The fight against financial crime is much like the 100m dash. Pardon our awkward analogy and give us an opportunity to explain. The 100m dash is a straight line foot-race were first and second place are determined by milliseconds. More often than not, the winner can’t even be determined in realtime, needing the assistance of video replay. The margin of error is minimal. How does that relate to financial crime, you might ask?
Financial crime and KYC/AML security are exactly like the two athletes competing for the first and second position in the 100m dash. The margin for error is nonexistent and if one of the two blinks, the other one wins. The history of the rivalry is well-documented - from phishing scams and account takeovers to fake identities and financing terrorist activity, financial institutions have been asked to deal with a lot since the Internet became a big player in the way people and companies conduct business.
The biggest ally in the world against financial crime is also the foe - technology. Tech has come a long way since the inception of the Internet and is the weapon both sides use to steal/safeguard data and information. Today, we’ll have a look at 3 challenges faced by financial institutions in their fight against financial crime, and the ways in which they go about resolving them.
1. Irregular Regulation
Whilst regulators around the world are essentially tackling the same issues and challenges, they are all doing it in isolation. Different jurisdictions call for different laws, and policies, creating a maze of compliance requirements for financial institutions and businesses. Take sanctions screening, for example, were each jurisdiction issues its own lists of sanctioned entities, making it increasingly difficult for FIs to check and investigate cases in realtime.
Last year’s white paper by The Wolfsberg Group titled “Wolfsberg Guidance on Sanctions Screening” is a perfect example of the challenges that FIs need to maneuver through in order to not only comply with regulation but actively protect their organization from a possible threat. The need for a more uniform set of regulations is evident and has been the prominent industry subject for quite some time. Just have a look at the white paper by the Institute of International Finance and Deloitte LLP titled “The global framework for fighting financial crime.” Here’s an excerpt from the paper, emphasizing the need for more consistent regulation:
“There is growing consensus that the current global framework for fighting financial crime is not as effective as it could be, and that more needs to be done at the international, regional and national levels to help identify and stem the flow of illicit finance.”
The solution is as clear as the problem. The only thing that remains that’s required, is action.
2.Cybercrime & Protection of Client Data
Let’s start with some facts.
In an article by USA Today, 2019 was coined as the worst year ever for data breaches with a 54% year on year increase in the first half of 2019. The article wasn’t wrong as what followed was a series of front-page, cyber-crime cases that have shaken the industry to its core. In July, came the New York Times exposé on the shocking Capital One data breach scandal compromising data worth over 100 million. In August, Monzo urged 500,000 customers to change their pin numbers, due to the internal mishandling of data storage.
What’s the moral of the story? Financial cybercrime is at an all-time high and it needs to be addressed immediately if FIs want to keep their clientele. Security and confidence in their financial provider are two of the most important factors for people. In FIS’s “2019 Performance Against Customer Expectations (PACE)” findings revealed that 1/3 respondents surveyed has been a victim of fraud. Unsurprisingly, 90% claimed that a bank’s ability to keep their transactions safe and secure is a “very important” factor when choosing a financial provider.
The literature on how to avoid internal data breaches is endless but no matter how much you read and stay up to date, nothing will ever protect your company/FI better than an actionable plan. Cybercrime and client data protection go hand in hand and can prove to be critical in determining who comes out the other side as the winner.
3.Rethink Operational Silos
Going back to our 100m dash comparison, much like athletes evolve, adapt, and break records, so does financial crime. The threat has become so diversified that it now looks like the Lernaean Hydra, the multiheaded monster from Greek mythology. What that means for FIs, is that they need to rethink their outdated operational silos. Compliance should stop operating in a vacuum, and it should take on an advisory role in the internal structure of the company.
The legal, sales, and operations team should work in tandem with compliance and understand that they need each other to be more productive, safer, and more effective. Upper management needs to reinvent their roles and understand that their contribution in setting up a robust internal strategy system is essential. Compliance departments have always been considered as a defensive mechanism for companies, teams that react rather than proact. This paradigm is slowly yet steadily changing. Proactive governance reduces reactive compliance and the sooner FIs adapt, the sooner they will have a fighting chance against financial crime.
Financial crime has been slowly yet steadily been growing over the past couple of years and COVID-19 has only escalated things. In a recent BIS white paper titled “Financial crime in times of Covid-19 –AML and cyber resilience measures,” this point was perfectly put forward and analyzed:
“The lockdown increases the scope for criminals to exploit vulnerabilities and commit financial crime. The increased online presence of virtually everyone has led to new, and in some cases more naïve, targets for online fraudsters. Work-from-home arrangements with remote access to corporate networks have significantly expanded the attack surface for cybercriminals. Money launderers can also take advantage of the increased need for financial institutions to identify and onboard their customers online. In normal times, cyber-attacks and AML violations expose financial institutions to significant operational and reputational risks. In exceptional circumstances like the current one, those risks could be further exacerbated.”
The challenges that could otherwise be set aside, can no longer be overlooked. If ever there was a time to address the challenges, regarding financial crime, the time is now. Depending on the phase your business is at, feel free to contact our team of experts and we will resolve any problem or question you have regarding KYC/AML.