2017 has been a year of evolution for crime prevention in the global financial industry. Yet more high-profile terrorist attacks have pushed the issue of terrorist finance even further into the spotlight, while sanctions have repeatedly made the headlines in relation to major geopolitical developments. Heading into 2018, financial crime is going to pose greater challenges than ever before.

As the techniques used by criminals continue to change and grow in sophistication, efforts to prevent and detect their activities are often compared with taking aim at a moving target. As the behaviour of criminals shifts, so must that of the compliance officers and money-laundering reporting officers who are charged with derailing them.

The industry is increasingly aware that a ‘tick-box’ approach to financial crime compliance is no longer enough. New regulations, such as the EU Funds Transfer Regulation 2015 (EU FTR 2015) and the New York Department of Financial Services' set of Banking Division Transaction Monitoring and Filtering Programme Requirements and Certifications, are putting more pressure on banks not only to understand the ways in which their compliance systems work, but to also demonstrate that their programmes are effective.

These efforts are helping to put banks in a stronger position when it comes to fighting financial crime, but those banks are also having to shoulder higher costs and, potentially, higher risks.

Collaboration has also been a key theme in the past year. This-or-that bank need no longer shoulder the responsibility of tackling financial crime alone. Institutions are now working together on effective and efficient solutions in a resource-constrained world.

The sharing of intelligence

Financial crime has become an ever-growing obsession for governments around the world and banks are often expected to satisfy regulators in many jurisdictions at once. They must demonstrate robust governance, effective risk procedures and adequate internal control mechanisms as they try to offset the risks associated with financial crime.

The quality of underlying data and information relating to international payments is vital to a bank’s ability to monitor and tackle financial crime. It is expensive to acquire, assess and maintain accurate data about counterparty relationships and calls for regular qualitative assessments to verify the data and keep it continuously up-to-date.

The power of KYC

The industry is becoming increasingly united in the belief that financial crime should not be tackled in silos. In the year just gone, we have seen a surge in the adoption of KYC utilities that let banks share data collectively, the better to improve the consistency, efficiency and speed of their 'know your customer' processes. In view of the heavy reliance that banks place on one another through long-established customer trading relationships, this makes good business sense.

In addition, banks are sharing more and more intelligence with law enforcement agencies. This helps them to understand patterns of financial behaviour that might be indicative of terrorist or criminal activity, satisfies the regulator's desire to see more information about banking processes and, ultimately, helps to reduce financial crime.

Good compliance = good business!

Some institutions see compliance as a crucial, but often burdensome, process for combating criminal activity and the illegal flow of money. However, as we move into 2018, banks are increasingly recognising that robust compliance procedures earn the trust of regulators and can transform their business prospects.

By demonstrating that it is making strong efforts to comply, a bank can attract customers who are looking for legitimate channels that facilitate international payments and correspondent banking relationships.

This is particularly pertinent in highly risky regions where 'de-risking' has become a concern for the resident financial institutions and regulators, affecting their ability to access the global financial system. By demonstrating compliance and transparency, banks in 'higher-risk' markets can reduce their chances of being 'de-risked' and, hopefully, be regarded as safe and reliable business partners.

The scourge of de-risking
 
De-risking has had the unintended consequence of driving institutions towards channels that are less transparent, more difficult to track, and making them inclined to take on greater risks. This can make it harder for the authorities to see what they are doing and, potentially, even to track and prevent money laundering and criminal activity – the very thing that regulation is supposed to prevent.

The reduction of the adverse effects of de-risking therefore remains a top priority for banks and financial institutions around the world, which ought to work with regulators and customers to support robust and transparent compliance procedures that facilitate the international flow of legitimate payments.

From our experience, the optimal way of doing this is the collaborative use of industry-wide IT platforms that standardise data and whose processes are open to the scrutiny of participants and regulators.

The reduction of compliance costs

The cost and complexity of regulatory compliance is growing rapidly. Operating costs that banks spend on compliance have soared since the financial crisis began in 2008.

It is no longer efficient for institutions to tackle these issues individually, as the costs are too high. A decision to ‘go solo’ also makes things more complex for counterparties and is not sustainable.

In 2017, therefore, we have seen institutions continue to form partnerships with third-party utilities, combining ideas and best practices with technological innovation. By working together, they are developing industry-wide software that a broad range of institutions can use.

The use of artificial intelligence

As the technology and tools available to tackle financial crime continue to evolve, many institutions are starting to explore the potential of emerging technologies such as artificial intelligence (AI).

Although AI remains in its infancy, financial institutions recognise its great potential. In our view, AI technology could be applied in many areas, from natural language in payment processing to sanction filters, and the automation of alert investigations that compliance systems must undertake.

When developed and used appropriately, AI provides firms with insights about their business that they can then use to improve the effectiveness and efficiency of compliance processes, and diminish the risk of fraud.

At the same time, the industry's move towards AI and machine learning underscores the need for banks to ensure that the data in their internal systems and payment messages is of high quality, because such technology is only as accurate as the information with which it is provided.

The cyber-threat

As the nature of cyber-threats continues to evolve, community initiatives (which occur when service providers such as SWIFT try out new initiatives with the co-operation of groups of their customers) are playing an increasingly important part in the industry's fight back.

As a member-owned co-operative, SWIFT is working with its users to ensure that they adopt security controls as part of their everyday business processes. It is doing so by means of its Customer Security Programme, by which firms (among other things) share intelligence about the modus operandi of the perpetrators of attacks, and agree to divulge their level of compliance with mandatory controls.

Regulators are now looking more closely at this area as additional threats emerge, and new regulation could certainly be introduced as a result.

The road ahead

It is, then, imperative for financial institutions to work together to tackle financial crime. They must also collaborate with regulators, other authorities, and industry bodies such as SWIFT, to develop more standardised ways of working.

Measurable objectives, improved skillsets, new technology, risk-based strategies and far greater volumes of information-sharing will be common themes in 2018. A shift to a more targeted, risk-based approach to financial crime compliance can only be achieved through more information-sharing between banks, regulators and law enforcement agencies.

We are already seeing considerable progress. A great example is the work being carried out by the Wolfsberg Group, which revised its Due Diligence Questionnaire for Correspondent Banks in order to help private banks meet ever-more stringent regulatory requirements.

It is likely that we will see further regulatory developments in the area of cyber-security during the course of the New Year. As this happens, we hope that the industry and regulators will collaborate effectively to evolve and then take a consistent approach to the problem, thereby sidestepping the fragmented regulatory environment that exists in other areas of financial crime prevention.