In today’s global landscape, governments worldwide have implemented stringent and detailed regulations regarding anti-money laundering (AML) compliance. With the evolving nature of financial transactions and increasing cross-border activities, previously overlooked AML legal and compliance risks have come to the fore. This article examines two cases from China and the U.S. to illustrate the risks arising from inadequate AML practices.

1.Securities Company Tort Liability and Compensation Case

The digital transformation of the financial sector has brought to light the challenge of balancing compliance with customer rights. Consider a scenario where an elderly investor, unfamiliar with smart devices, fails to update their securities account information promptly, leading to account freezing and restricted transactions. This is not an isolated incident but a common challenge faced by financial institutions when enforcing AML regulations.

In the agency contract dispute between a natural person and a securities firm, the natural person entered into a securities trading entrustment agreement with the securities company, stipulating that the client must promptly update their identity information; otherwise, the securities company could suspend the client’s account usage based on the circumstances. In 2019, the securities company issued announcements via its official website and mobile app, requiring clients to update their information. Subsequently, as the natural person failed to update their information in a timely manner, the company froze their account twice. Despite the natural person communicating with the company’s employees, the account remained frozen, prompting the natural person to file a lawsuit demanding compensation for financial losses. In the first-instance trial, the court ruled that the securities firm must lift the freeze on the natural person’s stock trading account and compensate for interest losses. Both parties later appealed. In the second-instance trial, the Intermediate People’s Court revoked the first-instance civil judgment and ordered the securities company to pay compensation to the natural person. The appellate court took into account the needs of digitally disadvantaged groups who may face difficulties using modern communication methods and deemed the securities company’s notification and disclosure methods to be unreasonable.

The court’s proceedings revealed the securities firm’s unbalanced compliance practices. First, the company failed to fulfill its duty of notification, as it merely issued announcements via its official website and mobile app. However, the natural person had not downloaded the app, and based on the available evidence, it could not be established that the securities company had fully discharged its notification obligations before imposing the initial restrictions on the natural person’s account. Second, the company’s restrictive measures were inappropriate—despite obtaining the client’s updated identity information during the first-instance trial, it continued to enforce account restrictions for several months. Additionally, it is worth noting that the securities company’s staff had remotely guided the natural person through the information update process. This suggests that the natural person was indeed aware of the identity verification requirements and the potential consequences of non-compliance. Furthermore, there was no evidence indicating that the natural person had provided the required information to the securities company at that time. As a result, the court affirmed that the securities company’s account restrictions aligned with standard operational protocols for financial institutions. Nevertheless, despite recognizing the legitimacy of the company’s anti-money laundering obligations, the court still ruled that the securities company’s aforementioned compliance deficiencies constituted a breach of contract. This demonstrates that while courts uphold financial institutions’ regulatory responsibilities, they also emphasize the protection of clients’ legitimate rights, thereby requiring institutions to exercise more than mere prudence in fulfilling their obligations.

Currently, AML compliance gives rise to diverse litigation and disputes. Financial institutions must not only focus on internal compliance but also on case prevention and dispute resolution. Key considerations for institutions in this context are: reasonable notification, clear agreements, timeliness, proportionality, and a risk-based internal compliance strategy.

2.Securities Company’s Liability for Inadequate Anti-Money Laundering Measures in Underwriting

Recently, a securities company reached a settlement with the U.S. Financial Industry Regulatory Authority (FINRA) over AML compliance issues. The settlement included a public censure, a fine, and the requirement to hire an independent consultant to review and enhance AML procedures. The company’s anti-money laundering compliance officer was also suspended.

The securities company, active in underwriting IPOs for Chinese firms, faced several AML-related issues. These included inadequate customer identification procedures, failure to design AML programs to detect and report suspicious transactions in investment banking, and improper handling of business communication records.

The AML compliance officer failed to adjust or strengthen Customer Identification Program (CIP) and AML procedures for high-risk accounts (e.g., those referred by Chinese issuers and mostly inhabited by Chinese residents). This meant a failure to thoroughly verify red flag information like inconsistent document formats, inaccurate birth dates, or discrepancies between income and net worth. Though responsible for "evaluating and investigating customer account activity," the officer didn’t conduct risk adjustments or investigations on the client base referred by Chinese issuers, thus failing to detect and report suspicious transactions. Notably, the securities firm hadn’t met these Chinese clients. Many accounts were opened by issuers providing pre-filled forms and documents. Despite conducting negative news and sanction screenings on these clients, the firm didn’t use the information to verify their true identities. There were issues with the relevance of the firm’s red flag information to its investment banking activities, and it didn’t explain how to detect such red flags.

Therefore, in cross-regional and cross-border contexts, we must focus on the effectiveness of CDD (Customer Due Diligence) for clients from different regions and countries to prevent AML (anti-money laundering) processes from becoming ineffective. Moreover, securities firms should focus on AML compliance requirements and risk identification in securities issuance and underwriting. We summarize the AML focus points in cross-regional and cross-border securities business as follows: scenario-based processes, comprehensive and prudent due diligence, customized red flag models, focus on the integrity and compliance of materials and data, and sensitivity to country and regional political factors.

Summary

As illustrated by these cases, with financial transaction means constantly updating and cross-border activities becoming more frequent, compliance risk exposure increases. Financial institutions need to focus on multi-dimensional risks and issues like administrative management, compliance case prevention, dispute resolution, and cross-border supervision that arise as a result.