Financial Crime Compliance (FCC): All You Need to Know
Over the past 30 years, financial crime has increasingly become an impending concern for governments around the world. This is due to a wide range of reasons, as the impact of financial crime varies across different contexts. Today, it is widely known that the existence of financial crime, or economically motivated crime, in various societies remains a significant threat to the development of worldwide economies and their stability. Watchdogs across the world have introduced Financial Crime Compliance measures to counter criminals.
According to a study by McKinsey, in 2018, the World Economic Forum noted that fraud and financial crime was a trillion-dollar industry. It was reported that private companies spent a sum of around $8.2 billion on anti-money laundering (AML) controls in 2017 alone.
Every member of the global economy faces a challenging task in combating this threat. Financial crime is a shared challenge to both large and small financial organisations due to its broad scope.
They have their own high stakes, including regulatory fines, rising compliance costs, and a negative impact on their reputation.
What is the Definition of Financial Crime?
Financial crime is a malicious act against financial institutions. An act can be regulatory, monetary, or reputational. The purpose of these acts is to steal, defraud, manipulate, or circumvent the existing regulations.
According to McKinsey, financial crime generally means “money laundering and a few other criminal transgressions, including bribery and tax evasion, involving the use of financial services in support of criminal enterprises. It is most often addressed as a compliance issue, as when financial institutions avert fines with anti-money laundering activities.”
Having strong financial crime compliance instilled in the firm’s culture can establish the foundation for everyday practices, which are in adherence to the regulatory requirements. If the financial institution does not make this fundamental commitment, it may be left vulnerable to financial misconduct, such as anti-money laundering, terrorist financing, fraud, and so forth.
A failure to instill financial crime compliance can also carry significant losses for the firm, including heavy fines and reputational harm, causing damage to the business.
Who Commits Financial Crime?
- Organised criminals (which includes terrorist groups), who are increasingly perpetrating large-scale frauds to fund their operations.
- Leaders of state take advantage of their positions and privileges to loot their countries’ finances.
- Business leaders or senior executives, who manipulate the financial data in order to misrepresent its true financial position
- Employees from all positions, be it the most senior to the most junior, who steal the funds of the institute, as well as other assets
- Individual criminals can also be perpetrated from outside the company, such as from a customer, supplier, contractor, or any person who has zero connection to the organisation
- External fraudsters are increasingly conspiring with employees within the institute, so that more profit can be made easily
What are the Types of Financial Crimes?
Financial crime is commonly considered to cover the following offenses:
- Money laundering
- Terrorist financing
- Digital/Electronic crime
- Bribery and corruption
- Market abuse and insider dealing
- Tax evasion
- Identity theft
Out of these, the two most prevalent types of financial fraud are money laundering and terrorist financing. Although the meaning of terrorist financing is relatively clear from its name, money laundering needs a little explanation.
It is simply the act of disguising the illicit profits that originated from crime. Some of the most prominent money launderers are cartels and mafia groups, who appear in popular news media, but such types of financial frauds can extend beyond organised crime and occur on various scales in offshore accounts or anonymous shell accounts.
What is Financial Crime Risk management (FCRM)?
Financial crime risk management (FCRM) is the process of detecting and evaluating suspicious activity, identifying vulnerabilities, and taking steps to reduce an organisation’s risk of becoming a victim of financial crime.
While financial crime has existed since humans first exchanged money for goods and services, technological advancements have increased the attack surface, level of access, and number of possibilities available to cybercriminals.
The bulk of businesses operate online, making them ideal targets for fraudsters. Criminals are employing more subtle and sophisticated tactics to get access to critical financial data and conceal their tracks. To compound matters, many financial crimes are committed by corporate insiders who have figured out not only where critical data is kept, but also how to effectively cover their criminal conduct.
The three phases of financial crime risk
Prevention of Risk – Prevention of risk is the initial phase in the life cycle of financial crime risk. It deals with the threats that have not yet affected the institution. For instance, programmes or activities that halt any suspicious or non-compliant activities before they become an issue. For the financial institutes, many of these activities require a great number of resources and insight into customers that may not be available or easy to aggregate.
Detection of Risk – The second phase involves identifying and responding to threats that may be active or ongoing. For an institution to effectively handle these types of risks, both accuracy and speed are required. A few seconds can mean the difference between stopping a criminal act, or suffering the consequences. These losses could include a financial loss or loss of critical data, violation of compliance, or a major disruption with a customer. The financial institutes have started to acquire and build a combination of systems and sensors to monitor for specific events and types of behaviour. However, many of these technologies may lack the wider scope needed to observe the activities/incidents with context. Having this lack of greater visibility can allow the complex, cross-channel schemes to go undetected, as criminals find ways to exploit the spaces between detection systems.
Investigation of Risk – The last and final phase of financial crime risk is the investigation of risk. It is often the most overlooked, yet it holds the entire financial crime risk cycle together. Even though the first two stages, prevention and detection, deal with types of financial fraud and risks, it is because of investigation, that these risks are handled and resolved, after they have been identified. Thus, it may even account for the most important step. Still, what financial institutes fail to see is how important the manner is, in which financial issues are identified and resolved, which can affect them in terms of both risks and cost. Having effective resolutions and investigations of risks can be far more effective from the traditional, human-driven analysis, and the impact of this is shown in this step.
What are regulators looking for when they examine an institution?
- The firm’s management and commitment to a culture of integrity and compliance throughout the institution.
- Whether the compliance leaders regularly assess a financial crime compliance culture
- Whether senior leadership within the financial institution consistently reinforces the message of financial crime compliance and sets the correct tone for the rest of the employees
- If board members are dedicated to finding the root causes of misconduct, how they evaluate them, and whether the systemic issues are mitigated in a timely manner.
- The key risk indicators (KRIs) and metrics information that the board of directors and executive leadership receive, indicative of an institution’s compliance
- If the employees are willing to escalate and raise issues in case they witness any suspicious or inappropriate behaviour, and whether any effective challenges exist
Strong compliance, such as financial crime compliance or anti-money laundering compliance, can be demonstrated by counselling and enforcement measures. For example, the Financial Crimes Enforcement Network (FinCEN) has identified the financial sector’s compliance culture as a critical factor in regulatory exams and violations.
They issued an advisory on compliance culture in 2014, highlighting that it is important for the senior management, leadership, and owners of all financial institutions to have a strong culture of compliance.
FinCEN advises financial institutions to strengthen their compliance culture by ensuring that:
- The institute’s leadership is supportive
- All the AML efforts are not compromised by just revenue interests
- All the information is shared between departments, within the organisation
- That the resources are efficiently allocated
- The AML programme should undergo independent testing
- The leadership and staff can comprehend the AML efforts and process of reporting
Do traditional methods of fighting financial crime cut it?
The present financial crime compliance approach is based on rule-based algorithms, which are still applicable in today’s world.
Nonetheless, regulators are strengthening their expectations of financial institutions in terms of compliance: namely, to prevent, identify, and predict the movement of laundered money.
Even if it is optimised, typical monitoring technology may fall short in this instance.
This is because it may not always be able to focus or prioritise, resulting in a high number of false positives.
As a result of the changing business landscape and regulatory constraints, companies must upgrade their standards, controls, surveillance capabilities, internal rules, and procedures.
Not only does this transition necessitate company transformation, but it also necessitates financial crime compliance transformation.
The financial institution’s success can be driven by the integration of business strategy, regulatory compliance, risk management, technology, as well as operations. The firms should re-examine their risk management function, including the ownership roles and key responsibilities of the first two lines of defense.
While there are no silver bullets when it comes to fighting financial crime, new and better compliance frameworks and controls will enable financial institutions to stay ahead of criminals and money launderers.
Speak to one of our experts to know how your institution can stay ahead of complex financial crime.