Last year’s financial crime landscape forced many FIs to rapidly adapt to evolving threats. In the year ahead, a continued focus on risk mitigation is prudent.
In 2020, the pandemic provided a perfect storm of opportunity for bad actors to exploit the financial system, forcing FIs to adapt their systems and controls to meet ever-evolving financial crime threats.
At the same time, the business environment also provided a much needed impetus for financial firms to accelerate their digitalisation initiatives, including to shift to remote onboarding processes and online provisioning of various financial services.
A key development which formed part of the 2020 digitalisation drive was the increasing prevalence of digital identity systems, which over time have become an increasingly secure and reliable mechanism for customer authentication. Such systems present a clear opportunity to help FIs protect themselves and their clients against fraud and other forms of financial crime.
Digital identity systems make it easier, cheaper and more secure to identify individuals in the financial sector, helping firms to shift away from face-to-face interactions as the default KYC approach in financial services. During 2020, Australia, the UK and Singapore announced plans to build new national digital identity systems, with Hong Kong closing out the year with the launch of iAM Smart.
In Singapore, the government plans for its new digital identity system to seamlessly integrate with the existing SingPass authentication system, which uses advanced face verification technology and allows users to prove they are genuinely present, i.e. not a photograph, mask, digital spoof, deepfake or injected video. Such improvements in online trust will lead to greater uptake of digital services, while lowering the likelihood of fraud and financial crime.
In time, digital identity will also be used in cross-border payments, given the work planned by the FSB (Financial Stability Board) to foster mutual recognition of digital IDs across jurisdictions. As FIs bring forward their digitalisation plans, it will necessarily involve the adoption of digital identity systems in their onboarding, KYC and authentication systems.
Digital identity delivers the traceability needed to combat money laundering, terrorism financing and fraud, while also facilitating customer due diligence. Yet, as regulatory requirements for FIs grow more stringent, effective due diligence will require scale, which relies on the ability to leverage technology and source high-quality data in screening.
In the year ahead, the demand for high-quality data, APIs and other technologies that enable mass screening for due diligence purposes will rise. Such technologies will help FIs to deliver faster customer onboarding, while also reducing manual staff hours spent screening customers for adverse media, political exposure, and third party and supply chain risk.
Supply chain due diligence is expected to be a key area of focus for regulators in the year ahead, led by the EU. The European Commission plans to impose requirements on businesses across all sectors to carry out mandatory human rights and environmental due diligence in their global operations and supply chains.
In Singapore, the MAS (Monetary Authority of Singapore) environmental risk guidelines will require banks to assess customers’ environmental risk in order to grant them credit facilities or allow them to participate in capital markets transactions.
Over time, more expansive due diligence requirements will come into play, where one of the key focuses for regulators will be the ability of FIs to screen for green crime risks in their clients’ supply chains and third party relationships.
Green crime, which include environmental crime and illegal wildlife trafficking, is expected to become increasingly tied to AML regulations, which will mean FIs will have to be able to screen entire portfolios for such risks. This will require the use of more efficient and scalable due diligence and screening mechanisms, which leverage technology and third-party data sources.
To some extent, effective screening of such risks will rely on improvements in disclosure standards to enhance the quality of available data on companies and their relationships with third-party firms. While work in this area is still in progress, FIs should already be looking to enhance the efficiency and scalability of existing due diligence processes to bolster their ability to screen for such risks en masse.
Effective screening will also be in focus in the year ahead in relation to sanctions risk, given the growing complexity and fragmentation of global sanctions regimes. In the past year, the US government added more than two thousand individuals and entities to their sanctions lists, where inherent or narrative sanctions only add to complexity.
Sanctions screening programmes today often require comprehensive KYC checks and additional qualitative research to identify ultimate beneficial owners and uncover hidden control structures between entities which may present sanctions risk. In addition, a number of new sanctions regimes, new planned uses of existing programmes and conflicts between different regimes will make compliance more difficult.
China, for example, has introduced two new mechanisms enabling it to more effectively respond to sanctions and other restrictions imposed by foreign governments. The “Unreliable Entities List” regime, as well as the MOFCOM (Ministry of Commerce) Blocking Statute, were both announced recently in response to US sanctions against Chinese companies and individuals, though experts agree they could also be used to achieve objectives in other jurisdictions.
While China does not yet have the administrative framework to implement or enforce its own OFAC-style sanctions, the steps it has taken mean FIs will have to continue to monitor for developments in the country that may impact their operations globally.
The hope is that the Biden administration will take a more predictable approach to US sanctions policy, and initiate fewer actions that might antagonise or alienate the international community, including China. In the year ahead, FIs will have to remain alert and be prepared to rapidly respond to a changing sanctions environment.
Adopting a risk-based approach to sanctions compliance, FIs will have a much heavier reliance on third-party data, deep domain expertise, and properly-configured sanctions screening technology than was needed in previous years.
Fit for purpose
Given the increased emphasis on individual and board level accountability in Asia Pacific, as well as a ramping up of penalties for noncompliance in various jurisdictions, it will be incumbent on FIs to review their existing systems and controls to ensure they are fit for purpose in a changing financial crime landscape.
In the year ahead, continued economic uncertainty and the ongoing pandemic environment will mean bad actors will continue to try and exploit vulnerable systems, individuals and companies for illicit gains. For FIs, a continued focus on risk mitigation would be prudent.
This article was jointly developed by Regulation Asia and Refinitiv. To learn more about the outlook for financial crime in the year ahead, join this webinar.