Meeting the Challenge of Managing Financial Crime Compliance Risks to Achieve Even Greater Effectiveness – Addressing the Missing Link

24/01/2024

Tracing the Origins of Financial Crime Compliance Risk Management Responsibilities

In July 1989 the Heads of State or Government of seven major industrial nations (the G7) and the President of the Commission of the European Communities met in Paris for the fifteenth annual Economic Summit. They convened a Financial Action Task Force (“FATF”), formed of the G7 and eight other nations from Europe and Australia to consider how to respond to the growing international threat from illicit drugs and the laundering of the proceeds of drug sales.

More than 130 experts from governments, law enforcement agencies, banks supervisory and regulatory agencies met in Paris soon after to build upon the foundations laid by the United Nations in the Vienna Convention that had been agreed in late 1988 to tackle the threat from a reportedly $300 billion market in world drug production. Their initial work and first report in 1989 led to the publication of forty recommendations for change and action, and so the story of how the profession of anti-money laundering and latterly, financial crime compliance, began.

From these early seeds of international dialogue and agreement on how to assess, identify and respond to the risks of drug sales and the laundering of the proceeds of drug sales, we now have in place a global standard and framework of financial crime compliance risk management that extends well beyond just the proceeds of drugs sales and money laundering. It includes the proceeds of all serious crimes in many jurisdictions and includes the financing of terrorism and the proliferation of weapons of mass destruction and their component parts (“dual-use goods”) and the cross-cutting threat from fraud.

In July 1989 the role of the Money Laundering Officer was a mythical position, and finding an expert MLRO was as likely as meeting a unicorn. There was no legion of ‘trained’ risk and compliance professionals in place actively managing financial crime risks. Nor was there a multi-million-pound industry providing technological support for profiling the risks of millions of customer relationships and screening domestic and international transactions.

"...it is estimated that the annual cost of compliance in the UK is an eye-watering £34.2 billion, a significant increase of 19 per cent from the £28.7 billion reported almost two years earlier."

Performance Update

Jump forward thirty-five years later to 2024, what has been achieved, at what cost, and have the original aims of FATF been met? If not, why not, and what factor is underpinning these efforts?

According to a recent assessment by Lexis Nexis, ‘Report: Cost of Compliance 2023’ [1], it is estimated that the annual cost of compliance in the UK is an eye-watering £34.2 billion, a significant increase of 19 per cent from the £28.7 billion reported almost two years earlier. How significant is this? It is suggested that this cost is equivalent to almost three-quarters of the UK’s defence budget for 2021/22 (£45.9 billion according to government statistics).

If the costs and investment are significant, so are the regulatory performance expectations for firms and regulated individuals.

One measure of the outcome, or effectiveness, of this financial investment can be measured by the number of criminal intelligence reports made by firms to the local financial intelligence unit, namely the National Crime Agency or NCA here in the UK.

Today, regulated financial and non-financial professionals are obliged to be alert to the risks relating to crimes as diverse as money laundering, terrorist financing, wildlife and environmental crimes, human trafficking, and modern slavery, and to report their concerns internally, and then onwards to the NCA. Failure to report knowledge or suspicion can lead to criminal prosecution, including an unlimited fine and/or imprisonment for up to five years.

During the period October 2013 to September 2014, the ‘regulated’ sector submitted 354,186 SARS to the NCA. Ten years later, this figure has risen almost three-fold to 901,255, a significant increase of 21% on the previous year, and a rise that shows no signs of slowing in 2024.

However, a disappointing measure of the outcome of the efforts of the last 35 years (increasingly referred to as ‘effectiveness’) is provided by reports [2] that less than 1% of criminal property is being restrained and recovered from criminals. Whilst this is not the only measure of effectiveness, it is an important one and can be traced back to the original aims and objectives declared at that first meeting of FATF in 1989, and when compared to the suggested total global illicit revenue creation of several trillion, does not suggest any material success.

It is clear from the increasingly frequent issuance of FCA ‘Dear CEO’ letters and the finer details of recent enforcement notices that the threshold of compliance standards continues to move, and the first criminal prosecution of a bank by the FCA, and enforcement action taken not only against Money Laundering Reporting Officers but the named CEO of a bank, are directional indicators that signal even greater accountability for the board and senior leadership of firms.

The £34.2 billion question for firms is: “If the investment of time, effort and money by the regulated sector is greater than ever, and there is a general agreement that combatting crime is an ethical, moral and regulatory necessity, why are the desired outcomes not being achieved?”

One of the primary challenges and therefore key priorities for a firm to consider is how to operationalise and embed a culture of financial crime compliance awareness and action, that leads to even more meaningful and timely intervention.

"It is important to take the opportunity at the start of this new year, to analyse the learning outcome needs of each individual learner journey. It is necessary to assess the learning needs for each job family and department within a firm, and to provide learning that provides clearly defined learning outcomes in support of overarching corporate performance aims."

How to Address the Missing Link

Firms already take considerable steps to identify and recruit intelligent, law-abiding employees, sharing statements of vision and compliance during their induction that should plant a ‘culture of compliance responsibility’ DNA in each new joiner, that can be nurtured and developed to reach a level of unconscious competency during their career in the regulated sector.

However, the growth and nurturing season that starts after employees have completed their induction training can be overlooked and lost during the delivery of timely, cost-effective, yet uninspiring training, that fails to engage or inspire and is instantly forgettable.

People remain a firm’s greatest resource and asset. An honest and well-intentioned employee does not need reminding that they must be honest but will benefit more by being introduced to what crime looks like when they are performing their roles and responsibilities.

Whilst there is a responsibility to ensure that regulated employees understand their legal and regulatory responsibility, an employee will learn far more from analysing the aims, objectives, and methodologies of a criminal, than being lectured to about the form and words of new regulation.

It is important to take the opportunity at the start of this new year, to analyse the learning outcome needs of each individual learner journey. It is necessary to assess the learning needs for each job family and department within a firm, and to provide learning that provides clearly defined learning outcomes in support of overarching corporate performance aims.

Each programme of learning should be designed to provide insights and guidance that will lead to greater confidence and competence in performing key roles, and each programme includes instructor-led engagement that is designed to inspire learners to achieve a step-change in personal awareness, and to support them to identify and respond to the very latest criminal trends and methodologies.

This training should also support employees to “think like a criminal” and less like a policy expert; to be inspired to perform their roles with greater professional scepticism, whilst maintaining a healthy awareness of delivering positive customer service and supporting commercial demands.

For more than four years, AFB has worked with Great Chatwell Academy of Learning to provide engaging, informative, and inspiring support for senior AFB financial crime professional members as part of the AFB Financial Crime Compliance (AML) Diploma.

In 2024 we will be offering four new certified programmes of learning exclusively for AFB members, covering key areas of financial crime compliance risks:

The Fraud Risk Management Compliance Certificate
The Financial Crime Risk Assessment Compliance Certificate
The Customer Risk and CDD Compliance Certificate
The SAR Compliance Certificate

For more details on what steps a firm can take to improve their learning support and training, including conducting learning needs analysis, contact AFB at secretariat@foreignbanks.org.uk.