Banks are being charged by governments with preventing financial crime. Given the cost and complexity of this task, the only way they can effectively manage this new role is by utilising new third-party databases and information exchanges.

I have recently spent a lot of time talking about KYC (know your customer), AML (anti-money laundering), client onboarding, PEPs (politically exposed persons) and SARs (suspicious activity reports). It’s all wrapped up in financial crime, compliance, legal, audit and operational risk. 

The core of the issue was sparked by the US regulators going after HSBC over money laundering and Standard Chartered over violating US sanctions, but has spread to London where the Financial Conduct Authority (FCA) has started fining firms for misdemeanours.

Some might say about time, as the FCA’s predecessor the Financial Services Authority (FSA) did pretty much nothing about money laundering in the City. And, as an FSA report stated: “Three-quarters of the banks in our sample failed to take adequate measures to establish the legitimacy of the source of wealth and source of funds to be used in the business relationship.”

Hence, it is low-hanging fruit to investigate a bank and fine it. Some say that’s what happened to HSBC when it was hit with $1.9bn of fines for money-laundering breaches in the US. Most of this was related to terrorism funding in the Middle East and drug-trafficking in Mexico.

One of the chief problems facing banks is that sometimes you just cannot tell who is a launderer and who is not. An Iranian-born businessman, who has lived in the US for years and now has dual US nationality, will open an account as an American citizen and send funds to Iran. Is that illegal? How could the bank know this in advance?

Ask any bank how many PEPs their counterparties might be shielding and they have no idea. 

The dollar is the global reserve currency. Money launderers and terrorists want to trade in dollars and banks are the easiest way to do this. Or they used to be. Now, they are all running scared of the US authorities and so they are all throwing suspicious countries off the network.

But what happens when these countries, companies and individuals are thrown off the network? They just find a way around the network.

In Africa, we are seeing nested accounts growing rapidly, whereby countries off the network work through countries on the network to transact. The growth of alternative payment schemes such as Bitcoin is fuelled by the actions of countries and regulators to throw those who need to transact off the network.

Fighting financial crime

The bottom line is that there are huge problems catching and tracking financial crime. This is not cybercrime where criminals are robbing the bank, but those financing illegal activities via the banks.

Governments view banks as police for financial crime. It’s an interesting nuance in our world of money. Banks are commercial businesses but, for money laundering purposes, they are the police. That is why governments fine banks so heavily when they’re not acting as effective police. If banks do not effectively stop the use of accounts for criminal purposes, it is not always the criminal held accountable but the bank. That is how banks get a licence and can lose it, although I cannot think of a bank that has lost its licence due to money laundering weaknesses.

So physical police protect our home, assets and person, with insurances to ensure that when they fail you are covered; banks protect our digital assets and ensure that society is not compromised by crime through the gains that criminals could make through money flows.

But, there are numerous challenges to being the money police, which are heightened by the global network. That’s why banks have to be at the heart of global crime, and why cover notes and sanctions tests are offered through the Swift network. It is why we have
PEP databases and KYC.

The question then is: do banks apply such rules effectively? And the answer is no. Banks apply the rules as much as they feel they need to, within budget. A bank will apply the minimal level of AML controls to meet the rules, but the regulator will ask if it did enough if they find a breach of those rules and, if not, will go after the bank. 

But there are some things that are starting to change the game. For example, a secure web-based communication platform, KYC Exchange, allows clients to enter their KYC data into one central hub, which is then shared with all relevant entities. This means that you don’t need to enter KYC with every counterparty globally but just once and it’s shared on request, and updated through the cloud when anything changes.

That’s an elegant solution, and there are others. But, the core of all of this really is identity. Identity is the new money. It’s identity that is at the core of KYC and if you have effective digital identity management then the policing of financial crime should become much easier. That’s where the solution lies. ​

Chris Skinner is an independent financial commentator and chairman of the London-based Financial Services Club.

PLEASE ENTER YOUR DETAILS TO WATCH THIS VIDEO

All fields are mandatory

The Banker is a service from the Financial Times. The Financial Times Ltd takes your privacy seriously.

Choose how you want us to contact you.

Invites and Offers from The Banker

Receive exclusive personalised event invitations, carefully curated offers and promotions from The Banker



For more information about how we use your data, please refer to our privacy and cookie policies.

Terms and conditions

Join our community

The Banker on Twitter