AML/CFT 2024 Regulatory Roundup

Show Notes

In this information-packed episode of Integrity Insights, host Filip Brokes welcomes managing partner of Berlin Risk and ALL AML Jennifer-Hanley Giersch for a comprehensive year-end review of the key developments in Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) regulations for 2024. They cover everything from enforcement actions and regulatory updates to sanctions, cybercrime, and terrorist financing. If you work in compliance, risk management, or financial crime prevention, this episode is a must-listen to prepare for the challenges ahead.

Show Notes

• Introduction
  A look back at the podcast's history and this episode's focus on the regulatory landscape.
• Enforcement Actions
  • Key fines in the U.S., Europe, and beyond.
  • Discussion of significant cases like TD Bank and Commerzbank.
• Regulatory Developments
  • EU AML/CFT Regulation updates, including the AMLA.
  • Expansion of obliged entities to crypto services, luxury goods, professional football clubs and more.
• Sanctions Highlights
  • EU sanctions related to the war in Ukraine.
  • Notable sanctions circumvention cases.
• Terrorist Financing
  • Impacts of the Israel-Palestine conflict on financial regulations.
  • Crypto's role in terrorist funding and OFAC's actions.
• Cybercrime and Financial Crime Nexus
  • EU Digital Operational Resilience Act (DORA) and its implications.
  • Global efforts to combat cybercrime, including a new UN convention.

Resources Mentioned:

• Financial Action Task Force (FATF): www.fatf-gafi.org
• European Commission AML Directives: europa.eu
• UN Draft Cybercrime Convention: UN Cybercrime
• ALL AML Infobrief: https://allaml.eu/en/2024/11/11/der-aktuelle-infobrief-von-all-aml-2/ 

Timestamps

1. [00:00] Introduction
   • Welcome and overview of the episode's focus.
2. [2:00] Enforcement Actions
   • Major fines in the U.S. (TD Bank) and Europe (Commerzbank, Solaris).
   • Key trends in enforcement.
3. [6:25] Regulatory Developments
   • The EU AML Policy Package.
   • Expansion of obliged entities.
   • Impacts of AMLA’s establishment.
4. [16:00] High-Risk Third Countries

• FATF List 
• EU List

1. [20:30] Sanctions Updates
   • Key EU sanctions packages in 2024.
   • Notable cases of sanctions circumvention.
2. [26:00] Terrorist Financing
   • Hamas-related financial networks.
   • Crypto and its role in terrorism funding.
   • New EU and U.S. actions against far-right groups.
3. [32:15] Cybercrime as Financial Crime
   • Connection between cybercrime and money laundering.
   • EU DORA and global cybercrime regulations.

Connect with Us:

• LinkedIn: https://www.linkedin.com/showcase/integrity-insights/?viewAsMember=true
• Berlin Risk Linkedin: https://www.linkedin.com/company/berlinrisk/?viewAsMember=true
• Website: https://berlinrisk.com/

Transcript

Welcome on the podcast, Jennifer. Hi, Philip. Great to be here again. And, uh, just to make this clear, we say again because we, uh, actually Jennifer and I recorded the very fi the, the very first episode of our podcast about, uh, corporate ownership transparency back in, uh, I believe June, 2023. So I highly recommend everyone, uh, go back and listen to this one.

Um, so Jennifer, um, there's a lot of different elements of, um. Uh, the roundup that we will get into, but let's maybe start with enforcement. What, what, what have been some interesting actions, uh, that we have, uh, seen over the course of the last year? Well, I think the, the largest and most significant fine was, uh, issued by FinCEN, which is the US Department of the Treasury.

Their financial crime enforcement network, uh, of 1.3 billion US dollars, uh, against a TD bank, which is one of the largest banks in the us. Uh, and this fee will probably increase to Iran 3 billion, um, because the bank is pleaded guilty to resolve the US government's investigation, which means that they'll also be put under a four year independent monitorship, uh, which will oversee their, uh, remediation.

So this was this, this was in the, uh, in the United States. And, uh, what, what are some interesting cases that we have seen last year or over the course of this year in, in, in Europe? Well, there have been some significant fines in Europe, uh, uh, as well. Um, maybe I'll just speak about the dark, uh, uh, region.

Uh, so Germany, Austria, uh, uh, where we do most of our work, um, the, um, German regulator b the Bunes Andal Ungs seat, uh, has ordered a number of large banks, uh, and subsidiaries of foreign banks as well as fintechs, uh, to remedy shortcomings in their due diligence. Procedures in their transaction monitoring, uh, as well as weaknesses, uh, um, within their internal control framework.

Um, and at the same time they've been continuously reminding organizations that, you know, installing the process is not enough, but it needs to be continuously updated in order to ensure effectiveness and in order to ensure that overall the system, uh, is, uh, functional. Um, another focus, uh, and one that I think is gonna receive more attention going forward, uh, is, uh, the focus on, uh, senior management oversight of the compliance, uh, function.

We've seen the German regulator Baffin find, um, um, Solaris Bank, which is a banking as a service platform, 6.5. Million, um, for what they deemed to be systematic delayed reporting of suspicious transaction reports. Uh, the Austrian financial market authority imposed a 2 million euro fine on Rafi and Bank, uh, for anti-man laundering compliance failures.

Uh, they highlighted deficiencies in their due diligence process in particular, uh, in relation to correspondent uh, banking relationships in Cuba and Bahrain. Uh, where they'd failed to, uh, implement adequate a ML controls. Um, and in Germany, another case, um, uh, facing a large bank bank, uh, on this occasion was fi fined, uh, 1.45.

Million, uh, for failing to update their customer data on time or sufficiently, and also shortcomings in their approach to conducting, uh, enhanced, uh, uh, due diligence. So they're just a few of the bigger, uh, fines. This is, this is interesting, Jennifer, and what kind of strikes my attention is that these, these fines in Europe seems to be, you know, at least these examples that you gave significantly lower than, than in the us.

Is that, is that a common. Threat or over the years or, uh, what, what should this be attributed to? Yeah, I mean, the us uh, regulators are, uh, uh, definitely known, uh, to be more, uh, uh, rigorous, uh, in their, uh, supervision also, uh, of, uh, European institutions, uh, because they have this extra territorial, uh, uh, reach.

Uh, and, uh, the European fines do tend to be. Uh, smaller, often also smaller organizations. Uh, so obviously the fines are, uh, then in line with the size of the organization. Mm, that is interesting. Thank you. And so talking about enforcement, obviously the, the, the other side of the coin is, uh. Regulation, which we have seen of that a lot in 2024.

Can you also, uh, kind of summarize these developments on that front and what it, what it, what it means for the so-called obliged entities? Yeah, well we have seen significant regulatory developments this year. I think what I'm gonna focus on here is the eu, uh, a ML regulation, the so-called a ML package, um, which will be applicable for obliged entities as of 2027.

It came into force, uh, this year, uh, after over three years of negotiations and drafting. Um, its main aim is to harmonize ams. CFT regulation across the EU and to close gaps, uh, that criminals have exploited, uh, especially by transferring funds across, uh, uh, borders within the eu. Uh, it includes three components.

Uh, firstly, the sixth anti anti-money laundering direct. Secondly, the A ML uh, CFT regulation, which also includes provisions for, uh, an, uh, anti-money laundering authority at the EU level. Uh, and finally, the fund transfer a regulation, which already comes into force at the end, uh, of, uh, this year in December, 2024.

So now, whereas the sixth anti-money laundering directive primarily addresses criminal law and establishes common definitions and penalties for money laundering offenses, providing EU member states with the necessary flexibility to adapt. The provisions to requirements of their individual national legal systems.

Uh, the regulation is directly applicable in all member states. It's comparable to the GDPR regulation. It focuses on administrative pro procedures for a ML compliance, aiming to establish uniform rules for certain procedures. For example, due diligence or reporting standards, beneficial owner transparency across the eu.

Uh, the anti-money laundering, uh, authority, which is also known as Amla, uh, will have direct and indirect supervisory powers of obliged entities, including high risk, uh, jurisdictions, uh, and it will also be able to intervene in cases of supervisory failures at the national level, and IMP imposes sanctions and other measures.

Um, amla is expected to begin operations in mid 2025 and have at least 400 staff, uh, that will be responsible for finalizing the operational details necessary, uh, for the effective implementation of the regulation, uh, as well as enforcement. Uh, and Amla will also. Play an important role in coordinating with national supervisors and financial intelligence units across the eu.

Uh, an interesting last week, uh, Bruna Zo emerged as the European Parliament's favorite candidate to head amla in the. Pre nomination hearings ahead of Marco Pier and Y Rena Decap, uh, the European Commission and the council still have to confirm this vote. So let's see. There, uh, might still be a chance that they decide to express preferences for any of the other, uh, two, uh, candidates.

So it's not, uh, completely final, uh, as yet. Do you have, Jennifer, do you have any take on why, why she was, uh, why specifically she was, uh, picked by the Europe U Parliament? Well, I think she, uh, has, um, uh, a lot of experience, uh, on the supervisory, uh, side, uh, very competent. All of the candidates are, uh, uh, competent.

Uh, and it might also have to do with the fact that, you know, Germany, uh, was awarded, uh, the seat of Amla because it will be based in Frankfurt. Uh, so, uh, that also might have played, uh, a, um. Played a role in, uh, swinging the baton, uh, in her favor as opposed to, uh, Marco Pier, who was, uh, uh, uh, seen as one of our, if not the, uh, preferred, uh, candidate.

And he's a German national. I, I, I, that's right. I see. That's right. Mm-hmm. Interesting. Did you want to say anything else on the, on the regulatory front or, yeah, maybe just to talk a little bit about, um, some of the key components because there's a lot of interesting details in there, and obviously we don't have time to touch upon everything, but there, um, the a ML regulation itself, um, has expanded the catalog of obliged entities, so it now includes crypto asset service providers.

Um, uh, entities dealing in precious metals and precious stones, uh, traders of high quality goods such as jewelry and. Gold or silverware with a value of more than 10,000 euros or watches with a value of more than 10,000 Euros cars with a value of more than 250, uh, thousand euros and aircraft and watercraft with a value of more than seven and a half million euros.

They've also included certain credit intermediaries for mortgages, crowdfunding, service pro providers, and their intermediaries. Uh, another interesting component is non-financial mixed activity holding companies, um, uh, uh, where there's a certain uncertainty there at this stage, until the regulatory and technical standards come as to.

Exactly, uh, uh, what the parameters will be to be included or not included as a holding company. Another interesting, uh, uh, uh, group, uh, of, uh, new obliged entities are these investment migration operators, so the ones that provide services. To third country nationals seeking to obtain residence rights in the EU and all of the activities, uh, uh, that accompany uh, that process.

And finally, uh, the one that I find also particularly interesting and very relevant are the football agents and professional football clubs. Um, I think you did a podcast on this already. That's right. Uh, Philip And, uh, uh, we wrote an article together. Uh, on, uh, this specific, uh, topic. Um, and you know, the, there's, uh, very good reasons to include, uh, uh, the football agents and the clubs, uh, and their investors and sponsors, uh, uh, within the scope.

Uh, but here they have a much longer, uh, timeframe to implement the provisions. Um, uh, um, as, um, for this specific sector, uh, they don't enter into force until 2029. And, uh, one thing I'd also like to add at this stage that I think is also, uh, very, uh, relevant is that they've also expanded the catalog of, uh, situations when enhanced due diligence automatically applies.

So up until now, if you, uh, interact with a customer who's a politically exposed person or with a customer who's from, uh, a high risk third uh, country, uh, you have to apply enhanced due diligence measures. From the offset and, uh, onto this list, they've now included high net worth individuals. Um, so that will also be a category that will have to be defined in the regulatory, technical standards.

Exactly at what point an individual becomes a high net worth individual and how you, uh, work around those, uh, thresholds. Mm-hmm. And you, uh, you already mentioned among these, uh, the, among this group of new. Uh, new obliged entity, crypto asset services providers. And in this context, I think it was in July 20, 20, 20 24, that the European Banking Authority issued so-called travel rule, travel rule guidelines to address, uh, new money laundering, anti-money laundering requirements, um, which now extends also to.

These crypto services providers, uh, can you provide maybe some context and why this is, uh, an important piece of legislation? Yeah, well for one, a Russia Central Bank openly encouraged Russian businesses to use cryptocurrencies and other digital assets to facilitate payments with foreign partners to counter Western sanctions imposed over the Ukraine conflict.

So this is clearly a market where the laundering of funds faces much lower. Barriers to entry than other financial services channels. Under the former money laundering directive, uh, fiat to crypto transactions were already in scope. However, crypto to crypto transfers remained out of scope until now. And the EU regulation now explicitly prohibits the provision and custody of anonymous, uh, crypto assets accounts, uh, or the use of, uh, so-called anonymity enhancing cans.

Uh, coins. Uh, the regulation requires enhanced due diligence, uh, on cross. Border correspondent transactions when transacting with a self-hosted wallets. Also, there are exceptions to the rules, so hardware and software providers of self-hosted wallets are out of scope as long as they do not possess access.

Or control over those crypto asset wallets. So, uh, I think there'll be a lot of, uh, discussion around that topic as well of what's in scope and what's, uh, out of, uh, scope. Hmm. So this is another significant development that is, uh, this guideline. It's taking, uh, coming into force in December, 2024. So a lot happening.

And another, uh, key element of the AM A-M-L-C-T-F regulatory framework is the so-called high, high risk third countries. So we have two lists, the one, uh, maintained by the Financial Action Task Force and one the one by the European Union. Uh, and there have been some changes. Uh, on the, the, the countries that have been listed, uh, over the, over the year, can you maybe talk us through what, uh, uh, what has happened there and why is this relevant for obliged entities?

Yeah. Um, uh, uh, that's a, a good, good point to raise. So, just for the listeners, just to be clear, so the FATF uh, uh, is a global standard setter. Uh, it's a part of the OECD, uh, and specifically mandated, uh, to set standards for the prevention of money laundering, terrorist financing, uh, activities. And they identify jurisdictions that have what they call strategic deficiencies.

Uh, in certain areas, uh, and the EU listing takes into con, uh, into consideration the recommendations provided by the FATF and often matches the listings, but not always. Um, and now while EU obliged entities must. Only apply the EU list. They should also consider the FATF list and adopt adequate measures when dealing with countries that might be on the FATF list, but maybe not necessarily on the EU list.

Now the FATF has made some quite major changes to the criteria for putting countries onto its grade list, uh, which means that. Uh, least, uh, developed countries will not be treated in the same way as larger countries, which pose a greater risk to the stability of the international financial system. So this is a new development.

Um, uh, in terms of the list themselves, we've seen quite a lot of, uh, uh, change on the FATF list, not so much on the EU list. Um, Cayman Islands in Jordan were removed from both the FATF and the EU list, uh, which means that customers based on, uh, Cayman Islands or in Jordan no longer. Have to be automatically subject to enhanced due diligence.

Uh, the United Arab Emirates and Gibraltar were removed only from the FATF Gray List. Uh, the EU Parliament blocked the proposal by the European Commission to remove the United Arab Emirates and Gibraltar from the EU list, uh, because they thought that the, uh, financial crime risk were too high. Um, a good example is.

The Dubai unlocked a data leak, which was published by the O-C-C-R-P, which is the Organized Crime and Corruption Reporting project, uh, that show coast many incidents of money laundering in Dubai's real estate sector. It's also well known that the region has become a preferred hub for a sanctioned circumvention activities.

Um, so, uh, um, and this basically means, uh, that enhanced due diligence needs to be applied on all, uh, uh, customers of EU obliged entities based in the UAE or uh, Gibraltar. Uh, now the FATF has also removed Turkey from its list, uh, matching the EU list, which already previously removed Turkey. Uh, it has, uh, now added Monaco and Venezuela in the case of Monaco, the FATF, um, uh, highlighted specific.

Uh, deficiencies, uh, in the area of risk assessment, uh, of foreign funds, which they thought was in insufficient, uh, insufficient enforcement of sanctions and a lack of beneficial ownership. Transparency with regards to Venezuela, the FATF raise. Concerns about the country's large informal economy and illegal mining sectors, uh, as well as a lack of beneficial ownership information and the prosecution of financial crimes.

Uh, and additionally, Venezuela's economic ties with Iran, uh, which is also a high. FATF, uh, country and, uh, EU jurisdiction, uh, that they contributed to the concerns around potential terrorist financing, uh, risks. Uh, and finally in November, the FATF added Lebanon, Algeria, Angola, and Ivory Coast to its, uh, gray list.

And, uh, finally removed, uh, Senegal. So there's, there's been quite a lot of movement on, on these lists, so I suppose this is always a good idea for all the obliged entities, kind of to kind of keep track of the developments on that, on that front. That's right. Well, another, a huge, huge element of, uh, of our roundup is mostly the international sanctions.

Uh, again, this is a very big topic, but, uh, if you were to kind of summarize what has happened there, uh, over the course of 2024. What would you highlight? Well, the EU has continued to issue one sanctions package after the next. Um, so it's been a very busy year for anybody involved in sanctions compliance.

Uh, most of the measures are linked to the war in Ukraine, and, uh, uh, increasingly focused on measures to curtail, uh, sanction circumvention. We've seen three packages, um, uh, issued by the European Commission this year, the 12th, the 13th, and the 14th. Um, we've seen, uh, uh, a significant number of individuals and companies, uh, sanctioned.

We have over 2000 in total, uh, on the sanctions, uh, list. Uh, now, um, these individual packages include an enormous amount of detail in terms of, uh, specifics. Uh, of sanctioned entities and individuals and sectors, and we don't have time to go into those details, uh, now, but just to mention a couple of the, uh, higher level topics, uh, we've seen a significant, um, bans on imports and exports, uh, uh, to and from, uh, Russia.

Uh, we've seen, uh, increased limitations on, uh, um, uh, Russia's access to military technology. And we've seen, uh, companies and individuals active in the energy and maritime, uh, sectors, uh, banned as well. Uh, there's been significant, uh, um, uh, sanctions around the financial, uh, sector. Um, also, uh, prohibiting dealings, uh, with, uh, banks and crypto asset service providers that support, uh, the Russian defense, uh, sector.

Um, and, um. As I mentioned, uh, there's been, uh, a very concerted focus on the issue of sanction circumvention, and the EU has introduced requirements for foreign subsidiaries of EU firms, uh, to ensure compliance with the eu, uh, sanctions regime also. So there is really, at this point, there is hundreds of entities, uh, sanctioned entities by the European Union, and as you said, there's a 15 package coming.

Uh. Which is, I guess, a context in which it is only, you would expect that there will be some sanction, circum, circumvention taking place. Uh, and we have seen a lot of those, uh, cases in the 2024. Is there, is there one such case that really, uh, stuck in your mind? Well, I thought the one, um, that I found, uh, uh, particularly interesting and maybe worth mentioning here, uh, is the story that was, uh, published.

I think first by the Financial Times. Based on documents leaked, uh, by the Center for Advanced Defense Studies, uh, that revealed, uh, that, uh, the late Russian warlord if Guinea, uh, hin, um, had used, uh, major Western banks to facilitate payments for, uh, Wagner Group operations. Uh, and despite, uh, being under US sanctions already since 2016, uh, ashian had managed to bypass restrictions by routing payments through international financial systems and thereby moving goods, generating revenue and supporting activities that included alleged human rights abuses in Africa, um, as accused by the US uh, treasury.

Yeah. Uh, and following precautions death in 2023, Wagner's, uh, African operations, uh, uh, uh, rooted in precautions business network, were simply absorbed, uh, by the Russian Defense Ministry, uh, allowing Moscow then to maintain its influence, uh, uh, across, uh, uh, the region. So you see the dimensions. Of sanctions, uh, circumvention, uh, and, uh, um, the detriment to not only the stability of the financial systems, but uh, uh, the wider I implications, uh, uh, for, uh, the situation around, uh, uh, Ukraine, uh, that, uh, this particular case has, and the responsibility that, uh, financial institutions have in preventing these, uh, schemes, uh, uh, taking place.

This was, this was a very, very interesting case and I was also thinking this was the very high profile one. And I was just thinking also in terms of sanction circumvention. We did, uh, in our last podcast that we did, uh, last month, we kinda spoke about how, uh, Russian high network individuals use cryptocurrencies to transfer assets.

Uh, to from Russia to European Union to circumvent sanctions. It's also an interesting kind of, uh, case that anyone can go back and, and listen to. Um, in 2024, um, a another big, really big topic has been, uh, terrorist financing. Uh, basically we, uh. We see, we saw the continuation of the Israel Palestine conflict, and, uh, this has brought a lot of, uh, discussions, uh, uh, in Germany specifically.

And, uh, the German financial regulator FIN has issued in February this year, uh, press release, reminding companies of its increased focus on preventing tourist financing. Um, what, uh, what, what are their primary concerns, uh, of Baffin? Well, following the attack of Hamas in October, uh, last year, uh, various experts were quoted, uh, in media reports, uh, uh, about Haas's finances and their funding streams, uh, uh, including a multimillion dollar investment portfolio, which they managed from Turkey.

Uh, and these, uh, experts claimed that if these financial resources had been curtailed. That Hamas might not have, uh, uh, had the means to build its extensive tunnel, uh, network, uh, and maintain, uh, uh, uh, their, uh, 30,000 strong, uh, military, uh, force. Uh, there was, uh, also a BBC investigation, uh, that revealed extensive investments by Hamas, not only in Turkey, but across the Middle East and North Africa, including in the construction, pharmaceutical real estate sectors.

And other articles mentioned investments in Saudi Arabia and Sudan. Uh, documents dated already from 2020 suggests that Hamas investment portfolio may have been worth some 400 million Euros at the time, uh, including, uh, substantial real estate assets. Um, the New York Times uh, published an article in December, 2023 stating that the sale of.

Portfolio companies had been a critical source of income for the group. Uh, so it's not surprising, uh, that, uh, the US uh, treasury Department offers a foreign assets control, uh, also known as OFAC has, uh, sanctioned six of the companies, uh, involved already, uh, since, uh, 2020, uh, two. So. Given this backdrop, the EU Financial Intelligence Unit released an information letter for obliged entities, advising them on how to identify any suspicious activities in connection with an, uh, with the attack by Hamas.

Uh, it called on, uh, companies to take note of potential, uh, uh, misuse of nonprofit organizations, um, associations and charities, uh, and to pay special attention to individuals associated with Hamas. Uh, or connected, uh, to the conflict uh, area. Um, we discussed, uh, crypto assets and money laundering, uh, uh, already in relation to sanctions evasion.

Uh, but it's also relevant in the context of terrorist financing activities. Uh, Hamas activities are also a set to have been partially financed. Through cryptocurrency fundraising efforts. Um, we spoke pre, previously, now that the EU regulation is also, uh, including, uh, um, uh, these, uh, crowdfunding platforms, uh, uh, amongst their obliged entities.

And this is a good example of why that's important. Uh, and as a result of the Israeli law enforcement cracked down on dozens of accounts and seized millions, uh, of, uh, dollars worth of crypto coins. Uh, more than 100 accounts were reported to have been closed, uh, on the Binance Crypto Exchange, uh, since the attacks.

Uh, um, and, uh, another 200 crypto accounts, uh, have been, uh, requested by, uh, the authorities, uh, tether, uh, the world's biggest stable go. Coin has frozen 32 addresses worth almost 900,000 US dollars that have been linked to acts of terrorism in Israel and Ukraine. Uh, and the cryptocurrency Tron, uh, was reportedly also used for terrorist financing, uh, purposes.

So as a result, ofac, uh, has sanctioned a number of crypto exchanges and crypto wallets, uh, um, based on these, uh, findings. Hmm. And when we speak of these extremist groups, there has been another interesting development in 2024 that, uh, the, the, the regulators have, uh, begun to target, not just these, uh, kind of long established, um, religiously motivated.

Groups, but also far identities, which is another, uh, topic that we, uh, we had a podcast on recently. Uh, but can you maybe summarize what, what happened, uh, on that front, over the course of, uh, the last year? Yeah. Happy to do that. Uh, Phillip, that's also a very, uh, important, uh, uh, development, uh, and something, you know, that we need to pay increased attention to.

Um, so in July, 2024, the EU Council updated. It's list of, uh, designated terrorist organizations and added for the very first time, uh, a far right organization. Um, uh, the organization in question is called the Base. Um, uh, it's a group, uh, that has been implicated in terrorist activities, uh, and the move suggests a notable shift in counter-terrorism priorities within the eu.

And also a clear recognition of the involving threat landscape from right wing, uh, extremist activities. Uh, and notably one month before, uh, the EU listing the, um, United States Department of State had designated, uh, the Nordic Resistance Movement and its leader as a, uh, especially designated global terrorist, uh, citing their involvement in violent extremist activities and posing a threat to the US National Security, uh, and.

Until earlier this month, uh, the only other far right, uh, terrorist group that had been designated, uh, under this executive order 1, 3, 2, 2 4 by the US government was the Russian Imperial Movement, um, which was sanctioned by the Trump administration in 2020. And, um, maybe just one last topic that, uh, I wanted to discuss, which I find personally interesting because it's not, it's not immediately obvious how this.

Is, uh, how this is re uh, relevant, uh, in this, in this context. But we have been hearing a lot about the issue of cyber crime over the course of last year. And, and, and, and for longer, actually, we have also published some work on this subject. How, uh, how does this actually, how does this topic actually connect with financial crime and, uh, what are the regulatory initiatives that are currently underway in that regard?

Yeah. Very interesting. Uh, uh, topic, uh, Philip. Yeah. Cyber crime is a predicate crime to money laundering. First of all, uh, and, uh, given that the Germany's Federal, federal Criminal Police Office bcca up, uh, noted a 28% increase in foreign led cyber attacks in 2023, causing the German economy some 148 billion euros in damages.

I think it's definitely an area which deserves increased attention. Um, we have some developments on the regulatory level, uh, uh, which are, uh, looking to, uh, uh, deal with this topic. We have the EU Digital Operational Resilience Act, uh, uh, also known as Dora. Which will come into force in January, 2025. It aims to enhance the operational resilience of the financial sector, uh, by mitigating information and communication technology risks.

Uh, and on top of that, we have, uh, a scene in August, 2024 that the United Nations finalized a draft, uh, of the EU convention against. Uh, cyber crime, which is also a first and it's acce, uh, expected to be adopted by the General assembly, uh, um, uh, which would then make it the first global legally binding instrument, specifically addressing cyber crime.

Um, uh, this convention aims to establish unified international measures to combat cyber crime, to enhance law enforcement corporation and to streamline the procedures for evidence sharing across borders. Uh, and the convention covers various cyber related crime, uh, topics, including also digital terrorism.

Drug trafficking and human trafficking, all of which are predicate crimes from money laundering. Uh, and thereby recognizes obviously the rapid, uh, expansion of cyber, uh, threats, uh, that exploit, uh, technology on a massive, uh, scale. Uh, so under these new frameworks, Fincial crime professionals, uh, will have their role to play in preventing.

That funds from cyber crime activities make their way into and through the financial system. And in order to do that, obviously they're gonna have to be able to understand the risks and the practices of, uh, cyber criminals and the different cyber crime, uh, typologies. Fascinating. Well, I feel like we could obviously keep going, but we need to, we need to stop somewhere.

Uh, uh, but this has been absolutely interesting conversation. So many, so many topics that we covered. Uh, so I thank you very much for your time, Jennifer. And we will, we will try to do this, uh, we cannot do it too often because it's really a lot, but, uh, maybe next year we could, we could try to repeat this conversation.

Thanks, Philip. Thanks for having me. And, uh, yeah, look forward to, uh, speaking soon. Likewise. Thank you, Jennifer.