LETTER | It was reported on March 16, 2023, that MACC is investigating officials from five major local banks said to be in cahoots with two citizens from the United Kingdom who are suspected of masterminding an international fraud network here that has seen sums of up to RM1 million a day illegally transferred abroad from banks in Malaysia.
Apparently, insiders from these local banks had helped the two UK nationals from a criminal syndicate create “transit” accounts where the foreigners will deposit their illegal proceeds from internet and phone scams into it, which will then be transferred into a “real” account, upon which these “transit” accounts will then be closed within three months.
It is shocking to read that this criminal syndicate apparently has been operating in Asean countries, including Malaysia, since 2015. They find their victims through social media and phone calls and send emails to the victim about fraudulent investment schemes.
How did all these happen?
Yes, the report from MACC said they did it with the help of insiders who are compensated for their role in helping this syndicate. But, even then, unless the key officials along the entire chain of command are in cahoots and working together with the criminal syndicate, it is impossible for only a few officials in a bank to be able to override or sidetrack the various measures that Bank Negara claimed banks in the country have implemented across the board.
The Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act (AMLA) 2001 was gazetted as law on July 5, 2001, and came into force on Jan 15, 2002, with certain revisions made. The latest amendments came into force on Jan 2, 2018.
Under the guidelines from Bank Negara and AMLA, banks have to adhere to and strictly follow the anti-money laundering (AML) and know-your-clients (KYC) procedures.
Every bank has to pursue identity verification under the KYC procedures when they want to onboard a new customer.
Identity verification is not limited to a one-time, one-instance process. In fact, it is required in multiple instances as per the regulations.
Regardless of reliance on a third party, all banks remain liable for maintaining all such compliance and fulfilling AML and KYC obligations.
It is a known fact that identity verification becomes more important to employ if the banks are of the view that the individual or corporation might represent above-normal exposure of money laundering-related threats to the bank.
In fact, the introduction of the electronic KYC in 2020 reduced the need for human intervention as the decision-making process for identification and verification utilised artificial intelligence, machine learning, or other forms of predictive algorithms for accuracy, with proper safeguards in place and necessary reporting lines back to Bank Negara.
If they are dealing with transaction data, the banks have to apply identity verification as per the monetary thresholds defined in regulations issued by Bank Negara.
As Bank Negara Malaysia governor Nor Shamsiah Yunus said on Oct 30, 2018, all banks in Malaysia must report any cash transaction exceeding RM25,000 in their daily cash threshold report from Jan 1, 2019.
If so, how can up to RM1 million be moved about the local banking system under the nose of the banks and Bank Negara over a period of time without anyone raising an alert until MACC arrested the two foreigners?
Whenever scam victims complained of suspicions that the fraudsters had inside help as they did not take any action which may compromise their accounts such as clicking on unverified links or performing any unauthorised acts, the banks were quick to brush off such complaints.
The banks would always explain away their incompetence and negligence by saying that they complied with strict cyber security standards based on the regulations set out by Bank Negara Malaysia to protect the system and prevent the unauthorised access of user data.
None would admit or accept responsibility. It is always the customers’ fault. It is their ignorance and gullibility that caused them to be a victim of these syndicates. It is their greed.
The CEO of a large banking group who also chairs the industry communications task force reminded the public that security was a collective responsibility that required a “one-nation approach”.
With this revelation from the MACC investigation, it appears that all this while, the responsibility has always been one-sided, weighing heavily against the individuals.
In Dec 2022, the Association of Banks in Malaysia (ABM) announced that all financial institutions are expected to fully implement Bank Negara Malaysia’s five key measures to rein in financial scams by June 2023.
Why bother?
Until there is proper accountability with substantial monetary fines on the rogue banks and the chain of command at the banks responsible for their fraudulent actions, collectively, ABM and Bank Negara can forget about introducing and implementing measures to combat financial scams.
The rakyat are now wondering if this is an isolated case or if there are many such syndicates operating in a similar fashion to other banks in this country.
Going by how easy it is for the criminal syndicate in this reported case “recruit” bank insiders, the answer is obvious.
The views expressed here are those of the author/contributor and do not necessarily represent the views of Malaysiakini.