Political, regulatory and media attention on the use of offshore jurisdictions by individuals and companies to evade taxes is intensifying. The issue was thrust into the spotlight when the International Consortium of Investigative Journalists (ICIJ) released 11.5 million historical documents hacked from Panamanian law firm and corporate service provider Mossack Fonseca in April 2016. The release detailed the names of individuals and companies with links to offshore companies, trusts and foundations in a number of offshore jurisdictions.
The issue was reignited recently by the ICIJ’s release of 1.3 million documents from a Bahamas corporate registry, dubbed the Bahamas Leak. The released documents reveal names of individuals and organizations with links to entities registered in the Bahamas. With the latest release, the ICIJ’s Offshore Leaks Database now contains information on nearly 500,000 offshore entities.
There are legitimate reasons for the use of offshore structures in jurisdictions like Panama and the Bahamas, such as to reduce or eliminate legally individual and company taxes. However, these structures also present opportunities for money launderers and terrorist financiers to hide potentially illicit funds.
In the few short months since the Panama Papers leak, regulators around the world have initiated investigations into the tax affairs of the individuals and companies referenced in the offshore database. A similar response is expected following the Bahamas Leak, and it is only a matter of time before another offshore jurisdiction is the target of an “ethical hack” such as this. In the meantime, the regulatory scrutiny of offshore banking is intensifying.
Protiviti hosted a roundtable discussion in London on October 11 in conjunction with the Association of Certified Anti-Money Laundering Specialists (ACAMS). A host of multinational banks and wealth management providers attended the roundtable to hear practical advice on how to deal with the increased level of regulatory requests for information and proactively manage their offshore exposure.
To begin with, financial institutions should review, if they haven’t done so already, their exposure to any of the companies and people named in the Panama Papers. This action may also trigger know-your-customer (KYC) reviews. Following the most recent Bahamas Leaks, financial institutions should have already triggered negative news reviews to screen for any potential links to the companies and individuals named in the leak. They should also have reviewed their geographic risk ratings for offshore banking centers to ensure they accurately reflect the inherent risks of these jurisdictions. Going forward, firms need to be further prepared for regulatory reviews across all of their offshore exposures.
For many firms, existing KYC systems and files may not cover all the fields necessary to identify the ultimate beneficial owners (UBOs) of offshore structures. Firms need to test their KYC systems to see if they can access the data accurately and rapidly. Some KYC systems and files may not identify UBOs to the required level of ownership percentage and/or distinguish UBOs from nominees, while other KYC systems/files may not hold sufficient information on offshore structures being used by customers that will give the firm comfort that it is not enabling tax evasion.
In the UK, HM Revenue & Customs is specifically calling out “enablers” of tax evasion. All financial institutions have an obligation (which extends to individual employees in many jurisdictions) to demonstrate they are taking reasonable steps to ensure that neither the institution nor its employees are enabling tax evasion for the institution’s customers. Firms need to assess how they are ensuring their customers who are using offshore structures are not involved in tax evasion of any sort, and document this assessment.
Protiviti and ACAMs are in agreement that self-certification by companies and individuals stating they are paying taxes where taxes are due provides limited comfort to institutions. Firms must take further steps to satisfy themselves that the use of an offshore structure (particularly a multilayered one) makes sense in the context of their overall knowledge and understanding of the customer. Documenting that an offshore entity is being used for “tax purposes” will not suffice.
The footprint of tax evasion can look very different from other types of money laundering, and transaction monitoring alerts typically will not flag issues related to tax evasion. Therefore financial services firms need to apply a bigger scope and have a more holistic understanding of their customers’ relationships to ensure everything makes sense from a tax perspective.
With the latest Bahamas Leak, regulatory requests for KYC information are going to increase. Firms should be taking preparatory steps now to ensure that they are able to respond promptly, fully and accurately to such requests.
[…] security breaches across industries, including massive unauthorized release of financial data from offshore accounts, and DDoS attacks enabled by the Internet of […]