danny now to get us started on our first trend. Everyone, thank you for that kind introduction. Rama, great to be with everyone and great to be with you, Catherine and Nikki. We're gonna jump right in and start off, with number 1, jurisdictional progress meeting global AMLCFT standards. Now this this may seem a little bit like pie in the sky, but it's really, really important because what happens at the global level, what happens, by jurisdictions who are providing increased support to their AMLCFT regimes actually translates into regulations, into guidance, into implementation by the private sector. So the good news is that in 2024, we continue to see huge progress in meeting global AMLCFT standards. There were significant improvements in technical compliance with FADF standards, the 40 recommendations. According to the Basel AML index, which was just released in December, the largest progress were in the areas of targeted financial sanctions, measures to address higher risk countries and PEPs, and in customer due diligence by designated nonfinancial businesses and professions to close so called DNFVPs. And these are often called the gatekeepers of the financial system, the real estate agents, the dealers in precious metals and stones, the lawyers, the accountants, the trust and company service providers. These areas have traditionally been, an area of low performance globally, so it's really good to see this progress by DNFPPs. And the b f the Basel AML index also found that this improvement in technical compliance was mainly driven by low performing countries catching up. So including in some cases as a result of being on the FATF gray list. So I wanna make an important point here about the FATF gray list because it's often misperceived as simply, being a public list of high risk countries for money laundering. In fact, when FADF places a jurisdiction on its gray list or under increased monitoring, it means the country has committed to implement a very detailed action plan and to resolve to identify to resolve identified deficiencies in their AMLCFT regimes within agreed time frames. So the gray list process has has actually served as a huge catalyst for reforms worldwide. And I could tell you firsthand in working with our clients and partners in the United Arab Emirates, for example, we've worked with the executive offices there in charge of AMLCFT, in charge of targeted financial sanctions, the FIU, the Central Bank, the Ministry of Economy, which oversees DNFPPs there, that the knowledge and understanding of these teams of FATA standards and guidance is outstanding. You could tell that they've been working full time over a sustained period of time getting smart on FATF requirements and implementing their action plan to demonstrate that they deserved in, to exit the FATF gray list. And this kind of thing is happening all over the world. In 2024, the FATF removed the UAE and 6 other countries from their gray list. And I think altogether over time, over a 100 countries, have gone through this process, and more than 80 have exited the gray list. So in contrast to the progress with technical compliance, though, with the FADF recommendations, as a whole, we have a long way to go on effectiveness measures in our AMLCFT regimes. So, again, according to the Basel index, the average effectiveness, of AML measures globally remains low at 28%, and that's down over the past few years. So we're struggling most on this effectiveness rating, with investigations, prosecutions, and sanctions. These are at the bottom of the list at just 20%, and that followed by the misuse of legal persons and arrangements and the availability of beneficial ownership information at 20 at 21%, which brings me to our outlook. So moving forward, the FADF is beginning its 5th round of evaluations, and those are gonna emphasize effectiveness over compliance. So countries are gonna need to put in more effort to improve their effectiveness ratings. The upcoming evaluations scheduled for 2025 include Malaysia, Belgium, Singapore, Austria, Italy, Canada, and Turkey, and those are gonna be followed in 2026 by the United States, Mexico, the UAE, China, among others. And, finally, just a word that the that Mexico assumed the presidency of FATF last year and has established 5 priorities for FATF to work on over the next 2 years. And these include ensuring a successful start to the new round of evaluations and then supporting effective implementation of revised FADF standards with a focus on asset recovery, beneficial ownership, and virtual assets. So there's number 1, jurisdictional progress meeting global AMLCFT standards, and I'll turn it over to Nikki for number 2. Hi. Thanks so much, Danny. It's really great to be here with my wonderful colleagues. So no top ten list would ever be complete without Russia sanctions lately. Right? And secondary sanctions on Russia in 2024 were a pretty big deal. The whole drama started in December of 2023 when president Biden signed an executive order 14114 authorizing secondary sanctions on foreign financial institutions that engage in significant transactions with Russia's military industrial sector. So and that will be regardless of whether there was a US nexus to the transactions. That's really the whole point of the secondary sanctions. So that caused some major banks in China to get a little nervous and stop transacting in Russia and Belarus. This included the leading settlement bank for Russian importers working with China, which notified clients it was suspending operations with Russia and Belarus. So that was a pretty effective threat, but then came June 2024, and the risk became even more significant. Treasury assessed that Russia transitioned to a full wartime economy, and that ratcheted up the risk of secondary sanctions for foreign financial institutions. Treasury said any individual, any entity sanctioned pursuant to this executive order 14024, which is the Russia harmful foreign activity sanctions, is now part of Russia's military industrial base. So foreign financial institutions now risk being designated for conducting or facilitating significant transactions or providing any service that involves anyone who's blocked personal to EO 14024. And that means thousands of individuals, entities, and vessels blocked personal to that order. It's pretty impressive. Right? In addition, the United States warned countries trading with Russia that they also risk secondary sanctions if they allow Russian banks to establish local branches that would finance the supply of goods and technologies for Russia's war machine. So banks in countries like China, like the UAE, Turkey are facing a higher risk of enforcement by the United States. And frankly, they're pretty hesitant to lose access to the US dollar. So Danny and I keep rooting for these secondary sanctions to be imposed, and we're still waiting. That said, we're seeing middlemen popping up, willing to take the risk of violating sanctions. Also, Russian exporters are turning to barter to avoid payment delays caused by the secondary sanctions risk. So these are some of these alternative payment schemes that are helping Russia continue transacting. You know, just a couple of examples. You have flaxseeds being exchanged for household appliances in a deal with a Chinese company. Russia is also reportedly using a barter trade system with Pakistan, that an agreement that was signed at the Pakistan Russia Trade and Investment Forum last year. And the press reported in August that more barter trading schemes are being developed between Russia and China. So they're kind of going back, you know, to the old times before they could access the global financial system. So because the secondary sanctions are giving nations that are on the fence about Russia a choice. Right? You either do business with sanctioned Russian entities or you can have access to the US dollar, but not both. So that's a very significant sanctions development. And because of that, we're bound to see more of these alternative payment schemes coming up, a lot of crypto schemes, digital assets being used to evade sanctions. So that's a very significant sanctions development. I'm gonna turn this over to Catherine, and she's got the next one. Thank you, Nikki. Thank you, Danny. Speaking of digital assets, now let's have a look at crypto crime, where it's been and what might be coming next. We'll also cover a few actionable, insights, as we as we speak on this topic. So overall, the big headline is crypto crime in 2020 2024 was overall a continuation on trends from previous years, an increase in the number of hacks and increase in the value. We had a few, you know, a few variations on that in previous years, but now we seem to be seeing a steady trend. And what we have on the slide here, are actually interim data from December. So we're still awaiting the final analysis from last year. So let's zoom in on 3 real life examples and and what we can draw from those. So the first one is that a lot of crypto crime is still state sponsored. And here we're talking about North Korea, which uses malware, social engineering, and theft, to steal crypto and fund its weapons program. So in 2024, thefts by North Korea were about $1,000,000,000 and that represents 61% of the total stolen. So really, really significant proportion as well as, financial value. The trend is towards slightly more frequent, effects and slightly lower values than it has been before, but obviously really large numbers. And one trend we'll highlight here is, the one of North Korean IT workers infiltrating tech companies and compromising their integrity. So this brought in as much as $600,000,000 a year, for North Korea according to some United Nations estimates. And these, these workers use false identities, third party hiring intermediaries, and then manipulate remote work opportunities to gain access. This is not this is not new. It was reported on in an alert by US OFAC Treasury and the FBI a couple of years ago, but it is gaining more attention. And the significance here is that typically when we're thinking about sanctions, what we're thinking about is custom due diligence. We're thinking about transaction monitoring. But what this represents is a need to also be thinking about due diligence on your employees and making sure that you have strong internal controls and segregation of duties in case there is a is a compromise of some kind. Because obviously, paying North Korean workers is actually a violation of sanctions. The second trend we'll look at is the use of crypto for terrorism financing. That's still continuing. And the point to highlight here is that that can be domestic, like internal to a country. There can be internal activities as well as, an international aspect to it. The headline that we see here, is the prosecution of an individual who was in the United States. He raised funds via social media, receiving them in the form of electronic transfers, as well as collecting cash. And sometimes he traveled 100 of miles to collect, the cash that he had raised And he then converted it into, crypto where it was sent to Turkey and then onto ISIS in Syria. That that funds or a proportion of those funds were used for funding prison escapes, terrorist attacks, and and for fighters more generally. The amount was involved was a $185,000. So that's not very large, particularly when we've just talked about some very large numbers when it comes to crypto crime, which is often the case with terrorism financing. The amounts involved are not necessarily large, but the impact can be significant. So the action here is, you know, keep on with keep up with the due diligence, screen wallet addresses, and, you know, maintain awareness of, of new trends and and emerging typologies. And the third the third example that we'll use is without question, I would say a good, and that is, the UK enforcement action called Operation Destabilise. This was, action taken against, Russian money laundering network that extended to the UK, Middle East, Russia, and South America. The way that the the money laundering worked was to hand over cash in one country and then there was a movement of crypto of the same value that was paid to the criminal organization. And they used that to reinvest in illicit businesses, to buy drugs, buy weapons. The outcome was 84 arrests and seizure of £20,000,000, British pounds in cash and crypto. The sanctions were also announced by OFAC against individuals and businesses involved. And the key takeaway on this one is that compliance, we often focus on cross border transaction as being representative of high risk and that's true. They certainly can be. But in this case, the network laundered the funds without cross border transactions being involved. So there were, parallel transactions, that that moved the value but without it being a direct cross border transaction. So action here, monitor unusual activity and remain alert to emerging trends and and typologies. The other key takeaway, which I think makes this a definite good, is that it was a really effective international action. So the UK National Crime Agency, the US Department of Treasury, FBI, and DEA worked with law enforcement in France, Ireland, and the UAE to bring about a successful outcome. Love it. Love it. International collaboration and cooperation. That that is a foreshadowing of a future, top ten here. But before we get, to that, we're gonna start we're gonna hit number 4 here. Major develop AML developments in Europe. To put it simply, 2024 was a massive year for the AMLCFT regime in Europe. EU member states have long felt the need for more harmonized legislation and practices, a common approach to combating money laundering and terrorist financing. They've long had challenges, including fragmented rules, uneven supervision, and limitations in cooperation between FIUs. All of that changed in 2024. The EU developed a comprehensive legislative AML package that included rules for effective implementation of existing rules, a uniform legislation among EU members, a support and cooperation mechanism for local FIUs, and better use of information to enforce criminal law. The AML package included 3 legal acts, a new EU regulation that replaced most of the 4th AML directive, a new EU directive known as the 6th money laundering directive, and a new EU AML authority known as AMLA. The regulation will start applying in mid 2027, and then the, directive is gonna be implemented into national laws also by mid 2027. And AMLA will start its operations in 2025 and be located in Frankfurt. As you can see from the timeline on the slide, a chair of AMLA was selected in December, Bruno Sego from Spain. The Frankfurt office is set to open soon and begin operations in the middle of the year. And by January of 2028, it will be fully operational with over 400 staff and start direct supervision activities. Now the purpose of AMLA is is to strengthen the EU's defense against money laundering and terrorist financing by enhancing member states' cooperation and standardizing the application of AML measures. Among other things, AMLA will contribute to harmonizing and coordinating the financial and nonfinancial sectors supervisor practices by supervising high risk cross border financial entities and by coordinating the EU member states FIUs. So that's number 4. Over to you, Nikki, for number 5. Alright. So I I have to say, I I was stationed in Frankfurt for 4 years almost when I was in the army, and it's one of my favorite cities. It's beautiful. So I'm super excited about that. So let's talk about the maturing of sanctions regimes in Europe. They're growing. They're evolving. They're developing both in the UK and the EU. We put this topic on one slide, and I'll go into some of the significant developments. The big thing is that the evolution of these regimes significantly increases sanctions pressure on Russia and other illicit actors. The EU's no Russia clause has been in effect since March 20, 2024. It requires sales contract clauses that prohibits certain reexports to Russia and for use in Russia. Right? So these include dual use goods, advanced tech that's used in Russian military systems, and aviation goods and services and weapons. So the UK does not require a no Russia clause in contracts, but it does flag the inclusion of the clause as a due diligence best practice to counter the risk of diversion. The EU also expanded its sanctions reach. European countries have long criticized US secondary sanctions as extraterritorial. You know, it's none of your business, United States, what we do. It's you know, if it's not touching the US financial system and doesn't have a US nexus, who cares? Well, now that landscape is shifting and evolving. In response to Russia's continued sanctions evasion, both the UK and the EU have quietly introduced measures with extraterritorial effects. Not specifically secondary sanctions, but it does signal a more expansive approach to sanctions. In an effort to close loopholes that continue to give Russia access to restricted goods, European regulators now focus on the subsidiaries of Western companies in 3rd countries. So that's where the no Russia clause comes in because European companies are now expected to direct their non EU subsidiaries to comply with sanctions like any other EU entity. In addition, the EU also has harmonized rules for punishing sanctions violations across all member states, including stricter penalties and higher fines on both companies and individuals. Meanwhile, the UK has also expanded its Russia sanctions regime, giving the government the authority to target foreign financial institutions that facilitate transactions involving Russian strategic sectors, even if they're operating outside the UK's jurisdiction, barring their access to the British pound. How familiar does that sound? Does that sound like US secondary sanctions? The EU has also a new sanctions framework implemented just in October. Given Russia's hybrid attacks targeting EU members, the new framework will allow the EU to target individuals and entities engaged in actions and policies by the Russian government, which undermine the fundamental values of the EU and its member states and also their security, their independence, and their integrity, as well as those of international organizations in third countries. The EU designated 16 individuals and 3 entities entities under this new regime in mid December, so really, really recently. I also want to quickly mention ATSI. I would sound goofy, but it's the UK's office of trade sanctions implementation. ATSI is responsible for enforcement of sanctions that prohibit trade of certain goods, provision of certain services, and the provision of, restricted technologies outside the UK. ATSI will also be responsible for enforcement. So they'll be enforcing suspected circumvention of these sanctions and compliance with requirements like notification and reporting. So what we're seeing here and what we're gonna see in the future is continued development. Russia's full scale invasion of Ukraine really forced you EU and UK sanctions regimes to grow and develop. And we're gonna see more focus on closing loopholes, on enforcement, on making sure that Russia cannot gain access to restricted goods, technologies, and the financial system. Alright. Well, back to Catherine, I think. Catherine, is that you? Yes. It's me. Thanks, Nikki. So continuing on with the theme of extraterrestriality, goods, services, and technology, let's take a look at export controls. So export controls are restrictions that are applied to export and other activities of goods, software, and technology, And their objective is to support national security and collective security objectives, among other things. So the US Bureau of Industry and Security administers the dual use regulations for the United States. And that dual use means items that can be used for both military and civilian purposes. But BEAST has significant extraterritorial reach. So what they're doing is relevant, much more broadly than the United States. And what we've seen in the lead up to 2024 and particularly in 2024 is an intensifying focus on banks. So it's obviously obviously good to be taking action against illicit procurement networks, but it does require compliance programs by banks who might not readily have the data available to be making decisions about, whether the trades that they're financing, represent unlawful trade. So if, a bank is has a wide transfer that's being processed, it's not necessarily that much detail, about whether what what the item is that's being financed, the end use and the end user. And particularly for jewel jewel use items, that client might be servicing, civilian commercial purposes, as well as potential other more restricted uses. So the new guidance for Visa was issued in October 2024 focuses specifically on financial institutions, and it draws on wording in the regulations called general prohibition 10. That's on the slide on the top left and it says that you may not finance activity with knowledge that it's a violation of export control regulations. What BEAST provides in the guidance is, red flags that it considers would be would be sufficient to meet the requirement for knowledge. So if you're a bank and any of these red flags are present, then this is probably going to interpret that as being you had knowledge that that was a violation. So a really, a really significant focus on financial institutions. So if we look towards the future, what what do we see coming? So under the new administration, national security will continue to be a focus. I would expect to see a expansion in the scope and complexity of the dual use regulations, particularly those focused against countries like China and Russia, which have been a traditional focus as well. And export controls will form 1, policy tool alongside economic sanctions and other measures. So in 2025, with that focus on financial institutions, we'd expect to see increasing focus and possibly even an enforcement action. If we look at other countries and look more internationally, we're seeing action in those countries as well. So the United Kingdom issued a red alert, which is an advisory about a year ago on export controls. The g 7 have taken a more prominent role. Just a couple of months ago, they issued, their own, advisory. And if we zoom in on other countries, so to to give a real spotlight, on Thailand, the Bank of Thailand has directed that additional documentation use items which it recognizes can be used to support money laundering, terrorism and human rights violations. So the Bank of Thailand is requiring banks to develop systems and tools to effectively monitor dual use and common high priority items. Common high priority items are those that are high risk of diversion to Russia. So, bringing this all together, export controls are an increasing will continue to have a a real focus. This is going to focus on financial institutions that has global effect, and we're seeing multilateral bodies in other countries, are also focusing on dual use as one of their policy areas. Thanks, Catherine. I'll I'll just say a word too about, well, first of all, go Thailand. And, second, we have heard from a lot of our friends and colleagues, in the industry that the thesis guidance for financial institutions has is really having reverberations, and be on the lookout for some guidance. We think that Wolf Wolfsburg is probably gonna issue, for financial institutions, and others in the future. So let's go to number 7, major AML developments in the United States. So we also saw some major developments in 2024 in the US on the AMLCFT front. Early in the year, treasury released 4 major documents. The first was the National Money Laundering Risk Assessment, which was a 103 pages and 440 footnotes, by the way. And they also I issued the national terrorism financing risk assessment and the national proliferation financing risk assessment. So these reports are updated every 2 years and highlight the most significant illicit finance threats, vulnerabilities, and risks facing the United States. Fun fact from the money laundering risk assessment, the crimes that generate the largest amount of illicit proceeds laundered in or through the United States are fraud, drug trafficking, cybercrime, human trafficking, human smuggling, and corruption. Not coincidentally, treasury followed these publications with the release of their national strategy for combating terrorist and other illicit finance. The strategy highlights what the US was doing or planning to do to address the key risks that were highlighted in the risk assessments. So, for example, the risk assessments called out the misuse of legal entities as a high risk, and FinCEN rolled out the new beneficial ownership reporting requirement that went into effect on January 21, 2024. The risk assessment's highlighted, as a key risk, the lack of transparency in certain real estate transactions, and FinCEN later issued the proposed and final rule to address illicit finance vulnerabilities in the residential real estate sector. And finally, the risk assessments called out the lack of a comprehensive AMLCFT coverage for investment advisers, and FinCEN issued the proposed and later long awaited final rule to address illicit finance vulnerabilities for certain investment advisers. I'll say a quick word about the outlook for this year. I think we're we're obviously gonna see implementation challenges in these sectors as AMLCFT requirements are relatively new to them. In fact, k two Integrity, our sister company, is conducting a a webinar right now for investment advisers, explaining and answering questions about the new rule. We've also seen a number of legal challenges, including to the constitutionality of the corporate transparency act, that required beneficial ownership reporting, which will which may go all the way up to the Supreme Court, this year. So keep an eye out for that. And then for all of you who work for US regulated financial institutions, be sure to read FinCEN's proposed rule to strengthen and modernize financial institutions AMLCFT programs. I know that's a mouthful, but this is expected to go, into, become a final rule this year, and it's going to explicitly require FIs, financial institutions, to do a couple of things. To establish effective risk based and reasonably designed AMLCFT programs with certain minimum components and to review government wide AMLCFT priorities and incorporate them as appropriate into risk based programs. And finally, we can't discuss AML developments in 2024 without mentioning the record $3,000,000,000 fine of TD Bank for AML violations. Fines like this are staggering, but are important case studies and lessons learned. We published an article and updated our foundations of AML elearning course with a case study on TD Bank that highlights how criminal actors used multiple money laundering techniques to exploit vulnerabilities and AML lapses by the bank, including structuring and shell companies, complicit professionals, precious metals and stones, and digital assets. Kicking it back over to you, Nikki. Okay. So, yeah, she's not gonna talk about Russia anymore. We're gonna talk about North Korea. Okay? As you may know, the UN panel of experts established under the UN Security Council, resolution 1874, published its final report last March. So why was it the final report? But, sorry, we're going back to Russia. Because Russia vetoed the Security Council resolution to renew the panel's mandate. There's very little good that came out of this development other than for Russia, who's been engaged in illicit financial activities and shipments to North Korea. The panel would issue reports that contain vital information on North Korean sanctions of Asia and that part of its and and that of its international partners. Right? Like, well, Russia. Is it anyone or the Russians killed this panel? Those who are worried about the UN's role in combating proliferation of the weapons of mass destructions are correct to do so given the amount of information those reports contained. That last report was more than 600 pages of information demonstrating a ton of evidence that North Korea was flouting UN sanctions. The panel investigated reports about North Korean supplies of conventional arms and munitions, their cyber attacks, North Korean nationals working overseas, in violation of sanctions, as Catherine mentioned previously, especially in the IT and construction sectors. So the panel investigated these cases of the country's financial institutions and representatives reportedly operating abroad. Their joint ventures and cooperative entities and illicit wildlife trafficking. Again, any wonder that Russia killed this panel? It contained too much information about Russia's involvement in these illicit activities. The UN sanctions on North Korea remain in place, however, at least for now. The question is, and that's a big question, for how long? 2 of the big powers on the Security Council, Russia and China, no longer seem interested in preventing proliferation. So if one of them has already killed the panel of experts and both Russia and China have been gradually trying to kind of chip away at the panel's autonomy, like, for example, the two countries' efforts to make changes to the panel's mandate. So where does this leave the UN sanctions regime against North Korea? And what does it mean for counter proliferation efforts? These are big questions. Will either China or Russia weaken the UN sanctions regime by demanding chain changes or blocking new designations. Russia claims the panel's report was biased, of course, despite the enormous amount of citations to support its assessments. The lack of authoritative reporting on North Korean sanctions evasion is concerning. Global powers will now have to rely on their own assessments about sanctions evasion and base them on credible reporting, which means that more analysis for their intelligence sources will have to be done. So the global enforcement and monitoring mechanism has definitely been weakened. The good news in all of this, if you can call it good good, but it's good, is that information sharing among countries concerned about proliferation likely will increase. So there'll be a lot more analysis for individual nations to do, but, well, it is what it is. The panel of experts used a lot of media reporting in its reports. Individual nations will have to do the same, except they won't have said reporting kind of wrapped up in a neat little package for them to examine. The United States and its and its partners in October announced their intent to establish the multilateral sanctions monitoring team to address the threat arising from North Korea's weapons of mass destruction and ballistic missile programs, which are in violation of UN Security Council resolutions. Right? So this means we're gonna see closer cooperation between the United States and countries like Germany and Italy and Japan and others. The team will aim to continue the UN panel's work, including issuing regular reports. May not be the same thing, but we're sure to see increased efforts to monitor the sanctions of Asian that North Korea is engaged in. Back to you. Thanks. So back to digital assets. We touched on enforcement actions very briefly earlier. And what we'll do now is we will focus in on one specific one and some of the implications that it has. So one of the key actions from 2014 was the, prosecution of the operator of Bitcoin Fog. Bitcoin Fog, was a mixer. So a mix of blends digital assets from multiple sources. It makes it more difficult to follow the transactional trail, so they are attractive to illicit actors trying to launder proceeds. The case focused on the use of Bitcoin Fog to launder the proceeds from darknet markets, and it included a really detailed discussion on the admissibility of blockchain analytics, evidence. And this has this has implications beyond just legal processes. So if we look in more detail at what the court's findings were, firstly, it recognized that data and tools are necessary to interpret high volumes of data. So the judge called it an overwhelming mass of data where, no jury could possibly interpret it, without the use of, tool. So but what was also important was that the methods used in that software could be traced. So if you put the same inputs into it, you would get the same outputs into it. So if you if you, ran the software over the same data, it would be able to identify which wallet addresses were associated with which dot net market or with Bitcoin Fog itself. So the word for that is deterministic, and you could even achieve those same results if you if you did your analysis manually with a pen and paper. You would obviously need a lot of time compared to using software to help you, but it is possible to replicate and to validate the results using manual methods. The software could provide really detailed data, and we have some examples of this on the bottom right of the slide, on which heuristics, meaning rules, were used to link addresses to each darknet market. So it had some really, really specific data on, this rule was used to identify this many addresses associated with this specific dark net market. And this that kind of, that kind of information is really important for traceability, meaning how you reached a decision. The 3rd key, key output from this is that the blockchain analytics software was only used to establish the order of magnitude of the illicit proceeds. So it clustered or or identified, an associated, 900,000 addresses and 1,300,000 bitcoin in receipts and 1,300,000, bitcoins in in in transfers, which is a a really huge, a really huge number. But there was also a lot of other evidence that was used by the prosecutors, in bringing their case. So there was evidence found on, the Bitcoin folk operator Sterling of person. There was IP address data. So what they called what they said was that, the blockchain analytics was a minor witness in the case. And this was really significant, and it was specifically recognized that using software and analytics for this kind of order of magnitude purpose is quite different from relying on it to identify whether a single address or a small number of addresses was correctly attributed. And, of course, the the final point here is that this was only about whether that data could be used in a trial. Not it was not saying it was correct, but it was saying, yep. It's fair to present this to a jury and then the defense could challenge it. So if we broaden out these principles beyond the specific, the specific enforcement action, the specific legal setting, what do we what can we interpret this? So if we are trying to use tools for decision support in our organization, what things should we keep in mind? The first one is using tools, for analytics is acceptable and it's actually necessary if the data volumes are high, but we need to be able to provide traceability. So to be able to explain the methods and the rules used to reach a conclusion that that data and that methodology needs to be there. And the final point when we interpret it in, say, a financial, institutions context is that higher, like, high fidelity is required to for more specific decisions. So drawing a financial services parallel, we might say that using blockchain analytics to estimate the risk associated with the whole client segment, yep, that's that's entirely valid. There's no problem. But if you are using it to make a decision about exiting a specific customer, then you might need to do some more validation and some more, diligence before relying on it entirely for that decision making. So, an enforcement action and its broader implications. And I'll hand back to you now, Danny. Good stuff. Thank you, Catherine. So we made it to number 10, and my favorite item that we foreshadowed earlier, increased interagency and multilateral collaboration. So this is one of my favorite topics, and that's why I chose it to round out our top 10. Although much of this goes unnoticed to the public, and Nikki and Catherine have heard me say this before, I contend that there is more interagency and multilateral collaboration and cooperation on AMLCFT, financial crimes, sanctions, exports controls, and counter illicit financing going on today than in any previous point in world history. Now I don't have any underlying study or assessments to prove it. It's based just on my direct experience working in this field as a public servant for 20 years and what I've observed over the past 5 years. We've simply seen more and more designations, indictments, and prosecution announcements that are part of multiagency and multinational efforts than ever before. We've seen more joint initiatives like the Price Cap Coalition, and like what you see on the slide there, the cross border financial crime center, which is a public private partnership of federal law enforcement agencies, partner nations, financial institutions, and fintechs that DHS established to promote collaboration on cross border financial crime. We've seen more joint operations, like HICI 5, which was an Interpol supported operation in 2024 that involved law enforcement from 40 countries, including, by the way, South Korea, China, and the United States, targeting, 7 types of cyber enabled fraud that ended with the arrest of over 5,500 financial crime suspects and the seizure of more than 400,000,000 in virtual assets. The bad news, of course, is that illicit actors are also collaborating more than ever before, and we can see to continue to see an increase in cross border financial crime and borderless cybercrime. A good example of this was exposed by Operation Endgame, which was an FBI led, multilateral coordinated cyber operation that involved Denmark, France, Germany, the Netherlands, the UK with assistance from Europol and Eurojust that dismantled a multinational criminal infrastructure responsible for 100 of 1,000,000 of dollars in damages worldwide. Also, law enforcement in the Ukraine, Portugal, Romania, Lithuania, Bulgaria, and Switzerland supported police actions to arrest or interview suspects, conduct searches, and seize and take down servers. So one of the cool things about working in the financial integrity space, is the teamwork and collaboration with so many different actors across sectors and jurisdictions. And even nations with complex and adversarial relationships often find common ground to work together to combat money laundering and other financial crimes. A great example of this that a lot of people probably don't know about, is that the US Treasury Department and China's Central Bank have established working groups on AML and counternarcotics and have been meeting and exchanging information on money laundering as it relates to trafficking of Fentanyl and other drugs. There's a similar group, between US and Mexico that's been working together for more than a decade. So one of the things I'll be out, on the lookout for this year, especially, with the incoming new administration in the US, is the impact, if any, on these important bilateral and multilateral initiatives. Hopefully, they will continue to strengthen, and produce positive results. So that rounds out our top 10, and we'd left, some time here for questions. And we've actually received some really good ones. And I'm gonna start off by asking the first couple of questions, and I think these are gonna be, open to the group. First off here is what are the best standards to be used in higher risk or less stable countries? And, Catherine, let's go to you first on this one. Sure. So I think I think the starting point are global standards, whether we're talking about private sector or public sector initiatives. So the financial action task force, for example, or the United Nations, what standards have they set out? So that provides a consistent and quite structured starting point for financial institutions. Groups like the Wolfsburg Group publish a lot of really valuable guidance. So I would say start with regardless of which country it is, whether it's, you know, high risk or stable or not stable, start with those global standards because they're consistent, they're structured, and, by applying those, any any, program will meet international best practices. From there, of course, you need to consider your specific regional or country context. So that includes local regulations. It includes quite a lot of, regulators might publish things like a sectoral report or a digest of changes. Look also at enforcement actions both globally and within that region or country. So global enforcement actions and the weaknesses that they identify in compliance programs can be used to inform your own, measures that you're putting in place. It's useful to look at global ones because it provides a bigger dataset than if you only look at ones in your country or region. But country or region specific ones are also valuable because they have may have findings that are specifically relevant to the risks in your location, whereas global ones may not be relevant. I would say focus on recent enforcement actions because much older enforcement actions, while there still can be something learned from them, a lot of those best practices or a lot of the measures that were needed that weren't in place will have already been incorporated into standard compliance programs. So look at the international standards, look at the country and regional standards, look at what's, you know, what's what's happening in terms of new typologies. And I would say also build, build relationships with public sector bodies. So this touches back on the public and private aspect of it because by working together, you'll be able to get, you know, early early information about emerging trends or, or threat actors or their typologies. And I think this is a useful approach probably particularly in maybe some high risk jurisdictions, because if the regulatory regime is still developing in those countries, by applying international best practices, you're future proofing your compliance program against changes that may come later. So, for example, if you're even if you're even if regulation doesn't mandate something, at that point, if you meet an international best practice, then as the regulation, you know, perhaps strengthens and becomes more diligent, your compliance program will already be ahead and will already meet those requirements, and you won't have to repeatedly reengineer it as the the bar gets higher. So those are those are my thoughts on that question. I don't know, Danny or Nikki, if you want to add anything. Sure. I actually echo everything that Catherine has said. And I wanna look I wanna look at enhanced due diligence in particular because it is critical in high risk countries. And that can include anything from documentation review, make it more regular, and site visits to adverse media screening, making sure you're using credible sources and corroborated claims. So the big thing is understand your risks because they're different jurisdiction to jurisdiction. We talk about using the risk based approach. In these types of countries, the risk is obviously higher. So you may increase the monitoring you do of the business relationships and take extra measures to understand your customers there, their background, their possible links to politically exposed persons or sanctioned individuals, depending on what country you're transacting in, and know the jurisdiction. I always stress jurisdictional knowledge. Understand it. Understand how it works. Is the country known for corruption? Is it a country known to be used by sanctions debaters to hide assets or to access the financial system from which they might be barred? Understand the jurisdiction and culture. Because in some countries, corruption, for example, is just the cost of doing business. And those guys, they don't think they're doing anything wrong. That's just the way things are. So examine all those issues. These are cultural issues that you need to understand, and determine whether these risks are risks that you're willing to take. What a that was a thorough and great answer. I don't have much to add except I'll just say for 20 seconds. We work with a lot of banks in Iraq, which is a high risk jurisdiction, and they are very interested in cross border transactions and relationships with correspondent banks. So it did when we start off the training with global standards, just like Catherine said, local regs, but it's important for them to understand the expectations of global banks who they want to serve as their correspondents who are often dealing with US laws and EU regulations, as well. Let me move on, to the next question, which is due to regulatory scrutiny on sanctions, is there a risk that firms and regulators are not detecting sorry, are not dedicating sufficient attention and resources to other types of financial crime? Nikki, you wanna take this one to start? Sure. So there's always a resource war. Right? And, yes, given the attention on sanctions lately, there's a risk that if you allocate more resources to sanctions compliance, other financial crimes will suffer. Here's the thing, though, and this is something you really need to remember. Information can be shared. Teams can collaborate. We talk about the convergence of AML sanctions, etcetera. This is the financial integrity umbrella that we like to refer to. Many of the tools and resources and even the red flag indicators that are applicable across the board, Everybody can use them. So, yes, while resources are tight, due diligence research, data, red flags, monitoring can all be a collaborative effort among teens. Digital tools have also improved significantly over the past several years, and technology solutions can help make compliance work just more efficient across teams. So tasks that are considered kind of basic, like list screening, scanning for risk indicators and red flags, and adverse media monitoring can be quicker, which would free up resources for other or more advanced tasks. I always stress work with your AML team. If you're Ascension's compliance team, work together, share information. And that way, the resources that do exist are gonna be used more efficiently. So adding to that, and in our last last couple of minutes, what I would what I would say is that within a financial institution, a lot of the, risk indicators or the methodologies used by different types of, illicit actors, they actually use the same methodologies. So for example, a shell company, shell company you shell companies you use for export controls of Asian, for sanctions of Asian, for money laundering. So as a financial institution, if you are looking for those indicators and finding those indicators, you're addressing multiple types of financial crimes. And obviously, your subsequent investigation may be able to identify what is the predicate offense or what is the underlying offense. But a lot of the methodologies and in some cases, the networks involved actually have, overlap between different types of financial crime. So that's some good news about, if you're if you're tackling, one financial crime, you you potentially are tackling others as well. I think, I think I'll probably probably leave it there given that we have only a little bit of time left. So I might hand over for a few closing comments, Sunny. But what I would say is we've had a lot of really great questions coming. We had presubmitted questions, and we had questions in the chat. So, very happy to, to continue discussing those at subsequent webinars or, you know, we we always look at the questions and publish, you know, articles and and other content on them afterwards. So if we don't get them to to them today, then we do really appreciate them. I'll leave it there for me for now and, hand over for closing remarks. For sure. No no no, closing remarks, from me necessarily over other than to say thank everybody for your time. We're here if you need us, and I think, we're gonna have Rama jump back on in a second to close this out unless, Nikki, you have any last word. Nope. No last words. Just wanted to say thank you for everybody who joined. If you have questions, please feel free to ping us. We're all on LinkedIn. We have, you know, ways on on IFI's website where you can ping us questions. We're happy to answer them, so please please engage with us. Thank you. Thank you, everyone. Thank you, Catherine, Danny, and Nikki for sharing your insights with us, and thank you to everyone for joining us today. I know we can all talk about these topics for hours, but we hope you gained value from today's discussion. Please expect a follow-up email that'll include access to a recording of today's discussion. We hope to see you all again soon, and thank you for your time.