Senior management and boards are increasingly acknowledging the threat of financial crime as a critical risk to their business that must be addressed. This has been exacerbated in the last 12 months through the impact of the pandemic as well as rising domestic and international tensions. Norton Rose Fulbright’s financial crime compliance specialists, located in the UK, US and Canada, Australia and Asia are looking ahead to 2021 to identify the incoming legislative changes, growing role of technology and the need for an effective regulatory response. This forms part of a seven part series, which will assess amongst other things the expansion of virtual currencies, the growth of the role of the money laundering reporting officer, the changing world of sanctions regimes, and how the Biden Presidency could shape financial crime compliance into the future.
Part 2: Trends in reporting to regulators and transaction monitoring arising out of COVID-19
COVID-19 and the resulting lockdowns have affected our daily lives and the economy, in both an unprecedented and ongoing way. Jurisdictions that still rely on legacy paper-based reporting systems or where the regulated entities, or financial intelligence units, are constrained by remote working have been adversely impacted. This poses particular challenges for both in effectively discharging their respective AML/CTF regulatory obligations.
Many regulators across the world are overhauling their IT regulatory reporting systems in order to keep pace with firms, but more specifically to enable them to slice and dice reported data sets more readily and in different ways to facilitate more targeted and meaningful financial crime risk management.
Last year, the Financial Action Task Force (FATF) published guidance on the risks and policy responses to COVID-19. It emphasised that with global trade being in decline and individual travel at a near standstill, conventional transnational organised crime schemes, which take advantage of global supply chains, have been greatly affected. Consequently, organised crime has diversified further into fraud and cybercrime to respond to the changing economic environment.
FATF in its guidance advised that all regulated entities should remain vigilant to detect suspicious financial transactions, particularly in the context of cross-border flows from countries that are receiving emergency COVID-19-related funding. One such example, reported by the National Crime Agency in the UK, has been how companies have claimed for furloughed employees and have used the funds to pay the employees’ salaries, without informing them that this was the case. The employees have therefore been continuing to carry out their regular duties. Also in the UK, work is already underway to redefine the national Suspicious Activity Reporting (SAR) framework (the UK Home Office’s “SARs Transformation Programme”). This seeks to enhance the quality of SARs and capitalise on technological developments to streamline operations with respect to SAR submissions.
The identification and escalation of suspicious activity by regulated entities has also changed with greater emphasis on transaction monitoring due to fewer in-person transactions. Furthermore, effective communication, re-assessment of policies and procedures and enhanced training have been necessary due to the evolving risks posed by COVID-19. In Australia for example, amendments were made to legislation to enable greater use of electronic identification and verification of customers. This provided a practical solution given the need to identify customers remotely, but is of course subject to exploitation as face-to-face verification becomes less common and the resulting anonymity provides organised crime a shield.
The global COVID-19 pandemic has caused seismic shifts in our spending habits. This has affected the ability of institutions to understand whether customer activity and behaviour diverges from a baseline “normal” and has led to an increase in alerts which need to be investigated and cleared. It has also created new trends in terms of how criminals are seeking to launder ill-gotten gains. For example, in Australia the New South Wales Crime Commission has observed a reduction in drug importation caused by restricted international travel, however, the use of dedicated encrypted communication networks have increased and are now regarded as essential tools for organised crime to arrange transactions and launder funds.
The pandemic has also increased the number of vulnerable individuals in society seeking quick cash or a means of substituting their income. Criminals have capitalised on this, recruiting those experiencing financial hardship to act as money mules to transfer illicit funds. The September 2020 “Follow the Money” report published by SWIFT and BAE Systems exemplifies the challenges faced in tracing and monitoring extensive mule networks, especially when these expand across borders.
Many jurisdictions globally have responded to the pandemic by encouraging the use of contactless transactions, and have widened the accessibility of this by increasing contactless spending limits. The UK’s banking and finance consortium UK Finance for example recently reported that the total value of UK consumer contactless spending in October 2020 was almost 16% higher than in October 2019. However, these types of spending practices evaluates risks from a financial crime perspective by enabling access to funds to other third parties which may not be the cardholder.
In the financial services sector, internet-based banking has surged in light of the pandemic. Access to bank branches globally has been affected by lockdowns and branch closures, and society in general has been encouraged to make use of mobile and app based methods to execute fund transfers. This additional volume of online activity has caused challenges in identifying potentially suspicious transactions, both related to money laundering and also fraud (such as email phishing, personal protective equipment, medical equipment, charity donation scams and romance fraud).
Another impact relates to wholesale markets and trading. In October 2020 the Director of Market Oversight at the UK’s Financial Conduct Authority Julia Hoggett highlighted that the permanent working from home set-ups currently in place across the globe hinder “self-policing” in the business (first line of defence) and limit the ability of compliance functions (second line of defence) to act in an oversight and advisory capacity. This increases the risk of potential market manipulation and insider dealing offences, generating proceeds of crime which are then laundered through the financial system.
The US’s FinCEN, amongst other global authoritative bodies, has published a series of Advisory papers outlining the evolving anti-financial crime challenges posed by COVID-19 pandemic, including those noted above (such as scams and money mule schemes), but also additional issues including cybercrime and insurance fraud.
Whilst there are a broad range of new and emerging challenges facing organisations as a direct impact of the pandemic, firms should consider the following to strengthen their position and ride the wave of uncertainty:
- Actively and proactively engaging with regulators or authoritative bodies to gain greater understanding of the typologies and trends emerging from the pandemic, and factor these into their transaction monitoring rules and calibrations;
- Investment in technology to apply sophisticated risk-based scoring and prioritisation to manage spikes and prevent backlogs; and
- Continue to apply rigour and challenge when assessing customer behaviour and activity – data from previous global events (for example the 2007–8 financial crisis) indicate that criminals actively work to find new ways to exploit public uncertainty and fear.