Special Feature: PRACTICING DUE DILIGENCE FOR SECURING FOREIGN TRADE

Author: Md. Akmal Hossain, Executive Vice President & Head of International Division, Social Islami Bank Limited

In banking practices, we come across the phrase ‘due diligence’ in numerous ways. Banking is all about practicing due diligence. We are entrusted with a noble role of facilitating the business activities of the country, therefore it is our duty to secure the interest of the economy by practicing all possible due diligence procedures. In cross-border trade, due diligence process is rigorous and covers a wide area of activities to secure a transaction as well as preventing trade based money laundering. When two jurisdiction is involved in a trade, the risk is greater. We have to rely on counter-parties that we even have not known first hand. The standard set of due diligence practices aim to minimize these risks and secure the foreign trade transactions. However, there are layers of due diligence, each of which should be complied accordingly to get the maximum coverage and near zero exposure to foreign trade risks. If we try to figure out the layers of due diligence in foreign trade, we are encountered with several systems and processes at different stages of transaction that requires going through standard set of practices for avoidance of risk associated with foreign trade. These practices covers due diligence on the counter banks and counter parties (importers/exporters) at international level and due diligence on manpower, systems and practices at the organization level. 

If we can combine these two sets of compliance practices as a standard process flow in international trade, a transaction can be secured substantially. A foreign trade transaction involves at least an exporter, an importer, importer’s bank, exporter’s bank and a shipping company. As such, due diligence process involves at least these parties. Assessing the exporter and the importer as well as the counter-bank and tracking the movements of goods is the bottom line of this process. How to assess a bank’s authenticity to be entrusted with a foreign exchange transaction? Shell banks happen to disguise themselves so successfully that banks in weak jurisdictions fall in their trap and suffer huge financial losses. Therefore how to secure transactions from shell banks? Here SWIFT onboarding system can be a way out prevent shell banks from entering well-regulated arena of banking community. Banks worldwide uses SWIFT as the authenticated system for conducting foreign exchange transactions. Therefore, for banks to join the SWIFT interface has to go through a rigorous onboarding process. If all banks join SWIFT by following the standard onboarding process, then there is no way a shell bank can enter this well established and authenticated system. At the very outset SWIFT requires a rigorous due diligence on the company (banks/corporates) that wishes to join the community. 

The bank has to present document that proves that it is a legally established entity, well-regulated and has all the required registration and certifications to conduct the banking activities in the parent jurisdiction. SWIFT also check the composition of Board of Directors and management body of the company besides having thorough check of the audited financials the bank. It’s a requirement as part of the SWIFT onboarding process that two renowned and well established correspondent banks have to endorse the onboarding bank that they are willing to do business with this BIC seeking bank. In addition to that, a separate confirmation letter is obtained from the chairman of the SWIFT user Group in that particular jurisdiction that the entity is well known in the country. Therefore, a three step verification system is ensured. With this check lists in place, it is very unlikely for a shell bank to pass through the due diligence process. PRACTICING DUE DILIGENCE FOR SECURING FOREIGN TRADE However, despite this rigorous onboarding process, we have observed that shell banks still sneak through SWIFT system by procuring false documents. Therefore ultimately it is the responsibility of the banks to know carry out the due diligence and KYC process on its counter-party. SWIFT Relationship Management Application (RMA) enables financial institutions to define which counterparties can send them specific FIN. The use of RMA or RMA Plus is mandatory for user-to-user messages that require an end-to-end electronic signature and covers most types of SWIFT FIN. RMA can be used to identify the message types or message categories a correspondent can send. It can be unrestricted or limited to specific incoming message types. 

At time of establishing RMA with a correspondent bank, it should be recognized that extensive KYC and due diligence requirements need to be met before an RMA can be fully accepted. Banks can have subscription to KYC and due diligence tools such as Accuity and SWIFT KYC Registry, before accepting an RMA request. From these systems, general information regarding the financial institution in question such as Entity Details, Ownership Structure details, Management Structure, Countries of operation, World Rating & Country Rating, Credit Ratings, Correspondent Banks list etc., PEPS and adverse media news must be checked beforehand. Coherence between the provided information and documents of the entity in question on these platforms should also be carefully scrutinized. In order to avoid establishing RMA with shell banks, bank license and certificate of incorporation of the financial institution in question obtained from KYC tools must be checked thoroughly. Besides checking the entity information and KYC documents from this subscribed tools, other KYC documents such as W8-BEN-E, Wolfsburg Questionnaire, Patriot Act Certification, FATCA Certification, LEI certificate, own AML, TBML policy shall be obtained and examined properly. If this information and documents are found satisfactory, the concern desk can proceed for necessary management approval for acceptance of the RMA. The banks should regularly update their RMA list and shall bring this to the knowledge of its concern branches and officers for use. At customer level, we have to conduct due diligence & KYC procedure on our own customer as well as the counter-party.

 We must know who are we onboarding as customer. As per requirement, all banks has standard customer onboarding policy to assess the client against different risk parameters. A bank should understand the actual capacity and genuine business need of a client. The eligibility criteria of customer should checked and taken into account with due cautious. To assess the counter-party, we generally check on publicly available information and see whether there is any adverse media news. There are a number of well reputed screening solution. Bank can subscribe to any of the effective screening solution to check that whether it is going to conduct business with any sanctioned entity. In addition to that, Bank can obtain credit report on the exporter or importer to assess the creditworthiness of the counter-party. Besides, bank should also check the concern goods whether it is prohibited, controlled or dual use in order to avoid dealing in any non-complied transaction. Before undertaking a transaction, it should be checked against international practices, local laws, regulatory guidelines and policies to assess whether the transaction is prohibited, generally permitted or requires special permission from the authorities in order to ensure compliance against the same. After having all necessary information, documents and assessments at place, the foreign exchange transaction actually takes place through SWIFT interface. In order to avoid fraudulent use of SWIFT at banks, the user guideline of SWIFT shall be complied accordingly. Bank should be careful about the SWIFT administration and should have minimum eligibility criteria for the Left Security Officer (LSO) and Right Security Officer (RSO). Because together they have the supreme power to create Administrator, Message creator, Message Verifier, Message Authorizer for an institution. The LSO and RSO jointly can create users and they can provide necessary entitlement and permission to different Level of users. Therefore it is very crucial to have control over the SWIFT administration. At branch level, SWIFT user guideline shall be meticulously followed. The roles of creator, verifier and authorizer of a transaction shall be well defined, well understood and exercised as per the user guideline. Creator is allowed to create, modify, search and print messages on SWIFT Alliance Access. But creator has no authority to verify and dispose any messages. Verifier can create, modify, verify, and authorize authenticated messages including search and print. However Verifier cannot modify, verify and authorize at his own created messages. 

Authorizer is allowed to authorize only authenticated verified messages with due diligence including search and print. Again there shall be minimum eligibility criteria while assigning officer as creator, verifier and authorizer. While exchanging SWIFT messages with the correspondent banks, it is necessary to verify the type of transactions requested by a counter-bank. Specially the concern foreign exchange officers shall be careful about ‘Advise through’ transaction requests and check thoroughly the applicant and the applicant bank’s identity. Payments messages require special monitoring and recently a number of solutions have been introduced by SWIFT to further secure a transaction such as Global Payment Innovation (GPI) and Payment Control System which intends to quickly and securely send funds and ensure real-time monitoring ensure of payments as to oversee the movement of funds. In order to monitor the movement of the goods as well as the ship, Bangladesh Bank has made it mandatory for Banks to have vessel tracking in place. Bank has to check whether a vessel is sanctioned or not (or is linked to a company which is under sanctions), check the voyage history of the vessel and also track the vessel in a proactive manner where the system should alert the user of the system proactively when the vessel is moving towards a sanctioned port or country. It is important that the trade finance officers check the reference of all vessels associated with sanctioned countries. This association can be based on flag, port of registry, or country of economic benefit, as well as companies connected to the sanctioned country whether by domicile, country of control, or country of registration. The vessels should be tracked in real-time. The user shall receive notification to alert them to any adverse activity (which will also be mirrored in Compliance Link), with updates to information occurring at constant frequency. If we follow this KYC, KYCC and due diligence procedure accordingly and comply with the transaction guidelines, transactional risk can be mitigated to a greater extent. However, the security and compliance of a transaction mostly depends on the intention of those concern. Banks are well regulated entity and they have standard set of due diligence and compliance procedures to comply with. It is imperative that, those due diligence procedures, guidelines policies shall be complied meticulously to secure a transaction.