Author: Andre Stivala

Adverse media screening is associated with monitoring for negative news and reputational risks on a person or business as part of a company’s onboarding, KYC and AML process. The screening can be conducted manually which is usually more time-consuming and yields limited results or batch screening technology can be applied. Batch screening helps evaluate and identify the most relevant content in a quick and cost-effective manner and overcome potential language barriers, resulting in a global overview of the subject’s coverage that otherwise might have been unnoticed.

Adverse media screening can reveal involvement with various wrongdoings – from terrorism, organized crime, modern slavery, financial crime and fraud, bribery and corruption, to emerging types of crime, such as cybercrime as well as many other possible offenses. Such linkages of a potential client, distributor, intermediary or investor can pose a serious reputational challenge for a company’s business reputation and lead to legal and regulatory proceedings.

Sources of adverse information include public data sources, media outlets – both online and offline, press releases by government bodies, publications by NGOs, investigative journalists, watchlists, blacklists and additional sources.

Regulatory requirements for adverse media screening

Several regulatory bodies and institutions globally have emphasized on the importance and benefits for mitigating risks of adverse media screening. For example, the EU’s 4th Anti Money Laundering Directive requires businesses to perform adverse media searches for natural persons or legal persons established or residing in high-risk countries and other high-risk situations. The Directive also mentions adverse media screening in the context of enhanced customer due diligence for high-risk clients which includes “open source or adverse media searches or commissioning a third-party intelligence report”^[1].

The intergovernmental organization in the field of anti-money laundering policy making – the Financial Action Task Force (FATF) lists “verifiable adverse media searches”^[2] in its enhanced due diligence and simplified due diligence measures in its guidance for a risk-based approach in the banking sector.

Furthermore, US’s Financial Crimes Enforcement Network (FinCEN) indicates in its bulletin “adverse media, negative news, and other forms of derogatory information continue to trend as a basis for submitting a suspicious activity report (SAR)”^[3].

Conducting effective adverse media screening

The first step for conducting effective adverse media screening process is leveraging technology and automated screening techniques. As mentioned above, manual negative media checks have limited effectiveness and are time-consuming, especially when running a fast-growing business with a strong inflow of new customers or a business having multiple partners worldwide. Apart from yielding more accurate results, automated solutions also contribute to less false positives during the screening process.

The second step for effective negative media checks involves checking any aliases of the subject and analyzing global multilingual coverage. Multilingual checks are very important for regions such as MENA and APAC where the subject’s name in English may have multiple local aliases and without checking them as well, the results may be incomplete. For effective screening, it is also important to select a screening solution which also supports automated alias checks, not just name checks, so any important information associated with an entity or an individual can be uncovered.

The third step is using categorization, as not every positive result for adverse media coverage has the same importance for the subject’s risk profile. The categorization of adverse media can be made easier by setting up categories of offenses as defined in international and national legislation or a company’s internal compliance policy. This would allow for easier interpretation of the adverse media coverage and segmentation of customer risk profiles. 

The fourth step is checking the credibility and independence of the source of negative news. Adverse media sources can be broadly separated into two groups – official (derived from government and institutional) sources and non-official (derived mostly from media outlets) sources. Thus, coverage of the key institutions and regulators in multiple jurisdictions is a strong asset for negative media screening. However, when it comes to unofficial sources, it is important to note that the lack of news coverage on criminal convictions alone might not be enough to discount crime allegations.

The final good practice involves using an ongoing monitoring solution which allows the tracking of the news flow associated with clients constantly and ensure the consistency of their risk profiles. The ongoing monitoring functionality puts one in a position where they can review adverse media screening results and update risk profiles for any changes as an apparently harmless news allegation may evolve and require a more serious compliance response.

Consequences of a positive adverse media match

A positive adverse media match usually leads to a higher risk rating of the subject’s risk profile which could result in the filing of a suspicious activity report; conducting further enhanced due diligence; or, terminating the business relationship. The action taken is dependent on a company’s risk and compliance policy. This is how adverse media screening can help mitigate reputational and regulatory risks for business, but also – this type of screening provides the intelligence necessary to handle any business relationship – both expected and existing.

Conclusion

Whilst there are clear regulatory requirements to perform on-going screening of a business’s relationships for any potential changes throughout the relationship, it also makes good business sense from a reputational risk perspective.  The culture of compliance should focus on the bigger picture of seeking to ensure ‘bad actors’ are not able to integrate ‘dirty money’ into the financial system and on-going screening using high quality data sources is a fundamental component of a business’ overall risk mitigation framework.

---

^[1] https://esas-joint-committee.europa.eu/Publications/Guidelines/Guidelines%20on%20Risk%20Factors_EN_04-01-2018.pdf

^[2] http://www.fatf-gafi.org/media/fatf/documents/reports/Risk-Based-Approach-Banking-Sector.pdf

^[3] https://www.fincen.gov/sites/default/files/sar_report/SAR_Stats_2_FINAL.pdf

By Nick Parffit, Acuris Risk Intelligence

You can read all the articles here: http://cm-2.kyte.global

Question 1 – One of the novelties in the new Gaming Act and subsidiary legislation is the Corporate Group Licence. Can you briefly explain the thinking behind this type of licence.

One of the main aims of the regulatory overhaul that took place in 2018 was to reduce unnecessary bureaucratic processes in order to focus efforts on checks that provide added value in line with a risk-based approach. This resulted, amongst other changes, in the introduction of the corporate group licence. Corporate groups that have multiple entities providing licensable activities may apply for such a licence in order to further reduce administrative burdens.  One of the principal examples of its use is when an entity only provides a critical gaming supply to other entities within the same group.  When the entities are all eligible for, and included within, a corporate group gaming service (B2C) licence, there is no need for the entity providing the critical gaming supply to obtain a B2B licence provided it is only providing such supply to entities within the corporate group licence.

Question 2 – What does the process relating to the addition or removal of an entity from such a licence entail?

The addition or removal of an entity from the corporate group licence can be made via the MGA’s Licensee Relationship Management System. The addition of an entity within the corporate group entails the submission of documentation, including the proposed corporate structure. The MGA would also conduct any relevant checks, including due diligence checks on the newly added entities and natural persons behind such entities. Where an entity is removed from the corporate group licence, the MGA would similarly require the submission of the proposed corporate structure. Further to this, the MGA retains the discretion to ask for additional documentation and conduct any checks which it may deem necessary to ensure that the addition or removal of the corporate group entity is being made in accordance with applicable legislation.

Question 3 – Can a group that operates with companies outside of Malta use the Corporate Group Licence instead of obtaining Recognition Notices?

Any entity that is eligible to apply for a licence may be included under the purview of a corporate group licence. If the aforementioned entity is included in the corporate group licence, it can operate by virtue of such licence without having the need to obtain a recognition notice from the MGA.

Question 4 – Has this type of licence been popular amongst licencees?

Following the introduction of the new regulatory regime in 2018, the corporate group licence has been adopted to by a number of authorised persons. For the purpose of statistical data, the Authority considers the entities that fall under a corporate group licence to be one operating company. As of February 2020, there were 27 corporate group licences in total; 16 out of such corporate group licences were issued for B2C-related operations whilst the remaining 11 were issued to B2B-related operations.

Question 5 – What are the regulatory obligations of entities within the Group? E.g. audited financial statements, industry performance reports, etc.

The corporate group entity which is designated as the ‘reporting entity’ is required to fulfil a number of regulatory obligations in order to ensure that the operation is being carried out in accordance with the law, including, inter alia, the fulfilment of reporting requirements. The reporting requirements pertaining to the such operations include the submission of the annual audited financial statements, interim financial statements, monthly player fund reports, monthly tax reports, industry performance reports and also, the payment of the applicable licence fees and compliance contribution. It is pertinent to note that, notwithstanding the designation of one reporting entity, every entity within the corporate group licence is deemed to be jointly and severally liable vis-à-vis the MGA.

Question 6 – Will a company within a group automatically become a Subject Person under the AML/CFT regulations?

In accordance with the Prevention of Money Laundering and Funding of Terrorism Regulations (S.L. 373.01), a subject person is defined as all legal and natural persons carrying out either relevant financial business or relevant activity. Additionally, in accordance with the Implementing Procedures (Part I) published by the FIAU, gaming licencees are deemed to be subject persons and accordingly, this would include corporate group licence holders. However, it is important to clarify that such licence can either be a B2C or a B2B corporate group licence and in this regard, only entities that offer a gaming service (B2C) are deemed to be subject persons. The MGA provides information to the FIAU for the purpose of determining which entities within the corporate group licence may not be providing a gaming service and which therefore, would not be deemed to be subject persons.

Question 7 – Apart from the 90% shareholding requirement for a group entity are there any other specific requirements that need to be satisfied?

Corporate group licence holders are subject to the same regulatory obligations as any other licence holder and therefore, the same requirements which are applicable to licence holders in general need to be satisfied by all of the entities included within the corporate group licence.

Question 8 – Does a Corporate Group licence cost more than a B2C or B2B licence?

The Gaming Licence Fees Regulations (S.L. 583.03) do not make any specific reservations for corporate group licences, as the only differentiation made in relation to the payable fees is related to whether the licence is a gaming service licence or a critical gaming supply licence. Therefore, the fees applicable to a corporate group licence will depend on whether the said licence is a B2C or a B2B corporate group licence. The B2B licence has a fixed licence fee. On the other hand, in the case of B2C licences, the gaming revenue of each entity included within the corporate group licence is taken into consideration for the purpose of determining the applicable licence fee.

By Brandon Debattista Legal Counsel, MGA