Illicit money flows are estimated at between 2% and 5% of gross domestic product (GDP), hitting almost US$2 trillion per year and growing annually by 6.5%, as Andres Portilla, the Institute of International Finance’s (IIF) regulatory affairs managing director of highlighted on the final day of the inaugural Singapore Fintech Festival.
Financial institutions face an operational burden to prevent fraud yet still need to do more. DBS Bank group head of compliance Lam Chee Kin and the Depository Trust & Clearing Corporation’s (DTCC) vice chairman Larry Thompson shared their insights on the challenges that FIs face and new tools they can leverage to combat crime.
“Over half my budget is allocated to financial crime,” Lam said. “Number one is anti-money laundering (AML) sanctions, number two is cybersecurity, third is fraud. Each risk has great problems.” A key issue with AML is figuring out the client’s source of wealth and whether they have declared it accurately. It’s a quantitative and qualitative issue. “We need to look at natural language processing, to evaluate sources of wealth,” suggested Lam.
A further issue is how to develop a common end-to-end approach to know-your-customer (KYC) requirements. FIs use different approaches for individuals – where certain types of questions such as source of wealth are more relevant, and for corporates – where issues include dealing with static reference data as well as defining materiality of parameters such as shareholding percentage levels that constitute a risk.
FIs also need to consider the experience for customers, who are irritated at having to provide the same information to multiple banks multiple times. Moreover, each jurisdiction is slightly different, so there is significant fragmentation. If utilities can be developed to share information, Lam said, it is also critical to design for a future of interoperability and for data structures that are standardised.
Thompson confirmed that while the problems of crime tend to be global, the laws tend to be local and solutions tend to be firm-by-firm. Further, privacy laws prevent sharing of data and the quality of some firms is poor. The industry needs to standardise information, address the differences in laws and share information on a global basis.
To solve the issues, Thompson advocates the industry adopting a collaborative approach. “The bad guys only have to be successful one or two times. We have to be successful all the time. Unless we share information, they will get through other FIs.”
A key challenge that he highlighted, is data privacy rules. “If you want to share information for a bad guy in Europe, you have to get his permission. We need to look at data privacy in a realistic fashion, to make sure the rules aren’t being abused by the bad guys.”
The most promising technologies
“The bad guys are looking at the advances in fintech,” Lam noted. “They’re changing their techniques. Regulatory technology – or Regtech – should anticipate the changes of tomorrow.” He singled out predictive analytics as the most mature technology and DBS has sometimes seen results such as a doubling of detection rates in credit cards and as well as a reduction in false positive when it uses analytics.
A more mundane development is technology for training, which is predicated on content delivery rather than on behavioural adjustment. Technology is enabling reimaging the training experience, Lam said, and providing people with real scenarios which will be very beneficial.
He believes the most exciting opportunity is the new KYC solution that the Monetary Authority of Singapore (MAS) is introducing, as it will enable collaboration and the sharing of information across FIs, using it to drive knowledge of who are the bad guys, and stripping them out.
Thomson also sees KYC as a key development, with utilities beginning to be set up. “The key is going to be the cooperative nature, how much data can you share, what is the business model.” Some firms are more focused on public KYC, where all of the information is available, while others give greater weight to private KYC. What will continue to be vital is the cooperative nature of information, Thompson said, and how much data institutions can share across jurisdictions.
A fundamental question, Lam suggested, is why there isn’t more innovation. “It’s because we don’t talk.” In Singapore, he said, “We’re open. We’ll share problems. If we build an ecosystem for regtech in Singapore, we’ll get somewhere.”
When it comes to the relationship between Europe and Britain – uniformity isn’t a word that currently springs to mind. And that’s not just a reference to Brexit. Whilst the Europe and Britain do find themselves in the midst of a political break-up – their monetary policies are also showing signs of divergence.
Europe’s introduction of the General Data Protection Regulation (GDPR) next May will have implications for businesses around the world and US corporates should start getting ready if they haven’t already done so.
The recent NotPetya cyberattack underlined the need for organisations to address their exposure and how to mitigate the risk.
As anticipated, US organisations exited prime money market funds en masse following last year’s SEC reforms. AFP’s latest Liquidity Survey indicates what it will take to encourage them back.