The finance industry is grappling with a ‘dirty money problem’, with new data on financial fines revealing there are still gaping holes in compliance systems. Under pressure from the Financial Action Task Force (FATF), national regulators are taking a firmer stance on anti-money laundering (AML), know your customer (KYC) and data privacy breaches, and paying greater attention to the quality of financial institutions’ data. This will put further pressure on the industry to digitise its compliance process this year.
Between January and November 2020, $10.4bn was levied in fines for violations of legislation relating to AML, KYC and data privacy, representing a 26% year-on-year increase, according to regtech provider Fenergo. The eye-watering figures set 2020 on a course to match 2015’s record-breaking total of $11.5bn in fines.
The majority of those fines were levied against one bank: Goldman Sachs. Regulators from across the US, UK and Asia levied a total of almost $7bn in fines against the bank in 2020. This included a $2.9bn penalty, the largest ever handed out by Malaysian regulators, for the bank’s involvement in the 1MDB scandal, where an estimated $4.5bn was embezzled from Malaysia’s state fund by officials.
But the problem of outdated compliance infrastructure is widespread, as evidenced by the explosive FinCEN Files leak last year, which exposed how almost 90 banks helped criminals to launder trillions of dollars in dirty money.
The leak has created even more momentum behind harmonising compliance processes, says Rachel Woolley, global director of financial crime at Fenergo.
“The FinCEN Files highlighted a huge amount of inconsistency and a breakdown in the process between each of the key stakeholders in the compliance journey,” she says. “Probably for the first time we’ve got every global regulator on the same page, in the sense that technology is going to play a huge part in the compliance journey.”
Regulators have also been spurred into action by growing pressure from the FATF, a global industry body that oversees national regulators, which has found many countries falling short, precipitating a surge in fines by regulators that have been recently audited.
Where US regulators were once the driving force for financial oversight, representing 97% of all AML fines in 2016, regulatory action in the EU and Asia Pacific has shifted the balance in recent years. In the first half of 2020, the US accounted for 12% of AML fines, down from 45% in 2019, according to data collected by governance and risk solutions provider Duff & Phelps.
Regulators are becoming data savvy
This year is set to be “big and exciting” for compliance in the banking sector, says Woolley. AML breaches were already the leading cause of regulatory fines in 2020, but the EU’s sixth AML directive, which came into effect in December, will strengthen defences against money laundering and terrorism financing by expanding the scope of existing legislation and bolstering penalties.
Regulators are zeroing in on the critical role of technology, especially around the need for robust underlying data, says Maria Evstropova, director of compliance and regulatory consulting at Duff & Phelps. “The quality of the data and data integrity is becoming one of the key features of the regulatory review because regulators are realising that if firms do not have the right data, the technology is not going to work,” she says.
Fenergo’s Woolley seconds this view, adding that digitising largely paper-based processes in areas such as identifying beneficial ownership will unlock a wealth of new data that will improve compliance systems and free up skilled expertise to focus on specific areas of concern.
“What we need to focus on is adequately identifying risks and managing them accordingly, rather than this blanket approach of applying operational process after operational process, which I think it is fair to say hasn’t been working,” she says.
There are numerous ways in which digital innovation, and in particular artificial intelligence, could boost compliance. For example, banks are required to conduct adverse media screening (AMS) to ensure they are not lending to known criminals, but this is often done automatically, despite recent advances in AI-powered media analysis.
Charlie Delingpole, CEO of regtech ComplyAdvantage, argues that regulators should mandate more advanced AMS techniques. “If banks and financial institutions were forced to update their AMS systems, they’d be able to harvest a much higher volume of valuable data and make their money-laundering defences substantially more robust,” he says. “They’ve been able to accurately search the farthest corners of the internet and glean information on people who enjoyed undetectable ties to money laundering.”
Compliance has not been the primary focus of banks’ AI investments to date. A survey of global banks by The Economist Intelligence Unit in early 2020 found that KYC and AML compliance only ranked seventh when it comes to areas of banking that will be transformed by the technology.
Since then, says Woolley, a “perfect storm” of the FinCEN Files leak and the Covid-19 pandemic, which has been a “huge accelerant” for digitisation, has created a watershed moment for the digital transformation of compliance.