The situation in the Ukraine and the expulsion of Russian businesspeople from global financial networks another. And the refocus of UK government strategy on fraud – Action Fraud reform, Government Digital Fraud Committee, Public Sector Fraud Authority. Not to mention the UK Government’s Economic Crime Plan 2, announced last week, which sets out £400m of investment to tackle economic crime in the next three years. It all highlights the growing frustration at the view that we are not doing enough to tackle financial crime and the inability to hold organisations to account and a clamour to find them responsible for illegal behaviour.
Presently, it is very difficult to pin the blame for money laundering, fraud, false accounting to an organisation. Debatably, current powers could be adapted and the government has duly set forth on a path to change current legislation which will hopefully make it easier to penalise organisations who don’t do enough to prevent ML, fraud and false accounting (aka cooking the books). HMRC and regulators are quick enough to penalise organisations for tax evasion or bribery offences. And fraud and money laundering failings should be just as easy to prosecute against.
What is likely to happen
Details are still unclear on whether it’s just financial services organisations that are covered. But it should mean that to defend any allegations, corporates would need ‘adequate procedures’ in place. Proposed changes in legislation under the Economic Crime and Corporate Transparency Bill will follow the framework of the UK Bribery Act and Tax Evasion legislation. And it’s likely that lessons learned from the failure to prosecute under the Bribery Act, will result regulators showing off new powers.
What should firms do now?
At a minimum, organisations should assess frameworks that cover money laundering, fraud and false accounting. This means an assessment of governance, systems and controls, monitoring, assurance etc. And they really should consider independent assurance on their framework. At the outset, they need to be conducting a gap analysis to spot areas of weakness and going forward, they need to be conducting the same thing periodically. So what should firms focus on?
- Risk assessment: ensure you understand all risks and incorporate known and potential typologies into the risk assessment; ensure it’s up to date; and that it covers not just current, but future risks
- Proportionate controls: ensure there are tested, proportionate controls in place that are aligned to risks
- Culture: there is no point in proper controls unless they are embedded in the organisation’s psyche. Your people need to dance the dance. What is the diktat from top of the organisation? What is your executive team saying? They need to set the tone in terms of AML adherence and following and implementing controls
- Communication and training: are your staff equipped to help counter financial crime? You need to have the right internal communication procedures and training in place
- Monitoring and review: the right systems and controls will enable you to monitor the success of your fraud prevention framework
- Data: ensure the data strategy is geared up for utilising multiple data points for customers, to both aid the journey (ease friction of doing business) and enhance risk mitigation
- Technology: lessen the compliance burden by making the most of opportunities to automate processes, predict future behaviour and reduce manual effort
The fight against money laundering and fraud is a long-fought battle. And there are no signs of it abating – it’s getting worse. And as regulators tool up with laws and legislation to prosecute those that are not toeing the line, it’s down to every financial institution to check they are on the right side of the law. It’s not just the threat of gargantuan fines. From a moral and reputational perspective, it’s the right thing to do.
If you want to speak to someone at Valcon about how to ensure your money laundering, fraud, bribery and corruption, sanctions or market abuse framework (including procedures, systems and controls) are up to the task, get in touch with [email protected]