Nested Financial Crime Risks in Correspondent Banking

In an increasingly global economy, correspondent banking services are essential as they enable international transactions and facilitate financial inclusion.  

In this setup, a large established bank, which has the necessary regulatory approvals and licenses, acts as a ‘Correspondent’. They provide international payment services to smaller local banks, the respondent, processing global transactions on behalf of the bank and their customers.

Today, we are diving into one of the most complex issues facing any bank providing correspondent services: managing and countering “nested” financial crime risks. 

What is “Nesting”?

Nesting takes place when a Respondent Bank provides the same international payment services to other third-party financial institutions. 

The Visibility Gap & Oversight Risks

Nesting creates a visibility gap and increases risk for the Correspondent. 

A Correspondent Bank performs due diligence on the Respondent Bank, before and throughout the life of their relationship, to ensure they have robust financial crime controls and an acceptable financial crime risk appetite. 

In a nested scenario, the Correspondent has no direct relationship with a third-party financial institution and no opportunity to directly apply its own due diligence. If those downstream institutions have weak controls, the Correspondent Bank may be exposed to risk, unknowingly facilitating money laundering, terrorist financing or sanctions evasion. Criminals understand these processes and will seek to exploit them. 

Strategies for Risk Mitigation 

To mitigate nested risks in correspondent banking, banks should consider the following:

The Disclosure Mandate

Establish a clear legal foundation by including contractual requirements that force Respondent Banks to declare any nested banking arrangements. This transparency is vital as it allows the Correspondent to perform Enhanced Due Diligence where necessary. This process must include an evaluation of the Respondent’s financial crime compliance framework regarding third-party institutions, supplemented by public source research to identify any underlying risks. 

Adaptive Surveillance

Risk is never static, so your oversight shouldn’t be either. Conduct regular due diligence on the Respondent specifically to spot shifts in their nesting activity. By maintaining a schedule of periodic reviews, you can identify if the Respondent’s business model or risk appetite has evolved in a way that no longer aligns wih your institution’s safety standards. 

The Compliance Gateway 

Implement ongoing monitoring of all transaction originating from the Respondent. You must pay particular attention to the completeness of transaction data. Under FATF Recommendation 16, all cross-border payments must include full originator and beneficiary details. 

Perimeter Protection 

Your monitoring tools must be finely tuned to detect activity involving high-risk jurisdictions or sanctioned parties. You must assess and update your monitoring calibration on a regular basis to ensure it remains effective against emerging threats. 

Behavioural Intelligence

Utilize monitoring through analytics to identify deviations in the Respondent’s typical behaviour. Look for sudden spikes in volume, shifts in geographic exposure or introduction of new currencies. 

The Transparency Test

Treat the quality of communication as a core risk metric. You should constantly evaluate the Respondent’s transparency when inquiries are made. If a partner becomes evasive, it’s a primary signal of underlying risk. 

Risk Signal Identification 

Building on the transparency test, any instance where a Respondent is non-responsive to compliance inquiries should be documented as a formal risk signal. Failure to provide clear and timely information regarding nested activity often indicates intentional concealment, requiring a re-evaluation of the entire banking relationship.  

In an interconnected world, your security is only as strong as your weakest link. Let’s make sure your correspondent network is a source of growth, not a source of risk.