Effectiveness in receiving STRs

SAFIU is highly effective in receiving STRs on suspicious transactions related to money laundering and terrorism financing. Feedback from SAFIU staff members confirms that there is strong agreement on the extent of authority given to SAFIU to obtain required information from financial and non-financial institutions. The responses highlighted SAFIU’s compliance to FATF Recommendation 26, Article 4, which states that the FIU, either directly or indirectly, should be authorised to obtain information from reporting parties needed to properly undertake its functions. SAFIUs compliance in receiving STRs is also evident through the Egmont Group’s definition, which dictates that an FIU is a:

‘central, national agency responsible for receiving (and, as permitted, requesting), analysing and disseminating to the competent authorities, disclosures of financial information (i) concerning suspected proceeds of crime and potential financing of terrorism, or (ii) required by national legislation or regulation, in order to counter money laundering and terrorism financing.’ (Egmont Group, n.d)

SAFIU staff also confirmed that SAFIU is effective in receiving STRs through various channels of government and non-government bodies (average 4.88). These findings comply with FATF Recommendation 26, Article 4, which is also complimented by Article 11.3(a) of Saudi the AML Law which states that SAFIU is authorised to receive STRs from financial, non-financial institutions and government agencies. Within KSA, supervising authorities are also obligated to this law and include Saudi Arabian Monetary Agency (SAMA), Capital Market Authority (CMA), MOCI, Ministry of Social Affairs (MOSA), MOJ, Ministry of Islamic Affairs

(MOIA) and Saudi Customs. These authorities perform the following supervisory functions:

 SAMA licenses and supervises financial institutions such as banks and money changers

 CMA licenses and supervises securities firms

 MOCI supervises business and corporations according to commercial laws

 MOSA licenses, registers and supervises general charities

 MOIA licenses, registers and supervises education charities

 MOJ supervises the judicial system including lawyers and notaries

 Saudi Customs supervises travellers and goods that enter and leave the KSA. A similar pattern is also observed in Canada, where FINTRAC through the Proceeds of Crime and Terrorist Finance Act, has the authority to obtain information from other government agencies (Murphy, 2006).It is also consistent with Magnusson’s research (2009), which reported that the Swedish FIU receives reports through banks, money exchange agencies, auditors, car dealers, casinos, money remittance agencies, and financial companies. This compliance is also in line with AUSTRAC and FIU_IND who have the legislative power to obtain information from both financial and non- financial bodies. Whilst this was not always the case in Belgium, the law was amended to incorporate reports from non-financial institutions, as they were believed to manipulate the AML legislation. The 2010 MENAFATF report identified the growing trend in STRs reported to SAFIU during the period of 2004 to 2008, and identified the increased reports as a positive development of SAFIUs compliance in receiving STRs. During 2010, SAFIU received a total of 1368 STRs constituting 171 from government agencies, 1137 from finance institutions, 59 from businesses and a single one from non-profit organisations (NPOs) (MOI, 2010).

Results from the questionnaires also reflect a strong agreement of SAFIUs authority to access directly and indirectly the databases of the governmental agencies containing information about suspicious transactions. This finding coincides with the required methods for FATF Recommendation 26, Article 3, which states that FIU’s are to have direct or indirect access to administrative and financial information of the government agencies. As direct access to databases of SAMA, MOJ, MOIA, CMA

and MOSA NPO is not granted, SAFIU requests information from the MOCI Corporate, SAMA Registration Database, CMA Securities Information Database, Customs Currency Database, MOJ Real Estate Database and MOSA NPO Database. The authority to access the information from the databases of other government agencies, such as SAMA and MOJ, lies within the Information and Studies Division of SAFIU which plays the vital role of maintaining databases for SAFIU and requesting information exchange from local government bodies. Between 2004-2008, SAFIU disseminated 665 requests for information from other government agencies. Of these requests, 368 were sent to MOCI and SAMA, CMA received 6 requests respectively while the Intelligence Police received 7 requests. The Saudi Customs, which has the authority to investigate such cases, directs incidents of suspicious declarations to SAFIU by enabling a real-time information flow between them.

Having access to databases exponentially increases information processing by presenting SAFIU with opportunities of acquiring and using data to expedite investigations. Gaining database access directly and indirectly is important, as it enables SAFIU to receive fast and comprehensive information thereby reducing STR backlogs and improve decision-making process. This concept is also seen in the UK FIU, SOCA, where it obtains information directly from the databases of TFT and NTFIU. The FIU model in KSA is however different to the UK FIU, who in addition to accessing information from financial institutions is able to monitor real-time information of an account. Monitoring information on a real-time basis is more evident in countries that have implemented the supervisory FIU model enabling them to have direct access to the databases of financial institutions and law enforcement agencies. The importance of utilising databases a mechanism to aid in investigations and prosecution has been recognised in Europe, where the European Union has developed a central interlinked database containing cross border STRs (Stefanou, 2010).

There is a strong agreement among SAFIU staff that SAFIU is authorised to request additional information from financial and non-financial institutions needed to carry out actions to counter money laundering and terrorism financing. This finding is consistent with FATF Recommendation 26, Article 4, which states that FIU should be authorised to obtain additional information directly or indirectly from the reporting

parties. Compliance to this recommendation is evident in Article 11.3(c) of the Saudi AML Law which stipulates that SAFIU has the authority to request additional information from the relevant supervisory authorities, such as SAMA, CMA, MOIA, MOCI and MOJ. Concerning the database, SAFIU staff members strongly agreed that SAFIU has established a database that contains information received and captured from incoming STRs. These findings are in compliance with Article 11.3(b), of the Saudi AML Law, which stipulates it is to develop a database containing all reports regarding suspicious transactions. In response to this law, the Information and Studies Division of SAFIU has developed an internally interlinked database that caters for received, analysed and disseminated STRs. This ease and accessibility of utilising such a database enables SAFIU to exercise it authority in resolving STRs efficiently. Similar compliance was evidenced in Germany, where a database containing all STRs received was inaugurated once the FIU was opened.

There is also an agreement among SAFIU staff that SAFIU has a secure database of all received reports on suspicious transactions related to money laundering and terrorist financing crimes. This is in compliance with FATF Recommendation 26 Article 7, which requires FIUs to develop securely protected databases that contain reports and information related to money laundering and terrorism finance. The servers within SAFIU are located securely within their premises and managed by their Information Technology Division. These servers are considered secure as they cannot be accessed and approached without appropriate clearance authorisation. In line with securing the database, information maintains identity confidentiality as per FATF Recommendation 14, Articles 2 and 3, which emphasises that confidentiality of individuals who provide information to FIUs must be maintained. This recommendation is further highlighted by Article 25 of the Saudi AML Law and Articles 12.4(d) and 13.2 of SAMA AML and CTF, which set out the legislative requirement to ensure that individuals who report suspicious transactions are protected from liability. SAFIU staff indicated a strong agreement to this compliance, and highlighted that the SAFIU policies in place do not conflict with confidentiality and cannot be used against them in the case of any criminal proceedings. Such Laws are consistent with the UK judicial system, which also ensures protection of individuals who provide information to FIUs. Ensuring confidentiality of information

providers increase the flow of information to and from financial units, and contributes to improving work performance within SAFIU.

The feedback from SAFIU staff reflects their strong agreement that SAFIU utilises and benefits from the STRs stored in the database. In addition to receiving and analysing STRs, the Information Gathering and Analysis Division of SAFIU is also responsible for archiving STRs for future research and analysis. This information stored in databases is utilised to pursue detecting typologies, in drafting policy solutions and also provides information when requested by foreign FIUs. Similarly, the FIU in UK, SOCA, maintains the Elmer database, which is utilised by the NTFIU to review and analyse historic SARs stored when searching for information on the existing suspects. Utilising existing information on historic STRs benefits FIUs by enabling analysis and pattern development to be provided when investigating current cases.

Feedback received from the respondents strongly indicates that a compensation mechanism is in place for individuals who provide information related to suspicious activities. In 2003,, SAFIU announced a reward package with prize money ranging from US$270,000 to US$1.87 million for any individual providing information that leads to a suspect’s arrest or prevention of money laundering and terrorism activities (Prados & Blanchard, 2004). Rewarding informers is evident in other countries such as Nigeria, where rewards are provided to individuals who assist the FIU in providing information related to money laundering and terrorism finance as financial appreciation encourages individuals to be more disclosing.

A strong agreement was also evident in SAFIU when reviewing STRs received for completeness. The high result (average of 4.34) indicates the implementation of SAFIU in fulfilling its responsibilities of validating all STRs received for compliance and completeness. Within SAFIU, the Reports Division is accountable for receiving STRs and verifying them for completeness and is charged with supporting the Article 7.3 of the Saudi AML Law, which requires reporting entities to complete forms that include personal, transactional, reasons for suspicion and relevant account information. In the case of financial institutions, reporting entities must provide copies of account details, including statements for the last six months and any other

supporting documents related to the nature of the suspicion. Non-financial institutions on the other hand provide information that encompasses business statements and transactions. Both financial and non-financial institutions submitting the initial STR have 10 working days to provide additional information in support of the STR. SAFIU staff members review such requirements and ensure that STRs completed contain this information.

An agreement was received from staff members that SAFIU uses a standardised form that captures all the required information when receiving STRs. A standardised form is required to comply with FATF Recommendation 26 Article 2, which states that FIUs are to provide financial institutions and other reporting parties with guidance regarding the manner of reporting, including the specification of reporting forms, and the procedures that should be followed when reporting. SAFIU utilises four different standardised forms for financial, non-financial, individual and private entities to report to SAFIU once suspicious transactions are discovered. In addition, reporting entities are also provided with a guidance manual that contains information about reporting obligations and typologies, reporting style and explanation of forms (MENAFATF 2010). Using standardised forms to capture disclosed information is also evident in FIU_IND, AUSTRAC and German FIU where the standardised forms lead to greater consistency of data captured.

Respondents also agreed that SAFIU gathers information not only relating to individuals, but also suspicious companies involved in money laundering and terrorism financing. An example of this is with NPOs, such as charitieswhich SAFIU supervises in conjunction with MOSA and MOIA. Further, information about stock exchange companies is gathered through their AML units in the CMA, which is part of the MOJ. Such compliance is in accordance to Article 8.1 and 8.2 of the Saudi AML Law, which outlines that information from financial and non-financial institutions is provided by the relevant agency upon request by SAFIU. One of the private charitable societies, Al-Haramain Islamic Foundation was monitored as it was determined that the Somalian and Bosnian branches were involved in terrorist activities with the Al-Itihaad-al-Islamiya organisation. Accounts belonging to these branches were seized, and a warning order was sent to all charities within KSA to suspend their interaction until further notice (Cordesman, 2003). Most of the Acts,

such as the 2001 Anti-Money Laundering Act (AMLA) of Malaysia, mandate the identification of suspicious companies to money laundering offences by collecting information about suspicious companies and institutions thereby ensuring that any person who utilises companies to engage in illegal activities are investigated and brought to justice.

In reviewing the results of the number of SAFIU staff allocated to the volume of reports received, 71 per cent of SAFIU staff agreed on this notion, 8 per cent were neutral while 21 per cent disagreed. SAFIU currently has only 11 staff in their Reports Division who operate on a 24/7 shift. These findings are consistent with the 2010 MENAFATF Mutual Evaluation Report, which highlighted 20 vacancies across SAFIU. This finding does not comply with Recommendation 30, Article 1, which highlights that FIUs should be sufficiently staffed to perform their functions effectively. It is important to note, however, that resourcing constraints are not specific to SAFIU as the Swedish FIU; NFIS is facing similar problems, where there is a shortage of staff in handling STRs and initiating information for trials. The number of reports over the years has increased drastically, and it was challenging to handle the extensive information contained in the received reports. It was also observed that the types of crimes in those trial cases turned out to be frauds and tax crimes, and only a few were related to money laundering. Within SAFIU, 350 STRs were received in 2004 by the Reports Division and this has significantly increased to 1,368 STRs in 2010 (MOI, 2010), highlighting the need to increase staff members within this area.

Neutral results were also evident in SAFIU receiving and reviewing STRs not related to money laundering and terrorism financing. This demonstrates insufficient efforts by SAFIU in analysing reports that are not related to money laundering and terrorism financing crimes. This could be due to the legal framework of SAFIU, which lists one of the institutional duties and powers of SAFIU as receiving suspicious reports related to money laundering and terrorism finance activities only. These results however, are in compliance with Recommendation 13 Article 1 and Recommendation 6 Article 1 of FATF that articulates that a financial body is obligated to report STRs only if there is a reasonable ground of suspicion that funds are believed to be the proceeds of money laundering and terrorism financing. The results from the respondents was also

identified in the 2010 MENAFATF report, which highlighted that receiving STRs not related to money laundering and terrorism finance is attributed to the reporting body’s lack of clear distinction between STR identification and transaction monitoring. This was evident in the number of STRs received in 2010 as being 1368 of which only 526 were forwarded to other authorities for further investigation (MOI, 2010). Magnusson (2009) has observed a similar pattern in Sweden, where exchange offices were reporting every transaction above 15000 Euros to NFIS without any verifying whether these transactions are related to money laundering and terrorism finance offences.

In summary, SAFIU is generally perceived as effective in receiving STRs, particularly in the areas of receiving STRs through various channels by accessing databases of other governmental agencies. SAFIU was also perceived to be effective in areas such as maintaining confidentiality of information providers, investigating received reports related to suspicious transactions and gathering information on suspicious companies. SAFIU staff also agreed that in accordance with Saudi AML Law, SAFIU has the authority to request information on financial and non-financial institutions from the supervisory bodies, such as SAMA, CMA, MOSA, MOJ and MOCA. SAFIU staff however, were mostly neutral on the notion that staff allocated towards receiving STRs were sufficient.