Economic Factors  >
Prevention of Money Laundering, Financial Fraud and Terrorism Financing
 
 
Prevention of Money Laundering, Financial Fraud and Terrorism Financing
 
The Group's AML / CFT Management Framework
 
■ Formulate the Group's AML / CFT Culture - Board of Directors
 
■ Assigned dedicated officer — Chief Compliance Officer of the head office
 
■ Establishment of dedicated unit - Compliance Department
 
■ Assign supervisor
 
■ Anti-Money Laundering and Counter Terrorism Financing Organization Structure
 
 
 
Implementation of Anti-Money Laundering and Counter Terrorism Financing
 
1. Education and training
To improve the abilities and performance of the group's employees in AML/CFT, categories of AML/CFT education and training courses organized by FFHC, First Bank, First Securities, First Securities Investment Trust, and AMC in 2023 are as follows
 
 
2. Centralized suspicious transaction report (STR) project
First Bank began implementing the centralized suspicious transaction report (STR) project to effectively monitor suspicious transactions and implement reporting operations. The alerts produced in the SAR module of the AML system are now directed to the dedicated unit of the head office for investigation, identification, confirmation, and reporting to enhance investigations, improve the quality of reports, and ensure that there are no omissions.
 
3. Non-face-to-face customer due diligence
The bank subsidiary conducts a customer due diligence (CDD) procedure (as shown in the chart on the next page) that has a similar effect to general CDD. Special and sufficient measures must be in place to mitigate risks and in principle, individual accounts must submit identification documents for the verification of identity, address, and to contact customers by phone or mail when necessary. In principle, non-individual accounts must submit business registration documents, operating permits, change of registration or similar documents, company policy, list of directors and shareholders, and evidence for the identity of substantial beneficiaries. Relevant specifications are set out in the "Group-wide AML/CFT Plan" and "Anti-Money Laundering and Countering Terrorism Financing Guidelines". Regulations on non-face-to-face account opening and transactions are explained below:
・First Bank's ATM services: All users are customers of the Bank.
・Offshore electronic payment: Restricted to the existing customers of the Bank and no online account opening services shall be provided.
・Digital deposit account: Limited to natural persons and sole proprietorships and the identity certification methods are as follows:
A. Natural persons:
a. Individuals who are not existing customers of the Bank: Use the information platform for identity authentication with a deposit account opened in over the counter in another bank.
b. Existing customers: Verification shall be based on the valid and normal deposit account and two-factor mobile phone number maintained by the bank; if the applicant is a minor over seven years old, the verification target shall be the legal representative of the minor (required (with local nationality), and attach the legal representative's double ID and a copy of household registration (or household register).
B. Sole proprietorships:
Limited to sole proprietorships registered in accordance with the Commercial Registration Law of the country. The person in charge is limited to a natural person over 18 years old in the country. The person in charge must use the natural person certificate and the business organization's business certificate for identity verification, and obtain the latest business registration information from the Ministry of Economic Affairs in real time,and complete the account opening after video verification.
 
All aforementioned information shall require identity review, name review, and risk assessments in the account opening procedures by the branch.
 
Aside from reinforcing the identity verification mechanisms of the bank subsidiary, appropriate measures have been adopted in the conduct of CDD procedures such as verifying the purpose and nature of new customer accounts, primary source of funds, estimated number and amount of transactions, and an understanding of the involved scope of financial activities. Perform name authentication and risk assessment operations as well as regular annual verification of whether information of customers and substantial beneficiaries are comprehensive to ensure the authenticity and correctness of updated information.
 
■ First Bank Customer Due Diligence (CDD) procedures are as follows:
 
 
 
 
・e-speed loan: In response to changes in consumer behavior models, the bank subsidiary offers comprehensive online financial loan services to customers, who may submit loan applications, upload documents, receive approval notices, online insurance, and receive funds into accounts and complete all procedures online without having to visit a bank location. Applicants are restricted to natural persons over 18 years of age and are citizens of Taiwan. If the applicant is not an existing customer at the bank, their identity shall be authenticated through savings accounts they have opened in-person at the location of another bank. Aside from uploading identification documents, customers must provide authenticated accounts (limited to accounts opened in-person at a bank location) from a verified bank and mobile number to perform identity verification procedures. The system must conduct identity review, name authentication, and risk assessment operations on all data. If in doubt, customers can be requested to authenticate via video conferencing to increase the strength of identity verifications.
 
4. Policy regarding high-risk clients such as politically exposed persons (PEPs) and related identification, regular reviews and monitoring
・With respect to important political figures from domestic or foreign governments, terrorists or groups that have been sanctioned economically or identified/pursued by foreign governments or international anti-money laundering organizations, and individuals, legal persons or groups designated for sanction in accordance with the Counter-Terrorism Financing Act, the Company not only directly regards them as high-risk clients, but also requires approval from competent supervisors one grade higher than the original supervisors before new business dealings are added or new business relations are established. Each subsidiary may define the types of clients that should be directly regarded as high-risk clients in accordance with their own business patterns, and after taking into account related risk factors.
・The subsidiary bank has formulated related guidelines targeting high-risk clients, such as the "Comprehensive Group-wide Plan for Preventing Money Laundering and Combating Terrorism Financing", "Anti-Money Laundering & Counter-Terrorism Financing Notice", and "Manuel of Due Diligence on High-Risk Clients for Preventing Money Laundering and Combating Terrorism Financing". Please refer to the followings for explanation:
A. Control measures to be enforced when a client is identified as a high-risk client during the course of establishing a new business relation: In addition to regular due diligence operations, it is necessary to adopt additional measures to further identify the client in question (such as doing a search with Google, or obtaining the client's work information, etc).
a. The grade of supervisors responsible for approving a new business dealing should be raised to a higher rank.
b. An intensified client due diligence form should be filled out, and transactions must be made on the system for the sake of preserving track records.
B. Control measures to be enforced when a client is identified as a high-risk client during the course of regular transaction monitoring:
a. Supporting documents should be solicited for transactions involving high-risk clients.
b. The grade of supervisors responsible for approving transactions involving high-risk clients should be raised to a higher rank.
C. In the event that high-risk clients are spotted in the transaction monitoring forms of the Company's various divisions, they should be submitted to the supervisors responsible for preventing money laundering and combating terrorism financing for review.
D. Increase the frequency of regular reviews: the frequencies of regular reviews for medium- and low-risk clients are 3 years and 5 years, respectively; the frequency is once per year for high-risk clients.
・Identification method of politically exposed persons (PEPs)
A. Install a list examination system and comparison engine, whose database is sourced from external vendor Thomson Reuters (World Check) as well as the list it compiles on its own (PEPs gathered from publicly available information by itself). The list would be scanned through in batches and compared on a daily basis.
B. When new business dealings with a client are established or added, the system would conduct real-time list audit. If the system finds that the client is a PEP, it would adopt enhanced measures and continue monitoring.
 
5. Measures that go above and beyond regulatory regulations
・To strengthen its anti-money laundering and counter-terrorism financing system and to optimize the system against money laundering, the Group strives to optimize methodology and reports relating to the institutional risk assessment (IRA) of its subsidiaries, review clients' risk factors and the rationality of the list scanning rules, and strengthen the client due diligence mechanism and the sharing of group information, etc. It has commissioned "Deloitte Touche Tohmatsu Limited" to create the "Anti-money laundering & counter-terrorism financing system consultation service project" to offer guidance and assistance in installing more comprehensive control measures for anti-money laundering & counter-terrorism financing.
・In 2023, the Group's subsidiaries, including First Commercial Bank, First Securities, First Life Insurance and FSITC, continued to commission "PwC Taiwan" to audit assurance projects for anti-money laundering & counter-terrorism financing, which went above and beyond the Financial Supervisory Commission's existing regulatory requirement of demanding that banks and large insurance companies outsource the auditing of their assurance projects.
 
6. Monitoring of criminal offenses involving money laundering and terrorism financing
In addition to using the 53 suspicious transaction representations in the "Annex: Red Flags for Transactions Suspected to Involve Money Laundering or Terrorism Financing" published by the Bankers Association to monitor criminal behavior, the Group's subsidiary bank also compiles statistics from cases provided in letters from external inspection agencies to identify the crime risks that it faces. It has also adopted corresponding mitigating measures. The top 3 threats associated with money laundering and terrorism financing that the Bank identified in 2023 were fraud, tax crimes and narcotics, which were consistent with the STR crime patterns that it declared.
 
■ Letters from external inspection agencies and STR crime patterns declared by First Commercial Bank in 2023
 
7. Application of regulatory compliant technology (Regtech)
The subsidiary bank has adopted the following control measures:
・Leveraging robotics process automation (RPA) to boost efficiency while reducing various business workload.
・Full implementation of AML system in regular customer review operations. Corresponding investigation frequencies are issued according to the money laundering risk level of customers. The AML system automatically initiates investigations and generates MIS reports to reinforce surveillance and management, thereby reducing the possibility of human error within operations.
・To align with the Society for Worldwide Interbank Financial Telecommunication's (SWIFT) adoption of the ISO 20022 message specifications standardized format (MX messaging), the Bank has added an audit module for MX messaging to its domestic AML system, which audits the names of incoming or outgoing MX messages. By doing so, the Bank hopes to strengthen the operating mechanism for anti-money laundering and counter-terrorism financing.
・With effect from February 2023, individual accounts with a high frequency of account deposit activities have been included in the AML system for monitoring, in order to enhance the control of tax risks.
・The New Actimize System has been installed for overseas branches and AI monitoring technology has also been introduced, in order to enhance control over related accounts and detect potential risks of money-laundering transactions.
 
 
 
Preventing financial fraud
 
Recently, financial fraud incidents have occurred more frequently. To prevent pecuniary losses for its customers, First Commercial Bank has formulated the "list of goodwill questions to be raised for over-the-counter operations" as well as "notice for operating units to guard against fraud targeting deposit account customers & large over-the-counter cash withdrawals". When a customer wishes to make a cash withdrawal or remittance for a certain amount, applies for a new designated transfer account, or when an elderly customer wishes to withdraw a certain amount of cash, the Bank would raise goodwill questions when abnormalities or signs of fraud are detected. In the meantime, it has also enhanced educational training for employees to raise goodwill questions over the counter, in addition to increasing interception effectiveness by properly leveraging cases provided by the National Police Agency as well as the latest scam tricks as reported by the media. We achieved significantly greater results in terms of preventing financial fraud in 2023 than we did in 2022, with the number of cases and the amount of money involved up 58.7% and 63.4%, respectively.
 
■ Results of our anti-financial fraud efforts over the past 3 yearsUnit: Case/NT$10,000