Page 2 of 648

Notice

Notice to exporters 2019/14: 3 open general licences updated

Published 13 September 2019

Link:

Notice to Exporters 2019/14

The U.S. Department of State’s Rewards for Justice Program is offering a reward of up to $5 million each for information leading to the identification of senior Hurras al-Din leaders Abu ‘Abd al-Karim al-Masri, Faruq al-Suri, and Sami al-Uraydi.

All three leaders have been active in al-Qaida (AQ) for years and remain loyal to AQ leader Ayman al-Zawahiri.  Abu ‘Abd al-Karim al-Masri, also known as Karim, is an Egyptian national.  In 2018, al-Masri was a member of Hurras al-Din’s shura and served as a mediator between the group and the Nusrah Front.  Faruq al-Suri, also known as Samir Hijazi and Abu Hammam al-Shami, is a Syrian national.  He fought in Afghanistan in the 1990s and trained AQ fighters in Iraq, among other activities.  Sami al-Uraydi, also known as Abu Mahmud al-Shami, is a Jordanian national and senior sharia official for Hurras al-Din.  He previously was involved in terrorist plots against the United States and Israel.

More information about these reward offers is located on the Rewards for Justice website at www.rewardsforjustice.net.  We encourage anyone with information on Karim, al-Suri, or al-Uraydi to contact the Rewards for Justice office via the website, e-mail to info@rewardsforjustice.net, or the Regional Security Officer at the nearest U.S. embassy or consulate.  All information will be kept strictly confidential.

The Rewards for Justice Program is administered by the U.S. Department of State’s Diplomatic Security Service.  Since its inception in 1984, the program has paid in excess of $150 million to more than 100 people who provided actionable information that helped bring terrorists to justice or prevented acts of international terrorism worldwide.  Follow us on Twitter at https://twitter.com/Rewards4Justice.

Link:

Rewards for Justice notice

Press Releases

Suspicious mobile application (App) related to Bank of Singapore Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Bank of Singapore Limited on suspicious App, which has been reported to the HKMA. Hyperlink to the press release is available on the HKMA website for ease of reference by members of the public.

Anyone who has provided his or her personal information to the App concerned or has conducted any financial transactions through the App should contact the bank concerned using the contact information provided in the press release, and report to the Police or contact the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force at 2860 5012.

 

Hong Kong Monetary Authority
26 August 2019

Link:

HKMA Notice

EU extends sanctions over actions against Ukraine’s territorial integrity until 15 March 2020

This document is available in non-EU languages:
Russian
Ukrainian

The Council has extended the restrictive measures over actions undermining or threatening the territorial integrity, sovereignty and independence of Ukraine for a further six months, until 15 March 2020.

The measures consist of an asset freeze and travel restrictions. They currently apply to 170 persons and 44 entities. The relevant information and statement of reasons for the listing of these persons and entities have been updated as necessary.

Other EU measures in place in response to the crisis in Ukraine include:

  • Economic sanctions targeting specific sectors of the Russian economy, currently in place until 31 January 2020.

  • Restrictive measures in response to the illegal annexation of Crimea and Sevastopol, limited to the territory of Crimea and Sevastopol, currently in place until 23 June 2020.

The decision was adopted by the Council by written procedure. The legal acts will be published in the Official Journal on 13 September 2019.

Link:

EU Notice

On Friday, OFAC designated:

KAYIHURA, Kale (a.k.a. MUHWEZI, Edward Kalekezi Kayihura); DOB 26 Dec 1955; nationality Uganda; Gender Male; Passport DA024329 (individual) [GLOMAG].

under its Global Magnitsky human rights sanctions program, and the following entities:

ANDARIEL, Korea, North; Secondary sanctions risk: North Korea Sanctions Regulations, sections 510.201 and 510.210 [DPRK3]. 

 

BLUENOROFF (a.k.a. “APT 38”; a.k.a. “APT38”; a.k.a. “STARDUST CHOLLIMA”), Korea, North; Secondary sanctions risk: North Korea Sanctions Regulations, sections 510.201 and 510.210 [DPRK3]. 

 

LAZARUS GROUP (a.k.a. “APPLEWORM”; a.k.a. “APT-C-26”; a.k.a. “GROUP 77”; a.k.a. “GUARDIANS OF PEACE”; a.k.a. “HIDDEN COBRA”; a.k.a. “OFFICE 91”; a.k.a. “RED DOT”; a.k.a. “TEMP.HERMIT”; a.k.a. “THE NEW ROMANTIC CYBER ARMY TEAM”; a.k.a. “WHOIS HACKING TEAM”; a.k.a. “ZINC”), Potonggang District, Pyongyang, Korea, North; Secondary sanctions risk: North Korea Sanctions Regulations, sections 510.201 and 510.210 [DPRK3].

under its North Korean sanctions program.

Kayihura was also designated by the State Department under its Section 7031(c) powers:

The Department is publicly designating Kale Kayihura, the former Inspector General of the Uganda Police Force and its commanding officer from 2005-2018, under Section 7031(c) of the FY 2019 Department of State, Foreign Operations, and Related Programs Appropriations Act, due to his involvement in gross violations of human rights.  Specifically, the Department has credible information that Kayihura was involved in torture and/or cruel, inhuman, or degrading treatment or punishment, through command responsibility of the Flying Squad, a specialized unit of the Uganda Police Force that reported directly to Kayihura.  The Treasury Department is concurrently designating Kayihura pursuant to Executive Order (E.O.) 13818, which builds upon and implements the Global Magnitsky Human Rights Accountability Act.

Section 7031(c) provides that, in cases where the Secretary of State has credible information that foreign officials have been involved in significant corruption or a gross violation of human rights, those individuals and their immediate family members are ineligible for entry into the United States.  The law also requires the Secretary of State to publicly or privately designate such officials and their immediate family members.  In addition to the public designation of Kale Kayihura, the Department is also publicly designating his spouse, Angela Umurisa Gabuka, his daughter, Tesi Uwibambe, and his son, Kale Rudahigwa.

In Executive Order 13818, the President declared a national emergency with respect to serious human rights abuses and corruption globally, which constitute an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States.  Through this E.O., the President has authorized the Secretary of the Treasury and the Secretary of State to impose economic sanctions and visa restrictions, respectively, on persons determined, among other things, to be responsible for or complicit in, or to have directly or indirectly engaged in, serious human rights abuse or corruption.

These actions against Kale Kayihura underscore our concern with human rights violations and abuses in Uganda, as well as our support for accountability for those who engage in such violations and abuses.  We call on the Ugandan government to respect human rights and fundamental freedoms, including the freedoms of expression and peaceful assembly.

To be perfectly frank, Mr. Watchlist wonders why State bothered – the Global Magnitsky program includes the travel ban that 7031(c) imposes…

Meanwhile, Treasury issued a press release about the North Korean designees:

PRESS RELEASES

Treasury Sanctions North Korean State-Sponsored Malicious Cyber Groups

WASHINGTON – Today, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions targeting three North Korean state-sponsored malicious cyber groups responsible for North Korea’s malicious cyber activity on critical infrastructure.  Today’s actions identify North Korean hacking groups commonly known within the global cyber security private industry as “Lazarus Group,” “Bluenoroff,” and “Andariel” as agencies, instrumentalities, or controlled entities of the Government of North Korea pursuant to Executive Order (E.O.) 13722, based on their relationship to the Reconnaissance General Bureau (RGB).  Lazarus Group, Bluenoroff, and Andariel are controlled by the U.S.- and United Nations (UN)-designated RGB, which is North Korea’s primary intelligence bureau.

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.  “We will continue to enforce existing U.S. and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks.”

MALICIOUS CYBER ACTIVITY BY LAZARUS GROUP, BLUENOROFF, AND ANDARIEL

Lazarus Group targets institutions such as government, military, financial, manufacturing, publishing, media, entertainment, and international shipping companies, as well as critical infrastructure, using tactics such as cyber espionage, data theft, monetary heists, and destructive malware operations.  Created by the North Korean Government as early as 2007, this malicious cyber group is subordinate to the 110th Research Center, 3rd Bureau of the RGB.  The 3rd Bureau is also known as the 3rd Technical Surveillance Bureau and is responsible for North Korea’s cyber operations.  In addition to the RGB’s role as the main entity responsible for North Korea’s malicious cyber activities, the RGB is also the principal North Korean intelligence agency and is involved in the trade of North Korean arms.  The RGB was designated by OFAC on January 2, 2015 pursuant to E.O. 13687 for being a controlled entity of the Government of North Korea.  The RGB was also listed in the annex to E.O. 13551 on August 30, 2010.  The UN also designated the RGB on March 2, 2016.

Lazarus Group was involved in the destructive WannaCry 2.0 ransomware attack which the United States, Australia, Canada, New Zealand and the United Kingdom publicly attributed to North Korea in December 2017.  Denmark and Japan issued supporting statements and several U.S. companies took independent actions to disrupt the North Korean cyber activity.  WannaCry affected at least 150 countries around the world and shut down approximately three hundred thousand computers.  Among the publicly identified victims was the United Kingdom’s (UK) National Health Service (NHS).  Approximately one third of the UK’s secondary care hospitals — hospitals that provide intensive care units and other emergency services — and eight percent of general medical practices in the UK were crippled by the ransomware attack, leading to the cancellation of more than 19,000 appointments and ultimately costing the NHS over $112 million, making it the biggest known ransomware outbreak in history.  Lazarus Group was also directly responsible for the well-known 2014 cyber-attacks of Sony Pictures Entertainment (SPE).

Also designated today are two sub-groups of Lazarus Group, the first of which is referred to as Bluenoroff by many private security firms.  Bluenoroff was formed by the North Korean government to earn revenue illicitly in response to increased global sanctions.  Bluenoroff conducts malicious cyber activity in the form of cyber-enabled heists against foreign financial institutions on behalf of the North Korean regime to generate revenue, in part, for its growing nuclear weapons and ballistic missile programs.  Cybersecurity firms first noticed this group as early as 2014, when North Korea’s cyber efforts began to focus on financial gain in addition to obtaining military information, destabilizing networks, or intimidating adversaries.  According to industry and press reporting, by 2018, Bluenoroff had attempted to steal over $1.1 billion dollars from financial institutions and, according to press reports, had successfully carried out such operations against banks in Bangladesh, India, Mexico, Pakistan, Philippines, South Korea, Taiwan, Turkey, Chile, and Vietnam. 

According to cyber security firms, typically through phishing and backdoor intrusions, Bluenoroff conducted successful operations targeting more than 16 organizations across 11 countries, including the SWIFT messaging system, financial institutions, and cryptocurrency exchanges.  In one of Bluenoroff’s most notorious cyber activities, the hacking group worked jointly with Lazarus Group to steal approximately $80 million dollars from the Central Bank of Bangladesh’s New York Federal Reserve account.  By leveraging malware similar to that seen in the SPE cyber attack, Bluenoroff and Lazarus Group made over 36 large fund transfer requests using stolen SWIFT credentials in an attempt to steal a total of $851 million before a typographical error alerted personnel to prevent the additional funds from being stolen.

The second Lazarus Group sub-group designated today is Andariel.  It focuses on conducting malicious cyber operations on foreign businesses, government agencies, financial services infrastructure, private corporations, and businesses, as well as the defense industry.  Cybersecurity firms first noticed Andariel around 2015, and reported that Andariel consistently executes cybercrime to generate revenue and targets South Korea’s government and infrastructure in order to collect information and to create disorder.

Specifically, Andariel was observed by cyber security firms attempting to steal bank card information by hacking into ATMs to withdraw cash or steal customer information to later sell on the black market.  Andariel is also responsible for developing and creating unique malware to hack into online poker and gambling sites to steal cash.

According to industry and press reporting, beyond its criminal efforts, Andariel continues to conduct malicious cyber activity against South Korea government personnel and the South Korean military in an effort to gather intelligence.  One case spotted in September 2016 was a cyber intrusion into the personal computer of the South Korean Defense Minister in office at that time and the Defense Ministry’s intranet in order to extract military operations intelligence.

In addition to malicious cyber activities on conventional financial institutions, foreign governments, major companies, and infrastructure, North Korea’s cyber operations also target Virtual Asset Providers and cryptocurrency exchanges to possibly assist in obfuscating revenue streams and cyber-enabled thefts that also potentially fund North Korea’s WMD and ballistic missile programs.  According to industry and press reporting, these three state-sponsored hacking groups likely stole around $571 million in cryptocurrency alone, from five exchanges in Asia between January 2017 and September 2018.

U.S. GOVERNMENT EFFORTS TO COMBAT NORTH KOREAN CYBER THREATS

Separately, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Cyber Command (USCYBERCOM) have in recent months worked in tandem to disclose malware samples to the private cybersecurity industry, several of which were later attributed to North Korean cyber actors, as part of an ongoing effort to protect the U.S. financial system and other critical infrastructure as well as to have the greatest impact on improving global security.  This, along with today’s OFAC action, is an example of a government-wide approach to defending and protecting against an increasing North Korean cyber threat and is one more step in the persistent engagement vision set forth by USCYBERCOM.

As a result of today’s action, all property and interests in property of these entities, and of any entities that are owned, directly or indirectly, 50 percent or more by the designated entities, that are in the United States or in the possession or control of U.S. persons are blocked and must be reported to OFAC.  OFAC’s regulations generally prohibit all dealings by U.S. persons or within (or transiting) the United States that involve any property or interests in property of blocked or designated persons.

In addition, persons that engage in certain transactions with the entities designated today may themselves be exposed to designation.  Furthermore, any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the entities designated today could be subject to U.S. correspondent account or payable-through sanctions.

Links:

OFAC Notice

Rewards for Justice notice

Treasury Press Release

Operational brief: Risks and indicators for dealers in precious metals and stones

July 2019

Introduction

This operational brief provides information and guidance about the factors that expose individuals and entities (both retailers and wholesalers/suppliers) that are dealers in precious metals and stones to money laundering and terrorist financing risks. The brief also includes indicators to help such dealers determine when they should report a suspicious transaction to the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC).

Background

Dealers in precious metals and stones (DPMS) have a unique risk profile with regard to money laundering and terrorist financing because they trade in transferable items of value. This risk is heightened because these items could be one or more of the following:

  • the proceeds of crime

  • purchased with the proceeds of crime

  • used to launder the proceeds of crime.

This brief aims to identify possible money laundering and terrorist financing activities and assess the risks DPMS face.

As part of Canada’s anti-money laundering and anti-terrorist financing efforts, DPMS must understand their obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act and its associated Regulations. 

When DPMS carry out purchases or sales, and the value of a single transaction is $10,000 or more, they become what are known as “designated reporting entities” under the Act. This means they have to file a report with FINTRAC in the following circumstances:

  • they receive CAN$10,000 or more in cash, or they receive two or more cash amounts of less than $10,000 each that total $10,000 or more within 24 consecutive hours, from or on behalf of the same individual or entity

  • they know that property in their possession or under their control is owned by, or is controlled by or on behalf of, a terrorist or a terrorist group

  • they have reasonable grounds to suspect that a transaction or an attempted transaction is related to the commission or attempted commission of a money laundering or terrorist financing offence.

In addition, all DPMS must have policies and procedures in place to determine when transactions pose a high-risk for money laundering or terrorist financing. This is accomplished by creating an effective compliance program and a documented risk assessment approach, including mitigation measures and strategies. To ensure DPMS are meeting the requirements of the Act and associated Regulations, FINTRAC conducts on-site and office examinations, measuring DPMS’s compliance and risk assessment activities against the requirements set out in operational briefs and other sources of information.

FINTRAC’s website contains detailed guidance on the legal obligations of DPMS under the Act.

Identifying money laundering and terrorist financing risks

There are five areas that DPMS should be aware of when assessing their risk of being exploited for money laundering or terrorist financing:

  • their products, services and delivery channels

  • their clients and business relationships, including clients’ activity patterns and geographic locations

  • the geographic location where they do business

  • new technologies

  • other relevant factors affecting their business.

Products, services and delivery channels

DPMS offer unique products and services to the marketplace. In turn, each product and service involves unique money laundering and terrorist financing risks.

Gold, for instance, can be of considerable value and have considerable liquidity—that is, it can be converted to cash relatively easily at near-purchase value. As another example, individuals can purchase, transfer or store some types of jewellery, diamonds, gold bars and other precious metals and stones more easily than bulk cash.

Accordingly, dealers are at risk for being exploited for money laundering or terrorist financing due to the following attributes associated with precious metals and stones:

  • Liquidity: This is the degree to which a product can be sold for near-purchase price. Higher liquidity means a higher risk for money laundering or terrorist financing. For example, gold has very high liquidity, while most finished jewellery does not.

  • Market size: A larger market makes it easier to convert a product into cash or other financial instruments, and thus presents a higher risk for money laundering or terrorist financing.

  • Product value: The higher the value of the product, the more attractive it is to criminals; therefore, the risk of money laundering or terrorist financing increases.

  • Product size/mass: The larger the product, the harder it is to transport and/or store, which reduces the risk of money laundering or terrorist financing. For example, lower quality or unrefined stones, which are larger or heavier than their value would suggest, present less risk for money laundering or terrorist financing than do higher quality stones.

  • Ability to store/transfer: The easier it is to store or transport a product, the higher risk it presents for money laundering or terrorist financing. Some contributing characteristics are the durability of the product, the ease of detecting the product and the changeability of the product.

When conducting transactions, DPMS must consider these attributes in conjunction with the other money laundering risks described in this brief.

DPMS must also consider their service delivery channels. Transactions not conducted face to face present greater money laundering or terrorist financing risk, particularly when products are shipped to post office boxes or international addresses.

Clients and business relationships, including activity patterns and geographic locations

When assessing the money laundering and terrorist financing risks transactions pose, DPMS must consider how clients present themselves and conduct transactions.

Dealing in large amounts of cash brings significant money laundering and terrorist financing risks with it, and these risks can extend beyond receiving cash as payment in a single transaction. For example, clients can make cash payments against layaway plans in an attempt to structure transactions and avoid reporting requirements. This makes DPMS vulnerable to exploitation over the life of the plans.

Transaction activity related to layaway plans may be subject to the large cash reporting requirement under the Act. When DPMS receive $10,000 or more in cash within a 24-hour period from or on behalf of the same person or entity, they must file a large cash transaction report with FINTRAC. When it appears that cash payments are being split up to avoid this type of reporting, DPMS should file a suspicious transaction report with FINTRAC.

At the same time, dealers should not assume that non-cash transactions are “clean,” since illicit funds could have been placed into the financial system prior to the transactions taking place. Other financial instruments may present lower money laundering or terrorist financing risk than cash, but the risk nevertheless exists and varies between instruments. For example, bank drafts present more risk than cheques because they are not linked to an account and its associated customer due diligence, while cheques are linked to an account.

When customers use other payment methods, such as wire transfers, credit cards or cheques, DPMS should consider whether transactions are in line with what is known about the customer and whether they are normal in the context of their dealings with those customers. For example, individuals who have made arrangements to ensure their anonymity, such as purchasing through shell companies, present a risk for money laundering or terrorist financing, since this is not a normal business practice. A purchase or a series of purchases outside of the apparent means of a client should be considered when assessing the money laundering or terrorist financing risk the client presents.

Geographic locations where dealers do business

DPMS must consider the location of their business, and how that affects their money laundering and terrorist financing risks. In particular, DPMS must evaluate the following characteristics:

  • Where the business is located

    • whether they are located in a high-crime area or low-crime area

    • whether they are located in a rural area, where clients may be known to them, or do business in a large city, where new clients and anonymity are more likely

    • whether they see very-high-volume sales relative to the apparent financial standing of their surroundings

    • whether the business is close to a border crossing, since this could increase risk (businesses so located may be the first point of entry into Canada’s financial system).

  • Where the business is conducting transactions

    • whether the business operates with a storefront only, online only or through a mix of locations and platforms

    • whether the business conducts transactions with foreign clients based in countries subject to sanctions, embargoes or other measures (these transactions should be considered high-risk).

  • Where the business’s inventory is sourced from

    • whether sellers are well known to the business, or the business works with a variety of providers

    • whether the business has inventory or works with sellers in jurisdictions of concern.

New technologies

DPMS must also consider whether their business is exposed to incremental money laundering and terrorist financing risks as a result of new technologies that their customers are using to pay for products or that they themselves are using to sell them. New technologies differ from product to product; however, some offer benefits to potential money launderers and terrorist financiers, including enhanced anonymity, quicker transactions and transactions outside of the financial system covered by anti-money laundering and anti-terrorist financing regulations.

Over the past several years, FINTRAC has noted an increased prevalence of new technologies in its suspicious transaction reports and disclosures of money laundering and terrorist financing activities to law enforcement. Virtual currencies, email money transfers and payment processors in particular have increased in prominence in FINTRAC’s reporting.

Other relevant factors affecting the business

Finally, DPMS must consider other potentially relevant risk factors that may be affecting their risk level, and the risk level of customers, for money laundering and terrorist financing:

  • Elements of the DPMS’s structure: Entities with a high turnover of staff may present greater risks for money laundering and terrorist financing, since their staff may be less likely to be able to recognize potential red flags. Additionally, entities that operate solely in one location have significantly different risks than entities that are part of a chain with many locations.

  • Use of intermediary agents: The use of intermediary agents to conduct transactions may present a higher risk. Entities should consider the transactions’ appropriateness, necessity and normalcy.

  • Barriers to entry: For parts of the industry with higher barriers to entry, such as specialized licences to sell, the money laundering and terrorist financing risks may be lower, since criminals may have a harder time infiltrating these markets.

  • Trends, typologies and potential threats of money laundering and terrorist financing:When DPMS are dealing with clients for whom there are observable trends and/or typologies of money laundering and terrorist financing, they should review FINTRAC’s Suspicious Transaction Guidance and Strategic Intelligence to determine whether these clients present a higher risk for money laundering or terrorist financing.

Risk mitigation: Risk-based approach and effective compliance program

FINTRAC published a comprehensive risk-based approach workbook on how DPMS can mitigate their risk of exploitation for money laundering or terrorist financing. This workbook is structured to help dealers identify the risks associated with products, services and delivery channels; clients and business relationships; and geography, as it relates to both clients and the location of their own business.

In addition to taking a risk-based approach, DPMS must put a comprehensive and effective compliance program in place to meet all their reporting and other obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (e.g. client identification and record-keeping).

Indicators of suspicious transactions

FINTRAC has developed indicators of suspicious transactions based on key factors related to retail and wholesale/supplier DPMS. These indicators detail situations and/or transactions in which DPMS are at an increased risk to be exploited for money laundering or terrorist financing, such that further assessment of these transactions may be required to appropriately mitigate the risk.

The indicators that follow are intended to help DPMS assess whether there may be reasonable grounds to suspect that a transaction, or attempted transaction, is related to the commission of a money laundering or terrorist financing offence. DPMS should use these indicators in conjunction with other published indicators, such as those contained in FINTRAC’s Money Laundering and Terrorist Financing Indicators Guidance for DPMS. In addition, FINTRAC’s Suspicious Transaction Guidance provides key considerations for determining whether DPMS should submit a suspicious transaction report to FINTRAC.

Retail indicators

INDICATOR
(T for transactional indicators and B for behavioural indicators)
T

The individual appears to be structuring amounts to avoid customer identification or reporting thresholds.

T

The individual frequently uses layaway plans in an apparent attempt to avoid reporting requirements (also known as structuring). 

T

The individual uses a payment card that appears to be altered or stolen. 

T

The individual buys high-value goods using small-denomination bills ($5, $10, $20). 

T

The individual sells gold in non-standard bricks or similar shapes with no distinct markings or value.

T

The individual will only trade items for cash or other precious metals and stones.

T

The individual attempts to buy precious metals or stones with a company credit card or a credit card not in their name. 

T

The individual trades items for similar items of near-equal value.

T

The individual uses negotiable instruments or credit cards issued in a country other than Canada to make purchases.

T

The individual frequently crosses the Canada-U.S. border to buy jewellery or precious metals, in particular where there is not a strong economic incentive to do so. 

T

The customer or supplier attempts to maintain a high degree of secrecy with respect to the transaction, such as requesting that normal business records not be kept.

T

The individual makes large or frequent purchases in funds other than Canadian dollars.

B

The individual appears to be living beyond their means. 

B

The transactional activity (level or volume) is inconsistent with the individual’s apparent financial standing, their usual pattern of activities or occupational information (e.g. student, unemployed, social assistance).

B

The individual cannot explain the origin of the precious metals and stones.

B

The individual is willing to sell items at rates significantly lower than their typical sale value. 

B

The individual appears to be uninterested in the details of the sale or purchase of goods, which would normally be material information for a client.

B

The individual indiscriminately purchases merchandise without regard for value, size or colour. 

B

The individual is vague or refuses to provide details about why they are selling or buying items, or about the origin of the items.

B

The individual uses alternative addresses for deliveries, uses post office boxes or uses third parties to receive purchases.

B

Multiple individuals are involved in retrieving, transporting or purchasing items. 

B

The individual does not wish to buy or sell face to face and is nervous about information related to their identification. 

B

The individual attempts to purchase abnormally large quantities of precious metals or loose jewels in non-wearable form. 

Wholesale/supplier indicators

INDICATOR
(T for transactional indicators and B for behavioural indicators)
T

The individual or entity appears to be structuring amounts to avoid customer identification or reporting thresholds.

T

The individual or entity pays for high-priced jewellery or precious metals with cash only.

T

The individual or entity pays for purchases through a lawyer’s trust account.

T

The individual or entity pays for expensive purchases exclusively with cryptocurrency, especially when buying gold stored by a wholesaler or supplier. 

T

The individual or entity uses financial instruments from a foreign bank and/or that are not in Canadian dollars.

B

The individual or entity amasses a large amount of stored bullion or precious stones over time, in an apparent attempt to avoid reporting requirements (known as structuring).  

B

The individual’s or entity’s listed address is in a high-risk jurisdiction known for corruption or smuggling relating to precious metals or stones. 

B

The individual or entity sells a large amount of precious metals and stones that originate or are known to be traded from areas not known for their production (i.e. trading centres).

B

The individual or entity amasses a large amount of precious metals or stones in a wholesaler’s or supplier’s storage facility or pool over time.

B

The entity’s ownership structure appears invalid or altered, or the entity refuses to provide additional information when requested.

B

The individual benefiting from the purchase cannot be identified.

B

The location to which bullion or stones are moved directly to or from storage is different from the individual’s or entity’s listed address.

B

The individual or entity continually moves large volumes of bullion directly into and out of storage.

B

The individual provides only a non-civic address such as a post office box, or disguises a post office box as a civic address for the purpose of concealing their physical residence. 

B

The individual or entity does not appear to understand the precious metals and stones industry, or lacks the appropriate equipment or finances to engage in activity in that industry. 

B

The individual appears to be uninterested in or uninformed about the structure or transactions of their business. 

B

The size or type of transactions is atypical for the individual or entity.

B

The customer or supplier attempts to maintain a high degree of secrecy with respect to the transaction, such as requesting that normal business records not be kept.

Link:

FINTRAC Operational Brief – HTML, PDF

Press Releases

Fraudulent website and phishing email related to Australia and New Zealand Banking Group Limited

The Hong Kong Monetary Authority (HKMA) wishes to alert members of the public to a press release issued by Australia and New Zealand Banking Group Limited on fraudulent website and phishing email, which has been reported to the HKMA. Hyperlink to the press release is available on the HKMA website for ease of reference by members of the public.

Anyone who has provided his or her personal information to the website concerned or has conducted any financial transactions through the website should contact the bank concerned using the contact information provided in the press release, and report to the Police or contact the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force at 2860 5012.

 

Hong Kong Monetary Authority
22 August 2019

Link:

HKMA Notice