InCOMPLIANCE - Backing the Future p.25 - Bryan Cave Leighton Paisner
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
inCOMPLIANCE
ISSUE 40
®
YOUR MAGAZINE FROM THE INTERNATIONAL COMPLIANCE ASSOCIATION
Backing
the Future
p.13 p.25 p.36
The road is An end to the Losing the
long... drought? race? £4.95 where
sold separately
Join us at ICA’s 11th Annual Conference
The BIG Compliance
Conversation...Continued
10-11 April 2019, etc. venues. 200 Aldersgate London
Join us at the largest gathering of the ICA community! Last
year’s event sold out so book soon to avoid disappointment....
The conference will feature ICA Fellows
and other industry experts from:
• Telefonica UK
• Deutsche Bank
• Nationwide
• Standard Chartered Bank Keynote
speaker:
Choose from over 18 different sessions, Jason Fox,
including: former Royal
Marine
• AML audits – are you asking the right questions? Commando,
• Is it time to look beyond systems and controls? Special Forces Sergeant and
• How do I make RegTech work for my business? world record holder.
Jason starred in Channel
Pre-conference masterclasses: 4’s critically acclaimed first
Register for these sessions on 10th April series of ‘SAS: Who Dares
covering AML or governance, risk and Wins’ and ‘The Real Narcos’,
where he met cocaine
compliance for a deeper dive into the latest cooks, cartel enforcers,
local and global issues. underworld kingpins and
traffickers to understand the
complexities of the billion-
Book your place now: pound narcotics industry.
www.int-comp.org/annual-conference
ICAA11806
Where there’s a will…
James Thomas
Editor
The EU’s Special Committee on Financial Crimes, Tax for an EU-wide anti-money laundering supervisory authority,”
Evasion and Tax Avoidance argued recently that there is argues Patricia Moreira, Transparency International. She adds:
a “general lack of political will … to tackle tax evasion/ “The European banking system should be a firewall that stops
avoidance and financial crime”. And current events lend corrupt money from Russia and elsewhere being siphoned out
some weight to that view. On the day that news of the of these countries’ economies. Instead, we see time and again
Troika Laundromat broke, the UK government dropped how easy it is to launder and hide the proceeds of corruption,
a debate on the Financial Services Bill, in the face of an tax evasion or other criminal activities in Europe.”
amendment aimed at introducing greater tax transparency In this edition of inCOMPLIANCE®, we consider the evolving
to Britain's Crown dependencies. The move prompted challenges of financial crime, and the approaches and efforts
Naomi Hirst, Global Witness, to argue that: “We cannot, and of compliance practitioners in rising to them.
should not, wait for the rest of the world to come on board
before we open up our tax havens.”
The Special Committee has called for a “European financial
police force”, a view that is gathering some support. The
Troika Laundromat findings “reveal the glaring shortcomings in
anti-money laundering systems in Europe, and make the case
Editorial Board inCOMPLIANCE® Advice to Readers
Issue 40
Kathryn Cearns, Independent inCOMPLIANCE® is published six times
Publisher: a year by the International Compliance
Consultant,
International Compliance Association Association. Reproduction, copying,
kathryn.cearns@brixtonroaduk.com
ica@int-comp.org extraction, or redistribution by any means
Editor: James Thomas of the whole or part of this publication
Jee Meng Chen, Commerzbank, jthomas284@btinternet.com must not be undertaken without the
jeemeng.chen@commerzbank.com written permission of the publishers.
Design: Design & Document Services
design.enquiries@wilmingtonplc.com inCOMPLIANCE® is distributed as a free
member benefit to all members of the
Jacob Ghanty, Kemp Little LLP, Production: Sophy Lloyd
International Compliance Association.
jacob.ghanty@kemplittle.com contributions@int-comp.org
Advertising Queries: Dorinda Gibbons Articles are published in good faith
dgibbons@int-comp.org without responsibility on the part of the
Tim Porter, Director, TPA publishers or authors for loss occasioned
(Consulting) Ltd, Executive President, International Compliance to any person acting or refraining from
Tim.Porter@TPACLTD.com Association: Bill Howarth action as a result of any views expressed
bhowarth@int-comp.org therein. Opinions expressed in this
ICA Membership Enquiries: publication should not be regarded as the
Tom Salmond, Ernst & Young LLP, official view of the ICA or as the personal
Jo Lewis
tsalmond@uk.ey.com views of the Editorial Board members of
membership@int-comp.org
inCOMPLIANCE®.
ICA Qualification Enquiries:
David Symes, Compliance Debbie Price All rights reserved in respect of all articles,
Recruitment, ict@int-comp.com drawings, photographs etc published in
david@compliancerecruitment.com inCOMPLIANCE® anywhere in the world.
Article Enquiries
Reproduction or imitations of these are
contributions@int-comp.org
expressly forbidden without permission of
Rachel Waldren, Murray Waldren International Compliance Association the publishers.
Consulting, CPD - 2 points
Printed in England
contact@murraywaldren.com
inCOMPLIANCE®
3
Contents
REGULAR FEATURES IN THIS ISSUE
3 10 17
Editor’s comment Continuing the Backing the
Is there a lack of political will to conversation future
tackle financial crime? James James Thomas previews With regulators
Thomas discusses the challenges the ICA’s forthcoming Annual championing the automation of
facing compliance Conference regulation and compliance, Simon
Gray and Professor Philip Treleaven
6
explore emerging technologies and
ICA News reveal their potential to transform the
A roundup of the latest news financial sector
and events from the ICA
21
Time to upgrade
8 PAGE 13
Industry News Emerging regulations
A summary of recent are transforming trader
developments affecting surveillance. Tom Goodman and Jodie
Financial Crime Prevention, GRC, Forbes explain how firms can upgrade
AML and CDD professionals their approach
40
Beyond
Compliance
13
David Jackman The road is long…
considers the meaning and application Dean Rowan considers
of ethics and integrity current regulatory,
compliance and AML challenges facing
PAGE 25
42
the Middle East
Career Corner
Chris Fields and Richard
Eager consider what
compliance managers are looking for in
a candidate
PAGE 17
inCOMPLIANCE®
4
32
On the radar
Nick Parfitt considers the
issue of risk mitigation in
the expanding family office market
PAGE 32
36
Losing the race?
Muralidharan Perumal
describes the
technological arms race in financial crime Have you thought
about writing
44
an article for
Follow the
leader inCOMPLIANCE®?
25
David Zetoony and
Writing an article is a great
And end to the Jessica Pedersen take a global look
opportunity to raise your
drought? at data privacy and security officer
profile within ICA and present
After a seemingly requirements in the wake of GDPR
a topic of relevance to your
endless period of passive regulation, fellow members. Writing
the past 12 months have seen the an article on anti-money
Australian financial market landscape laundering, compliance,
inundated with inquests, actions and financial crime or associated
exposés. Alice Saveneh-Murray and disciplines will also earn you
Rachel Waldren ask whether the valuable CPD!
current focus on conduct and culture
Visit tinyurl.com/writeanarticle
is an end to the Australian Regulatory
drought or just a temporary deluge
PAGE 36 and download our document
on Article writing tips and
Blogging Best Practice to
29
enhance your skills in this area
Get with the and learn about structure,
programme themes and writing style.
Maria Shalimova
considers recent trends in sanctions Please note: you don’t have to
be an ICA Member to register
against Russia and the increasing
your interest in submitting.
importance of a tailored sanctions
compliance programme If you are interested in
writing an article for
inCOMPLIANCE, email us at:
membership@int-comp.org
and remember to include
your full name and your
topic of interest.
inCOMPLIANCE®
5
ICA partners with Murray Waldren
Murray Waldren Consulting are now the officially
ICA Global
appointed partner to the International Compliance
Association and its strategic training partner,
International Compliance Training Academy, in
Australia and New Zealand.
Initiatives
With extensive expertise in regulatory compliance,
investigations, enforcement and assurance,
and hands on industry experience as AML/CTF
compliance officers, Murray Waldren aim to simplify
the complexities their clients face and to help them
understand, manage and maintain their compliance
ICA continues to pursue initiatives to grow and develop the obligations.
professionalisation of the compliance industry across the world: Murray Waldren specialise in providing current and
• The creation of innovative range of programmes in Singapore upcoming reporting entities with AML/CTF advice,
to map into a new set of competency standards in risk support and strategies to help them meet their
and compliance that are being produced by the Institute regulatory obligations. Their collaborative and agile
of Banking and Finance (IBF), the education arm of the approach makes them ideal tutors for ICA/ICTA
Monetary Authority of Singapore (MAS). workshops and they would be delighted to see you
• We have opened new offices in Hong Kong and Malaysia at an upcoming course. Registrations for enrolment
in Australia and New Zealand are now open for the
as satellites of the regional office in Singapore and we are
following programmes:
hoping to develop new programmes in China.
• ICA qualifications continue to be popular in the Middle East • ICA International Advanced Certificate in Anti-Money
Laundering
with Lebanon being the latest training centre and we are
• ICA International Advanced Certificate in
currently working with the Insurance Authority of the UAE to
Regulatory Compliance
create training and qualifications in financial crime prevention.
• ICA Certificate in Anti-Money Laundering
• We continue to work closely with the European Bank of • ICA Certificate in Managing Sanctions Risk
Reconstruction and Development (EBRD) to provide training
and education support to hundreds of banks across Eastern To find out more you can contact either Alice or Rachel
Europe and North Africa. via: contact@murraywaldren.com or head to the website:
• I will also shortly be presiding at ICA award ceremonies in www.murraywaldren.com
Belarus, Bosnia and Herzegovina, Malta and Russia.
Please put the following important upcoming ICA dates for
London in your diary:
• Wednesday 10 April: Fellows Dinner
• Thursday 11 April: ICA Annual Conference and ICA
Award Ceremony
I look forward to meeting many of you there and sharing a glass
of wine or two.
I hope you enjoy all the great articles in this edition.
'Is Dublin the new London?'
On 30 January we had a fantastic hot topic session, held
in partnership with La Touche Training and Broadgate
Search. The event bought together the governance, risk
and compliance communities in Dublin for a series of light-
hearted interactive conversations, exploring key industry
trends and themes impacting business dynamics.
Bill Howarth “Dublin is seeing an emergence of compliance as a
Executive President new career choice now,” says Tom Perry, ICA Head of
Membership. “People who are brand new to the profession
are seeking qualifications but so are those who could
be classified as ‘seasoned pros’ as they are seeking the
credibility that a professional qualification brings.”
inCOMPLIANCE®
6
ICA NEWS
Events Calendar – AICP
ICA supported our association partner AICP as they held their 14th Manx State of the Nation Conference in the Isle of
Man (IOM). Our two associations share a common goal of educating and enabling compliance professionals to be their
best and the event was a great example of this.
The conference brought together 200
compliance professionals on the Island and
featured contributions from the Chief Minister
about the state of IOM business and the plans
for future growth, along with key contributions
from the main financial regulator and gaming
regulators on the Island.
The conference enabled ICA members and
other compliance professionals to hear about
and discuss with each other the latest areas of
focus for regulators, as well and key themes
they should be considering for their firms. ICA
Course Director Tim Tyler spoke about the
Future of AML and associated risks.
ICA Qualifications launched in Lebanon
We are excited to have partnered with AZM University
in Lebanon to offer ICA qualifications in the region. The
ICA International Diplomas in AML and Governance, Risk
and Compliance will run with face-to-face workshops in
Beirut. The courses commence at the end of March.
inCOMPLIANCE®
7
INDUSTRY NEWS
Industry News
Bribery
investigations
Troika Laundromat highlights money increase
laundering failings 2018 saw an increase in the
number of open investigations
The Organised Crime and Corruption Reporting Project (OCCRP) has published
involving transnational
details of a new Laundromat scheme – dubbed the ‘Troika Laundromat’ – which
commercial bribery worldwide,
channelled billions of dollars of suspicious funds out of Russia over a period of
according to TRACE’s Annual
seven years, the funds being moved between at least 75 shell companies set up by
Global Enforcement Report.
Troika Dialog, which was once Russia’s largest private investment bank.
Europe in particular saw its
OCCRP, which previously exposed the Russian Laundromat and Azerbaijani number of open investigations
Laundromat schemes, explained how this complex financial network enabled climb by approximately 37%,
“Russian oligarchs and politicians to secretly acquire shares in state-owned and the region now accounts
companies, to buy real estate both in Russia and abroad, to purchase luxury for more than half of all foreign-
yachts, to hire music superstars for private parties, to pay medical bills, and bribery investigations.
much more”.
The report also shows a marked
The accounts used within the Laundromat were at Ukio Bankas in Kaunas, increase in US enforcement
Lithuania, a bank that was “shut down in 2013, in part because of its poor activity, with the number of US
compliance history”. According to OCCRP: “Many of the Troika Laundromat enforcement actions increasing by
transactions were highly suspicious, and should have been flagged. For example, more than half.
a given Laundromat company might be trading computers one moment and
The financial services industry
food the next. There was almost no evidence that these companies ever did any
remained the most heavily
real business. It would have been easy to ask any of them for a utility bill, a rental
investigated by US agencies in
contract, or any other supporting documentation that would prove they were
connection with foreign-bribery
more than mere shells. But there is no evidence that Ukio compliance officers
allegations. In other jurisdictions,
ever did this.”
however, the focus remained
According to Transparency International, the findings “reveal the glaring elsewhere, most prominently the
shortcomings in anti-money laundering systems in Europe, and make the case for extractive industries, engineering/
an EU-wide anti-money laundering supervisory authority”. construction, and aerospace/
https://www.occrp.org/en/troikalaundromat/ defence/security.
inCOMPLIANCE®®
inCOMPLIANCE
8
INDUSTRY NEWS
Abu Dhabi
Global Market
consults on AML
The Abu Dhabi Global Market
(ADGM) has consulted on
proposals to revise its regime for
combatting money laundering,
Revolut under the regulatory spotlight the financing of terrorism and
proliferation, and the financing
FinTech startup, Revolut, is under regulatory scrutiny following reports that it of unlawful organisations. The
may have permitted thousands of money-laundering transactions to pass over proposals are aligned with the
its platform, after switching off an automated system for flagging suspicious recently revised UAE Federal
transactions for a period of three months last year. After the claims were anti-money laundering legislation
reported in an article in The Telegraph, the UK Financial Conduct Authority and the recommendations of
(FCA) issued a statement saying: “We have been in contact with the firm the Financial Action Task Force
to understand and assess the issues the article raises”. The company’s CFO (FATF).
resigned in the wake of the news.
The proposals include
According to Jane Jee, CEO, Kompli-Global and Head of the Emerging amending the definition of
Payments Association (EPA) Project Financial Crime, the news “clearly reflects ‘beneficial owner’ and codifying
the urgent need for a pan-European regulator to counter money laundering customer due diligence
more effectively.” “One major concern is that young regulated FinTech (CDD) requirements for the
companies will be a magnet for money launderers because they do not have identification and verification of
access to the data which is available to larger banks as FATF has identified in beneficial ownership. Further,
last year’s Concealment of Beneficial Ownership report,” she adds. they confer on the Financial
In the view of Colin Bristow, Fraud & Anti-Money Laundering Specialist at SAS Services Regulatory Authority
UK & Ireland: “Financial organisations are facing a mountain of transaction (FSRA) the power to register
data in the fight against money-laundering – but that’s not an excuse for and supervise ‘designated
leaving a gaping hole in your net. Revolut’s problems show the damage that an non-financial businesses and
inadequate system can cause to a business’s brand and customer relationships. professions’ (DNFBPS) and, if
It’s imperative to have the right technology in place to detect possible financial appropriate, suspend or withdraw
crimes quickly for money laundering and fraud management purposes.” their commercial licenses.
UK: Surge in data breaches EU publishes ML blacklist
reported to FCA The European Commission has adopted a list of 23 third
countries with strategic deficiencies in their AML and
The number of data breaches reported to the Financial CTF frameworks. Banks and other entities covered by
Conduct Authority (FCA) by UK financial services firms EU anti-money laundering rules will be required to apply
increased to 145 in 2018, up from just 25 in 2017, 7 in 2016 increased checks on customers and financial institutions
and 4 in 2015, according to research from law firm RPC. from these third countries.
RPC says that wholesale financial markets firms, such “Coupled with the recent updates implemented in the
as investment banks, reported the most data breaches 5th EU Money Laundering Directive, the extended list
in 2018, reporting 34 times, up from just three in is likely to lead to enhanced checks and control over
2017. The firm suggests that cyber criminals could transactions with these countries,” says Chris Laws, Dun
be targeting investment banks in the belief that their and Bradstreet. “With such a rapidly changing landscape
security systems are less sophisticated than those of and increasingly sophisticated financial crime, it’s
retail banks. essential to have increased transparency to deter and
According to Richard Breavington, Partner at RPC: identifies illegal activity.”
“Banks remain a top target for cyber criminals. The “It’s more important than ever for businesses to have
figures suggest that the banks are suffering data robust compliance processes in place both for Know
breaches on a frequent basis. The increase in reports, Your Customer (KYC) and Know Your Vendor (KYV)
however, does show that the financial services industry activities,” he adds. “Access to detailed information
is now taking cyber security more seriously than ever. such as beneficial ownership and people with significant
The financial and reputational fallout from a data breach control (PSC) is vital to tackling money laundering
can be serious for a business of any size. They must be and an enhanced level of scrutiny of all business
ready to defend against – and respond to – breaches as relationships is essential to identify and mitigate any
efficiently as possible.” potential risks.”
inCOMPLIANCE®
9
ICA CONFERENCE PREVIEW
Continuing the
conversation
James Thomas previews the ICA’s
forthcoming Annual Conference
inCOMPLIANCE®
10ICA CONFERENCE PREVIEW
F
ollowing hugely positive feedback on previous events, around the most significant issues facing individuals and
the 2019 ICA Annual Conference – The Big Compliance compliance as a whole.
Conversation … Continued – will build upon and The morning’s panel session – The skills of the future
refine the formula established in recent years, with keynote compliance professional: is your job description changing?
presentations and panel discussions bookending a series of – will set the tone for the day, with ICA Fellows leading a
smaller ‘breakout’ sessions (see Box 1), which are aimed at discussion concerning the skills and knowledge required
offering delegates greater choice and more opportunities to by compliance practitioners in the future, and where
network and participate. compliance is heading as a profession from the perspective
The structure and content of the conference reflect the of both individuals and their employers.
ICA’s broader aims of providing Members with focused, A range of breakout sessions will follow, covering a
personalised and role-specific information to support diverse range of topics, from the technology-focused (e.g.
their individual development as practitioners, as well RegTech and crypto risk), to issues surrounding professional
as driving compliance forward as a profession through development (e.g. guidance on leadership skills and on
raising standards of competence and leading the debate how to raise your professional profile). The content of
these sessions will cut across regulatory and financial crime
Box 1: Breakout streams compliance, while also offering a broader perspective from
outside of the financial services, with some sessions drawing
• How do I make RegTech work for my business? – on the views of Fellows from outside of the financial sector
Fiona Hipkiss FICA, Managing Director, Hines Europe Ltd (for example, with legal and third sector experience).
• AML audits – are you asking the right questions? As with previous conferences, these sessions will be led
– Dawn Fisher FICA, Deputy MLRO at Arbuthnot primarily by ICA Fellows.
Latham & Co In line with the continuation of the ICA’s Big Compliance
• Compliance in the legal sector or financial services Conversation initiative, the breakout sessions will ensure
– two sides of the same coin? – Samantha Pointon not only the delivery of thought-provoking content but will,
FICA, Solicitor importantly, provide those attending with the opportunity
• How can I raise my professional profile and why to participate, engage and share in the conversation.
should I? – Jenny Kovacs, Visibility Specialist and With networking opportunities throughout the day,
creator of the Visibility VIBES™ system delegates can forge new relationships and ensure that the
• Going beyond the public domain – how does business conversation continues long after the event finishes.
intelligence enhance risk management? – Kathleen
Wainwright, Regional Manager Business Intelligence The conference will take place on Thursday 11 April 2019,
EMEA, Refinitiv at etc. venues. 200 Aldersgate.
• Are you a compliance leader? – Robin Lawrence,
Executive Coach, The Leadership Trust For further details, and to reserve your place, go to:
• Crypto risk – old dog, new tricks? – Anthony https://www.int-comp.org/events/ica-annual-conference-
Eskander, Barrister, Church Court Chambers london/
• Is this a new era for transaction monitoring? –
Nishanth Nottath, Global Head of Transaction Attending the ICA Annual Conference is worth 6 CPD points.
Monitoring – FCC (Stewardship), HSBC
• Do businesses need a Director of Compliance? –
Paul Asare-Archer FICA, Director of Compliance, The True Cost of Financial Crime
Telefonica UK
• Have you benchmarked your financial crime risks? – Immediately before the conference, the ICA will
Richard Smolicz, Director AML, CTF, Sanctions and be showcasing its latest collaboration with ITN
ABC, Nationwide productions, ‘The True Cost of Financial Crime’, A 20
• Streamlining KYC – what solutions can RegTech offer? minute news-style programme exploring the impact
– Avere Hill, Co-founder and CEO, EMEA. of criminal activity on both businesses and individuals
• Is it time to look beyond systems and controls? and the importance of the compliance function as an
– Tyrone Griffiths FICA, Managing Director, AML enabler of ‘good’ business through education, advice
Assessment Ltd and providing solutions.
• How risky is the third sector? – Trevor Barratt FICA,
Non-Executive Director See the ICA website for further details: https://www.int-
• What role should compliance play in digitisation comp.org/events/ica-annual-conference-london/
initiatives? – Vivek Padmanabhan FICA, Head,
Compliance, Transaction Banking, AME. Standard
Chartered Bank
• How ethical are you? Murray Grainger, Founder of
Impact on Integrity and Gail Wessels FICA, Risk Specialist
inCOMPLIANCE®
11Big thinking
Big ideas
Big changes
It’s time to continue with your learning journey.
Upskilling is vital for the advancement of your career; learning
and growing means you will see the bigger picture, enabling big
ideas that can lead to big changes at your firm.
ICA Professional Members receive a 10% discount on
subsequent ICA qualifications and ICA Fellows receive
a 15% discount. If you’re thinking about upskilling your
team, group discounts are also available (as well as
customised learning options).
Be one step ahead and take the next step in your
career with your next ICA qualification.
Find out more: www.int-comp.org/qualifications
ICAA11808
ICA AUDIT
Is your firm ready for certification?
Maintain standards and safeguard your business
ICA Audit provides your company with Why ICA Audit?
Management System Certification mapped to ISO • gain the confidence of regulators
Standards. ICA Audit is suitable for any regulated • recognise and manage risks
organisation looking to identify risks within their • optimise efficiency and costs
management systems to enhance their compliance • provide additional defence for regulatory scrutiny
management processes. • achieve business growth opportunities
• achieve public sector contracts
Are you aware of a problem but unsure as to the cause? ICA Audit helps you drill
down to the heart of the issue and highlight the key areas which require attention.
Safeguard your firm. Contact us today:
www.int-comp.org/icaaudit
+44 (0) 121 362 3532
ICAA831AML / CFT
The road is long…
Dean Rowan considers current regulatory,
compliance and AML challenges facing the Middle East
inCOMPLIANCE®
13AML / CFT
O
ver the last decade, Arab Emirates [UAE], Qatar, Bahrain, Inclusive Framework
regulators around the and Oman) are striving to bolster on BEPS
world have undertaken an their international reputation for Other international initiatives, such
unprecedented level of coordinated encouraging foreign investors. Foreign as the OECD and G20’s initiative
action aimed at creating stability in direct invesment is fundamental to on an “Inclusive Framework on
the face of the unrelenting volatility the region’s transformational plans Base Erosion and Profit Shifting”
and fragility witnessed in the global and, at the risk of stating the obvious, (BEPS) became very important to
financial markets. This has resulted GCC countries have their currencies the Middle East when, in late 2017,
in a significant expansion in the linked, (either direct or basket) to the Bahrain and the UAE (along with 15
volume of regulations, alongside US Dollar. other jurisdictions), were added to
increased enforcement activity and What makes compliance in the the EU’s “Blacklist of Tax Havens”
the imposition of substantial penalties Middle East more challenging (and for (i.e. jurisdictions considered to be
for non-compliance. The end goal is to me rewarding) are its specific cultural non-cooperating against a wider
bring transparency, accountability and and economic characteristics. Let us tax evasion agenda). While this
stability into global financial markets. consider first the successes and then fundamentally looks unfavourable, it
This has placed a hitherto the challenges facing the region. was rather an indication that BEPS
unparalleled burden, responsibility
and liability on both the Board and
management of regulated firms, to
Notwithstanding the challenge facing
ensure that their organisations meet us all to comply with global
their commercial objectives while
managing an ever more complex
regulations, there has been significant
and expensive suite of compliance progress in the Middle East, much of
obligations. Of particular note are which has yet to be appreciated by the
the regulations concerning anti-
money laundering (AML) / know international community
your customer (KYC) and counter
terrorist financing (CTF), which have The growing had been lower on the regulatory
resulted in a mind-numbing number influence of FATF agenda before the “Blacklist” was
of regulatory enforcements, involving Several Middle East countries have introduced. Prompt actions by
financial penalties of ever-increasing been active members of the Financial Bahrain, UAE (in May 2018) and Qatar
value for non-compliance. Action Task Force (FATF) for more (in September 2018) resulted in a
than a decade, with Saudi Arabia resolution, with all three countries
Significant progress seeking (although not obtaining) full joining the BEPS Inclusive Framework
This article focuses specifically on membership in October 2018. (IF). Such decisive actions are a clear
the Middle East, a region that is As the G7-initiated international demonstration of the regions’ desire
often poorly understood. Does the policy-making organisation that to meet international standards: to
Middle East have issues? Absolutely! develops policies to combat money protect the reputation and improve
Like every other region in the world, laundering and terrorist financing, international perceptions of each
the Middle East is striving – and FATF issues “Recommendations” impacted country.
at times struggling – to cope with with member countries undertaking
the volume – and implementation evaluations to produce country- Regulator decisiveness
timetables – of the ever-increasing specific “Mutual Evaluation Reports” Middle East regulators are becoming
swathe of global regulations. (MER). Each MER highlights a more actively decisive. This was seen
Notwithstanding the challenge country’s technical compliance with most recently in the 22 November
facing us all to comply with global the FATF Recommendations and 2018 enforcement action by the
regulations, there has been significant the effectiveness of its AML and Central Bank of Bahrain, in which
progress in the Middle East, much of CTF programmes. the central bank removed the entire
which has yet to be appreciated by As of June 2018, FATF had identified Board, the CEO and the CFO (for
the international community. However, eight jurisdictions with strategic failing to be “fit and proper” for the
despite this progress, the journey is far deficiencies, two of which were in role) of the Bahrain Middle East Bank
from complete. the Middle East (Syria and Yemen). (BMB). Information on BMB remains
It is worth bearing in mind, for Separately, FATF lists 45 countries as scant and this will be an interesting
example, that it is critical for the “High Risk”, with nine of these being in case to follow.
Middle East to conform to all US (and the Middle East. This watershed action against the
global) regulatory, compliance and Progress in the Middle East has been Board of a financial institution is
AML standards. Countries in the Gulf considerable with the most recent welcome as it sends, perhaps for the
Cooperation Council (GCC; comprising favourable MER report being issued on first time to the entire GCC, a clear
Saudi Arabia, Kuwait, the United Bahrain during September 2018. message to Boards that they
inCOMPLIANCE®
14AML / CFT
(and management) are occasion, an insufficient interpretation GCC regulators. For example, the Dubai
ACCOUNTABLE. It is hoped that the of regional applicability that can result Financial Services Authority (DFSA)
action will result in a continuing in the imposition of an undue level of imposed only five fines during the
focus on governance improvements cost, without necessarily achieving period 2011-2015, totalling US$9.5m.
and an increase in the number of the requisite regulatory benefit. This is Interestingly most of these regulatory
professional non-executive directors particularly so given a large number of actions, although AML/CTF related,
(NEDs) appointed. smaller institutions in the region. referred to failings in systems and
The developments outlined above Further, the regulators often issue controls, rather than to actual cases of
represent positive steps forward that regulations with tight and, on occasion, money laundering or terrorist financing.
have been made within the region. But unreasonable deadlines. While the Mashreq Bank fine was
what of the challenges remaining? against the bank itself, the regulator
Perception as a ‘light touch’ also imposed fines on both the
Compliance and risk (not) at regulatory regime AML Officer and the Compliance
the senior executive table Despite the significant progress the Officers for “concealment” from the
Notwithstanding the global financial region has made in its development regulator. The lesson for compliance
crisis and the specific economic and implementation of sophisticated professionals is not to underestimate
issues facing the region – and while AML programmes, and its zeal for your responsibility and to recognise
still acknowledging the substantial the implementation of international your potential liability.
progress that has been made – regulations, the global perception is
representatives from compliance that the Middle East has a ‘lighter’ Region-specific KYC
and risk functions still do not sit at regulatory environment when and CDD challenges
enough executive committee tables compared with Europe and the USA. While KYC and CDD can be challenging
by comparison to several other US regulators, in particular, remain for us all, there are unique issues in
jurisdictions. Regretfully, as in many sceptical of Middle East compliance GCC, as summarised below:
parts of the world, compliance is often with AML. This is displayed, in part, • Cultural – One of the most challenging
undertaken at the lowest possible cost, by the sanctions placed on the region issues in the Middle East is the culture,
with the true cost of non-compliance and in recent fines, such as the US which is private, almost secretive,
only felt when an organisation is under Department of Financial Services’ meaning that obtaining even basic
pain of regulatory scrutiny, often with October 2018 fine of US$40m on the information is often difficult.
resultant financial penalties. UAE-based, Mashreq Bank PSC, for • Addresses – Traditionally, home
violations of the US Bank Secrecy Act and street addresses did not exist
A lack of integration (BSA) and AML laws by its New York in many Middle East countries
Continuing from the above, compliance branch’s US dollar clearing operation. with mail sorting being performed
and risk are not embedded into front- The issue of a ‘light touch’ regulatory manually and primarily to P.O. Boxes.
line business protection to the same regime is problematic given the To validate addresses during the
depth and extent as in international importance of international business onboarding process, relationship
institutions. Having said that, the to the region, and specifically business managers often conducted house
international press constantly, and with the US, the linking of GCC visits. However, this is rapidly
almost monotonously, highlights the currencies to the US, and the obvious changing. For example, in 2018, the
continuous repetition of failures (and receipt of petrochemical revenues Saudi Arabian Monetary Authority
resultant fines) on ‘reputable’ global based on the US dollar. (SAMA) issued a directive for banks
names that have spent billions on and financial institutions to perform
remediation (often not by choice) and Number and size of KYC and onboarding using addresses
that have a massive allocation of staff penalties and enforcement from the “National Address System”
on compliance issues: and yet the The perception of the Middle East as (which is based on unified address
failures and fines continue. a ‘light touch’ regulatory environment data storage through the Geographic
So, given the low level of fines issued is accentuated by both the low level Information System [GIS] meaning
by GCC regulators, perhaps the GCC of enforcement actions and the low that the country’s postal services are
has the right balance? value of financial penalties issued by aligned with global standards).
Quantum and speed of
international and domestic Get more on the CPD Portal
regulation • UAE Hot topics in AML compliance
Regulators in the Middle East continue https://www.int-comp.org/uae-aml-compliance
to demonstrate their desire and
willingness to implement the ever- Not a member?
increasing suite of global regulations. For access to the ICA CPD Portal, among other benefits, become a member today:
This zeal, combined with the higher www.int-comp.org/membership/why-become-a-member
level of prescription, results in, on
inCOMPLIANCE®
15AML / CFT
• Womens' addresses – Validating Regulators in the Middle East continue
the address of women is often
difficult, as often the KYC validation
to demonstrate their desire and
documentation is in the name of a willingness to implement the ever-
male family member/relative. increasing suite of global regulations,
• Spelling names – Spelling is a
challenge, with many variations of a occasionally resulting in an insufficient
single name and even inconsistency interpretation of regional applicability
in spelling been between official and
government-issued documents. and purpose of the underlying our organisations understand the
• Transliteration – The translation of transactions, which is of particular economic and ethical responsibilities
names regularly causes issues (i.e. importance for sanctions monitoring. (and benefits) of minimising financial
phonetic or alphabetic translation crime, money laundering and terrorist
differences). Gatekeepers financing. Indeed, we sometimes
• Dates of birth – Many individuals Designated Non-Financial Businesses forget the human suffering that is
do not know their birthdates and or Professions (DNFBP), such as endured by those least able to protect
passports are often incorrectly lawyers, notaries, accountants, themselves from organised crime.
shown as ‘1 January’. advisors, real estate and dealers in In summary, the Middle East has
• Sources of funds or wealth – This is precious metals and stones, have demonstrated that it is a committed
a real challenge due to the privacy operated until recently without partner by actively pursuing
issue detailed above. any need for registration or money transparency and accountability
• Beneficial ownership – There is laundering reporting/monitoring. and the prompt implementation of
no central registry of beneficial Hence these routes have the potential international best practice standards.
ownership. to be misused. DNFBPs have become Both the regulators and the banks
• International Tax Transparency a focus point for FATF in-country seek to be considered as truly valued
Initiatives: FATCA and CRS – As evaluations. contributors to the global fight against
the Middle East is a relatively tax- money laundering and financial crime.
free jurisdiction, the concept of tax Unintended consequences While the Middle East has made
disclosures is not well understood or The global regulators have (as they tremendous progress to comply with
received. should) pursued with vigour an the ever-increasing suite of global
• Poor reporting – Poor reporting agenda to reduce money laundering, and regional regulations, the road is
practices across the Middle East terrorist financing and organised still long, and the journey hindered
render due diligence difficult crime. However, FATF regulations and by the specific cultural and economic
as audited financial statements are the continuing and relentless punitive challenges.
not easily available, with often- actions by regulators have had Regulators and institutions
convoluted ownership structures, unintended consequences. strive to do what is right. However,
resulting in a time-consuming and These, in combination with increased alongside continuing failures, we
expensive cost of onboarding by capital costs, mean that banks have also see an ever-increasing suite of
financial institutions. become so risk (and penalty) averse global regulations. The unintended
• Prevalence of unlicensed business that many are de-risking by dropping consequences of this has been
– Too often firms operate under a customers (and entire business de-risking and the driving of transactions
single license, while undertaking segments). Further, many global banks into the non-regulated, ‘shadow banking’
other (unlicensed) activities (e.g. have been de-risking by reducing the system, increasing systemic risk, and
a firm licensed in free zone as a number of correspondent banking reducing the effectiveness of fighting
management consultant, while also relationships that they hold (this is financial crime and terrorist financing.
providing financial services). now a global issue and relates to many In trying to protect the financial system,
• Wire transfers – With the near countries, not only the Middle East). the regulators may be reintroducing
absence of taxes and hesitation As a result, de-risking has led to contagion and increasing systemic risk
regarding the disclosure of many legitimate businesses and in the global banking system: the system
financial statements, it is difficult economies having only limited they have tried so hard to protect.
to determine if the transactions (or even no) access to the global
by a counterparty match both financial system. Dean Rowan is Group
their business activity and Chief Compliance
appropriateness of the financial Taking responsibility and Group Chief Risk
resources of the remitting party. Although this article is focused Officer at Gulf One
• Layering transfers – The regional on the responsibilities of financial investment bank and
practice of layering of transactions institutions, may I remind every one a member of the
through multiple entities makes of us that we have a personal and ICA Technical
it difficult to ascertain the nature moral responsibility to ensure that Advisory Board
inCOMPLIANCE®
16REGTECH
Backing
the future
With regulators championing the automation
of regulation and compliance, Simon Gray
and Professor Philip Treleaven explore
emerging technologies and reveal their
potential to transform the financial sector
inCOMPLIANCE®
17REGTECH
T
he data science technologies of artificial intelligence Box 1: Data Science and Technologies
(AI), the Internet of Things (IoT), Big Data and
behavioural/predictive analytics, and blockchain are In transforming regulation, the core technologies are:
poised to revolutionise regulation and compliance, creating • Data Facilities – Online facilities of regulatory data
a new generation of RegTech start-ups. Examples of current collected by national government agencies, and often
RegTech systems include: chatbots and intelligent assistants open source for public access and analysis (e.g. www.
for public engagement, robo-advisors to support regulators, data.gov);
real-time management of the compliance ecosystem using • The Internet of Things (IoT) is the inter-networking of
IoT and blockchain, automated compliance/regulation tools, ‘smart’ physical devices, vehicles, buildings, etc. that
compliance records stored securely in blockchain distributed enable these objects to collect and exchange data;
ledgers, and online regulatory and dispute resolution systems. • Chatbots – systems for interacting with regulated
Further, in the near future regulations will be encoded as companies, registrants and the general public using
understandable and executable computer programmes. natural language and speech;
Priority areas include computer-executable regulations, and • Big Data is the process of examining very large
the regulation of AI algorithms. datasets to uncover hidden patterns, unknown
correlations etc.; datasets that are so complex that
Why automate regulation and compliance? traditional data processing application software is
Automation is all the rage but why is this happening and what inadequate to deal with them;
are the benefits? In short: money. Cost savings and greater • Behavioural/predictive analytics – The analysis of
efficiency are both imperatives and key drivers. Indeed, the large and varied datasets to uncover hidden patterns,
UK Chancellor Philip Hammond put it well in a speech to the unknown correlations, customer preferences etc. to
second International FinTech Conference in London in March help make informed decisions;
2018. His speech covered many areas of financial innovation, • Artificial intelligence (AI) – Systems able to perform
but perhaps the most significant aspect from a compliance tasks normally requiring human intelligence;
perspective was his announcement that the UK Financial • Blockchain technologies – The technology
Conduct Authority (FCA) and Bank of England are moving underpinning digital currency, which secures, validates
towards automating regulatory compliance.1 and processes transactional data.
The intended benefits of this automation are reduced
costs for financial services firms as well as the removal of a
key barrier for FinTech firms as they enter financial services Data’ (analytics). In general, Big Data provides the opportunity
markets. Indeed, the proposed automation is part of the UK to examine large and varied datasets to uncover hidden
government’s new FinTech Sector Strategy2, which seeks patterns, unknown correlations, customer preferences etc. Big
to retain the UK’s position as ‘the global capital of FinTech’ Data encompasses a mix of structured, semi-structured and
well beyond Brexit. After all, FinTech contributes nearly $7bn unstructured data gathered formally through interactions with
citizens, social media content, text from citizens’ emails and
The intended benefits of survey responses, phone call data and records, data captured
by sensors connected to the IoT and so on. Big Data is
automation are reduced increasing in both volume, the variety of data being generated
costs for financial services by organisations, and the velocity at which that data is being
firms as well as the removal created and updated (referred to as the ‘3Vs’ of Big Data).
of a key barrier for FinTech Behavioural and predictive analytics
firms as they enter financial Behavioural and predictive analytics, which focuses on
providing insight into the actions of people, is closely related
services to Big Data. Behavioural analytics centres on understanding
how consumers act and why, enabling predictions about how
to the UK economy each year and London is home to 17 of they are likely to act in the future. Predictive analytics is the
the top 50 international FinTech firms.3 Moreover, in 2017, practice of extracting information from historical and real-time
investment in UK FinTech more than doubled. datasets to determine patterns and predict future outcomes
The pace at which this sector is evolving, and the and trends. Predictive analytics ‘forecasts’ what might happen
technical terminology surrounding it, creates a challenge for in the future with an acceptable level of reliability, and includes
compliance practitioners to stay abreast of these emerging ‘what if?’ scenarios and risk assessment.
trends. With that in mind, the following sections explore in
greater detail some of the key technologies discussed above Artificial intelligence
and outlined in Box 1, using ‘normal’ language. AI technologies power intelligent personal assistants,
such as Apple’s Siri, Amazon’s Alexa, ‘robo’ advisors, and
Big data autonomous vehicles. AI provides computers with the ability
Regulators collect huge volumes of data (increasingly open to make decisions and learn without explicit programming.
sourced), presenting major opportunities for so-called ‘Big There are three main branches:
inCOMPLIANCE®
18REGTECH
• Machine Learning, which refers to a type of AI programme
with the ability to learn without explicit programming,
which can change when exposed to new data;
• Natural language understanding, which involves the
application of computational techniques to the analysis and
synthesis of natural language and speech; and
• Sentiment analysis, which is the process of
computationally identifying and categorising opinions
expressed in a piece of text.
Blockchain technologies
Perhaps the most popular and much-coined term in FinTech,
the core blockchain technologies are:
• Distributed ledger (DLT) – A distributed ledger is a
decentralised database where transactions are kept in a
shared, replicated, synchronised, distributed bookkeeping
record, which is secured by cryptographic sealing. Its key
attributes are: resilience, integrity, transparency, and the
fact that it is unchangeable or mostly ‘immutable’.
• Smart contracts are computer programmes that codify
transactions and contracts, which in turn ‘legally’ manage
the records in a distributed ledger.4
Automating regulation and compliance
The challenge of digital regulatory reporting (DRR) has
become a core focus of regulators. Indeed, in October 2018
the FCA issued its Feedback Statement on its Call for Input
FS18/2. This call for input outlines a “proof of concept”
developed at its TechSprint initiative in late 2017⁵, which
seeks to make it easier for firms to meet their regulatory
reporting requirements and improve the quality of the data
that they provide. The feedback analysis weighs up the
pros and cons of each of the following concepts, namely:
disambiguation of reporting requirements; common data
approach; mapping requirements to firms’ internal systems;
a mechanism for firms to submit data to regulators; utilising
standards to assist the implementation of DRR; a common
data model; application programming interfaces; DLT
networks; disambiguation of regulatory text; and of course
utilising standards to assist the implementation of DRR.
The potential benefits of DRR can be summarised as follows:
• A reduced need for firms to interpret rules, making
the information submitted to regulators more accurate
and consistent;
• An increase in efficiency via reductions both in time and costs
taken in complying with regulatory reporting requirements;
As the combination of software and hardware is producing
intelligent algorithms that learn from their environment
and may become unpredictable, it is conceivable that, with
the growth of multi-algorithm systems, decisions will be
made by algorithms that have far-reaching consequences
for humans. It is this potential of unpredictability that
supports the argument that algorithms should have a
separate legal identity
inCOMPLIANCE®
19REGTECH
Get more on the CPD Portal growth of multi-algorithm systems, decisions will be made
• The Impact of RegTech and FinTech on the Regulated by algorithms that have far-reaching consequences for
Sector https://www.int-comp.org/regtech-fintech humans. It is this potential of unpredictability that supports
the argument that algorithms should have a separate legal
Not a member? identity, so that due process can occur in cases where
For access to the ICA CPD Portal, among other benefits, unfairness occurs. The alternative to this approach would
become a member today: www.int-comp.org/membership/ be to adopt a regime of strict liability for those who design
why-become-a-member or place dangerous algorithms on the market, to deter
behaviours that appear or turn out to have been reckless. Is
this a case of bolting the door after the horse has escaped?
• An increase in the attractiveness of the test
jurisdiction’s regulatory framework for firms operating Seizing the day
or considering operating in a certain jurisdiction; The prolific short story writer, Saki (H.H. Munro), used the
• An increase in the consistency of the information that term: “Design in haste, repent at leisure”. It is fair to say
regulators receive by reducing potential ambiguity that a number of key regulators – such as the FCA, The
within reporting requirements; Australian Securities and Investments Commission, the
• The potential to implement future reporting Monetary Authority of Singapore, and the British Virgin
requirements more quickly, and to improve the Islands’ Financial Services Commission – are backing the
quality of data that are received were also commonly- future and facilitating innovation fast. However, their high
noted benefits; level of consultation with key industry players means that
• The provision of higher quality data is seen as a repentance is unlikely – and why, with such cutting edge
potential benefit for both regulator and regulated; initiatives, should it be? We all know about tempus fugit
• A potential improvement in information sharing and ‘time flying’ but some of these leading regulators
between firms, specifically internal risk and may just be more about carpe diem or ‘seizing the day’.
management purposes. And long may that continue! If robots do their jobs, then
perhaps some complacent regulatory noses deserve to
Regulation and legal status of algorithms be put out of joint and it may be appropriate to “cock a
While the foregoing describes the potential benefits, snook” at the also-rans. Time will tell.
what of the emerging challenges that such technologies
may introduce? One such challenge concerns the legal Simon Gray is Head of
status of the algorithms upon which many of these Business Development and
technologies are based. Marketing at BVI Finance
Legal redress for algorithm failure seems and is a Fellow of the ICA.
straightforward. If something goes wrong with an Professor Phillip Treleaven
algorithm, simply sue the humans who deployed the has the Chair in Computer
algorithm. However, in practice it may not be that simple: Science at University
for example, if an autonomous vehicle causes death does College London
the lawsuit pursue the dealership, the manufacturer, the
third-party who developed the algorithm, the driver, or
the other person’s illegal behaviour? This stimulates the 1. https://www.gov.uk/government/speeches/chancellors-
debate of whether or not algorithms should be given a speech-international-fintech-conference
legal personality in the same way as a company. 6 2. https://www.gov.uk/government/publications/fintech-
As we know, a ‘legal person’ refers to a non-human sector-strategy
entity that has a legal standing in the eyes of the law. A 3. https://www.computerweekly.com/news/252437357/
graphic example of a company having legal personality Chancellor-of-the-exchequer-announces-UK-fintech-strategy
is the offence of corporate manslaughter, which is 4. A smart contract is not necessarily related to the classical
a criminal offence in law being an act of homicide concept of a contract, but can be any kind of computer
committed by a company or organisation. Another programme. In 2018, a US Senate report said: "While smart
important principle of law is that of agency, where a contracts might sound new, the concept is rooted in basic
relationship is created in which a principal gives legal contract law". https://www.jec.senate.gov/public/_cache/
authority to an agent to act on the principal’s behalf files/aaac3a69-e9fb-45b6-be9f-b1fd96dd738b/chapter-9-
when dealing with a third party. An agency relationship building-a-secure-future-one-blockchain-at-a-time.pdf
is a fiduciary relationship. It is a complex area of law with 5. www.fca.gov.uk/firms/our-work-programme/digital-
concepts such as apparent authority, where a reasonable regulatory-reporting
third party would understand that the agent had authority 6. The case of Salomon v A. Salomon & Co. Ltd
to act. established the principle of “separate legal personality”
As the combination of software and hardware is producing as was provided in the Companies Act of 1862 and as
intelligent algorithms that learn from their environment and it is still provided in the Companies Act of 2006 under
may become unpredictable, it is conceivable that, with the UK Company Law.
inCOMPLIANCE®
20You can also read
