Académique Documents
Professionnel Documents
Culture Documents
Organized Crime
Enablers
July 2012
Table of Contents
3
Acknowledgements
Executive Summary
Acknowledgements
6
Enablers Exploiting Illicit/Licit
Opportunities
7
Ernesto U. Savona
Chair, Global
Agenda Council on
Organized Crime
16 2.3. Vulnerabilities
18 2.4. Cases
18 2.5. Good practices
19 2.6. Recommendations
20 3. Enablers that exploit
international commercial
transactions: Free Trade Zones
21 3.1. Main features
21 3.2. Achievements
23 3.3. Vulnerabilities
24 3.4. Cases
24 3.5. Good practices
25 3.6. Recommendations
26
Executive Summary
Overview
The Global Agenda Council on Organized Crime focused on the
enablers of organized crime during the 2011-2012 term. This
broad concept includes individuals, mechanisms and situations
that play an important role in facilitating organized crime activities
whether intentionally or inadvertently increasing its benefits and
scale while reducing its risks.
Organized crime exacts a multibillion cost on legitimate business,
distorts markets and causes widespread ill-effects on society.
Fuelled by the same forces of globalization that have expanded
trade, communications and information worldwide, criminal
syndicates now have unprecedented reach not only into the lives
of ordinary people but into the affairs of multinational companies
and governments worldwide. Although law enforcement has long
focused on criminal gangs and illicit markets, only recently has it
paid greater attention to those factors that enable such activities.
This report focuses on the impact of enablers on three critical
areas: cybercrime, money laundering and Free Trade Zones.
In developing this report, the Council on Organized Crime took into
account two main criteria:
continuity with its work in 2010-2011 on cybercrime and on
money laundering in real estate
input received by Council on Organized Crime Members during
virtual meetings and at the Summit on the Global Agenda in
Abu Dhabi in October 2011
Symantec (2011), Cybercrime Report 2011, http://www.symantec.com/content/en/uk/home_homeoffice/html/cybercrimereport. For a more sceptical approach, see Measuring the Cost of Cybercrime, http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf
Some forms of cybercrime committed by means of a computer (rather than against a computer or
data) cannot necessarily be prevented by increased cybersecurity.
This in addition to the revised Financial Action Task Force (FATF) Recommendations, Financial
Action Task Force (FATF) (2012), International Standards on Combatting Money Laundering and the
Financing of Terrorism & Proliferation: The FATF Recommendations, http://www.fatf-gafi.org/media/
fatf/documents/recommendations/pdfs/FATF%20Recommendations%20approved%20February%20
2012%20reprint%20March%202012.pdf?.
Thomas Farole and Gokhan Akinci (eds) Special Economic Zones: Progress, Emerging Challenges,
and Future Directions, The World Bank, Washington DC, 2011.
1. Enablers of cybercrime
1.2. Achievements
It has been widely recognized at the international and regional
levels that the Internet is used by organized cybercriminals.
Europol, in its recent threat assessment entitled, Internet
Facilitated Organized Crime, indicates that:
Internet technology increasingly facilitates a wide range of serious
and organized crime activity as a communication, research,
logistics, marketing, recruitment, distribution and monetarization
tool.
() The dynamism of online illicit markets requires an equally
dynamic response which is constantly updated. Active partnership
with the private sector especially Internet Service Providers,
Internet security organizations and financial services is essential
to the success of this, not only for the sharing of intelligence
and evidence, but also in the development of technical tools for
law enforcement and design-based measures to prevent online
criminality. 8
Some forms of cybercrime committed by means of a computer (rather than against a computer or
data) cannot necessarily be prevented by increased cybersecurity.
Symantec (2011), Cybercrime Report 2011. Though see Measuring the Cost of Cybercrime,
Anderson, R., Barton, C, Bohme, R. Clayton, R., van Eeten, M., Levi, M., Moore, T. and Savage, S
(2012), http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf; and The Economist (30
June 2012), for a more skeptical approach to the costs.
EUROPOL (2011), Threat Assessment (Abridged) Internet Facilitated Organized Crime, iOCTA,
https://www.europol.europa.eu/sites/default/files/publications/iocta.pdf.
Global Agenda Council on Organized Crime
1.3. Vulnerabilities
As suggested by EUROPOL,10 key enablers of cybercrime include
botnets, social engineering, payment card data online and frequent
anonymity and opportunities for disguise.
Botnets11 are the tools most crucial to cybercrimes
industrialization and profitability. Their dismantling has a clear
impact on the capability of cybercriminals to act on a large
scale.12
Social engineering plays a central role in current criminal
business models. Raising awareness of the risks and
engendering individual and corporate user caution are key to
combating cybercrime.13
Social networking has flattened our social structure below elites
and above the digitally excluded, making it more networked.
Rather than being hierarchical, the new social model has
no centralized control groups. It is simply peer to peer,
delivering information and services at a speed, scale and level
of visibility never experienced. While this has enhanced the
ability to deliver beneficial services, such as education and
medical services, to a broader population, it also provides
unprecedented access for organized criminals to acquire skills,
opportunity and people to assist them in conducting their
criminal businesses.
Social networking has also improved opportunities for people to
become engaged in organized crime. In the past, participation
in a crime group required introductions and acceptance by the
group. This is no longer the case with organized crime groups
(OCG) operating in a virtual world. Also, with no organized
crime hierarchy in the structures, former roles, such as growers
(e.g. opium), distributers, wholesalers, importers/exporters
and supply chains, can be reduced to direct Internet contact
Internet service providers (ISP) and domain name registrars
(DNR) provide legitimate services that also enable cybercrime.
Increased cooperation between ISP and DNR and law
enforcement officials could identify and reduce the illegitimate
uses of these services.
Payment card data is the ideal illicit Internet commodity
because of the ease with which it is internationally transferred.
Organized crime groups benefit from globalization, moving to
different countries and even different continents to withdraw
cash from skimmed cards, and using foreign payment data
to purchase services such as transport and accommodation
online, thereby obscuring the money trail attached to this type
of criminality.15
The perceived anonymity afforded by communication
technologies such as e-mail, instant messaging and Internet
telephony (VoIP) has led to them being used increasingly
by organized crime groups as a countermeasure to law
enforcement detection and surveillance.16 This anonymity
also makes it difficult to gather accurate information on
cybercriminals and their activity. Countervailing concerns to
reducing anonymity are the desire to protect personal privacy
and the need for anonymity in countries where there is great
social unrest; anonymity is needed to prevent the tracking of
dissidents, journalists and bloggers.
Some cybercrime is the consequence of a lack of security in
infrastructure on a national level.
Increasing computer literacy enables more people to use the
Internet for legitimate purposes or cybercrime.
Encrypted and anonymous e-mail, peer-to-peer (P2P) instant
messaging (IM) and voice services (Voice over Internet
Protocol or VoIP) are just some of the recent communication
technologies that pose data access challenges to law
enforcement. In particular, e-mail delivers considerable
cybercrime activities such as spoofing,17 at the same time
allowing their illegal content to be passed through a number
of different countries during the transfer from the sender to the
recipient.
Internet connectivity continues to spread. Contrary to what
is commonly believed, cybercrime is not a problem that only
affects developed countries.18 Further expansion of Internet
connectivity in developing countries, where IT security
measures may not be as robust, is likely to prompt further
geographical shifts in malicious activity both in terms of attack
origin and the number of compromised computers. As a
consequence, the development of technical measures to
promote cybersecurity and proper cybercrime legislation is
10
EUROPOL (2011), Threat Assessment (Abridged) Internet Facilitated Organized Crime, iOCTA.
11
Botnets, or Bot Networks, are made up of vast numbers of compromised computers that have
been infected with malicious code, and can be remotely-controlled through commands sent via
the Internet. WILSON (2008), Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy
Issues for Congress, http://www.fas.org/sgp/crs/terror/RL32114.pdf, p. 8.
12
13
Ibid.
10
14
Ibid., p. 6.
15
16
Ibid., p. 5.
17
In e-mail spoofing, the header of an e-mail appears to have originated from someone or
somewhere other than the actual source. Spam distributors and criminals often use spoofing in
an attempt to obtain personal data and information (e.g. account numbers and online banking
passwords).
18
See for example the OECD Report (2005) Spam Issues in Developing Countries, www.oecd.org/
dataoecd/5/47/34935342.pdf.
Mobile devices are becoming the main tools used to access
the Internet and are being increasingly marketed in large
numbers to areas of the world that have previously enjoyed
limited Internet connectivity.20 The always on culture fostered
by mobile devices ensures that potential victims are online
and data is exposed for a longer period of time, thereby giving
criminals more opportunities to access data. One recent
study shows a 42% increase in mobile operating system
vulnerabilities in 2010.21
Open wireless networks can enable perpetrators to gain remote
access to the Internet without identifying themselves. Public
Wi-Fi networks typically collect basic information, such as the
type of device, operating system and browser.
Commercial trends invite increased storage of personal data
on the Internet: Retailers and other businesses are continually
asking customers to enrol into their clubs or loyalty
programmes. This creates significant retention of data on the
Internet about individuals, their account details, their interests
and their connections to other like activities that can be
exploited by cybercriminals if there is insufficient cybersecurity.
Todays Internet is characterized by very many computers at
very many locations, with each computer/location combination
holding a small fraction of the total data on the Internet. Cloud
computing refers to the consolidation of Internet data on fewer
computers at fewer locations. This consolidation reduces the
overall IT cost by reducing the amount of hardware, software
and administrative support needed for the fewer computers
at fewer sites. When credit card information or other data
useful for crime is consolidated, cybercriminals gain more
data for their criminal enterprises by penetrating a single cloud
computer than by penetrating a single computer in todays
Internet.
Another aspect of cloud computing is the outsourcing of
computer services to a third party who owns and runs the
cloud computers. Instead of being at a companys premises,
the computers and the companys data are in another location
or locations that could be in a different country from the
company. This geographic difference could mean that the
data protection and criminal laws applicable to the company
may differ from those laws applicable to the companys data.
If, for example, cybercriminals from a third location steal the
companys data from the cloud computer, the investigation
and prosecution of that crime could involve the laws and
law enforcement personnel of three jurisdictions: where the
company is located, where the cloud computers are located
and where the cybercriminals are located. This increased legal
and law enforcement complexity benefits cybercriminals.
Above all, a significant vulnerability is the lack of an organized
international law enforcement process to counter cybercrime.
The bureaucratic structures of law enforcement agencies
22
23
19
20
The recent report by Symantec points out that about 44% of mobile phone owners globally
use their mobile phone to access the Internet. This percentage rises to more than half of adults in
emerging countries. Symantec (2011), Cybercrime Report 2011.
21
Symantec (2011), Internet Security Threat Report: Trends for 2010, https://www4.symantec.
com/mktginfo/downloads/21182883_GA_REPORT_ISTR_Main-Report_04-11_HI-RES.pdf.
UNODC (2011), Working Paper Draft collection of topics for consideration within a
comprehensive study on impact and response to cybercrime, http://www.unodc.org/documents/
treaties/organized_crime/EGM_cybercrime_2011/Working_Papers/UNODC_CCPCJ_EG4_2011_2_
rev1_-_amended_-_final.pdf.
24
25
Ibid; UNODC (2011), Working Paper Draft collection of topics for consideration within a
comprehensive study on impact and response to cybercrime.
26
11
1.4. Cases
32
http://www.us-cert.gov/reading_room/.
33
27
28
http://www.theregister.co.uk/2011/03/23/rustock_takedown_analysis/.
29
http://www.mcafee.com/us/resources/white-papers/wp-protecting-critical-assets.pdf.
30
http://www.mcafee.com/ca/resources/white-papers/wp-global-energy-cyberattacks-nightdragon.pdf, http://www.networkworld.com/news/2011/021011-night-dragon-attacks-from-china.
html, http://graphics8.nytimes.com/packages/pdf/technology/mcafee_shadyrat_report.pdf, http://
www.chinaeconomicreview.com/node/56796
31
http://www.guardian.co.uk/technology/2012/feb/22/acta-stalled-european-commission, http://
www.guardian.co.uk/technology/2012/feb/06/anonymous-haditha-killings, and http://www.guardian.
co.uk/world/2012/feb/01/bnp-emails-far-right-anonymous.
12
34
http://www.mcafee.com/us/campaigns/fight_cybercrime/cru/information/best_practices.html.
35
http://www.mcafee.com/us/campaigns/fight_cybercrime/cru/information/best_practices.html.
36
http://www3.weforum.org/docs/WEF_GAC_OrganizedCrime_Report_2010-11.pdf, p. 19.
37
http://www.cybercrimelaw.net/documents/A_Global_Protocol_on_Cybersecurity_and_Cybercrime.
pdf, p. i.
38
UNODC RES/65/230, Resolution adopted by the General Assembly Twelfth United Nations
Congress on Crime Prevention and Criminal Justice, http://daccess-dds-ny.un.org/doc/UNDOC/
GEN/N10/526/34/PDF/N1052634.pdf?OpenElement and http://www.unodc.org/documents/justiceand-prison-reform/AGMs/General_Assembly_resolution_65-230_E.pdf, p. 3.
39
UNODC (2011), Working Paper Draft collection of topics for consideration within a
comprehensive study on impact and response to cybercrime, p. 11 and 9.
1.6. Recommendations
Specific Recommendations
General Recommendations
40
http://www.reuters.com/article/2011/12/01/us-usa-cyber-intelligence-idUSTRE7B001H20111201
41
http://www.weforum.org/content/pages/risk-and-responsibility-hyperconnected-world.
13
2. Enablers of
money laundering:
Beneficial owners
and professionals
14
Both beneficial owners and professionals may, in fact, play the role
of enablers of organized crime and corruption.
2.2. Achievements
Both issues beneficial owners and service providers have seen
an increase in regulations recently. These regulations, however, are
not always accompanied by an adequate level of implementation.
A global level playing field may be impossible to achieve, but
greater attention must be paid, at the national and transnational
levels, to enhance the harmonization and availability of data on
BO and to ensure that professionals and other service providers
behave responsibly.
Beneficial Owners
With reference to the beneficial owners, governments have
recognized the importance of curbing the misuse of corporate
vehicles to conceal beneficial ownership, and in response, they
have adopted certain international standards.43 The two key
international standards dealing with BO identification are the
United Nations Convention against Corruption44, and the 40
Recommendations45 drawn up and revised by the Financial Action
Task Force (FATF) in 2003, and significantly revised in 2012.46
More specifically, FATF Recommendations 24 and 25 aim
at enhancing the transparency of legal entities and indicate
identification of the beneficial owner as a key measure. In particular,
they (R24) require that, Countries should ensure that there is
adequate, accurate and timely information on the beneficial
ownership and control of legal persons that can be obtained or
accessed in a timely fashion by competent authorities.47
43
World Bank/UNODC, (2011), The Puppet Masters: How the Corrupt Use Legal Structures to
Hide Stolen Assets and What to Do About It, http://www1.worldbank.org/finance/star_site/documents/Puppet%20Masters%20Report.pdf, p. 4.
44
45
46
42
FATF (2011), The Review of the Standards - Preparation for the 4th Round of Mutual Evaluation.
Second public consultation, June 2011, http://www.fatf-gafi.org/dataoecd/27/49/48264473.pdf.
47
Ibid., p. 22.
Global Agenda Council on Organized Crime
15
Ibid., p. 83.
49
Ibid.
50
EU DIRECTIVE 2005/60/EC of the European Parliament and of the Council of 26 October 2005
on the prevention of the use of the financial system for the purpose of money laundering and terrorist
financing, http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2005:309:0015:0036:en:PDF.
51
The imposition of due diligence obligations on service providers is important for two main reasons.
First, it obliges service providers to collect information and conduct due diligence on matters about
which they might prefer to remain ignorant. This obligation is important because in the majority of
cases in which a corporate vehicle is misused, the intermediary is negligent, wilfully blind, or actively
complicit. If a service provider is obligated to gather full due diligence information, it becomes
impossible for the intermediary to legitimately plead ignorance regarding the background of a client
or the source of his or her funds. Second, having all such information duly gathered by the service
provider means that investigators have an adequate source of information at their disposal. World
Bank/UNODC, (2011), The Puppet Masters: How the Corrupt Use Legal Structures to Hide Stolen
Assets and What to Do About It, p. 6.
16
2.3. Vulnerabilities
Beneficial Owners
With regard to the identification of beneficial owners, some
problems must be taken into account, representing vulnerabilities
that could be seen by criminal groups as actual opportunities for
money laundering or financing terrorism.
An effective anti-money laundering regime to prevent corporate
entities from being abused for money laundering should have at
least three components:
(a) a central registry of corporate entities that provides beneficial
owner information
(b) beneficial owner identification systems by financial institutions
and professional service providers
(c) an international sharing system for beneficial owner information
Unfortunately many weak links in all three components exist
worldwide.
A) Central registry of corporate entities:
There is currently no international standard requiring states to
have a central registration system for corporate entities, such
that not many states have a system that makes BO information
available to those who need it for the purpose of anti-money
laundering.
Some states have fragmented registration systems, e.g. for tax
or public listing purposes, etc., but these fragmented systems
are not designed for the purposes of anti-money laundering
and so are not conducive to them. Moreover, access to these
systems for BO information can only be made in certain limited
circumstances, e.g. for a criminal or tax investigation etc.,
and the associated information retrieval process is extremely
inefficient and very often requires judicial scrutiny.
For those states having a central registry of corporate
entities, in the absence of international standards on what BO
information a corporate entity must register with the authority
and how often the information needs to be updated, the
registers are very often found to be unreliable, i.e. not updated,
and pertaining only to legal ownership/control as opposed to
actual beneficial ownership.
B) Beneficial owner identification systems:
As for BO identification systems, despite the Third EU
Directive and the FATF Recommendations, currently many
states, including those well developed states in which the
world financial centres are situated, have yet to put in place
proper enforceable means to require financial institutions
and professional service providers to identify and verify the
beneficial ownership of corporate entities in their customer due
diligence processes. Nor are they required to understand the
ownership and control structure of corporate customers with
complex ownership structures.
Law enforcement agencies from time to time come across
investigations involving shell companies being used for money
laundering. Criminals or money launderers make use of the
services of the professional service providers to set up shell
companies to open bank accounts for illicit transactions with
staff of the professional service provider acting as nominee
directors of the corporate customers. Banks without proper
customer due diligence practices do not know and do not
bother to ask (if the state has no such requirement for them to
do so) about the actual beneficial owners of such corporate
customers and the bank accounts.
Professionals
With reference to professionals risk of being involved in ML
schemes, other vulnerabilities may be identified that allow criminals
and terrorists to take advantage of them. Each of the vulnerable
sectors has a role for professionals to play whether as willing
conspirators or naive facilitators. One of the most effective ways to
aid the laundering process is to engage the cooperation of corrupt
professionals, or for a criminal enterprise to place operatives within
financial institutions. By doing so, an offender can bypass scrutiny,
falsify documents and avoid mandatory transaction reporting
requirements. Internal conspiracies and corruption have been
identified in the following cases:
A) Some criminals might try to take advantage of professional
secrecy obligations that apply to the gatekeeper.52
In anti-money laundering discussion, the term gatekeepers
refers to a broad range of professionals (such as lawyers,
52
FATF (2010) Global Money Laundering & Terrorist Financing Threat Assessment,
http://www.coe.int/t/dghl/monitoring/moneyval/web_ressources/FATF_GTA2010.pdf, p. 46.
B) A most common technique used to help expedite the
laundering process is the use of nominees, involving some
attempt by the offender to obscure a direct connection
between himself and assets he owned, primarily by registering
legal title to the asset in the name of another individual, usually
a relative, a friend or a lawyer. In an analysis of Royal Canadian
Mounted Police cases, it was found that the assets most
often placed in the name of nominees were real estate, cars,
companies and banks accounts.54
C) According to a report authored by the Financial Action Task
Force (FATF), ...inadequate codes of conduct and ethics with
a low likelihood of disciplinary action (emphasis added) all help
to shape businesses in ways that enable criminals to take
advantage of the services they offer. Professionals and insiders
who are sole traders and have no management or compliance
oversight, along with vulnerable business models that cannot
support sophisticated AML systems, are often seen as soft
targets for criminals who wish to use their services for illegal
gain.55
D) In the absence of corresponding ethics and internal controls,
the practice of making decisions to promote or continue
employment based on performance criteria, and the use
of sales-driven remuneration packages and performance
assessments may unintentionally promote unlawful greed in
individuals and increase their vulnerabilities. This can create
an environment characterized by corruption that can be easily
exploited by criminals.56 What gets measured, gets done,
therefore it is important to consider the reward system within
institutions. These rewards individual and group are partially
responsible for irrational exuberance in banking decisions
(i.e. unwise loans and credit lines, etc.). Peer pressure from
group incentives is particularly powerful. Hence any policy that
results in the loss of customers especially customers with
large amounts of money is operating against the current
reward structure. Financial institutions rhetoric may declare
that all bank objectives are equal profit, risk management,
customer satisfaction and societal pressures to reduce money
laundering when in reality they often are not given the same
attention.
E) Inter alia, special attention must focus on lawyers services and
real estate transactions.
53
FATF 2010, Global Money Laundering & Terrorist Financing Threat Assessment. A view of how
and why criminals and terrorists abuse finances, the effect of this abuse and the steps to mitigate
these threats. http://www.coe.int/t/dghl/monitoring/moneyval/web_ressources/FATF_GTA2010.
pdf, p. 44.
54
Beare, M. and Schneider, S. (2007). Money Laundering in Canada: Chasing Dirty and Dangerous
Dollars. In one case, a Calgary-based cocaine trafficker had signing authority for 25 bank accounts;
most were registered in the names of relatives, favouring his mother and father-in-law.
55
FATF (2010) Global Money Laundering & Terrorist Financing Threat Assessment, p. 46.
56
Ibid.
Global Agenda Council on Organized Crime
17
Lawyers
The services provided by lawyers are frequently part of a series
of commercial and financial transactions conducted by the
most sophisticated criminal entrepreneurs. In an unknown but
presumably very large proportion of cases, the lawyer is not
aware that the scheme s/he is facilitating is illicit. However, in
certain criminal and regulatory cases, the services of lawyers were
explicitly sought out and, in some instances, repeatedly used by
criminal offenders to launder their criminal proceeds.57
More specifically:
Lawyers came into contact with the proceeds of crime through
their role in facilitating a real property transaction by a drug
trafficker or accomplice.
Lawyers are used to conceal the true source of funds provided
to them by offenders through the use of legal trust accounts
and the invocation of solicitor-client privilege, which can place
stringent restrictions on the ability of law enforcement to gather
information from law offices.
They have also helped to conceal criminal ownership of assets
by registering titles in the names of nominees and, in some
cases, their own names.
They allow their client and office accounts to be used to
receive cash from offenders and supply them with financial
instruments (cheques and transfers) that will appear clean to
bankers.
They have been involved in transferring funds derived from
criminal activities to secrecy haven countries, including
establishing shell companies in these countries.
They have been used to create a seemingly legitimate source
of revenue for criminal offenders. This service is largely
accomplished by establishing shell and active companies,
selling assets on behalf of offenders, and purchasing revenuegenerating rental properties.
Real Estate
The real estate market allows criminals to use large quantities
of cash and manipulate other services associated with real
estate transactions, such as mortgages and the use of nominee
accounts, and dealings that are possible through the construction
industry. Launderers benefit in multiple ways because they can
often acquire valuable and appreciating investments at the same
time that they launder money into the legitimate economy.58
Some evidence also exists that offenders seek out a mortgage
to limit their equity in a home, to minimize their personal financial
loss if the property is forfeited to the Crown or, if the property
is to be used for an illegal marijuana or other grow-operation, it
may decrease their loss of capital in case of a building destroyed
by the chemicals used. In some cases, a mortgage (as well as
title to the property) appears in the name of a nominee. In other
cases, a criminal entrepreneur can personally finance a mortgage
for property that he controls, but that is registered in the name of
a nominee. This laundering technique provides the bogus owner
with a seemingly legitimate source of funds to purchase the
home, while hiding the true criminal ownership of the property.
Alternatively, mortgage financing can be provided by a nominee,
such as a family member or a business associate, for property
registered to a criminally accused person (in a past case, for
example, the mortgage was fake and the funds were ultimately
traced to the accused). Mortgages may also be financed by
criminally-controlled companies, often off-shore. The absence
of will among many real estate professionals in many parts of the
57
Middleton, D. and Levi, M. (2005) The role of solicitors in facilitating Organized Crime: Situational
crime opportunities and their regulation, Crime, Law & Social Change 42 (2-3): 123-161; Levi, M.,
Nelen, H. and Lankhorst, F., (2005) Lawyers as crime facilitators in Europe: An introduction and
overview, Crime, Law & Social Change 42 (2-3): 117-121. For an empirical study of lawyers roles in
US cases, see Cummings, L. and Stepnowsky, P. (2010) My Brothers Keeper: An Empirical Study
of Attorney Facilitation of Money-Laundering through Commercial Transactions,
http://digitalcommons.law.umaryland.edu/cgi/viewcontent.cgi?article=1970&context=fac_pubs.
For an empirical study of Canadian cases, see Beare M.E. and Schneider S. Money Laundering
in Canada: Chasing Dirty and Dangerous Dollars. U of Toronto Press 2007, chapter 3. See, more
generally, Shaxson, N. (2011) Treasure Islands: Tax havens and the men who stole the world,
London: Bodley Head.
58
World Economic Forum (2011), Global Agenda Council on Organized Crime 2010-2011 Term
report, http://www3.weforum.org/docs/WEF_GAC_OrganizedCrime_Report_2010-11.pdf, p. 9.
18
2.4. Cases
Case 1: Delaware Laws, Helpful to Arms Trafficker, to Be
Scrutinized60
A Russian businessman who investigators say is the worlds
largest arms trafficker used secret corporations formed in Delaware
and other states to finance his activities. ... Delaware and the other
states have business-friendly laws that encourage the creation of
opaque shell companies, allowing their true owners to be disguised
or obscured. The Senate is considering new legislation to stop
the formation of two million such American corporations a year in
various states.
Officials say the Russian businessman, Viktor Bout, used at least a
dozen shell companies in Delaware the leading state that allows
the formation of such companies as well as Texas and Florida. ...
Senator Carl Levin, Democrat of Michigan, who co-sponsored
the legislation, contends that the state laws effectively allow arms
trafficking, money laundering, drug smuggling and tax fraud to
flourish. ...
The proposed legislation would require states to collect the names
of beneficial owners of corporations and limited liability companies
formed under their laws, and to provide that information to law
officials when requested.
Case 2: The use of professional intermediaries to facilitate money
laundering
A law enforcement operation identified an accountant, J, who
was believed to be part of the criminal organisation involved in
money laundering and re-investment of illicit proceeds derived from
drugs trafficking led by X. Js role was mainly that of a legal and
financial consultant. His task was to analyse the technical and
legal aspects of the investments planned by the organisation and
identify the most appropriate financial techniques to make these
investments appear legitimate from a fiscal stance. He was also
to try, as much as possible, to make these investments profitable.
J was an expert in banking procedures and most sophisticated
international financial instruments. He was the actual financial
mind of the network involved in the re-investment of proceeds
available to X. J operated by sub-dividing the financial transactions
among different geographical areas through triangle transactions
among companies and foreign credit institutions, by electronic
transfers and stand-by credit letters as a warrant for commercial
contracts which were later invested in other commercial activities
(Source: extracted from website of JE Financial Services
Commission).61
Ibid., p. 11.
60
61
FATF (2010), Money Laundering Using Trust and Company Service Providers,
http://www.fatf-gafi.org/dataoecd/4/38/46706131.pdf, p. 41.
2.6. Recommendations
On the basis of the vulnerabilities mentioned above, the Council
suggests the following recommendations, which apply across the
areas discussed in this section:
Beneficial Owners
A) Regarding the central registry of corporate entities,67 it is
recommended that:
the information to be registered include both legal owners
(directors and shareholders) and beneficial owners
the registered information be verified by the registry authority
the registered information be updated in a timely manner by
the corporate entity when there are changes, e.g. within one or
two months
the register be accessible to the public against payment online;
payment should be minimal in order not to discourage access
B) Regarding beneficial owner identification, it is recommended
that:
financial institutions and professional service providers be
required by law or by other legally enforceable means to
identify and verify the identity of a corporate customers
beneficial owners when establishing a business relationship
with it
financial institutions and professional service providers be
required by law or by other legally enforceable means to take
reasonable measures to determine who the natural persons
are who ultimately own or control the corporate customer
C) Regarding the international sharing of beneficial owner
information, it is recommended that:
apart from via investigation powers, law enforcement agencies
have direct access to the register of corporate entities
states allow (e.g. by law) law enforcement entities to share
beneficial owner information with their overseas counterparts
instantly without need for any bilateral or mutual legal
agreement
the access to the register of corporate entities be made
available online against payment to facilitate overseas
searches; payment should be minimal in order not to
discourage access
Professionals
A) Regarding the regulatory framework, it is recommended:
to reduce the wide disparity in the ways in which professionals
of all kinds accountants, lawyers and securities brokers are
licensed, scrutinized and disciplined. It seems inevitable that
these differences will continue in the foreseeable future. The
mechanisms by which lawyers, for example, are regulated
need to be scrutinized by international bodies, along the lines
of the functional equivalence concept developed by the
Organisation for Economic Co-operation and Development
(OECD) Working Party on Bribery. In the first instance, the
FATF and FATF-style regional bodies (FSRBs) should press
member states to bring into effect agreements on AML
compliance by professionals to which they are already
signatories.
B) Regarding criminal and regulatory investigations, it is
recommended:
to collect data systematically on the mechanisms by which
professionals assist criminals, both in the perpetration of
offences and in the laundering of proceeds from criminal
activity. In this way better evidence of interventions can be
built, including both criminal justice sanctions and preventive
measures, such as controls over licensing and professional
disciplinary sanctions.
OGBS TRUST AND COMPANY SERVICE PROVIDERS WORKING GROUP (2004), Securing
Effective Exchange of Information and Supervision, http://www.ogbs.net/attachments/036_
ogbstrustandcos.pdf.
63
FATF (2010), Money Laundering Using Trust and Company Service Providers, p. 11.
64
Ibid. This fractured and unreliable pattern of supervision renders effective co-operation unlikely
and ... represents a significant weakness in the global defences against money laundering and the
financing of terrorism, as well as a genuine lack of customer protection in respect of the sectors
clients.
65
OGBS TRUST AND COMPANY SERVICE PROVIDERS WORKING GROUP (2001), Statement of
Best Practice, http://www.ogbs.net/attachments/037_Trust%20and%20Company%20Service%20
Providers%20-%20Statement%20of%20Best%20Practice%20.pdf.
66
Ibid., p. 1. This statement of best practice is intended for use by jurisdictions generally in
reviewing the position of their trust and company service providers. It is also intended for use by
international organizations such as the IMF when they are engaged in an assessment of individual
jurisdictions in respect of their policy/procedures/practices from a financial regulatory/anti-money
laundering standpoint.
67
19
20
3.2. Achievements
As suggested by the World Customs Organization (WCO), in
todays hyperconnected and globalized world, international trade
and investment will flow towards efficient, supportive and facilitative
locations.75 Todays efficient and effective customs systems and
procedures can significantly increase economic competitiveness
through the creation of a safe trading environment, which in turn
would promote international trade and investment. Furthermore,
as customs are now also responsible for national security, they
need to ensure that they facilitate exclusively legitimate trade
while addressing the threats posed by terrorism and transnational
organized crime, and tackling the problems of counterfeiting and
piracy.76
As a result of these changes and new challenges, the WCO revised
and updated its original Kyoto Convention of 1974, to ensure that
it kept pace with the development of international trade.77 In its
revised form78 the Kyoto Convention is widely regarded as the
blueprint for modern and efficient Customs procedures in the 21st
century. Once implemented widely, it will provide international
commerce with the predictability and efficiency that modern trade
requires.79
With specific reference to the legislation, in Europe a single
Customs Code (the Community Customs Code) exists, for
instance. However, there is no common Customs legislation at the
international level and, in any event, there are variations in code
enforcement between different jurisdictions, even without taking
into account the issue of FTZs. This situation reflects tensions
between monitoring costs and smooth commerce, and occasional
corruption/incompetence in Customs and excise taxes.
68
For an early discussion see, Financial Havens, Banking Secrecy and Money-Laundering (J. Blum,
M. Levi, T. Naylor and P. Williams), Issue 8, UNDCP Technical Series, New York: United Nations
(1998) UN document V.98-55024.
69
Thomas Farole and Gokhan Akinci (eds) Special Economic Zones: Progress, Emerging
Challenges, and Future Directions, The World Bank, Washington DC, 2011.
70
71
72
Ibid.
73
74
Ibid., p. 1.
75
76
Ibid.
77
The revised Kyoto Convention on the simplification and harmonization of customs procedures
was adopted by the WCO in June 1999 and entered into force on 3 February 2006 after 40
Contracting Parties had acceded to it.
78
79
21
80
REGULATION (EC) No 450/2008 of the European Parliament and of the Council of 23 April 2008
laying down the Community Customs Code (Modernised Customs Code), http://eur-lex.europa.eu/
LexUriServ/LexUriServ.do?uri=OJ:L:2008:145:0001:0064:EN:PDF.
81
DECISION No 70/2008/EC of the European Parliament and of the Council of 15 January 2008 on
a paperless environment for customs and trade, http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?
uri=OJ:L:2008:023:0021:0026:EN:PDF.
82
Though the MCC was adopted in April 2008 and entered into force that year, its provisions are
applicable only once the Implementing Regulations are also applicable, at the latest by 2013.
83
Single window can be described as a system that allows traders to lodge information with a
single body to fulfil all import- or export-related regulatory requirements. United Nations Economic
Commission for Europe, The Single Window Concept: Enhancing the Efficient Exchange of
Information between Trade and Government, 2003, http://ec.europa.eu/taxation_customs/
resources/documents/customs/policy_issues/e-customs_initiative/ind_projects/swannexv.pdf
84
85
DECISION 2004/387/EC of the European Parliament and of the Council of 21 April 2004 on
interoperable delivery of pan-European eGovernment services to public administrations, businesses
and citizens (IDABC), http://spol.unica.it/teleamm/2010/fonti-en/decisione2004387-en.pdf.
86
DECISION No 70/2008/EC of the European Parliament and of the Council of 15 January 2008 on
a paperless environment for customs and trade, L 23/21.
22
87
88
Ibid., L 23/22.
NAFTA, Chapter Five: Customs Procedures, Article 504: Obligations Regarding Exportations,
http://www.nafta-sec-alena.org/en/view.aspx?conID=590&mtpiID=129#A504.
3.3. Vulnerabilities
As separate Customs areas created to encourage trade and
foreign direct investment, FTZs are subject to unique laws,
regulations, and oversight to take account of their role in job
creation and economic development policies.89 This may result
in weaknesses that make FTZs vulnerable and expose them to
misuse by illegal actors. Generally, these weaknesses mainly
encompass the lack of a standard Customs Code, which is
common at the international level, the lack of legal but instrumental
coordination between the Customs authority and the Zone
authority; and the lack of strict regulatory oversight.
More specifically, consistent with the FATF report,90 the following
vulnerabilities of FTZs are highlighted:
Relaxed oversight: Although FTZs are most often located
near ports of entry (air, sea or land), they operate apart
from traditional rules governing commercial and Customs
procedures: administrative and oversight schemes are reduced
or even eliminated, goods introduced may be subject to
processing and manufacturing operations within the Zone,91
special taxes and administrative arrangements are available to
exporters and export service providers.92
Weak procedures to inspect goods and register legal entities,
and inadequate record-keeping and information technology
systems: In most cases merchandise entering and exiting a
FTZ must be accompanied by commercial documents, for
example a bill of landing and a commercial invoice.93 Yet
Customs and Zone authorities use different and separate
systems to monitor shipments entering and exiting FTZs. Many
countries are still using a paper-based system that makes
cross-national flows impossible to monitor actively, although it
may offer forensic evidence after the fact. A mix of paper and
IT systems, as is often the case, increases the time it takes to
control and check related documents (inbound vs outbound).94
Existing FTZ software systems are often not integrated in
Customs IT systems. The lack of a unique and clear standard
related to Customs clearance and record procedures makes it
very difficult to monitor the flows entering and exiting a FTZ.
Lack of transparency: The regulation of FTZs lacks clarity; in
certain cases it is unclear whether government or the Customs
authority has the jurisdiction to exercise controls. The degree of
Customs intervention is often limited or even absent, controls
are frequently carried out by random selection rather than
on the basis of risk assessment or risk indicators, and Zone
authorities promote the ease of establishing a legal entity in a
FTZ or may not request ownership information from companies
setting up in order to attract business and foreign investment.95
Inadequate safeguards against money laundering and the
financing of terrorism: In many cases, rules and regulations
governing FTZs are outdated as they have not kept pace
with FTZ development. Thus they do not adequately take
into account the Zones money laundering and financing of
terrorism vulnerabilities or the risks of illegal activities being
carried out within them. Moreover, a number of jurisdictions do
not apply the same anti-money laundering or counter-terrorism
financing regulations in the Zone as in the rest of the country,
so these provisions may not be applied to businesses and
89
90
Lack of adequate coordination and cooperation between
Zone and Customs authorities: A lack of coordination and
cooperation exists between Customs and Zone management
systems, such that certain data, documents and information
often are not shared between the different authorities.98 In
addition to Customs and Zone authorities, additional regulatory
or law enforcement agencies may be involved at different levels
within the Zone. What is necessary is therefore international
cooperation with a view towards developing a uniform
framework for regulating trade systems in FTZs.
Lack of worldwide regulation on dealing with FTZs and on the
data each should track and pass on: If each FTZ were required
to tag the goods and the cargo carrying the goods through to
destination, the paths of illicit goods could be better identified.
Yet no international procedures or global information sharing
mechanisms exist to track illegal proceeds or goods and
therefore to identify and take action against the criminals.
Lack of unity in rules and regulations globally: There are major
regional differences in terms of the rules, procedures and
oversight by which authorities regulate Customs and trade.
North America, for example, has a more structured framework
and its rules and regulations are stronger than those in China
and/or South-East Asia, where certain financial systems are
weak and judicial systems are less uniform.
In Europe, members of the European Union have similar legal
codes and there is general consistency in regulations. By
contrast, a major feature in many areas of Asia is the diversity
of the justice system, particularly in matters related to FTZs.
Developing countries are establishing FTZs as a vehicle to
facilitate economic development and generate revenue for the
government, although many do not have the ability to provide
the appropriate controls or means to track goods going in and
out of the Zones. As already mentioned, some countries are
still using a paper-based system to administer FTZs.
Aboriginal communities in Canada can be compared with Free
Trade Zones. These communities Sovereignty Rights give them
immunity from certain regulations and allow them to operate
outside the control of the State. While both markets are being
refuted by the Canadian government, a large trade in illegal
cigarettes has emerged and is spreading across the country
between Aboriginal communities, and one community controls
the worlds largest online gambling service an operation that
could be used by money launderers.
The regulatory differences between world regions give rise to
a wide range of concerns about the vulnerability of FTZs and
their potential exploitation by criminal groups.
91
Ibid., p. 16. The tracking of shipments, especially for repackaging is a key element in the control
of FTZs. The same shipment may use FTZs as a base around the globe for no other purpose than to
launder funds.
92
Ibid., p. 8.
96
93
Ibid.
97
94
Ibid., p. 17.
95
Ibid., p. 16.
Ibid., p. 15.
See for example C. Satapathy, Money Laundering: New Moves to Combat Terrorism. Economic
and Political Weekly, Vol. 38, No. 7 (15-21 February 2003), pp. 599-602.
98
23
Case 3: Counterfeiting
In the FTZ of Ras-Al-Khaimah in the United Arab Emirates (UAE)
in 2009 a successful criminal prosecution was brought against
a counterfeiter making fake cooling gas cylinders branded with
a famous mark in that industry. (To our knowledge this is the first
known successful criminal prosecution against any enterprise
operating within a Free Zone and is a welcome development
that should serve as best practice development in achieving an
improved regulatory framework against illicit operators in FTZs).101
3.4. Cases
99
100
24
101
102
103
FATF (2010), Money Laundering Vulnerabilities of Free Trade Zones, pp. 34-35.
104
Ibid., The information on Arubas experience was drawn from the FATF Report.
105
Ibid., p. 39.
106
107
Ibid., p. 41.
108
Ibid., p. 42.
3.6. Recommendations
General Recommendations
Building and developing international, regional and national
platforms for cooperation:
Since FTZ crimes typically occur across national and regional
borders, building collaborative platforms at different levels, in
particular at the international level, is essential to effectively
combat FTZ crimes. Such collaboration should include
strategic, legislative, judicial, as well as administrative,
regulatory, resource, enforcement, technical, intelligence,
and other means as necessary. Current platforms should be
examined to identify their pros and cons, using them to plan
and create a system of platforms for cooperation.
Building IT capabilities, and intelligence gathering, processing
and utilization in Free Trade Zones:
Given the serious lack of resources available to contain,
detect and control FTZ crimes in general, and particularly in
developing countries, funds must be allocated to build and
strengthen infrastructure in the fight against FTZ crimes, initially
by enhancing IT and intelligence capabilities.
Enhancing IT capabilities
A standardized procedure for Customs record-keeping,
reducing or eliminating paper records, could greatly
reduce opportunities for fraudulent activities. The MCCs
recommendation on computerization was primarily
proposed to enhance customer efficiency but it also
increases the capacity to combat FTZ crimes. The Council
recommends the wider adoption of the World Customs
Organizations Single Window concept.
Enhanced IT capabilities in FTZ management will not only
better serve businesses in the registration of their activities
but will also improve Customs capacity to monitor and
check these activities without adding undue burdens on
businesses as they conduct their normal commercial
affairs.
Enhancing intelligence capabilities
Intelligence capabilities can be improved by building
and enhancing Financial Intelligence Units and other law
enforcement agencies intelligence data gathering and
analysis abilities.
It is also necessary to enhance cooperation and intelligence
sharing among FIUs, law enforcement entities, Customs
and FTZ authorities.
Raising public awareness and educating officials about the
harms of FTZ crimes:
Many of the FTZs vulnerabilities stem from official inaction.
Existing rules and common sense are not applied to detect
and identify crimes. Certain officials believe fighting crime is not
as important as developing economic activity and trade
in FTZs.
Information campaigns must be launched to communicate
the seriousness of the crimes committed within Free Trade
Zones and the huge amount of harm they cause for the
global economy and trade. One suggestion is to organize and
conduct an assessment of the threats posed by organized
crime in FTZs, communicating its results to a broader
audience.
A call to support systematic research on criminal activity in
FTZs is also desirable. Systematically collecting data on Free
Trade Zone crimes by analysing the cases, describing the
vulnerabilities and identifying the mechanisms would contribute
to a better understanding of FTZ crimes and the Zones
exploitation by organized crime groups.
Global Agenda Council on Organized Crime
25
Specific Recommendations
Developing and enacting balanced legislation for Free Trade
Zones:
At the heart of FTZ operations (and criminality) is the relaxation
of regulations meant to increase efficiency. Improved legislation
must thus fully consider this basic feature of Free Trade Zones
in order not to defeat their original purpose. Only balanced
legislation can achieve the desired results and be enforceable.
Thus recommendations include:
developing legislation against the establishment of new
crimes in FTZs that fills existing legal gaps
giving priority to enhancing AML/CFT legislation, including
provisions such as seizing illicit proceeds and recovering
illicit assets
giving priority to enhancing legislation focusing on fraud,
since much of the organized crime in FTZs is fraudulent.
Fraud can be identified in every criminal case in FTZs
empowering authorities, particularly Customs or other law
enforcement agencies, to conduct secondary inspections
enhancing legislation empowering law enforcement
agencies and FIUs to detect FTZ crimes and collect
evidence
enhancing legislation empowering prosecutors to
prosecute FTZ crimes
Developing better mechanisms to trace the origin and
destination of goods:
Developing systematic, efficient and effective regulation
and technology is key to countering FTZ organized crimes.
Therefore, crucial features to be developed globally include:
regulations and technology to trace goods
record-keeping regulations covering the entire itinerary of
traded goods
mechanisms to prevent double invoicing
labelling regulations and checking technology
regulations and technology to facilitate the authenticity of
the goods and identify their origin
the registration and documenting of parts
information requirements to identify ownership
risk assessment tools to facilitate the sampling of goods for
verification and monitoring purposes
Developing Customs primary cooperation:
given the existing structure and achievements, encouraging
the World Customs Organization to take the lead at the
international level, and Customs authorities to take the lead
at other levels
developing international collaboration on a standard
Customs Code
developing an international standard for Customs
clearance
developing model coordination regulations between
Customs and Zone authorities
26