Earlier this month, a man in the United Kingdom was sentenced to 14 years and eight months in prison after pleading guilty to numerous offenses related to the distribution of drugs. Thomas Maher managed a haulage business and coordinated shipments of drugs into the United Kingdom, with cash going in the opposite direction.
Maher was a prolific user of EncroChat, a network favored by organized crime groups across Europe to communicate and coordinate using messaging. Criminals had believed the network was encrypted and secure. Users were vetted, and all communications were trusted. The combined endeavors of multiple European law enforcement agencies broke into EncroChat, and for Maher and many other career criminals, the rest is history.
It was the communications, rather than the commodities, that compelled Maher to accept the evidence and plead guilty. Criminals are often weak, vulnerable, and exposed when communicating, which is why financial crime and compliance professionals have a role to play when collecting important know-your-customer (KYC) data. Sometimes, false data provided by a criminal customer can be more valuable than the true data, as it can be used to prove dishonesty on the part of the criminal customer.
Given that money laundering is a dishonest business, criminal customers routinely provide false information regarding their identity, ownership of entities, and source of funds. Thus, we need to pose the questions and retain the answers while being prepared to scrutinize the same.
The Maher case simultaneously reminds us of the importance of our own communications and recordkeeping. During the course of our work, what we say, the emails we type, and notes we take during meetings can both support and potentially undermine us at some time in the future. Perhaps, during these times when so many of us are working remotely, communication has never been more important.
Many regulators and investigators determine if an event or instance is not recorded it did not happen. Early this year, in the case of Rihan v. Ernst & Young, the judge ruled precisely this when a senior EY employee testified he had met with a member of the London Bullion Market Association. The witness, himself a lawyer, was unable to recollect when or where the meeting had taken place; tellingly, he had no notes or records of the meeting, no diary entry, and no emails referencing the meeting. The judge concluded the meeting did not take place.
Without records to support their evidence and memory, witnesses will struggle to counter differing versions of events put forward by others who may or may not have attended meetings or been party to a conversation.
Recordkeeping should be used by financial crime and compliance professionals as an ally to rely on when our actions are subsequently challenged. When managing a project, I maintain a decision log to enable me to justify when changes were made and the rational and justification for applying such changes.
Thus, as we close 2020, I will open a new page/day diary and continue to keep records of meetings; conversations; briefings; and points of interest, including court cases. Having been through numerous instances of litigation and threats of litigation, including threats from criminal customers, my diaries have served me well while simultaneously undermining the positions advanced by complainants.
Technology and emails have become the norm but, rest assured, the pen and the diary are not dead. So, make sure communication never lets you down; only say or write matters you are comfortable being replayed to you, your supervisors, your customers, the public, and even your family. If you are not comfortable, keep your counsel, but never be frightened of doing, saying, and typing the right thing. It may serve you well in the long term.