Back to basics: where KYC is going now
Kieron O'Brien, Director, Dublin, 19 June 2018
In this bright and breezy sketch on the subject of know-your-customer controls, we end by discussing a much-lauded solution for all ills: the use of machine code in financial regulation.
Earlier this year, a glossy BBC TV series called McMafia exploded into the relative quiet of Britain’s Sunday nights – well, those of us who still make our television choices from a live guide!
It hooked its viewers with a gripping tale of sharp-suited gangsters from all over the world - Russian oligarchs and Brazilian drug barons among them – conducting their dirty business in London’s most expensive boardrooms and on playboy yachts in the south of France, rather than down the back alleys of seedy neighbourhoods, dodgy bars and casinos as seen in the classic mafia films of previous decades.
The main protagonist, Alex Godman, a fund manager educated at Harvard Business School, easily sends money all over the world without a trace by setting up an elaborate chain of companies in different tax havens. In this way, he runs a multi-billion dollar illegal enterprise with fingers in many pies.
The media does not portray organised crime, money laundering and the funding of terrorism only in TV dramas. Every week, major newspapers are publishing stories of international importance, such as the now infamous ‘Panama Papers’, which are still making headlines almost three years after they were initially leaked. The British Government recently made headlines by refusing to renew Chelsea Football Club owner Roman Abramovich’s visa until he proved that his wealth was gained – and moved into the UK – legitimately.
Fact: worse than fiction!
The cold, hard truth is that the criminal underworld has infiltrated the business world on such a huge scale that its invisible tentacles are almost everywhere. It is often nigh-on impossible to differentiate between legitimate and illegitimate business.
The Internet, of course, has helped to increase criminal activity. The speed and ease with which people can use it have gone hand-in-hand with risk. Just think how easy it is, for instance, to book a holiday without ever meeting or talking to anyone at the hotel, or how easy it is to find a flat, again without meeting or talking to anyone. Even global money transfers are now online, almost instantaneous and not conducted face-to-face. At any time when counterparties do not know each other, fraudulent transactions are very possible.
This is a major shift from the image that we had of organised crime in the 1960s or 1970s! In London alone, the anti-corruption charity Transparency International estimates that more than £4.4 billion in property is owned by ‘suspicious wealth’, with the sheer weight of criminal money skewing the value of properties in the capital. Last year, the European Union witnessed a string of money laundering scandals in countries such as Latvia, Malta and Estonia which resulted in bank closures and arrests.
The worldwide rise in serious and organised financial crime has resulted in stricter laws and regulations in a number of jurisdictions around the world, with the EU leading the way.
However, the Internet, and its ability to span the world’s jurisdictions, allows criminals to make direct contact with potential victims who live far away. An article in Technology Review magazine in 2013 said: "Modern criminals are focusing on the internet. The opportunities for turning dirty money into a spotless shade of green are plentiful."
Opportunities such as fake online estate agencies, holiday scamsand online dating scams are proving irresistible to criminals. It is worrying to note that awareness campaigns are not keeping pace with the criminals; according to a report from the US Federal Trade Commission, ‘millennials’ are actually more vulnerable to online scams than older generations.
The report finds that “40% of adults age 20-29 who have reported fraud, ended up losing money in a fraud case.”
How does 'knowing your customer' come into this?
AML and KYC procedures are designed ultimately to preventing money laundering (defined as the concealment of the origins of illegally obtained money, typically by means of transfers involving foreign banks or legitimate businesses). The overarching mission of the compliance industry is to remove the incentive for criminals to commit fraud in the first place, if money laundering cannot take place. Over the past 10-15 years it has made real progress. The old problems remain, however, and are as follows.
- The speed at which criminals work out new ways of flouting regulations.
- The difficulty that Governments face in finding and keeping highly qualified regulators on their payrolls.
- Implementation and enforcement.
In recent years, regulatory enforcement has undergone a slight change. Governments have met non-compliance with stiffer and more frequent penalties for financial institutions and with personal liability for traders, compliance officers and other people who do not sit on the boards of large financial corporations. A small number of these people now go to gaol for non-compliance.
Is technology the answer?
If organised criminals are making use of technology (with online scams, stolen ID documents, ransomware etc.) then regulators and compliance professionals must accept that the only way to fight them properly is by doing the same. The potential of 'Big Data' and artificial intelligence to ‘see’ patterns invisible to human compliance officers cannot go unrealised!
The UK’s governing body for governance and compliance, ICSA, recently published an article with the heading ‘Automation Will Set Compliance Officers Free.’ The article cited a ‘Global Anti-Money Laundering Survey’ of compliance personnel from last year.
- 69% said that ‘increased regulatory expectations’ were causing them problems.
- 48% complained about ‘insufficient or outdated technology’
Late in the year, a global survey by Thomson Reuters revealed that the average onboarding time for new clients is now as high 26 days because compliance people are having to cope with more and more demanding workloads. Compliance teams must be equipped with the technological tools they need to automate many processes which are currently done manually - and to ensure that these processes work quickly (which, being electronic, they ought to do) and reliably (which they often do not).
Even regulators are experimenting with IT!
Even in the prolix world of governmental regulation, the impenetrable jargon of financial regulation stands out, filling thousands of pages which businesses have to pay external lawyers and compliance personnel to decipher, but which are still ambiguous to say the least. Some companies are choosing to obey them to the bare minimum, which enrages the regulators.
With this in mind, the European Central Bank, the Bank of England and the Central Bank of Ireland are experimenting a radical idea: to provide financial regulation through source code! In the future, changes to regulation could be rolled out just as software updates are from Microsoft or Apple. I do not know of a single software provider who would not be happy with this option. There is general agreement between information technology (IT) firms that they would prefer to spend money writing code rather than on paying lawyers to interpret rules and what they might mean for their clients. Legal firms, of course, might not be so happy!
* Kieron O'Brien can be reached on +353 1-2440669 or at info@knowyourcustomer.com