• Maria Evstropova, Director, Financial Services Compliance and Regulation at Kroll


• 22.05.2024 02:45 pm
#fincrime #AML #KYC #riskmanagement

Although last year saw a slight decline in fines administered for financial crime, the topic remains at the top of the regulator’s agendas. Considering that it takes around two years to collate a business case, there is no doubt that we’ll see further fines in 2024 or at least more reviews from regulators. 

Regulators, such as The Office of Financial Sanctions Implementation (OFSI), are pushing firms to ensure that risk of breach of sanctions is reduced. OFSI imposed nine fines for breaches of sanctions last year, and more fines are expected in the coming year for those who do not have the systems and robust controls in place to manage financial crime risks efficiently. 

As we continue to see an increase of investment into financial crime processes and teams, particularly around technology and experienced human resources, it will remain to be seen if this will be enough for financial services firms to keep up with the tighter regulatory procedures. 

But what does this mean in practice? 

A 2023 snapshot on regulations 

From the HM Treasury consultation ‘Reform of the Anti-Money Laundering (AML) and Counter Terrorism Financing (CTF) Supervisory Regime’ (in line with its Economic Crime Plan 2023-2026), to the UK Financial Services and Markets Act, granted by the Royal Assent, extensive steps were taken last year to reduce unlawful activity, and the steadfast spotlight from ongoing financial crime regulations means this won’t stop here.

Regulation gaps are being plugged as pressure is placed on corporations to construct effective internal initiatives inhibiting financial crime from occurring within their organisation. Changes to Companies House requirements mean that tighter registration and increased transparency is required, with firms now having to report any material discrepancies between the data they hold on customers compared to the data held in the Companies House Register.

The National Crime Agency’s UK Financial Intelligence Unit’s (UKFIU) ability to obtain information from businesses relating to money laundering and terrorist financing has also been strengthened, with the removal of the requirement for a pre-existing Suspicious Activity Report (SAR) to have been submitted before an Information Order (IO) can be made. This means there is more of a burden on firms to ensure they hold up to date customer information and record of ongoing monitoring efforts at all time. 

The reality though is that many organisations are already struggling to meet these expectations. Substantial organisational change and investment is required to ensure compliance and the significant costs, coupled with staff retention issues for AML and the increasing complexity of financial crimes, is making this difficult.

On top of that, staff shortage issues are only worsening as liability risk increases. An addition to the Economic Crime and Corporate Transparency Act (ECCTA), which aims to target fraud, states that an organisation can be liable if a “senior manager” commits a relevant offence. This means staff members’ actions will come under greater scrutiny, as organisations try and mitigate corporate liability risks. 

Further, the definition of a senior manager in the ECCTA is much broader than Senior Managers and Certification Regime (SMCR); hence firms must invest some time in identifying and defining who is deemed a senior manager under ECCTA. This could also disincentivise individuals from joining these senior roles, and may only exacerbate firms’ turnover issues, thus making it harder to ensure they are following regulation. 

But it’s not all doom and gloom, as technological advances shine a ray of light for firms looking to protect themselves from falling behind.

A tech-centred approach for a more robust risk management plan

The endorsement of technology tools such as artificial intelligence (AI) and ChatGPT offers firms the opportunity to increase efficiency and take the pressure off staff members, which will then mitigate turnover concerns. Utilising technology can be extremely beneficial in supporting compliance processes - imagine, for example, a tool that can clarify complex regulatory expectations and ensure firms are protected from problems that could arise due to misinterpreting regulation.

However, it is vital that when approaching the implementation of technology, firms are introducing these tools with careful consideration. A firm missing implementing a rigorous approach with technology and starting to use available devices without meticulous forethought can result in reduced efficiency in the long-term. Caution must also be applied when considering the data that is being fed into the technological resources; only accurate inputs can result in responses that demonstrate equivalent quality. 

However, if utilised correctly, technology could be an answer to the issues that firms are facing and support them in mitigating risks that may arise. It also helps that most employees will already be familiar with how these tools can automate processes, which should increase the efficiency of implementation. 

The good news is that companies are already working towards adopting these tech solutions. The question is whether this will happen effectively and fast enough. Kroll’s 2023 Fraud and Financial Crime Report has confirmed that most companies anticipate an increase in financial crime risks over the next 12 months and, in order to close this gap, more than two-thirds of respondents said they were prioritising their own technology investments. 

Before committing to any big investments though, it is essential that companies revisit their existing technological toolkit first and recognise any gaps that would benefit from either completely new tech or complementary solutions. 

They must also remind themselves of the basic principles behind a tech-enabled risk management framework so they prioritise the right tools to ensure a robust protection strategy. Additionally, organisations must not neglect adopting technology practices properly, or the steep trajectory of the upcoming regulatory agenda might find them tripping over their feet. 

Comprehensive regulation is paramount to the prosperity and safe growth of all sectors, especially financial services, but organisations need to anticipate the changes that are being made to the regulatory landscape so they can stay ahead of the curve. Financial crime is incredibly detrimental to businesses and our societies, and much more of the responsibility now rests on firms’ shoulders. 

Companies must use the regulation reforms to their advantage, utilising tech tools at their disposal to position themselves as frontrunners in the campaign against financial crime.