Someone once told me, rules and regulations to mitigate against the risks of financial crime are useless if people in places of authority choose to violate those same rules they claim to uphold.
That this remains true today is sadly reaffirmed in the results of a survey conducted by Vanson Bourne in the fourth quarter of 2020. Coming from enterprise banking, investments, crypto, insurance and fintech organisations, 87% of Asia Pacific respondents acknowledged that they consciously choose to violate laws and incur anti-money laundering fines “all the time”, “regularly” or “occasionally”.
Such an attitude among banking leaders and compliance professionals no doubt undermines global and APAC governments’ efforts to fight financial crime, which has been on the upswing since the onset of Covid-19.
Drivers of financial crime
Crime rates have been rising due to the vast amounts of public funds scurrying through the international financial system, and the heightened use of digital and instant payments as businesses and purchases shift online.
Perhaps as a consequence of tighter regulation or better compliance on the part of financial institutions, there has been a jump in the filing of suspicious reports, according to Jaede Tan, managing director of ComplyAdvantage for Asia-Pacific.
He noted that per the study, the surge in public funds such as economic stimulus, aid funding, upgrading health infrastructure, means more monies are flowing through the international system. This creates a honeypot for corrupt actors.
He acknowledges that while regulations are evolving gaps continue to exist. “Where we have seen the biggest gap is actually the technologies that financial institutions have available to combat and monitor the risks associated with ever changing regulation,” he commented.
This was highlighted even more so during 2020 during the early stages of the pandemic.
“Throughout COVID, for example, many legacy systems required on-premises people to actually go and service update and maintain systems. Now, in a lockdown environment, that just wasn't possible. And so many financial institutions were caught cold, not being able to maintain their systems simply by virtue of not being connected remotely to work,” he added.
Weighing the costs
He conceded that to mitigate against the risks of financial crime, organisations need to invest in robust, flexible, and integrated screening and monitoring systems to navigate complex types of financial crime.
“The investment to make sure that entire infrastructure is flexible enough to change and adapt, and the automation process of is going to be increasingly important moving forward,” Tan continued.
He also acknowledged the challenge that the CIO and IT team face: evolving customer demand on one side and increasing regulation on the other – opposing forces to some extent.
To complicate matters is the continuing acceptance that compliance is an expensive, but necessary, exercise. Peter Merkulov, CTO at Globalscope, cited the Ponemon Institute-Globalscope study that pegged the average cost of compliance at US$5.47 million. He reckons the cost is still justifiable when compared to the average of US$14.82 million for noncompliance.
Still, with budgets tight on account of the pandemic, there must be a better way to view compliance spend. ComplyAdvantage’s Tan suggests positioning compliance as a revenue driver. Recalling that customers want instant engagement, a business that is able to turn around a transaction faster than the competition benefits both financially and also in terms of customer retention.
“By integrating the correct compliance steps, you are bringing business back from your competitors that you might not necessarily have had access to previously."
Jaede Tan
He suggested that any effort to manage financial crime risks should be done as a joined-up approach across the organisation. “This needs to be a conjoined decision. How can we implement technology across our technology stack to embed that risk identification process in the entire lifecycle of our client management? Everything from onboarding to every transaction, and so on and so forth,” he added. The silo approach needs to end.
Asked what steps the CIO must take to support the organisation’s financial crime risk-mitigation strategy, he suggested to start with a look at the business environment, including regulations, available solutions, and RegTechs – some of which are challenging the status quo.
“Keep your eyes open. Don't just accept status quo. There are new options out there. Assess those and then choose the ones that are going to be best for you. Because as new technologies are on boarded, and new payment methods are introduced, firms really need to manage them to ensure they don't expose their firm and their customers to enhance financial crime threats,” he concluded.
Click on the PodChat player to listen to the full details of Tan’s responses to the questions posed to him during the dialogue, including:
- Give us the 30-second elevator pitch of who is ComplyAdvantage.
- From the ComplyAdvantage: The State of Financial Crime 2021, on the topic of financial crime and in the context of the financial services industry in Asia-Pacific:
- What can we learn from 2020 (no need to cover geopolitical issues unless it is important to the CIO)?
- Were we better or worst off in 2020 compared to 2019?
- The report mentioned that digitization presented many opportunities to commit a crime.
- Is regulation insufficient/inefficient to contain these new financial crimes that use the same technology available to do legal business?
- From the perspective of the CIO,
- what should be top-of-mind (priority) when it comes to mitigating against the risks of financial crime?
- given the evolving nature of regulation, the preponderance of legacy systems and application, and emerging technologies, how should the CIO balance all of these to mitigate the risks of financial crime?
- How do you convert compliance from a cost-centric to a revenue generator?
- Financial institutions have built, in some cases, decades of processes to address evolving compliance requirements. How do you approach these organisations with a view towards improving what exists?
- When looking to possibly align compliance with current business environments, who need to get involved?
- What are the key considerations for the CIO in strategizing how to better mitigate the risks of financial crime?