Tom Keatinge, Founding Director of RUSI’s Centre for Financial Crime and Security Studies (CFCS), discusses the continuing focus on fraud and scams in Asia, work underway to improve global asset recovery mechanisms, the alignment of jurisdictions to Western sanctions, and efforts to target different types of environmental crime.
This interview was conducted for the “AML Tech Barometer 2023” report, published by NICE Actimize and Regulation Asia to explore AML and fraud trends based on survey and interview data collected from 289 practitioners in Asia Pacific.
If you had to pick one financial crime theme as the focus of your work for the next 12 months, what would it be?
Tom Keatinge: I’ve been really struck in my recent conversations in Asia—including Singapore, Hong Kong, Taiwan, Malaysia—by the extent to which the financial crime dialogue has been completely suffocated by scams and frauds. This is similar to what we see Europe and the UK.
We started looking at fraud more closely in 2019. In January 2021, we published a paper, “The Silent Threat”, about the way in which fraud had gone from being a petty crime to being a serious organised crime. It has clearly become industrialised, and it’s become a social issue.
And the challenge with scams and fraud is that it happens at speed—money moves from bank to bank to bank and then out of the country very quickly. On top of that, technology allows fraud to occur at an industrial scale. So, if I were to pick one topic to focus on for the next 12 months, it would be fraud.
How are the private and public sectors responding to the fraud threat? And what can be done to better protect financial consumers?
Tom Keatinge: Banks are responding by merging their fraud and AML departments, so you start hearing about so-called ‘FRAML’ departments. The thing about fraud is that there’s no question of suspicion when a fraud occurs. And a lot of the barriers that would typically limit the ability to pool information between different organisations don’t exist.
For example, in the U.K., there’s a fraud prevention service called Cifas, which works as an aggregation mechanism for fraud cases. It’s meant to try and have an ‘all seeing eye’ about the types of fraud that are emerging, so it can then alert its member banks, other private sector entities, and some government agencies.
I do think there is more that we can get out of technology in this area, such as solutions that can overlay payments data with analytics to identify suspected mule accounts and map the movement of stolen funds. There’s definitely a role for technology. Frauds and scams use technology against their victims, so we ultimately need to use technology against the fraudsters.
We also need much more recognition of and engagement with the problem from the technology companies, such as internet search providers, social media platforms, web domain companies and telecom network providers. What are these companies doing to try and reduce the extent to which individuals are exposed to potential scams such as through advertising? They are often the conduit for scams, so the focus cannot just be on banks to step up from the private sector.
There’s a lot more we can do to strengthen the perimeter, but there will inevitably be frauds that are successful. So then you need to focus on the second line, which is investigating, tracing the funds, and recovering the stolen assets—often from other jurisdictions. That’s the responsibility of governments.
What mechanisms are in place to facilitate asset recovery when funds are stolen by fraudsters and other bad actors? And what more needs to be done in this area?
Tom Keatinge: One of the focuses of the Singapore FATF presidency for the next two years is asset recovery. This includes trying to reboot Carin [Camden Asset Recovery Inter-agency Network]. In various regions of the world, there are Carin hubs, which are meant to try and coordinate asset recovery in their region and then coordinate between each other. For example, if there is a scam in Asia that is coming out of Africa, then those two hubs would work together to try and coordinate a response around asset recovery.
Unfortunately, the tooling around asset recovery in most parts of the world is probably a decade out of date. Often, they don’t recognise the role technology plays today, or the way in which financial payments have changed. So, there’s a lot to be done on asset recovery, such as updating legislation and response mechanisms, and especially promoting better international cooperations and information sharing.
The majority of cases will involve trying to recover assets from other jurisdictions, so countries need to have good mutual legal assistance treaties in place which enable them to trust each other, share information, and be willing to collaborate to respond to another country’s challenges.
This year we’ve seen significant international cooperation on sanctions. Where do you see sanctions risk intersecting with AML?
Tom Keatinge: When it comes to sanctions, some countries have chosen to align themselves with Western sanctions regimes in a way they hadn’t done before—Singapore being the example everyone points to. But others have not. This is interesting because the U.N. process for designations appears to be broken at the moment, so countries are left to operate autonomously or create alliances.
From a European perspective, it was interesting to see the Russian superyacht, Nord, in Hong Kong in October. That’s an asset that should be frozen, but Hong Kong allowed it to come and go; what does this attitude to sanctions implementation say to Western financial institutions operating in Hong Kong that have a global sanctions policy in place?
This is a question that is coming up increasingly in Western countries: how to respond to jurisdictions that are not aligned with the sanctions on Russia? Financial institutions in the West will become increasingly concerned that the banks and trading companies they’re dealing with in Hong Kong could also be handling Russian money or serving as fronts for Russian trade.
From an AML perspective, banks in the West are asking whether they should be putting in place extra controls to check if their clients are counterparties in jurisdictions that have chosen not to align with Western sanctions on Russia, and whether they could be exposed to sanctions evasion as a result.
What other financial crime challenges are you seeing regulators and policymakers trying to address? And in what areas should they be doing more?
Tom Keatinge: The big focus in recent years has been on non-state based threats. But increasingly you see states using financial measures as ways of either gaining legitimate influence or trying to exert malign influence. Over the last year we’ve been looking at how Western governments should be considering financial flows coming from places like Russia, which are not necessarily the proceeds of crime, but they may have a malign intent.
The reason why this is interesting is that the existing AML system is almost entirely set up to identify the proceeds of crime (the exception being some forms of terrorist financing), and money that comes to exert state influence is not obviously the proceeds of crime. So for banks, this is not typically the way in which their financial crime units work. Our research in Europe shows that banks are finding it quite difficult to figure out how to get their arms around this challenge.
One topic that appears to have vanished from the priority list is terrorist financing. Fortunately, terrorist attacks in Europe have dropped dramatically in the past two to three years. But with that, the focus on terrorist financing has gone from being a key part of the counterterrorism response to a technical matter pursued to get past FATF evaluations. In a recent article, I argue that policymakers and political leaders need to continuously be assessing ways to strengthen defences against terrorist financing.
Another observation I would make is that the pandemic impact on public-private partnerships in Asia has been more meaningful than in the West, because of the more cautious approach taken in the region. This matters because Asian financial hubs are key conduits facilitating the flow of global illicit finance. For example, Malaysia’s MyFINet [Malaysia Financial Intelligence Network] launched in late 2019, but collaborative work has inevitably suffered over the last couple of years. This is an area where we need a post-pandemic reboot.
What are your views on efforts made to combat the various types of environmental crime and how could they be improved?
Tom Keatinge: Environmental crime and wildlife trafficking are areas where the public sector needs to do more. There’s a lot of effort and energy in the private sector, but I’m not sure it is being matched by the public sector authorities such as FIUs and financial investigators. Banks can’t arrest people or gather evidence for prosecutions. So for countries that are destination or transit countries like Hong Kong or Malaysia—I would ask whether our energies are being focused in the right areas.
In my view, the private sector may have more luck identifying environmental crime in areas where there are corporate structures behind the illicit activities—for example illegal fishing or timber trafficking and deforestation—rather than the singular focus on the illegal wildlife trade. Furniture manufacturers and construction companies are using timber, so they need to be checking where their timber is coming from, and banks facilitating the payments need to be doing the same.
Another area we are focused on is Illegal, unreported and unregulated fishing (IUU), which was also a key focus of the APG’s annual topologies report issued in August. At CFCS, we have likewise been expressing concerns that the FATF has not placed more emphasis on IUU fishing as part of their environmental crime focus. Vessel ownership information, bank due diligence—these are parts of the AML system that are already set up to deal with these kinds of corporate level environmental crimes.
We’ve also recently published an article about the corruption risks related to the transition to net zero, which is where you’re likely to see a connection between AML and ESG. Currently there is a big focus at the G20 on trying to ensure there isn’t corruption in, for example, green energy projects that rely on partnerships between the public and private sector. We hope political leaders prioritise these types of risks.
This interview was conducted for the “AML Tech Barometer 2023” report, published by NICE Actimize and Regulation Asia to explore AML and fraud trends based on survey and interview data collected from 289 practitioners in Asia Pacific. Download the report here.