Dipping Through Geometries

On July 8, the Dutch Banking Association (NVB) announced that five Dutch banks had signed an agreement to establish a new entity, Transaction Monitoring Netherlands (TMNL), that is to monitor transaction activity across all participating banks.  Those banks include industry leaders ABN AMRO, ING, and Rabobank, as well as two smaller banks, Triodos Bank and de Volksbank.

The NVB stated that the TMNL initiative, which will be an addition to the banks’ individual transaction monitoring activities, “will focus on identifying unusual patterns in payments traffic that individual banks cannot identify.”  It also noted that the banks were “working closely” with Dutch government partners such as the Ministries of Finance and Justice and Security, the Fiscal Information and Investigation Service (FIOD), and the Financial Intelligence Unit (FIU).

The genesis of the TMNL initiative was the June 30, 2019 proposed action plan by the Dutch Ministers of Finance of Justice to combat money laundering more effectively.  One of the elements of that action plan was removal of existing legal obstacles to interbank data sharing for cooperation in transaction monitoring and blacklisting of “unusual” customers.

Subsequently, the five banks studied whether collective transaction monitoring is technically and legally feasible under the aegis of the NVB, whether TMNL can add material value in the fight against money laundering.  According to the NVB,

The research showed that collective transaction will allow for better and more effective detection of criminal money flows and networks in addition to what banks can achieve individually with their own transaction data. It also showed that combining transaction data will provide new (inter-bank) information that will be useful in the fight against financial criminality. The study findings have recently been discussed with some of the public parties involved.

The NVB’s announcement indicated that certain legal issues remain concerning banks’ capacity to share transaction data.  Accordingly, the NVB stated that an amendment of the Dutch Anti-Money Laundering and Anti-Terrorist Financing Act (Wwft) “is foreseen to enable full-scale collective transaction monitoring.”

At present, the construction and development of TMNL is to be done in phases.  The NVB reported that the participating banks “have decided to start with this initiative now in anticipation of the proposed amendment to the legislation, due to the urgency of the fight against money laundering and the financing of terrorism and the support from government bodies.”  It added that a basic assumption “is that other banks will also be able to make use of TMNL in due course.”

Note: The TMNL initiative represents a potentially significant breakthrough for the Dutch financial sector in anti-money laundering (AML) capabilities.  As an NVB infographic shows, the Netherlands is ranked number 8 among the top ten countries most attractive to money launderers, with an estimated €16 billion laundered there each year.  If the Dutch States General can approve the necessary amendments to the Wwft soon, TMNL could not only provide consistent sector-wide oversight of financial transactions, but offer a model for other countries to develop similar initiatives.

On June 29, the Chinese media group Caixin reported that the Chinese jewelry company Wuhan Kingold Jewelry Inc. (Kingold), which had received a total of $2.8 billion from at least 14 Chinese financial institutions over the past five years, had used as collateral 83 tons of purportedly gold bars that later proved to be gilded copper bars.  Caixin stated that the fake gold was exposed in February 2020, when one of Kingold’s lenders, Dongguan Trust, sought to liquidate Kingold’s collateral to cover defaulted debts.  In late 2019, Kingold allegedly failed to repay investors in several trust products.

Caixin also reported that Kingold was being investigated by unspecified “authorities.”  Because Kingold is traded on NASDAQ, however, the apparent fraud could also attract the attention of the U.S. Department of Justice and the Securities and Exchange Commission for criminal and civil investigations.  For example, in its Form 10-Q for the quarter ending September 30, 2019, Kingold affirmatively represented that it had pledged gold as collateral for financial institution loans, and particularly stated that to secure a $280.2 million loan from Sichuan Trust, it had pledged “7,258 kilograms of Au9999 gold.”

Note: The size of this alleged fraud substantially dwarfs the recently discovered $300 million accounting fraud at another Chinese company, Luckin Coffee.  The Kingold situation is likely to heighten the scrutiny of Chinese companies trading in U.S. markets, and to prompt further questions about the degree of care that Chinese financial institutions are using when making collateralized loans.  “Ghost collateral” has been recognized for some time as a problem in the Chinese financial sector, and this latest development provides further confirmation that Chinese financial regulators are failing to deal aggressively with that problem.

[Note: Since the date of this post, there has been no indication that investment bank CFE has been charged with or convicted of any criminal or regulatory offense relating to the sale of bonds created from unpaid invoices.  A 2020 fundtruffle article reported that “financial institutions are often unwittingly involved with the black economy and in CFE’s case, a complex securitisation worth over €2 billion unfortunately had some assets that were tainted by their association with the Ndrangheta, or Calabrian organised crime. The firm may be considered to have quite a high risk appetite but this doesn’t extend to dealing with organised crime, in this case it seems to have been the victim rather than the perpetrator.”]

On July 7, the Financial Times reported that between 2015 and 2019, investors bought approximately €1 billion in private bonds that were “backed by the crime proceeds of Italy’s most powerful mafia,” the Calabrian ‘Ndrangheta.  The bonds were reportedly “backed in part by front companies charged with working for” the ‘Ndrangheta.

Although Italian law did not designate the ‘Ndrangheta as a mafia organization until 2010, one criminologist has stated that it has existed for as long as the Sicilian Cosa Nostra.  According to the Financial Times, the ‘Ndrangheta,  which consists of hundreds of autonomous clans, “has risen over the past two decades to become one of the wealthiest and most feared criminal groups in the western world,” with a collective annual turnover of €44 billion.

The Financial Times stated that the bonds in question

were created out of unpaid invoices to Italian public health authorities from companies providing them with medical services.

Under EU law, overdue invoices owed by state-connected entities incur a guaranteed penalty interest rate. This makes them attractive for special purpose vehicles, which place them into a large pool of assets and issue bonds backed by the expected cash flows from the future settlement of the invoices.

A Geneva-based investment bank, CFE, allegedly constructed the vehicle that sold the bonds to investors, who included pension funds, hedge funds, family offices, and “one of Europe’s largest private banks, Banca Generali.”  Almost all of the deals “were private deals not rated by any credit rating agency or traded in financial markets.”

CFE stated that it “had never knowingly purchased any assets linked to criminal activity,” adding “that it conducted significant due diligence on all the healthcare assets that it handled as a financial intermediary, and that it also relied on the checks of other regulated professionals who handled the invoices after their creation in Calabria.”  It also noted “that the total amount of invoices later revealed to be linked to organised crime made up a very small proportion of the total amount of assets it had handled connected to the Italian health systems.”

Note: This report – on which the Financial Times indicated it will expand in a forthcoming Financial Times Weekend Magazine investigation – indicates the care with which financial institutions need to conduct due diligence on prospective and current investments.  Explanations that a firm did not knowingly purchase assets linked to criminal activities is likely to carry little if any weight with financial regulators — not least because knowing purchases of criminally derived assets would constitute money laundering in multiple countries’ anti-money laundering (AML) laws.   In addition, the report indicates that financial institutions may need to expand their AML risk assessment processes to include systematic intelligence-gathering on significant criminal organizations active in those institutions’ key markets and the principal types of investments those organizations are seeking to exploit.

On July 2, the England and Wales High Court of Justice (Commercial Court) ruled against the Central Bank of Venezuela (BCV) (and, by extension, the government of Venezuelan President Nicolás Maduro) concerning two claims with regard to foreign currency reserves.  According to the Court, the Bank of England (“BoE”) holds gold reserves of approximately $1 billion for the BCV, and Deutsche Bank (“DB”) is obliged to pay the proceeds of a gold swap contract to the BCV in the sum of about $120 million, which court-appointed receivers currently hold.

The crux of the problem before the High Court was the fact that Maduro and the Interim President of Venezuela, Juan Guaidó, had made conflicting claims about the right to give directions to the BoE and DB about what should be done with the gold reserves and the gold swap contract proceeds.  Maduro had added urgency to his claim by asserting, through his representatives, that “he requires the reserves to fight the Covid 19 pandemic in Venezuela.”

With that background, the High Court stated that it had two issues before it:

1. The “Recognition” Issue: In essence, this issue had to do with which person, Maduro or Guaidó, should be recognized as the leader of Venezuela.  As the Court stated, “Pursuant to the “one voice” doctrine the court must accept as conclusive an unequivocal statement by [Her Majesty’s Government (HMG)] recognising a foreign sovereign state or the leader or government of a foreign sovereign state.”

On this issue, the Court concluded that HMG does recognize Guaidó in the capacity of the constitutional interim President of Venezuela and as Head of State, that the meaning of that recognition was “unequivocal,” and that that recognition was conclusive pursuant to the “one voice” doctrine.

1. 2. The Justiciability Issue: This issue had to do with whether, as stated by the ad hoc BCV Board that Guaidó appointed, “the act of state doctrine prevents the English court from entertaining any challenge to the validity under Venezuelan law of the legislative or executive acts by which the relevant appointments have been made.” On this issue, the Court concluded, after an extended discussion of the act of state doctrine, that doctrine precluded inquiry into the validity of certain acts by Guaidó and the Venezuelan National Assembly, stating that they were foreign acts of state and were non-justiciable.  Accordingly, it further held that it lacked jurisdiction because of subject matter immunity.

Note: Although the Maduro government could pursue a further appeal in the United Kingdom courts, the reasoning of the High Court is sound and unlikely to provide a basis for reversal.  In any event, the practical effect of the High Court’s decision is to ensure that Guaidó’s BCV Board remains in control of the contested gold reserves and contract proceeds, and to deny Maduro, who has been actively pursuing those reserves since 2018, the opportunity to pocket them for himself.

On June 22, Bermuda-based insurance provider Hiscox Ltd. announced the release of its fourth annual Cyber Readiness Report.  The basis for the report is an online survey of 5,569 public- and private-sector professionals, responsible for their organization’s cyber security strategy, from Belgium, France, Spain, the Netherlands, the Republic of Ireland, the United Kingdom, and the United States, who completed the survey between December 2019 and February 2020.

Key findings in the report included the following:

• Cyber Losses:  Total cyber losses, based on the survey responses, increased from $1.2 billion to nearly $1.8 billion. One United Kingdom financial services firm had the highest reported cyber losses ($87.9 million), and a United Kingdom professional services firm had the highest loss from any one cyber event ($15.8 million.  Overall, the most heavily targeted sectors were financial services, manufacturing and technology, media, and telecoms.  Irish firms suffered the highest median costs (more than $103,000).
• Cyberthreat Focus on Larger Firms: More than half of enterprise-scale firms with 1,000-plus employees (51 percent) reported at least one cyber incident, compared to 39 percent for the whole sample, and reported the most incidents (a median 100) and breaches (80).
• Ransomware: More than 6 percent of all respondents – one in six of those attacked – paid a ransom after a malware attack. The highest losses that any one company targeted with ransomware (which could include other cyber events) was more than $50 million.  “Whether a ransom was paid or not, the average losses for firms subjected to a ransomware attack were nearly twice those of firms confronted by malware on its own – $927,000 compared with $492,000.”
• Cyber Readiness: The number of firms that achieved “expert” status in Hiscox’s cyber readiness model – which measures firms’ alignment with best practice in four areas: strategy oversight, 0 resourcing, technology, and process — increased from 10 percent to 18 percent. U.S. and Irish firms had the highest percentage of “expert” status rankings (24 percent), while France showed the greatest improvement (18 percent, increasing from 6 percent). Overall, twice as many firms responded to a breach by adding new security and spending more on employee training.
• Cyber Security Spending: Respondents’ average spend on cyber security increased by 39 percent, from $1.47 million to $2.05 million. French firms had the highest average spend ($3.1 million), closely followed by Spanish and U.S. firms ($2.6 million and $2.4 million, respectively). The United Kingdom’s average spend increased dramatically, from just under $900,000 to $1.5 million.  In addition, firms ranked as “experts” spent an average of $4.2 million over 12 months on cyber security, while firms at the other end of the scale (“novices”) spent an average of $1.3 million.
• Greater Cyber Responses: Approximately twice as many firms responded to a cyber event by taking extra measures to combat the hackers. For example, 25 percent (compared with 11 percent in 2019) increased spending on employee training after an attack.  Nearly three-quarters of respondents (72 percent) plan to increase their cyber security budgets by 5 percent or more in the coming year (an increase from 67 percent in 2019).
• Cyber Insurance Coverage: The proportion of respondents who said that they have purchased cyber insurance as a result of a previous cyber event has risen steadily over the past three Hiscox reports, from 9 percent to 20 percent. Slightly more than one-quarter of firms (26 percent) reported that they had a standalone cyber policy, and 18 percent reported that they planned either to purchase standalone coverage or add it as coverage to their policies.  Nearly half (45 percent) of firms ranked as “experts” said that they had a standalone cyber policy.

Note: Hiscox concluded overall that the sharp increase in the frequency and severity of cyber events “is a trend that should concern everyone involved in cyber security.”  Information-security teams should use this report to benchmark their companies’ own states of cyber readiness and incorporate its findings into reporting to senior executives.