2020 is a year we would all rather forget, with everybody hoping that in 2021 thoughts of social distancing, bubbles, mask-wearing and furloughing will gradually fade from public consciousness.
But what will the new year bring for efforts to combat financial crime? Will we see a surge in laundering as Covid fraud proceeds come into the financial system? Will technological innovation resume with a vengeance?
FinCrime Report looks at what are likely to be some of the key trends and topics in the new year.
1. We will see an upsurge in laundering activity as illegally acquired Covid-19 government support funds are brought back into the banking system
Governments across the world reacted to the Covid-19 pandemic by pumping vast amounts of money into schemes to sustain businesses and mortgages during lockdowns and restrictions. McKinsey estimates the global economic stimulus, once you include loans, guarantees and regulatory changes, to top an eye-watering $10 trillion.
Many of the schemes, particularly those aimed at subsidising costs for small businesses, have inevitably been targeted by fraudsters. In the US, the Secret Service is reportedly investigating 700 fraud cases relating to the federal government’s Paycheck Protection Program and Unemployment Insurance Relief scheme. In the UK, the National Audit Office has said as much as £26bn may have been lost in Bounce Back Loan Scheme monies due to fraud, organised crime or default.
Whereas in 2020 this Covid-19 fraud was inevitable, given the huge sums involved and the speed in which the relief programmes were set up, 2021 will be the year when criminals attempt to move that illegally acquired cash into the banking system.
Graham Barrow, anti-money laundering expert and director of The Dark Money Files, says that he is already hearing of huge increases in Defence Against Money Laundering Suspicious Activity Reports (filed when a bank suspects they are dealing with property that is criminal and that by dealing with it they may be committing an AML offence) in the UK – an early sign, perhaps, of an increase in money laundering activity due to Covid.
“We’ve seen companies being traded on social media so that people can buy them simply to apply for these bounce back loans and I suspect what is going to happen next year is we are going to see a whole load of companies dissolve and people disappear as they have been given loans and they are just going to default on them,” says Barrow.
Matthew Redhead, a researcher and writer on financial crime, agrees there will be more laundered money coming into the system. But how will AML compliance teams detect it?
Redhead says: “You need to start asking yourself the question of whether we will see higher flows of money cross border. Will we see more funds coming in from secrecy/tax-haven jurisdictions? That might be one indication, as people move the money out and then back in again.”
While the laundering of ill-gotten Covid relief funds is set to rise, 2021 is also likely to see a continuation of the fraudulent activity itself. Jose Caldera, Chief Product Officer at Acuant, said: “We will continue to deal with the new AML typologies that were introduced through the acceleration of online transactions, protection loans, multigenerational homes and medical changes.
“Identity theft, mule-ing, elderly abuse and medical insurance should be top of mind to compliance and risk officers as they prepare strategies for 2021.”
AI and machine learning will make a breakthrough in AML
It may well be the case that Artificial Intelligence (AI) and machine learning are always the “next big things” in AML tech. However, there is a strong sense in the FinCrime world that we could just be on the cusp of this kind of technology being adopted in a way that makes a radical difference to AML functions.
Barrow says 2020 was shaped by a realisation in the tech community that their products have to have a real, practical purpose for compliance in order to be commercially viable.
Therefore, there has been a much more closer working relationship between AML experts and data scientists and technologists that is beginning to bear fruit.
“Data scientists have started working much more with subject matter experts who are shaping and moulding those products in a way that actually meets a real requirement,” he says.
This closer working relationship is on the verge of achieving results, coupled with massive improvements in technology, not least in language processing, Barrow believes. “Anyone who has used translation software will realise that the difference between the start of the year and the end is unbelievable”, says Barrow
Barrow says there are huge opportunities for this kind of software to help improve adverse media screening, data handling and transaction monitoring.
For others, such as Redhead, technological collaboration between regulators and the private sector was really building up speed prior to this year, before Covid-19 halted a lot of the activity. He believes this will return with a vengeance in 2021.
“Supervised machine learning will continue to grow and spread, but there are issues around unsupervised machine learning, because there are still issues around how we validate the model, because it is so complex and a big issue for regulators,” says Redhead.
Benoit Grangé, Chief Technology Evangelist at cybersecurity company OneSpan, believes the use of AI, machine learning and biometrics, removing the need for as many passwords, will be the dominant trend when it comes to technologies to identify and verify banking customers in line with AML regulation.
Grangé believes 2021 could be the year we see the emergence of digital identity based on self-sovereign identity leveraging blockchain. He says: “We’ll see the development of digital ID fully under the control of the user securely stored in mobile devices within a digital wallet.”
Mechanisms for information-sharing, including collective transaction monitoring, will increase
Technology also looks likely to play a key role in another major FinCrime trend of 2021, the drive towards greater information-sharing among organisations. The development of more feasible privacy-enhancing technologies (PET), such as forms of zero-knowledge proof and homomorphic encryption, can allow useful information to be shared without the underlying Personally Identifiable Information being passed on. “We must be ready to operate in a world that prioritises data security and privacy,” says Cécile Bartenieff, Chief Operating Officer at French multinational bank Société Générale SA.
The use of PET has long been talked about by technologists and academics, but 2021 could well be the year we start to see these techniques used in anger to share information in the fight against financial crime.
Think tank Royal United Services Institute last month published a report outlining nine case studies in which PET is being trialled by banks.
PET is set then to become a key tool in a global drive towards better information-sharing. All eyes in 2021 will be on initiatives such as Transaction Monitoring Netherlands, a collective transaction monitoring initiative featuring five banks (ABN AMRO, ING, Rabobank, Triodos Bank and de Volksbank).
Charlie Delingpole, Founder and Chief Executive Officer of ComplyAdvantage, is much more cautious, however, saying that without safe harbour, without predictive results and without shared definitions of risk, there is often little incentive for AML officers to do the extra work required to share data voluntarily.
“Why don’t you make it mandatory? And make it safe? Or it won’t happen at all,” he says.
And that is possibly why banks’ own data-sharing efforts look set to be complemented by drives from regulators and governments to promote better sharing of information.
The European Union’s AML reform plan aims to not only harmonise rules and bring in a single supervisory body for AML, it also aims to facilitate better information-sharing. In the US, the trend is in the same direction, with regulator FinCEN just last week publishing guidance clarifying that financial institutions can share information under a safe harbour provision relating to activities that may involve possible terrorist financing or AML. FinCEN added that “strongly encourages” financial institutions to participate in information-sharing programmes.
But Brexit may pose challenges to sharing of information for both the UK and EU
The idea that the end of the Brexit transition period is not the biggest news story as we enter mid-December – in the UK at least – would have seemed absurd at the start of the year, but Covid-19 continues to dominate.
But FinCrime professionals may be affected in various ways when the impact of the UK’s departure from the EU is felt after 1 January.
For Barrow, there would be concern if the UK’s National Crime Agency no longer has access to FIU.net, a decentralised database that allows Financial Intelligence Units to share and request transnational information when dealing with Suspicious Activity Reports. “That’s actually a big deal; the transnational flows are a huge part of high-end money laundering and being cut from FIU.net could hamper efforts to monitor them.”
It may well be that memoranda of understanding can be put in place to allow information to be shared. Redhead warns however: “It will slow down the process, you will have to have memorandums of understanding with each individual country”.
Francesca Titus, partner at law firm McGuire Woods, says that in the event of no-deal, co-operation on data sharing between agencies in the UK and mainland Europe will become more difficult.
She said: “The UK could lose access to key crime fighting tools such as Europol, which supports Member States in their fight against cyber crime, money laundering and organised fraud.” She adds, however, that Europol does have arrangements in place with non-EU members such as the US and Denmark, so it is not unrealistic that the UK would be able to secure at least equivalent status to those countries.
The beneficial ownership debate will intensify, and criminals may shift their activities to countries refusing to play ball
Advocates of greater corporate transparency had a pleasant surprise earlier this month as legislation to create a long-called-for beneficial ownership register in the US was included in this year’s National Defense Authorization Bill.
The Act would require owners of companies to hand their details to a new registry operated by the Treasury Department.
The act in its current form does not go as far as many would like. Details of the companies are not public as they are in other beneficial ownership registries established recently in the UK and EU. Furthermore, agencies would only be able to access the information with the company’s consent, which could severely limit its usefulness for investigations.
However, there is a consensus that getting anything on the statute book in this area, which still isn’t a given, would represent progress.
Barrow says: “Let’s get it on the statue books first and then, when you can show people are still getting around it, you then incrementally improve it.”
Justin Bercich, Head of Artificial Intelligence at regtech firm Lucinity, predicts that if the US does adopt the measures, there will be tensions between countries that have implemented measures to promote transparency around ultimate beneficial owners and those that haven’t.
He said: “With banks, regulators, and governments possessing sharper visibility on the ultimate beneficiary of a financial transaction, they’ll be able to enact better customer due diligence checks to reduce fraud and money laundering activity.
“However, not all parties are keen on the concept, with countries such as Switzerland and the Cayman Islands not currently planning to adopt UBO registers. Next year, we predict these countries will experience an increase in illicit activity as a result, as financial criminals exploit ease of access to shell companies.
“Tensions will invariably rise between governments embracing UBO laws, and those who reject it.”
Incremental regulation of cryptocurrency and VASPs will continue
One of our safer bets is that efforts to regulate cryptocurrencies and virtual asset service providers (VASPs) will continue to increase across the world.
In 2020 we were bombarded with warnings of the risks of criminal exploitation of cryptocurrency. The Financial Action Task Force was compelled in September to publish details of “red flag indicators” to help financial institutions detect illicit activity.
In response, governments globally have been moving to bring VASPs under wider AML-style regulation. Whether it be the continuing implementation of the Travel Rule in the EU, the lowering of the Travel Rule threshold in the US, moves to regulate Virtual Asset Service Providers in Singapore, the direction in 2020 was clear and there is no suggestion that the direction is likely to change next year.
Despite it receiving a lot of column inches in the press, Barrow believes cryptocurrency and virtual asset use is still very much “at the margins” when it comes to global money laundering, due to the volatility of the markets it operates in.
A shake up for Suspicious Activity Reporting?
The publication of thousands of Suspicious Activity Reports in the FinCEN Files leak in September put the system banks use for reporting suspicious activity firmly in the spotlight.
The complaints are common to anyone who works in financial crime. Banks are required to file far too many SARs, too many are retrospective and, crucially, feedback for a reporting bank on whether a SAR is useful is, in many parts of the world, not forthcoming.
The Anti Money Laundering Bill in the US, tabled as part of the aforementioned National Defense Authorization Bill, outlines plans to reform SARs. Details are sketchy at this stage, but the intention is to “streamline” SARs and require law enforcement agencies to provide feedback.
Scrapping SARs altogether is certainly thought to be unlikely. And probably unpopular too. Two-thirds of respondents to a poll at the recent FinCrime World Forum said they were opposed to the complete scrapping of SARs.
However, if the US legislation goes through, we may just see some pressure on them to change across the world.