Organised Crime EnablersJuly 2012
This report is the result of the continuous work of the Members of the Global Agenda Council on Organized Crime. From September 2011 to March 2012 we worked together and discussed the choice of topics as well as the structure of this report. Many Members commented on the different sections and directly contributed to drafting the report. Interactions with other World Economic Forum Global Agenda Councils have been of particular benefit. We wish to acknowledge the strong support received from the Global Agenda Councils on Internet Security, Anti-Corruption, Illicit Trade and Information & Communication Technologies. Our interactions in Abu Dhabi in 2011 at the Summit on the Global Agenda and in Davos-Klosters at the World Economic Forum Annual Meeting 2012 helped us understand the multiple consequences of the phenomena we are studying and the existing obstacles in implementing effective policies. The issues contained in this report have also been discussed with specialists within international organizations, national governments, private industries and academia. Many of them are dealing with the same issues in their working agendas, and cooperation has been strengthened.
The Global Agenda Council on Organized Crime focused on the enablers of organized crime during the 2011-2012 term. This broad concept includes individuals, mechanisms and situations that play an important role in facilitating organized crime activities – whether intentionally or inadvertently – increasing its benefits and scale while reducing its risks.
Organized crime exacts a multibillion cost on legitimate business, distorts markets and causes widespread ill-effects on society. Fuelled by the same forces of globalization that have expanded trade, communications and information worldwide, criminal syndicates now have unprecedented reach not only into the lives of ordinary people but into the affairs of multinational companies and governments worldwide. Although law enforcement has long focused on criminal gangs and illicit markets, only recently has it paid greater attention to those factors that enable such activities.
This report focuses on the impact of enablers on three critical areas: cybercrime, money laundering and Free Trade Zones.
In developing this report, the Council on Organized Crime took into account two main criteria:
- continuity with its work in 2010-2011 on cybercrime and on money laundering in real estate
- input received by Council on Organized Crime Members during virtual meetings and at the Summit on the Global Agenda in Abu Dhabi in October 2011
The Enablers of Cybercrime
Though this figure is disputed, cybercrime cost US$ 388 billion this past year, according to the 2011 Norton Cybercrime Report.1 This includes US$ 114 billion in direct costs (amounts stolen or expended to defend against it) and an estimated US$ 274 billion worth of lost time. In addition to substantial corporate losses and the unquantified emotional as well as economic damage suffered by the victims of Internet scams, new hybrid threats have emerged that target critical infrastructure. The scale of such activities represents a considerable challenge to both the authorities and service providers.
Cybercrime consists of crimes committed using the Internet, affecting not only content on public websites but also information exchanged directly over the Internet, such as peer-to-peer (P2P) content. Examples of cybercrime include the use of a stolen credit card to make purchases on the Internet, using the Internet to sell counterfeit goods and the online distribution of child pornography.
Two general classes of cybercrime exist: high-value, low-volume transactions in which cybercriminals can stage an effective single attack, and high-volume, low-value transactions through which cybercriminals pass almost unnoticed by attacking thousands of accounts for small sums of money.
One assumption is that augmenting cybersecurity should result in a commensurate reduction in cybercrime.2 However, the impact of cybersecurity mechanisms is difficult to measure. More analysis is needed to explain if and how certain types of cybercrime change in response to cybersecurity measures. This examination would help refine the measures and better understand the enablers of cybercrime.
When identifying cybercrime enablers, Internet features or uses that may themselves constitute crimes (illegal enablers) must be distinguished from the general, inherent features of global information and communications technology use that may lead to certain vulnerabilities and facilitate crime (legal enablers). Illegal enablers include the development and deployment of malicious software or tools capable of creating a botnet or breaking password protection, and the use of false identities to open accounts or to obtain credit or funds in false or invented identities. Legal enablers include e-mail, Internet banking, online medical records and mobile Internet technology. Accordingly, these two types of enablers require different methods of prevention: the former, technological and legal approaches; the latter, raised awareness and enhanced security balanced against an individual’s right to privacy and freedom of expression.
The continued evolution of the Internet and related digital technologies demands a coordinated and collaborative response that harnesses the expertise of a wide range of security stakeholders aimed at preventing and countering cybercrime. The following are the main recommendations developed by the Council:
- establishing coordinating structures
- raising awareness and developing instruction and prevention programmes
- enhancing cooperation and sharing information
- strengthening public-private partnership
The Enablers of Money Laundering
Experts on combating money laundering distinguish two main issues as priorities:
- identifying the beneficial owners of corporate entities
- clarifying the role of professionals and intermediaries in money laundering and terrorist financing schemes
Both “beneficial owners” and professionals may play the role of enablers of organized crime and corruption. They are today the key doors for facilitating criminal financial transactions and keeping a veil of opacity on criminal assets, making their detection and confiscation more difficult.
Criminals and criminal organizations may make use of complex cross-border schemes of corporate vehicles with a “Chinese box” structure to conceal their identities and hide illegal proceeds. Law enforcement agencies have been handling an increasing number of cases in which legitimate businesses co-mingle with illegal businesses, and legitimate funds with illicit funds. Reconstructing these schemes and identifying who lies behind them – that is, their beneficial owners (BO) – is considered to be essential to reveal the full infrastructure of a criminal enterprise and to prevent future criminal activities.
Professional service providers have been increasingly identified as being involved (either knowingly or unwittingly) in money laundering schemes. Given their trusted gatekeeper status, professionals can misuse the absence of direct supervision to launder funds or act as intermediaries in helping others to launder. This can occur in a variety of contexts, such as in the securities or real estate markets. Active criminal infiltration of professional roles or subornation of professionals are key routes to criminal success. For example, brokerages or firms of accountants and lawyers can be beneficially owned by criminals, leveraging their professional status. The extent to which this happens in practice is unknown, but it represents a risk that requires management.
Both issues – beneficial owners and professional service providers – have been subjected to recent increases in regulations. These regulations, however, are not always accompanied by an adequate level of implementation.
A global level playing field may be impossible to achieve, but greater attention at the national and transnational levels must be paid to enhance the harmonization and availability of data on BO and to ensure that professionals and other service providers behave responsibly.
This report puts forth the following recommendations:
Regarding the registration of corporate entities3, it is recommended that:
- information registered with official agencies include both legal owners (directors and shareholders) and beneficial owners
- the registered information be verified by the registry authority
- the registered information be updated in a timely manner by the corporate entity when there are changes
- the register be accessible to the public against payment online; payment should be minimal to encourage access
Regarding beneficial owner identification, it is recommended that:
- financial institutions and professional service providers be required by law or regulation to identify and verify the identity of a corporate customer’s beneficial owners when establishing a business relationship with it
- financial institutions and professional service providers be required by law or regulation to take reasonable measures to determine who the people are who ultimately own or control the corporate customer
Regarding the international sharing of beneficial owner information, it is recommended that:
- law enforcement agencies have direct access to official registries of corporate entities
- states allow (by law or regulation) law enforcement entities to share beneficial owner information with their overseas counterparts instantly without need for bilateral or mutual legal agreement
Regarding professionals, it is recommended that:
- the wide disparity in the ways in which professionals of all kinds – accountants, lawyers and brokers – are licensed, scrutinized and disciplined be reduced
- data be systematically collected on the mechanisms by which professionals assist criminals, both in the perpetration of offences and in the laundering of the proceeds from criminal activity
Free Trade Zones as Enablers of Organized Crime: Exploiting International Commercial Transactions
Under Organized Crime Enablers, this report considers the issue of Free Trade Zones (FTZs), as the crime risks associated with them have been neglected until recently.
With respect to banking and financial regulations, Free Trade Zones are comparable to offshore countries. Their structure and regulations make these areas very efficient for legitimate purposes,4 but they are at the same time weaker, less transparent and more vulnerable to organized crime.
More generally, as noted in a report by the Financial Action Task Force (FATF)5, “FTZs are designated areas created within jurisdictions in which incentives are offered to promote trade, support new business formation and encourage foreign direct investment. These incentives involve exemptions from duty and taxes, the simplification of administrative procedures and the duty-free importation of raw materials, machinery or equipment.” Created to boost economic opportunities, these incentives often result in reduced financial and trade controls.
There is broad agreement that FTZs stimulate economic growth and play a large role in the globalization of the world economy. Not surprisingly, Free Trade Zones have proliferated significantly in recent years, with an estimated 3,000 FTZs in 135 countries. In what is sometimes termed as a “race to the bottom”, FTZs generate reduced trade in competitor jurisdictions, which encourages them, in turn, to create FTZs, reducing the overall level of transparency and “bureaucracy”, while facilitating crime and tax avoidance in those jurisdictions. One result: organized crime groups and counterfeiters use FTZs to move illegal products around the world without detection.
The crucial challenge FTZs pose to today’s law enforcement agencies and policy-makers is how to balance security issues while facilitating trade. A number of vulnerabilities have been identified:
- relaxed oversight: weak procedures to inspect goods and register legal entities, including inadequate record-keeping and information technology systems
- lack of transparency: inadequate money laundering and terrorism finance safeguards
- inadequate coordination and cooperation between Zone and Customs authorities
- differences among regulations in various regions of the world
All these weaknesses make Free Trade Zones ideal for laundering, counterfeiting and other criminal acts. The following are recommendations to addresses this issue:
- building and developing international, regional and national platforms for cooperation
- building IT and intelligence capabilities in Free Trade Zones
- raising public awareness and educating officials about the harm that FTZ crime causes for trade and business
- developing and enacting “balanced legislation” for Free Trade Zones
- developing better mechanisms to trace the origin and destination of goods
- developing Customs’ primary cooperation
Global Agenda Council on Organized Crime 2011-2012 Report: Organized Crime Enablers
The Global Agenda Council on Organized Crime focused on Organized Crime Enablers during the 2011-2012 term.
In developing this report, the Council took into account two main criteria:
- continuity with its work in 2010-2011 on cybercrime and on money laundering in real estate
- input received by Council on Organized Crime Members during virtual meetings and at the Summit on the Global Agenda in Abu Dhabi in October 2011
Enablers Exploiting Illicit/Licit Opportunities
The 2010 United Nations Office on Drugs and Crime (UNODC) assessment of transnational organized crime noted that organized crime today is less the work of a group of individuals involved in a range of illicit activities than it is a group of illicit activities in which some individuals and groups are currently involved. As such, the search to find solutions to problems related to transnational organized crime may initially require an understanding of the scale and nature of illicit flows – be they of persons, firearms, drugs, money, counterfeit products, computer data or environmental resources.
Accordingly, a broader conception of the “problem of organized crime” describes it as a more fluid “networked crime” that includes such enabling elements of successful crime as the financing of criminal activity, precursor chemicals for drugs (and terrorism), information and communications technology (ICT) and the creation of legal frameworks, legal entities and accounts by professionals (e.g. lawyers and accountants) that facilitate crime and money laundering. These broader frameworks are given the term “organized crime enablers”.
In particular, illicit markets and flows come and go rapidly as organized crime groups exploit emerging opportunities or suffer setbacks as risks are increased due to focused policing or prevention and security measures. Identifying and even predicting such market shifts, including through concerted cooperation at the international level, can be key in disrupting and combating organized crime as a whole. For this reason, this report focuses on the enablers of organized crime. This broad concept thus includes the individuals, mechanisms and facilities used for primarily legal purposes that are adapted for criminal objectives. They play an important role in facilitating organized crime activities, whether intentionally or inadvertently, increasing its benefits and scale, and predominantly reducing its risks. The shape that organized crime takes varies by market and region worldwide.
What Are The Enablers?
- the enablers of cybercrime
- the enablers of money laundering, mechanisms that produce opacity such as the concealed “beneficial ownership” of assets held in the name of others, and the role of professionals in helping money laundering processes
- the enablers that exploit international commercial regulations and instruments: the case of Free Trade Zones
Enablers of Cybercrime
Cybercrime can be defined as any crime committed using a computer. However, for the purposes of this report, cybercrime is limited to crimes committed using the Internet that include information exchanged directly over the Internet protocol (IP), such as peer-to-peer (P2P) content, as well as content available on public Internet sites. Examples of this type of cybercrime include the use of a stolen credit card number to make purchases on the Internet, using the Internet to sell counterfeit goods and the distribution of child pornography on the Internet. For some of these functions (and for the sale of large quantities of “borrowed” or stolen identities), those seeking access to illicit markets may have to prove themselves to be of “good (criminal) faith”.
Non-state sponsored cyberattacks are a type of cybercrime. Cyberattacks often involve the unauthorized access to a computer for purposes of taking or changing information in the attacked computer. Another form of cyberattack is the denial of service attack, which intentionally overloads the attacked computer for the purpose of preventing legitimate users from accessing the attacked computer.
Two general classes of cybercrime exist: high-value, low-volume transactions in which cybercriminals can stage an effective single attack, and high-volume, low-value transactions through which cybercriminals pass almost unnoticed by attacking thousands of accounts for small sums of money.
Although increasing cybersecurity should reduce cybercrime,6 the impact of cybersecurity mechanisms on cybercrime is not known because its measurement is difficult. Greater analysis of cybercrime trends would explain if and how some types of cybercrime change in response to cybersecurity measures. This examination would help refine these measures and better understand the enablers of cybercrime.
Estimates of cybercrime are difficult to validate. According to the 2011 Norton Cybercrime Report,7 cybercrime cost US$ 388 billion globally last year. This includes US$ 114 billion in direct costs (amounts stolen or expended to defend against it) and an estimated US$ 274 billion in lost time. In addition to substantial corporate losses and the unquantified emotional as well as economic damage suffered by the victims of Internet scams, new hybrid threats have emerged that target critical infrastructure. The scale of such activities represents a considerable challenge to both the authorities and service providers.
An increasingly digitalized and hyperconnected world and the constant evolution of the Internet and other communication technologies create vulnerabilities in the market that could be used by criminal groups to commit illicit activities.
The purpose of this report is to identify the features of the Internet and of Internet users that allow cybercrime to occur (the enablers of cybercrime) and to make recommendations for reducing such crime. Its aims are in line with promoting approaches to collective enforcement, further exploiting public-private synergies and seeking to engage all stakeholders, from Internet service providers to end users, to better understand, prevent and counter cybercrime.
Effective trust networks are essential to this response. Working with the World Economic Forum Risk Response Network’s initiative on “Risk and Responsibility in a Hyperconnected World”, the Council on Organized Crime will advance the establishment of a multidisciplinary online platform for knowledge and information exchange on developing threats and innovative disruption and mitigation measures.
1.1. Main features
The Internet is now used in the commission of a range of serious crimes, including drug trafficking, trafficking in human beings for sexual exploitation, illegal immigration, mass marketing fraud, tax fraud, currency counterfeiting and trade in prohibited firearms. The widespread expansion of Internet capacity has also prompted unprecedented growth in the market for intellectual property theft, especially for copyrighted audio-visual material, copyrighted software and child abuse material.
In addition to the use of the Internet for the commission of crimes, increasingly evident in recent years is the emergence of a digital underground economy in which large amounts of stolen data are traded and converted into criminal proceeds. Credit card details and compromised accounts, as well as information such as addresses, phone numbers, full names and dates of birth, are new illicit commodities that may be used, for example, to gain access to bank accounts or credit cards. As such they have a monetary value that is being exploited by criminal groups.
When identifying cybercrime enablers, Internet features or uses that may themselves constitute crimes (illegal enablers) must be distinguished from the general, inherent features of global information and communications technology use that may lead to certain vulnerabilities and facilitate crime (legal enablers).
Illegal enablers include the development and deployment of malicious software or tools capable of creating a botnet or breaking password protection, and the use of false identities to open accounts or to obtain credit or funds in false or invented identities. Legal enablers include e-mail, Internet banking, online medical records and mobile Internet technology. Accordingly, these two types of enablers require different prevention approaches: the former, technological and legal approaches; the latter, raised awareness and enhanced security balanced against an individual’s right to privacy and freedom of expression.
The continued evolution of the Internet and related digital technologies demands a coordinated and collaborative response that harnesses the expertise of a wide range of security stakeholders aimed at preventing and countering cybercrime.
It has been widely recognized at the international and regional levels that the Internet is used by organized cybercriminals. Europol, in its recent threat assessment entitled, “Internet Facilitated Organized Crime”, indicates that:
“Internet technology increasingly facilitates a wide range of serious and organized crime activity as a communication, research, logistics, marketing, recruitment, distribution and monetarization tool.
(…) The dynamism of online illicit markets requires an equally dynamic response which is constantly updated. Active partnership with the private sector – especially Internet Service Providers, Internet security organizations and financial services – is essential to the success of this, not only for the sharing of intelligence and evidence, but also in the development of technical tools for law enforcement and design-based measures to prevent online criminality.”8
Such remarks are in line with many international instruments and with the Council of Europe Convention on Cybercrime.9 This is the first international treaty that seeks to address the threats posed by computer crime and Internet crimes. As set out in the preamble, its main objective is to “pursue, as a matter or priority, a common criminal policy aimed at the protection of society against cybercrime, inter alia, by adopting appropriate legislation and fostering international co-operation”.
More specifically this Convention aims to:
- harmonize the domestic criminal law provisions in the area of cybercrime
- provide and enable the use of effective powers and means of investigation into such offences
- set up and improve a swift and efficient system of international cooperation
As such, the Council of Europe Convention on Cybercrime provides a working example for an aspirational solution to the legal problems associated with the international jurisdictional challenges raised by cybercrime.
As suggested by EUROPOL,10 key enablers of cybercrime include botnets, social engineering, payment card data online and frequent anonymity and opportunities for disguise.
Botnets11 “are the tools most crucial to cybercrime’s industrialization and profitability. Their dismantling has a clear impact on the capability of cybercriminals to act on a large scale.”12
Social engineering plays a central role in current criminal business models. Raising awareness of the risks and engendering individual and corporate user caution are key to combating cybercrime.13
Social networking has flattened our social structure below elites and above the digitally excluded, making it more networked. Rather than being hierarchical, the new social model has no centralized control groups. It is simply “peer to peer”, delivering information and services at a speed, scale and level of visibility never experienced. While this has enhanced the ability to deliver beneficial services, such as education and medical services, to a broader population, it also provides unprecedented access for organized criminals to acquire skills, opportunity and people to assist them in conducting their criminal businesses.
Social networking has also improved opportunities for people to become engaged in organized crime. In the past, participation in a crime group required introductions and acceptance by the group. This is no longer the case with organized crime groups (OCG) operating in a virtual world. Also, with no organized crime hierarchy in the structures, former roles, such as growers (e.g. opium), distributers, wholesalers, importers/exporters and supply chains, can be reduced to direct Internet contact between the buyers and the suppliers, thereby reducing costs to organized crime and decreasing interdiction opportunities for law enforcement.
Online forums and social networking sites are essential introduction and recruitment services for the digital underground economy: “they are where crimeware components are advertised, and budding cybercriminals learn their trade by means of tutorials.”14
Internet service providers (ISP) and domain name registrars (DNR) provide legitimate services that also enable cybercrime. Increased cooperation between ISP and DNR and law enforcement officials could identify and reduce the illegitimate uses of these services.
Payment card data “is the ideal illicit Internet commodity because of the ease with which it is internationally transferred. Organized crime groups benefit from globalization, moving to different countries and even different continents to withdraw cash from skimmed cards, and using foreign payment data to purchase services such as transport and accommodation online, thereby obscuring the money trail attached to this type of criminality.”15
The perceived anonymity “afforded by communication technologies such as e-mail, instant messaging and Internet telephony (VoIP) has led to them being used increasingly by organized crime groups as a countermeasure to law enforcement detection and surveillance.”16 This anonymity also makes it difficult to gather accurate information on cybercriminals and their activity. Countervailing concerns to reducing anonymity are the desire to protect personal privacy and the need for anonymity in countries where there is great social unrest; anonymity is needed to prevent the tracking of dissidents, journalists and bloggers.
Some cybercrime is the consequence of a lack of security in infrastructure on a national level.
Increasing computer literacy enables more people to use the Internet for legitimate purposes or cybercrime.
Encrypted and anonymous e-mail, peer-to-peer (P2P) instant messaging (IM) and voice services (Voice over Internet Protocol or VoIP) are just some of the recent communication technologies that pose data access challenges to law enforcement. In particular, e-mail delivers considerable cybercrime activities such as spoofing,17 at the same time allowing their illegal content to be passed through a number of different countries during the transfer from the sender to the recipient.
Internet connectivity continues to spread. Contrary to what is commonly believed, cybercrime is not a problem that only affects developed countries.18 Further expansion of Internet connectivity in developing countries, where IT security measures may not be as robust, is likely to prompt further geographical shifts in malicious activity both in terms of attack origin and the number of compromised computers. As a consequence, “the development of technical measures to promote cybersecurity and proper cybercrime legislation is vital for both developed countries and developing countries. Compared with the costs of grafting safeguards and protection measures onto computer networks at a later date, it is likely that initial measures taken right from the outset will be less expensive. Developing countries need to bring their anti-cybercrime strategies into line with international standards from the outset.”19
Mobile devices are becoming the main tools used to access the Internet and are being increasingly marketed in large numbers to areas of the world that have previously enjoyed limited Internet connectivity.20 The “always on” culture fostered by mobile devices ensures that potential victims are online and data is exposed for a longer period of time, thereby giving criminals more opportunities to access data. One recent study shows a 42% increase in mobile operating system vulnerabilities in 2010.21
Open wireless networks can enable perpetrators to gain remote access to the Internet without identifying themselves. Public Wi-Fi networks typically collect basic information, such as the type of device, operating system and browser.
Commercial trends invite increased storage of personal data on the Internet: Retailers and other businesses are continually asking customers to enrol into their “clubs” or “loyalty programmes”. This creates significant retention of data on the Internet about individuals, their account details, their interests and their connections to other “like” activities that can be exploited by cybercriminals if there is insufficient cybersecurity.
Today’s Internet is characterized by very many computers at very many locations, with each computer/location combination holding a small fraction of the total data on the Internet. Cloud computing refers to the consolidation of Internet data on fewer computers at fewer locations. This consolidation reduces the overall IT cost by reducing the amount of hardware, software and administrative support needed for the fewer computers at fewer sites. When credit card information or other data useful for crime is consolidated, cybercriminals gain more data for their criminal enterprises by penetrating a single cloud computer than by penetrating a single computer in today’s Internet.
Another aspect of cloud computing is the “outsourcing” of computer services to a third party who owns and runs the cloud computers. Instead of being at a company’s premises, the computers and the company’s data are in another location or locations that could be in a different country from the company. This geographic difference could mean that the data protection and criminal laws applicable to the company may differ from those laws applicable to the company’s data. If, for example, cybercriminals from a third location steal the company’s data from the cloud computer, the investigation and prosecution of that crime could involve the laws and law enforcement personnel of three jurisdictions: where the company is located, where the cloud computers are located and where the cybercriminals are located. This increased legal and law enforcement complexity benefits cybercriminals.
Above all, a significant vulnerability is the lack of an organized international law enforcement process to counter cybercrime. The bureaucratic structures of law enforcement agencies and their partners around the world were designated before cyberthreat was known. No single entity is in charge, no single entity knows the full extent of the problem. This situation is being exploited by OCGs. The ubiquitous nature of cyber does not fit with our current response frameworks.
The development of a cybercrime-related legal framework is needed. “The fact that provisions exist in the criminal code that are applicable to similar acts committed outside the network [such as fraud, copyright violations or child pornography] does not mean that they can be applied to acts committed over the Internet as well.”22 It is necessary to create substantive criminal law provisions that would effectively criminalize acts of cybercrime and provide the necessary procedural powers for law enforcement agencies to carry out the type of specialized investigative measures required to identify cybercriminals (such as the interception of Internet traffic or the use of remote forensic software).
Insufficient collaboration between the public and private sectors also prevents collection of the intelligence necessary to understand the scope of the cybercrime problem and to implement collaborative law enforcement against cybercrime.
As cybercrime has a transnational nature, international cooperation is a key element in combating it. However, in this field very few treaties and agreements on mutual legal assistance among states exist.23 Current agreements are based on formal and complex procedures that often refer to the principle of “dual criminality”.24 According to this principle, only those crimes that are criminalized in all participating countries are globally investigated. For this reason, regional differences in legislation and practices among states play an important role and can make international cooperation very difficult. One example is the illegal content of certain materials. Some countries or regions criminalize the dissemination of materials which are lawfully distributed in other countries.25
Finally, it must be pointed out that a majority of cybercrime is not reported to the competent authorities, either because individuals do not realize that the offence is taking place or because (especially for banks, business and industries) they do not want to expose themselves to the reputational damage it causes.26 The high degree of under-reporting is an obstacle to combating cybercrime and the use of the Internet by criminal groups. If these crimes are not reported, they will not be investigated.
Case 1: Mariposa Botnet27
Spanish authorities used a multidisciplinary task force (military, international law enforcement, academia, private sector) to dismantle the Mariposa botnet in 2010. The botnet infected more than 12.7 million personal computers in more than 190 countries and more than 3,000 smartphones before they were shipped from the factory.
Case 2: Rustock Botnet28
Each infected machine communicated with control nodes via posts that appeared to be legitimate posts to a bulletin board or Web forum. The command and control servers were all located in the US and most were managed by small hosting firms that were unaware of the botnet’s presence. This case illustrates how cybercriminal enterprises rely on a criminal infrastructure (the digital underground economy) and the value of the tools developed by the criminals.
Case 3: Operation Aurora29
Advanced persistent threats (APT) are attacks that use deceptive techniques (such as sending an e-mail from a trusted source) to gain access to systems. After obtaining control of the target system, specific data and intellectual property was stolen. Intellectual property theft and cyber espionage are growing problems in a world where data is a leading commodity.
Case 4: Operation Night Dragon/Shady RAT30
Attackers from several locations in China used command and control servers from purchased hosted services in the United States and from compromised servers in the Netherlands to attack global oil, gas and petrochemical companies, individuals and executives in Kazakhstan, Taiwan, Greece and the United States to acquire proprietary and highly confidential information. The attackers ran regular business hours for as long as four years, illustrating professionalism of attack (cybercrime as a business).
Case 5: Anonymous31
The development of a new “distributed model of malfeasance” over the last two years has spilled over into the offline Occupy protests. Anonymous is now a global brand in free speech and freedom fighting, espoused for a variety of anti-capitalist and anarchic causes, and even by lawmakers. Of particular interest here is the variety of cells operating under the Anonymous brand and the range of issues targeted in its name. These include attacks on the EU parliament related to the Anti-Counterfeiting Trade Agreement (ACTA), law enforcement conference calls, the use of tear gas in Bahrain, threats to Mexican drug cartels, and the exposure of e-mails belonging to a law firm representing US marines accused of murdering Iraqi civilians revealing links between nationalist politicians and extremist groups. These are ideologically motivated electronic attacks with no consistent theme.
1.5. Good practices
Good practices minimize the value of cybercrime enablers to cybercriminals by making the enablers more difficult to use (increased cybersecurity) or by making cybercrime easier to detect and prosecute through international cooperation by governments and private industry.
In the United States, CERT,32 Symantec,33 and McAfee34 provide information on how individuals and businesses can increase their cybersecurity to make cybercrime more difficult. One objective is to prevent cybercriminals from accessing the information they need to commit cybercrimes
The Council of Europe has reported on best practices for international cooperation against cybercrime35 and last year the Council on Organized Crime reported cooperative law enforcement through the Virtual Global Taskforce.36
A convention or protocol at the United Nations level has been proposed to improve on the regional cooperation framework established by the Council of Europe Convention on Cybercrime.37
The Twelfth United Nations Congress on Crime Prevention and Criminal Justice, held in April 2010, resulted in UN Resolution 65/230,38 which calls for the creation of an “open-ended intergovernmental expert group … to conduct a comprehensive study of the problem of cybercrime and responses to it by Member States, the international community and the private sector, including the exchange of information on national legislation, best practices, technical assistance and international cooperation.”
In fact, “an increasing number of cybercrimes have an international dimension, particularly due to the fact that offenders, operating through the transnational Internet, often do not need to be present at the location of the victim. This separation in the location between the victim and the offender and the mobility of offenders make it necessary for law enforcement and judicial authorities to cooperate internationally and assist the state that has assumed jurisdiction. Effective international cooperation poses one of the major challenges in combating increasingly globalized crime, both in its traditional forms and as cybercrime. … Effective international cooperation requires a degree of common understanding and the adoption of common approaches of legislation.”39
Establishing coordinating structures:
A structure analogous to that of the UNODC is needed to evaluate and quantify the global cybercrime problem. UNODC should encourage the creation of appropriate legislation and INTERPOL should enhance law enforcement capacity by coordinating the regional efforts of EUROPOL, the Federal Bureau of Investigation (FBI), Australian Federal Police (AFP) and others. This coordinated regional and international response should include a consistent approach to law enforcement cooperation with the private sector (effectively reducing the number of law enforcement counterparts that global corporation must deal with by offering them regional points of contact such as EUROPOL, and the future INTERPOL centre in Singapore). Until such capability is available, the full extent of that component of the cybercrime problem for which law enforcement action is appropriate will not be known.
Raising awareness and developing instruction and prevention programmes:
The knowledge of how cybercrime schemes work must be increased and widely disseminated.
Social engineering techniques are commonly used in e-mail scams. Victims unknowingly give their money to criminals because the victims mistakenly think the communicating parties are their friends or business partners. As a result, inadvertent victims around the world continuously lose huge amounts of money in these e-mail scams. Intensified publicity and crime prevention programmes would play an instrumental role in reminding the public to recognize and avoid these scams.
Botnets have posed a significant threat to the cybersecurity of major information systems. Typical of this threat is the distributed denial of service (DDoS) attack which utilizes botnets to launch premeditated, coordinated and simultaneous denial of service attacks from many points of origin against a single or multiple targets. Cybercriminals usually make use of botnet-inflected machines to launch the attack. Hence, it is vital to raise public awareness about the need to keep computers and servers free from botnet infection by constantly updating the anti-virus software.
Enhancing cooperation and sharing information:
Establish an efficient means for private industry and government to share information about cybercrime
The US government has begun exchanging cyberthreat information with government contractors; legislation is pending to make it easier to share this information.40 The World Economic Forum’s initiative on “Risk and Responsibility in a Hyperconnected World” provides a platform for decision-makers to undertake coordinated action to set in place the risk evaluation, detection and response mechanisms necessary to protect networked communications and future growth in the online networked economy.41
Strengthening public-private partnership:
Dismantling the command and control servers of botnets would mitigate the threat. Law enforcement agencies (LEA) should collaborate with academia, IT industry stakeholders and local Computer Emergency Response Teams (CERT) to exchange intelligence on the locations of botnet servers to remove or disable them.
Botnets are crucial tools to commit e-banking fraud. LEAs should engage the banking industry to impose additional security measures. One simple step that could drastically mitigate the risk is to limit all third-party money transfers to pre-registered accounts only.
Enablers of Money Laundering
Beneficial Owners and Professionals
- identifying the beneficial owners of corporate entities
- clarifying the role of professionals and intermediaries in money laundering and terrorist financing schemes
Both beneficial owners and professionals may, in fact, play the role of enablers of organized crime and corruption.
2.1. Main features
Criminals and criminal organizations may make use of complex cross-border schemes of corporate vehicles with a “Chinese boxes” structure to conceal their identities and to hide illegal proceeds. Law enforcement agencies have been handling an increasing number of cases in which legitimate businesses co-mingle with illegal businesses, and legitimate funds with illicit funds. Reconstructing these complex corporate schemes and identifying who lies behind them, i.e. identifying their beneficial owners (BO), is considered to be essential to reveal the full extent of the criminal infrastructure and to prevent future criminal activities.
In addition to the increasing emphasis on the need to improve the transparency of corporate beneficial ownership, special attention must be paid to the role of professionals as gatekeepers, or conversely, as enablers of organised crime and corruption.
Professional service providers have been increasingly identified as being involved (either knowingly or unwittingly) in money laundering (ML) and financing of terrorism (FT) schemes. Given their trusted gatekeeper status, professionals can misuse the absence of direct supervision to launder funds themselves and/or act as “good faith” intermediaries in helping others to launder. This can occur in a variety of contexts, such as the securities and derivatives markets, the real estate market, etc., only some of which are discussed here. Active criminal infiltration of professional roles or subornation of existing professionals are key routes to criminal success. For example, brokerages or even multidisciplinary firms of accountants and lawyers can be beneficially owned by criminals, leveraging their professional status. The extent to which this happens in practice is unknown, but it represents a risk that requires management.
The increased misuse of professionals for criminal purposes is the natural consequence of the evolution in ML/FT patterns: in fact, the severe restraints and strict controls on the activities of credit and financial institutions (on which money launderers originally relied to conceal the proceeds from crime) produced a displacing effect, forcing criminals to find another entry point to the financial system and to exploit new channels and intermediaries to conduct their business. Criminals had thus to find alternative methods for laundering dirty money, moving from now better regulated financial institutions to non-regulated businesses and professions, that is to those areas with a less stringent regulatory regime.42
Both issues – beneficial owners and service providers – have seen an increase in regulations recently. These regulations, however, are not always accompanied by an adequate level of implementation.
A global level playing field may be impossible to achieve, but greater attention must be paid, at the national and transnational levels, to enhance the harmonization and availability of data on BO and to ensure that professionals and other service providers behave responsibly.
With reference to the beneficial owners, “governments have recognized the importance of curbing the misuse of corporate vehicles to conceal beneficial ownership, and in response, they have adopted certain international standards.”43 The two key international standards dealing with BO identification are the United Nations Convention against Corruption44, and the 40 Recommendations45 drawn up and revised by the Financial Action Task Force (FATF) in 2003, and significantly revised in 2012.46
More specifically, FATF Recommendations 24 and 25 aim at enhancing the transparency of legal entities and indicate identification of the beneficial owner as a key measure. In particular, they (R24) require that, “Countries should ensure that there is adequate, accurate and timely information on the beneficial ownership and control of legal persons that can be obtained or accessed in a timely fashion by competent authorities.”47
In recognizing the vulnerability to laundering from a lack of transparency regarding beneficial ownership issues, the FATF has revised and enhanced their earlier recommendations to now include far greater precision as to what countries should have in place in order to comply. Countries should have mechanisms that:
- (a) “identify and describe the different types, forms and basic features of legal persons in the country
- (b) identify and describe the processes: (i) for the creation of those legal persons; and (ii) the obtaining and recording of basic and beneficial ownership information
- (c) make the above information publicly available
- (d) assess the money laundering and terrorist financing risks associated with different types of legal persons created in the country”48
The FATF recommends that to determine who the beneficial owners of a company are, competent authorities will require certain basic information about the company, which, at a minimum, would include information about the legal ownership and control structure of the company. This would include information about the status and powers of the company, its shareholders and directors. Among a long list of “requirements”, “all companies created in a country should be registered in a company registry.”49
The crucial importance of BO identification in the fight against ML and TF has been fully recognized, for example, at the EU level. In particular, the Third EU Anti-Money Laundering Directive,50 cornerstone of the whole EU Anti-Money Laundering (AML) regulatory framework, was intended to expand existing counter-measures to a significant group of professionals and service providers. In this perspective, it requires intermediaries such as banks, auditors, accountants, lawyers and notaries to identify, in the framework of Customer Due Diligence procedures, the beneficial owner of their clients (Art. 8, par. 1 b).
The potential risk of professionals being abused for illicit purposes has become a significant issue in the anti-money laundering legislative framework: the recent trend in Anti-Money Laundering and Countering the Financing of Terrorism (CFT) legislation is to expand existing counter-measures applicable to credit and financial institutions to a significant group of professional service providers, both at the international and European levels. The increasing number of cases involving professionals has prompted competent authorities to place more categories of professionals under anti-money laundering obligations.51
This approach has been adopted, for example, by the EU AML regulatory framework, which has expanded AML obligations to a greater number of professionals and service providers, such as:
- (a) credit institutions
- (b) financial institutions
- (c) auditors, external accountants and tax advisers
- (d) lawyers
- (e) notaries
- (f) trust and company service providers
- (g) real estate agencies
- (h) casinos
With regard to the identification of beneficial owners, some problems must be taken into account, representing vulnerabilities that could be seen by criminal groups as actual opportunities for money laundering or financing terrorism.
An effective anti-money laundering regime to prevent corporate entities from being abused for money laundering should have at least three components:
- (a) a central registry of corporate entities that provides beneficial owner information
- (b) beneficial owner identification systems by financial institutions and professional service providers
- (c) an international sharing system for beneficial owner information
Unfortunately many weak links in all three components exist worldwide.
A) Central registry of corporate entities:
There is currently no international standard requiring states to have a central registration system for corporate entities, such that not many states have a system that makes BO information available to those who need it for the purpose of anti-money laundering.
Some states have fragmented registration systems, e.g. for tax or public listing purposes, etc., but these fragmented systems are not designed for the purposes of anti-money laundering and so are not conducive to them. Moreover, access to these systems for BO information can only be made in certain limited circumstances, e.g. for a criminal or tax investigation etc., and the associated information retrieval process is extremely inefficient and very often requires judicial scrutiny.
For those states having a central registry of corporate entities, in the absence of international standards on what BO information a corporate entity must register with the authority and how often the information needs to be updated, the registers are very often found to be unreliable, i.e. not updated, and pertaining only to legal ownership/control as opposed to actual beneficial ownership.
B) Beneficial owner identification systems:
As for BO identification systems, despite the Third EU Directive and the FATF Recommendations, currently many states, including those well developed states in which the world financial centres are situated, have yet to put in place proper enforceable means to require financial institutions and professional service providers to identify and verify the beneficial ownership of corporate entities in their customer due diligence processes. Nor are they required to understand the ownership and control structure of corporate customers with complex ownership structures.
Law enforcement agencies from time to time come across investigations involving shell companies being used for money laundering. Criminals or money launderers make use of the services of the professional service providers to set up shell companies to open bank accounts for illicit transactions with staff of the professional service provider acting as nominee directors of the corporate customers. Banks without proper customer due diligence practices do not know and do not bother to ask (if the state has no such requirement for them to do so) about the actual beneficial owners of such corporate customers and the bank accounts.
C) International sharing of beneficial owner information:
Given the fact that money laundering is frequently carried out in an international context, the problem of corporate entities being abused for money laundering is aggravated by the ease with which corporate entities can be incorporated overseas. Law enforcement agencies, financial institutions and professional service providers increasingly come across or deal with companies incorporated offshore. Offshore corporate entities have hindered the respective customer due diligence and investigation processes, if not making them impossible.
While the availability of overseas BO information to financial institutions and professional service providers still leaves much to be desired, the effectiveness and efficiency of international sharing of BO information among law enforcement agencies are also in question because (a) not every state allows its law enforcement agencies to have free access to the relevant register for international sharing without judicial scrutiny; and (b) not every law enforcement agency can share information with an overseas counterpart without a bilateral cooperation agreement or mutual legal assistance agreement.
For financial institutions, aside from the unavailability of overseas BO information, another concern is the high cost incurred and the long time spent in obtaining information from overseas authorities. Therefore, very often, in case of complex company structures involving offshore corporate entities, financial institutions are reluctant to identify and verify the identity of the BO of all the structures’ layers. They simply check the first and last layers and rely on the declaration of the customers to tell them what the intermediate layers are.
With reference to professionals’ risk of being involved in ML schemes, other vulnerabilities may be identified that allow criminals and terrorists to take advantage of them. Each of the vulnerable sectors has a role for professionals to play – whether as willing conspirators or naive facilitators. One of the most effective ways to aid the laundering process is to engage the cooperation of corrupt professionals, or for a criminal enterprise to place operatives within financial institutions. By doing so, an offender can bypass scrutiny, falsify documents and avoid mandatory transaction reporting requirements. Internal conspiracies and corruption have been identified in the following cases:
A) Some criminals might try to take advantage of professional secrecy obligationsthat apply to the gatekeeper.52
In anti-money laundering discussion, the term “gatekeepers” refers to a broad range of professionals (such as lawyers, notaries, accountants, company formation agents and others) who, as a result of their status, have the ability to provide financial expertise and allow access to the financial system. Therefore, “gatekeepers” should be meant as protectors of the gates to the financial system.53
As such, they are those through whom the users of the system, including potential launderers, must pass to enter it. This is why AML regulation has increasingly directed its attention to these figures by establishing specific anti-money laundering obligations in the execution of their functions.
B) A most common technique used to help expedite the laundering process is the use of nominees, involving some attempt by the offender to obscure a direct connection between himself and assets he owned, primarily by registering legal title to the asset in the name of another individual, usually a relative, a friend or a lawyer. In an analysis of Royal Canadian Mounted Police cases, it was found that the assets most often placed in the name of nominees were real estate, cars, companies and banks accounts.54
C) According to a report authored by the Financial Action Task Force (FATF), “…inadequate codes of conduct and ethics with a low likelihood of disciplinary action (emphasis added) all help to shape businesses in ways that enable criminals to take advantage of the services they offer. Professionals and insiders who are sole traders and have no management or compliance oversight, along with vulnerable business models that cannot support sophisticated AML systems, are often seen as soft targets for criminals who wish to use their services for illegal gain.”55
D) In the absence of corresponding ethics and internal controls, the practice of making decisions to promote or continue employment based on “performance criteria”, and the use of sales-driven remuneration packages and performance assessments may unintentionally promote unlawfulgreed in individuals and increase their vulnerabilities. This can create an environment characterized by corruption that can be easily exploited by criminals.56
“What gets measured, gets done”, therefore it is important to consider the reward system within institutions. These rewards – individual and group – are partially responsible for “irrational exuberance” in banking decisions (i.e. unwise loans and credit lines, etc.). Peer pressure from group incentives is particularly powerful. Hence any policy that results in the loss of customers – especially customers with large amounts of money – is operating against the current reward structure. Financial institutions’ rhetoric may declare that all bank objectives are “equal” – profit, risk management, customer satisfaction and societal pressures to reduce money laundering – when in reality they often are not given the same attention.
E) Inter alia, special attention must focus on lawyers’ services and real estate transactions.
The services provided by lawyers are frequently part of a series of commercial and financial transactions conducted by the most sophisticated criminal entrepreneurs. In an unknown but presumably very large proportion of cases, the lawyer is not aware that the scheme s/he is facilitating is illicit. However, in certain criminal and regulatory cases, the services of lawyers were explicitly sought out and, in some instances, repeatedly used by criminal offenders to launder their criminal proceeds.57
- Lawyers came into contact with the proceeds of crime through their role in facilitating a real property transaction by a drug trafficker or accomplice.
- Lawyers are used to conceal the true source of funds provided to them by offenders through the use of legal trust accounts and the invocation of solicitor-client privilege, which can place stringent restrictions on the ability of law enforcement to gather information from law offices.
- They have also helped to conceal criminal ownership of assets by registering titles in the names of nominees and, in some cases, their own names.
- They allow their client and office accounts to be used to receive cash from offenders and supply them with financial instruments (cheques and transfers) that will appear clean to bankers.
- They have been involved in transferring funds derived from criminal activities to “secrecy haven countries”, including establishing shell companies in these countries.
- They have been used to create a seemingly legitimate source of revenue for criminal offenders. This service is largely accomplished by establishing shell and active companies, selling assets on behalf of offenders, and purchasing revenue-generating rental properties.
The real estate market allows criminals to “use” large quantities of cash and manipulate other services associated with real estate transactions, such as mortgages and the use of nominee accounts, and dealings that are possible through the construction industry. “Launderers benefit in multiple ways because they can often acquire valuable and appreciating investments at the same time that they launder money into the legitimate economy.”58 Some evidence also exists that offenders seek out a mortgage to limit their equity in a home, to minimize their personal financial loss if the property is forfeited to the Crown – or, if the property is to be used for an illegal marijuana or other grow-operation, it may decrease their loss of capital in case of a building destroyed by the chemicals used. In some cases, a mortgage (as well as title to the property) appears in the name of a nominee. In other cases, a criminal entrepreneur can personally finance a mortgage for property that he controls, but that is registered in the name of a nominee. This laundering technique provides the bogus owner with a seemingly legitimate source of funds to purchase the home, while hiding the true criminal ownership of the property. Alternatively, mortgage financing can be provided by a nominee, such as a family member or a business associate, for property registered to a criminally accused person (in a past case, for example, the mortgage was fake and the funds were ultimately traced to the accused). Mortgages may also be financed by criminally-controlled companies, often off-shore. “The absence of will among many real estate professionals in many parts of the world to conduct due diligence on their clients and the absence of sanctions for complicity in money laundering in real estate have exacerbated the problem.”59 Furthermore, sanctions have not been applied against other professionals allied with the real estate business, such as notaries and mortgage brokers, who have facilitated such laundering.
Case 1: “Delaware Laws, Helpful to Arms Trafficker, to Be Scrutinized”60
“A Russian businessman who investigators say is the world’s largest arms trafficker used secret corporations formed in Delaware and other states to finance his activities. … Delaware and the other states have business-friendly laws that encourage the creation of opaque shell companies, allowing their true owners to be disguised or obscured. The Senate is considering new legislation to stop the formation of two million such American corporations a year in various states.
Officials say the Russian businessman, Viktor Bout, used at least a dozen shell companies in Delaware – the leading state that allows the formation of such companies – as well as Texas and Florida. …
Senator Carl Levin, Democrat of Michigan, who co-sponsored the legislation, contends that the state laws effectively allow arms trafficking, money laundering, drug smuggling and tax fraud to flourish. …
The proposed legislation would require states to collect the names of beneficial owners of corporations and limited liability companies formed under their laws, and to provide that information to law officials when requested.
Case 2: The use of professional intermediaries to facilitate money laundering
“A law enforcement operation identified an accountant, J, who was believed to be part of the criminal organisation involved in money laundering and re-investment of illicit proceeds derived from drugs trafficking led by X. J’s role was mainly that of a “legal and financial consultant”. His task was to analyse the technical and legal aspects of the investments planned by the organisation and identify the most appropriate financial techniques to make these investments appear legitimate from a fiscal stance. He was also to try, as much as possible, to make these investments profitable. J was an expert in banking procedures and most sophisticated international financial instruments. He was the actual financial “mind” of the network involved in the re-investment of proceeds available to X. J operated by sub-dividing the financial transactions among different geographical areas through triangle transactions among companies and foreign credit institutions, by electronic transfers and stand-by credit letters as a warrant for commercial contracts which were later invested in other commercial activities (Source: extracted from website of JE Financial Services Commission).”61
2.5. Good practices
Beneficial Owner Identification by Financial Institutions
The efforts of the FATF do give momentum to system improvement in member states or jurisdictions such as Hong Kong SAR. A major financial centre, Hong Kong is very concerned about the integrity of its financial systems. In response to the findings of the FATF’s third round of mutual evaluation, Hong Kong passed new anti-money laundering legislation, which among other obligations requires financial institutions to identify the beneficial owners of customers, taking reasonable steps to verify their identity and know who they are, including, where the customer is a legal person, measures enabling the financial institutions to understand the ownership and control structure of the legal person.
Pursuant to the legislation, the respective regulators of financial institutions formulated legally enforceable guidelines setting out detailed requirements for how the identification and verification of beneficial owners should be conducted. In brief, if a customer is a legal entity, e.g. a corporation, an unincorporated body, a partnership, etc., the guidelines require identification and verification of all beneficial owners who own or control, directly or indirectly, more than 10% of the legal entity’s shares or who exercise ultimate control over the management of the corporation.
Financial institutions must understand the ownership and control structure of a corporation, even if it has multiple layers, by, for example, obtaining a director’s declaration that includes an ownership chart describing the intermediate layers. At a minimum, information included in the chart should include the names of the companies of the intermediate layers, the places of incorporation and the rationale behind the particular structure employed.
International Sharing of Information
The Egmont Group is an international network of Financial Intelligence Units (FIU), which provides a forum for member units, comprised of central, national agencies that handle financial report information, to improve cooperation in the fight against money laundering and the financing of terrorism. The network enables member units to efficiently share intelligence, including information on corporate entities through a secure website, without the need for a bilateral agreement. However, a prerequisite for the sharing of information is that the member state has (a) a centralized registration system of legal persons and (b) its financial intelligence unit has direct access to the system database.
With reference to the involvement of professionals in money laundering cases, good practices have focused on the strengthening of codes of conduct and on including new categories under the AML/CFT regulation. For example, the Offshore Group of Banking Supervisors Trust and Company Service Providers Working Group62 has focused on the crucial position of trust and company service providers (TCSPs).
Given the role of TCSPs as intermediaries and introducers of businesses to institutions that manage funds or assets, their inclusion under the anti-money laundering framework is a key step for the effectiveness of AML and CFT measures.63 On the contrary, the Offshore Group of Banking Supervisors Trust and Company Service Providers Working Group has found that a number of jurisdictions still do not regulate or supervise the operations of TCSPs appropriately.64
Accordingly, the Group drew up a Statement of Best Practice65 for Trust and Company Service Providers, which was completed in 2002.66
On the basis of the vulnerabilities mentioned above, the Council suggests the following recommendations, which apply across the areas discussed in this section:
A) Regarding the central registry of corporate entities,67 it is recommended that:
- the information to be registered include both legal owners (directors and shareholders) and beneficial owners
- the registered information be verified by the registry authority
- the registered information be updated in a timely manner by the corporate entity when there are changes, e.g. within one or two months
- the register be accessible to the public against payment online; payment should be minimal in order not to discourage access
B) Regarding beneficial owner identification, it is recommended that:
- financial institutions and professional service providers be required by law or by other legally enforceable means to identify and verify the identity of a corporate customer’s beneficial owners when establishing a business relationship with it
- financial institutions and professional service providers be required by law or by other legally enforceable means to take reasonable measures to determine who the natural persons are who ultimately own or control the corporate customer
C) Regarding the international sharing of beneficial owner information, it is recommended that:
- apart from via investigation powers, law enforcement agencies have direct access to the register of corporate entities
- states allow (e.g. by law) law enforcement entities to share beneficial owner information with their overseas counterparts instantly without need for any bilateral or mutual legal agreement
- the access to the register of corporate entities be made available online against payment to facilitate overseas searches; payment should be minimal in order not to discourage access
A) Regarding the regulatory framework, it is recommended:
- to reduce the wide disparity in the ways in which professionals of all kinds – accountants, lawyers and securities brokers – are licensed, scrutinized and disciplined. It seems inevitable that these differences will continue in the foreseeable future. The mechanisms by which lawyers, for example, are regulated need to be scrutinized by international bodies, along the lines of the “functional equivalence” concept developed by the Organisation for Economic Co-operation and Development (OECD) Working Party on Bribery. In the first instance, the FATF and FATF-style regional bodies (FSRBs) should press member states to bring into effect agreements on AML compliance by professionals to which they are already signatories.
B) Regarding criminal and regulatory investigations, it is recommended:
- to collect data systematically on the mechanisms by which professionals assist criminals, both in the perpetration of offences and in the laundering of proceeds from criminal activity. In this way better evidence of interventions can be built, including both criminal justice sanctions and preventive measures, such as controls over licensing and professional disciplinary sanctions.
Enablers that Exploit International Commercial Transactions
Free Trade Zones
Under the umbrella of Organized Crime Enablers, this report considers international commercial regulations and in particular the issue of Free Trade Zones. The crime risks associated with these Zones have been neglected until recently, although one early study highlighted their exploitation for tax-related money laundering and value transfers in tobacco smuggling, for example.68
With respect to banking and financial regulations, Free Trade Zones are comparable to offshore countries. Their structure and regulations make these areas very efficient for legitimate purposes,69 but they are at the same time weaker, less transparent and more vulnerable to organized crime.
3.1. Main features
According to the International Convention on the Simplification and Harmonization of Customs Procedures (so-called the “Revised Kyoto Convention”), a Free Zone (or Free Trade Zone) is “a part of the territory of a Contracting Party where any goods introduced are generally regarded, insofar as import duties and taxes are concerned, as being outside the Customs territory”.70
More generally, to promote trade, facilitate new business creation and encourage foreign direct investment, FTZs offer a number of incentives such as duty exemptions, simplified administrative procedure and free import duty on raw materials, machinery or equipments. Created to boost economic opportunities, these incentives often result in reduced financial and trade controls.71
Two recent reports (one is the FATF report entitled “Money Laundering Vulnerabilities of Free Trade Zones”72 and the other is the Business Action to Stop Counterfeiting and Piracy (BASCAP) document entitled “The role and responsibilities of FTZs”73) have drawn attention to the collateral risks posed by Free Trade Zones. They acknowledge that Free Trade Zones have been created to reduce barriers and facilitate global trade and that they have become particularly important for the integrated economy: they stimulate economic growth and play a large role in the globalization of the world economy. Not surprisingly, Free Trade Zones have proliferated significantly in recent years, confirming their central role for economic growth. Today, approximately 3,000 Free Trade Zones exist in 135 countries around the world. In what is sometimes termed a “race to the bottom”, FTZs generate reduced trade in competitor jurisdictions, which encourages them, in turn, to create FTZs, reducing the overall level of transparency and “bureaucracy”, while facilitating crime and tax avoidance, in those jurisdictions.
As the above reports convey, there is a downside. FTZs represent an attractive opportunity not only for legitimate businesses but also for wholly and partially illegal endeavours. Organized crime groups and counterfeiters use FTZs to move illegal products around the world without detection. “What’s worse is that to do so, they exploit the very ecosystem that governments have put in place to help FTZs contribute to economic development:
such as the limited regulatory oversight in Free Trade Zones; such as Customs, tax and product regulations that do not apply or are rarely enforced; such as the limited inspections of containers in transit; and, the simple inaction of governments who may consider Free Zones to be immune from the laws that govern the rest of the economy.”74
Inaction is particularly likely where the crimes involved hurt only people or governments in other jurisdictions. Generally, counterfeiters use the transit or trans-shipment of goods through multiple, geographically diverse ports as a means to disguise the nature of the product and make it more difficult for law enforcement to track their activity. Counterfeiters import shipments of counterfeit goods into warehouses in the FTZs and then change the final destination and re-export them. In this way FTZs are used to “sanitize” shipments and documents, thereby disguising their original point of manufacture or departure. This can be done to evade trade sanctions and arms controls, as well as for more conventional forms of criminality.
Counterfeiters also import unfinished goods and then “further manufacture” them in FTZs by adding counterfeit trademarks, or repackage or re-label the goods and then export the “finished” counterfeit goods to other countries. Last but not least, the complete manufacturing of counterfeit goods also takes place in FTZs.
The crucial challenge FTZs pose to today’s law enforcement agencies and policy-makers is how to balance security issues with facilitating trade or, in other words, how to merge efficiency and transparency. What is needed is to improve controls to diminish the risks related to organized crime without hindering the advantages in trade efficiency provided by FTZs.
As suggested by the World Customs Organization (WCO), in today’s hyperconnected and globalized world, international “trade and investment will flow towards efficient, supportive and facilitative locations.”75 Today’s efficient and effective customs systems and procedures can significantly increase economic competitiveness through the creation of a safe trading environment, which in turn would promote international trade and investment. Furthermore, as customs are now also responsible for national security, they need to ensure that they facilitate exclusively legitimate trade while addressing the threats posed by terrorism and transnational organized crime, and tackling the problems of counterfeiting and piracy.76
As a result of these changes and new challenges, the WCO revised and updated its original Kyoto Convention of 1974, to ensure that it kept pace with the development of international trade.77 In its revised form78 the Kyoto Convention “is widely regarded as the blueprint for modern and efficient Customs procedures in the 21st century. Once implemented widely, it will provide international commerce with the predictability and efficiency that modern trade requires”.79
With specific reference to the legislation, in Europe a single Customs Code (the Community Customs Code) exists, for instance. However, there is no common Customs legislation at the international level and, in any event, there are variations in code enforcement between different jurisdictions, even without taking into account the issue of FTZs. This situation reflects tensions between monitoring costs and smooth commerce, and occasional corruption/incompetence in Customs and excise taxes.
The so-called “Modernised Customs Code” (MCC),80 supported by Decision 70/2008/EC of the European Parliament and of the Council81 on a paperless environment for Customs and trade, is part of a Community approach to modernize EU Customs legislation. The MCC will replace the current Community Customs Code.82
More specifically, the MCC addresses two major issues:
Simplification:The MCC will streamline the code’s structure (the number of articles has been reduced from 264 to 188) and will simplify Customs procedures (the number of procedures has been reduced from 13 to 3, all with consistent rules). The current Community Customs Code is, in fact, cumbersome and not easily accessible. The aim of the MCC is therefore to optimize the efficiency and effectiveness of Customs and Customs-related procedures and controls, making them flow better and more coherent and operative.
Computerization: For the same purpose, jointly with EC Decision 70/2008, the MCC aims to provide the progressive computerization of all Customs procedures and formalities, with a view to achieving a completely “paperless environment for Customs and trade”. Some measures to achieve this goal include, for example:
• electronic lodging of Customs declarations and accompanying documents
• use of a “centralized clearance” to declare goods electronically and pay Customs duties
• introduction of the “single window”83 and “one-stop-shop”84 concepts
Decision 2004/387 of the European Parliament85 calls for measures to increase the efficiency of the organization of Customs controls and ensure the seamless flow of data in order to, among other things, make Customs clearance more efficient, reduce administrative burdens, help to combat fraud, organized crime and terrorism, protect intellectual property and cultural heritage, and increase the safety of goods and the security of international trade. To achieve these objectives, “the provision of information and communication technologies (ICT) for Customs purposes is of crucial interest.”86
Pursuant to that Decision, the computerization of Customs aims to achieve the following objectives:
- “to facilitate import and export procedures;
- to reduce compliance and administrative costs and to improve clearance times;
- to coordinate a common approach to the control of goods;
- to help ensure the proper collection of all Customs duties and other charges;
- to ensure the rapid provision and receipt of relevant information with regard to the international supply chain;
- to enable the seamless flow of data between the administrations of exporting and importing countries, as well as between Customs authorities and economic operators, allowing data entered in the system to be re-used.”87
Other achievements relevant to Free Trade Zone regulations against crime also exist in four major Free Trade Agreements, which aim to regulate Free Trade Zones in their respective region. These include:
- North American Free Trade Agreement (NAFTA)
- China-ASEAN Free Trade Area (ACFTA)
- European Union
- Trans-Pacific Partnership (TPP) Agreement
These agreements focus on free trade issues and include preliminary considerations on fighting crime in Free Trade Zones. For example, NAFTA’s Customs Procedures, Article 504: Obligations Regarding Exportations prescribes:
“1. Each Party shall provide that:
a) an exporter in its territory, or a producer in its territory that has provided a copy of a Certificate of Origin to that exporter pursuant to Article 501(3)(b)(iii), shall provide a copy of the Certificate to its Customs administration on request; and
b) an exporter or a producer in its territory that has completed and signed a Certificate of Origin, and that has reason to believe that the Certificate contains information that is not correct, shall promptly notify in writing all persons to whom the Certificate was given by the exporter or producer of any change that could affect the accuracy or validity of the Certificate.
2. Each Party:
a) shall provide that a false certification by an exporter or a producer in its territory that a good to be exported to the territory of another Party qualifies as an originating good shall have the same legal consequences, with appropriate modifications, as would apply to an importer in its territory for a contravention of its Customs laws and regulations regarding the making of a false statement or representation; and
b) may apply such measures as the circumstances may warrant where an exporter or a producer in its territory fails to comply with any requirement of this Chapter.
3. No Party may impose penalties on an exporter or a producer in its territory that voluntarily provides written notification pursuant to paragraph (1)(b) with respect to the making of an incorrect certification.”88
This provision suggests that while NAFTA recognizes opportunity for criminal fraud exists and proposes measures to prevent it, the agreement also attempts to balance its overall effects.
“As separate Customs areas created to encourage trade and foreign direct investment, FTZs are subject to unique laws, regulations, and oversight to take account of their role in job creation and economic development policies.”89 This may result in weaknesses that make FTZs vulnerable and expose them to misuse by illegal actors. Generally, these weaknesses mainly encompass the lack of a standard Customs Code, which is common at the international level, the lack of legal but instrumental coordination between the Customs authority and the Zone authority; and the lack of strict regulatory oversight.
More specifically, consistent with the FATF report,90 the following vulnerabilities of FTZs are highlighted:
Relaxed oversight: Although FTZs are most often located near ports of entry (air, sea or land), they operate apart from traditional rules governing commercial and Customs procedures: administrative and oversight schemes are reduced or even eliminated, goods introduced may be subject to processing and manufacturing operations within the Zone,91 special taxes and administrative arrangements are available to exporters and export service providers.92
Weak procedures to inspect goods and register legal entities, and inadequate record-keeping and information technology systems: “In most cases merchandise entering and exiting a FTZ must be accompanied by commercial documents, for example a bill of landing and a commercial invoice.”93 Yet Customs and Zone authorities use different and separate systems to monitor shipments entering and exiting FTZs. Many countries are still using a paper-based system that makes cross-national flows impossible to monitor actively, although it may offer forensic evidence after the fact. A mix of paper and IT systems, as is often the case, increases the time it takes to control and check related documents (inbound vs outbound).94 Existing FTZ software systems are often not integrated in Customs IT systems. The lack of a unique and clear standard related to Customs clearance and record procedures makes it very difficult to monitor the flows entering and exiting a FTZ.
Lack of transparency: The regulation of FTZs lacks clarity; in certain cases it is unclear whether government or the Customs authority has the jurisdiction to exercise controls. The degree of Customs intervention is often limited or even absent, controls are frequently carried out by random selection rather than on the basis of risk assessment or risk indicators, and Zone authorities promote the ease of establishing a legal entity in a FTZ or may not request ownership information from companies setting up in order to attract business and foreign investment.95
Inadequate safeguards against money laundering and the financing of terrorism: In many cases, rules and regulations governing FTZs are outdated as they have not kept pace with FTZ development. Thus they do not adequately take into account the Zones’ money laundering and financing of terrorism vulnerabilities or the risks of illegal activities being carried out within them. Moreover, a number of jurisdictions do not apply the same anti-money laundering or counter-terrorism financing regulations in the Zone as in the rest of the country, so these provisions may not be applied to businesses and activities within the special Zones. Some businesses located in FTZs may fall outside the AML/CFT framework simply because their activities or operations do not fall within the scope of traditional financial sector providers located onshore.96 In fact, money laundering has been taken into consideration in some newly-enacted laws, but the proceeds of crime relating to offences such as tax evasion, smuggling, foreign trade law violations and foreign exchange manipulations have often remained outside the scope of the new laws.97
Lack of adequate coordination and cooperation between Zone and Customs authorities: A lack of coordination and cooperation exists between Customs and Zone management systems, such that certain data, documents and information often are not shared between the different authorities.98 In addition to Customs and Zone authorities, additional regulatory or law enforcement agencies may be involved at different levels within the Zone. What is necessary is therefore international cooperation with a view towards developing a uniform framework for regulating trade systems in FTZs.
Lack of worldwide regulation on dealing with FTZs and on the data each should track and pass on: If each FTZ were required to tag the goods and the cargo carrying the goods through to destination, the paths of illicit goods could be better identified. Yet no international procedures or global information sharing mechanisms exist to track illegal proceeds or goods and therefore to identify and take action against the criminals.
Lack of unity in rules and regulations globally: There are major regional differences in terms of the rules, procedures and oversight by which authorities regulate Customs and trade. North America, for example, has a more structured framework and its rules and regulations are stronger than those in China and/or South-East Asia, where certain financial systems are weak and judicial systems are less uniform.
In Europe, members of the European Union have similar legal codes and there is general consistency in regulations. By contrast, a major feature in many areas of Asia is the diversity of the justice system, particularly in matters related to FTZs.
Developing countries are establishing FTZs as a vehicle to facilitate economic development and generate revenue for the government, although many do not have the ability to provide the appropriate controls or means to track goods going in and out of the Zones. As already mentioned, some countries are still using a paper-based system to administer FTZs.
Aboriginal communities in Canada can be compared with Free Trade Zones. These communities’ Sovereignty Rights give them immunity from certain regulations and allow them to operate outside the control of the State. While both markets are being refuted by the Canadian government, a large trade in illegal cigarettes has emerged and is spreading across the country between Aboriginal communities, and one community controls the world’s largest online gambling service – an operation that could be used by money launderers
The regulatory differences between world regions give rise to a wide range of concerns about the vulnerability of FTZs and their potential exploitation by criminal groups.
These various weaknesses make Free Trade Zones ideal for sheltering criminal operations, counterfeiting and piracy. Generally, counterfeiters use the transit or trans-shipment of goods through multiple, geographically diverse ports as a means to disguise the nature of the products and make it more difficult for law enforcement to track their activity. As noted earlier, FTZs can be used to disguise the origins of fake goods and to distribute, process and even totally manufacture fakes. Ample opportunities for trade-based money laundering exist, and the low levels of supervision within FTZs make such operations more difficult to detect and defeat.
Case 1: “Counterfeit Drugs’ Path Eased by Free Trade Zones”
“DUBAI, United Arab Emirates – … when the authorities announced that they had seized a large cache of counterfeit drugs from Euro Gulf’s warehouse deep inside a sprawling Free Trade Zone here, they gave no hint of the raid’s global significance.
But an examination of the case reveals its link to a complex supply chain of fake drugs that ran from China through Hong Kong, the United Arab Emirates, Britain and the Bahamas, ultimately leading to an Internet pharmacy whose American customers believed they were buying medicine from Canada, according to interviews with regulators and drug company investigators in six countries.
The seizure highlights how counterfeit drugs move in a global economy, and why they are so difficult to trace. And it underscores the role played by Free Trade Zones – areas specially designated by a growing number of countries to encourage trade, where tariffs are waived and there is minimal regulatory oversight.
The problem is that counterfeiters use Free Trade Zones to hide – or sanitize – a drug’s provenance, or to make, market or relabel adulterated products, according to anticounterfeiting experts. …
Dubai is vulnerable because of the huge volume of goods that move through its free trade areas, and because of what is perceived by some in the pharmaceutical industry to be a murky line of authority for rooting out counterfeits there. ‘It is not clear that the normal Dubai Customs authorities have jurisdiction,’ said Rubie Mages, a director of global security for Pfizer.”99
Case 2: Contraband Smuggling and Tax Evasion
“This investigation involved a money laundering and contraband cigarette smuggling organization led by PAUL. The large-scale organization smuggled contraband cigarettes into the United States from China and subsequently structured cash deposits to avoid payment of millions of dollars in Washington State tax revenue. The cigarettes were imported into an FTZ located in Hawaii, then diverted to the state of Washington, rather than to the claimed destination, a Native American reservation in Idaho. PAUL then sold the illegally gained cigarettes in Washington, and laundered the proceeds.
As a result of the investigation 16 warrants were executed in Washington and in Hawaii, which yielded 1 451 697 million packs of contraband cigarettes, one vehicle and over USD 600 000. This seizure of the cigarettes reflects USD 2 068 668.20 in revenue loss to the State of Washington, the second largest such seizure in the history of the State. PAUL and his associates were eventually indicted for smuggling and trafficking of cigarettes, money laundering, and structuring financial transactions.”100
Case 3: Counterfeiting
“In the FTZ of Ras-Al-Khaimah in the United Arab Emirates (UAE) – in 2009 – a successful criminal prosecution was brought against a counterfeiter making fake cooling gas cylinders branded with a famous mark in that industry. (To our knowledge this is the first known successful criminal prosecution against any enterprise operating within a Free Zone and is a welcome development that should serve as best practice development in achieving an improved regulatory framework against illicit operators in FTZs).”101
3.5. Good practices
The FATF’s “Money Laundering Vulnerabilities of Free Trade Zones” is the first global report to address the issue of FTZs as “enablers” of crime. However, it is not the first time that the money laundering and terrorist financing vulnerabilities of FTZs have been identified. As suggested by the FATF report, the work of the Caribbean Financial Action Task Force (CFATF) and of the Aruba Free Trade Zone has developed a number of best practices.
Caribbean Financial Action Task Force (CFATF):The CFATF first began to investigate the money laundering and terrorist financing vulnerability of FTZs in 2000. Its work led in 2001 to the formulation of prevention guidelines and recommendations to CFATF member governments. In general, members are required to “devise, enact, and effectively implement a comprehensive legislative regime affecting Free Trade Zones.”102
Of some interest is that these recommendations also specify that “where necessary, such a legislative regime should meet the following requirements:
- The Free Trade Zone Authority, if necessary, should be physically present and operate in the Free Trade Zone. The appropriate National authorities should, at minimum, oversee and supervise all operations in the Free Trade Zone and enforce sanction violations of all applicable laws and regulations
- Businesses operating in Free Trade Zones must comply with all applicable laws and regulations and must establish an anti-money laundering compliance program which includes an independent review and internal audits. It is strongly recommended that businesses designate a compliance officer who shall be responsible for monitoring and ensuring implementation of the compliance program.
- Businesses operating in Free Trade Zones should be required to identify their clients and to keep the record of each transaction and to report suspicious activities to the competent authorities.”103
Aruba’s experience:104 In the mid 1990s, Aruba’s Free Trade Zone received a good deal of international bad press, with allegations ranging from mafia presence and money laundering to smuggling. This was obviously devastating to Aruba’s economy, based heavily on tourism, the single most important economic pillar.
To deal with the situation, the Aruban Government decided to research the vulnerabilities of the economy, including its Free Trade Zone, to identify a general framework by which to solve the problems and address the weaknesses identified.
“To protect FTZs from being used for illegal activities, such as money laundering, underground banking and smuggling, the guiding principle … has been prevention: how to raise the threshold, make it more difficult to launder illegal proceeds, and protect the integrity of the trade system. The development of a program based on promoting integrity, prevention, transparency and risk assessment is a best practice.”105
New legislation, based on the principle of trade system integrity, was introduced, updating and strengthening the existing rules and regulations. The crucial element of this new regulatory framework was that all FTZ companies that wanted to continue operating within the Zone had to pass due diligence checks and be re-admitted under the new rules and regulations. The due diligence was mainly performed by means of pre-admission screening, consisting of background controls, a business plan and a source of funds declaration:
“The Zone authority requires transparency of the company structure: who is/are the ultimate beneficiaries? The background checks are done on all shareholders, directors and persons with a relevant power-of-attorney. Furthermore, the potential clients must submit a business plan detailing the intended type of business: what type of goods, services; between which countries; information on clients. It helps define a client profile needed for the risk-based approach. Also, the client must sign a statement declaring the source of funds which will be used to start up operations and the fact that these funds do not originate from criminal activity.” 106
Some clients, for various reasons, never completed the admission procedures; some companies chose not to be re-admitted. “It seems to work as a threshold for businesses that can’t or don’t want to maintain transparency into their intended business operations.”107
As suggested by the FATF report and the Aruba experience, although supervisions and controls cannot replace law enforcement, they are an effective line of first defence. “It is at least heartening to see how many of the challenges were overcome simply by conducting regular checks at the various companies.”108
However, given the transnational nature of trade, the first national level of defence is not sufficient. International cooperation is also needed. Unfortunately, an international framework does not exist in this field and exchanging information among the authorities of different countries remains difficult. The already noted proliferation of FTZs makes concerted action necessary globally, but it is not easy to make changes to reduce the Zones’ capacity to enable organized crime and control exchange evasion without destroying the “light touch” regulation that is their raison d’être.
Building and developing international, regional and national platforms for cooperation:
Since FTZ crimes typically occur across national and regional borders, building collaborative platforms at different levels, in particular at the international level, is essential to effectively combat FTZ crimes. Such collaboration should include strategic, legislative, judicial, as well as administrative, regulatory, resource, enforcement, technical, intelligence, and other means as necessary. Current platforms should be examined to identify their pros and cons, using them to plan and create a system of platforms for cooperation.
Building IT capabilities, and intelligence gathering, processing and utilization in Free Trade Zones:
Given the serious lack of resources available to contain, detect and control FTZ crimes in general, and particularly in developing countries, funds must be allocated to build and strengthen infrastructure in the fight against FTZ crimes, initially by enhancing IT and intelligence capabilities.
Enhancing IT capabilities
- A standardized procedure for Customs record-keeping, reducing or eliminating paper records, could greatly reduce opportunities for fraudulent activities. The MCC’s recommendation on computerization was primarily proposed to enhance customer efficiency but it also increases the capacity to combat FTZ crimes. The Council recommends the wider adoption of the World Customs Organization’s “Single Window” concept.
- Enhanced IT capabilities in FTZ management will not only better serve businesses in the registration of their activities but will also improve Customs’ capacity to monitor and check these activities without adding undue burdens on businesses as they conduct their normal commercial affairs.
Enhancing intelligence capabilities
- Intelligence capabilities can be improved by building and enhancing Financial Intelligence Units and other law enforcement agencies’ intelligence data gathering and analysis abilities.
- It is also necessary to enhance cooperation and intelligence sharing among FIUs, law enforcement entities, Customs and FTZ authorities.
Raising public awareness and educating officials about the harms of FTZ crimes:
Many of the FTZs’ vulnerabilities stem from official “inaction”. Existing rules and common sense are not applied to detect and identify crimes. Certain officials believe fighting crime is not as important as developing economic activity and trade
Information campaigns must be launched to communicate the seriousness of the crimes committed within Free Trade Zones and the huge amount of harm they cause for the global economy and trade. One suggestion is to organize and conduct an assessment of the threats posed by organized crime in FTZs, communicating its results to a broader audience.
A call to support systematic research on criminal activity in FTZs is also desirable. Systematically collecting data on Free Trade Zone crimes by analysing the cases, describing the vulnerabilities and identifying the mechanisms would contribute to a better understanding of FTZ crimes and the Zones’ exploitation by organized crime groups.
Developing and enacting “balanced legislation” for Free Trade Zones:
At the heart of FTZ operations (and criminality) is the relaxation of regulations meant to increase efficiency. Improved legislation must thus fully consider this basic feature of Free Trade Zones in order not to defeat their original purpose. Only balanced legislation can achieve the desired results and be enforceable. Thus recommendations include:
- developing legislation against the establishment of new crimes in FTZs that fills existing legal gaps
- giving priority to enhancing AML/CFT legislation, including provisions such as seizing illicit proceeds and recovering illicit assets
- giving priority to enhancing legislation focusing on fraud, since much of the organized crime in FTZs is fraudulent. Fraud can be identified in every criminal case in FTZs
- empowering authorities, particularly Customs or other law enforcement agencies, to conduct secondary inspections
- enhancing legislation empowering law enforcement agencies and FIUs to detect FTZ crimes and collect evidence
- enhancing legislation empowering prosecutors to prosecute FTZ crimes
Developing better mechanisms to trace the origin and destination of goods:
Developing systematic, efficient and effective regulation and technology is key to countering FTZ organized crimes. Therefore, crucial features to be developed globally include:
- regulations and technology to trace goods
- record-keeping regulations covering the entire itinerary of traded goods
- mechanisms to prevent double invoicing
- labelling regulations and checking technology
- regulations and technology to facilitate the authenticity of the goods and identify their origin
- the registration and documenting of parts
- information requirements to identify ownership
- risk assessment tools to facilitate the sampling of goods for verification and monitoring purposes
Developing Customs’ primary cooperation:
- given the existing structure and achievements, encouraging the World Customs Organization to take the lead at the international level, and Customs authorities to take the lead at other levels
- developing international collaboration on a standard Customs Code
- developing an international standard for Customs clearance
- developing model coordination regulations between Customs and Zone authorities
Members of the Global Agenda Council on Organized Crime 2011-2012
Ernesto U. Savona, Director, Transcrime, Italy
Rob Wainwright, Director, Europol (European Police), The Hague, Netherlands
- Margaret Beare, Professor, Osgoode Hall Law School, York University, Canada
- Nelson Cheng, Deputy Commander of the Eastern District, Hong Kong Police Force, Hong Kong SAR, People’s Republic of China
- Peter Gastrow, Senior Fellow and Director, International Peace Institute (IPI), USA
- David E. Kaplan, Partner, Investigative Journalism Consultants, USA
- Michael J. Keelty, Adjunct Professor, Charles Sturt University, Australia
- Michael Levi, Professor, Crime, Security and Justice Research Group, Cardiff University, United Kingdom
- Liu Jianhong, Professor of Criminology, University of Macau, People’s Republic of China
- Richard Magnan, Associate, General Council, Kudelski Group, Switzerland
- Larisa Miculet, Head, Personnel, Legislation and Litigation Division, Ministry of Foreign Affairs and European Integration of Moldova, Moldova
- Grant Newsham, Executive Director, Corporate Security, Morgan Stanley Japan, Japan
- Kuniko Ozaki, Judge, International Criminal Court (ICC), Netherlands
- Hernan Penafiel, Head, Teaching, Universidad Mayor Law School, Universidad Mayor, Chile
- John Sandage, Director, Division for Treaty Affairs, United Nations Office on Drugs and Crime (UNODC), Vienna, Austria
- Mas Achmad Santosa, Member, Presidential Anti-Judicial Mafia Task Force, Government of Indonesia, Indonesia
- Louise Shelley, Professor, School of Public Policy, George Mason University, USA
For information on projects initiated by the Global Agenda Council on Organized Crime, please contact Navitri Putri Guillaume at [email protected]