In the eye of the storm: financial crime compliance in volatile times

January 2024  |  SPOTLIGHT | FRAUD & CORRUPTION

Financier Worldwide Magazine

January 2024 Issue

William Shakespeare’s play, ‘The Tempest’, begins on a ship in the middle of a violent storm as the crew attempts to battle through. Compliance professionals may find themselves familiar with this theme, as financial crime typologies evolve at pace in both scope and severity.

Sanctions, deployed mostly against Russia, continue to expand on a seemingly weekly basis. Divergent practices among different countries, in terms of both targets and methodologies, create uncertainty for multinational businesses. An action which may be permitted under one sanctions regime may be prohibited under another, which in turn may create issues for cross-border operations in terms of execution, continuity and even staffing. It is also particularly difficult for businesses with subsidiaries in different countries to ensure compliance with sanctions throughout the business chain. Dealing with sanctions evasion continues to be a Herculean task. Those wishing to circumvent sanctions are using increasingly layered techniques to do so, ranging from opaque ownership structures to advanced technology in order to mask their location.

Ransomware is another area of concern. Malicious state-sponsored actors continue to target critical sectors. In its Annual Review, the UK’s National Cyber Security Centre warned that the UK’s critical infrastructure faces an “enduring and significant” threat, in part due to a rise of state-aligned groups and an increase in aggressive cyber activity. Ransomware attacks often involve the use of cryptocurrency as a payment method in order to obfuscate transactions.

One use of cryptocurrency may be for money laundering. In August 2023, the UK’s Financial Conduct Authority (FCA) set out its expectations for UK cryptoasset businesses complying with the Travel Rule. From 1 September 2023, cryptoasset businesses in the UK are required to collect, verify and share information about cryptoasset transfers. The Travel Rule’s objective is to make it harder for criminals to use cryptoassets for illicit activity. The UK government also noted, in the context of wider reforms to financial crime legislation, that cryptoassets feature in a small but growing number of terrorist investigations. According to a report by blockchain analytics firm Elliptic, terrorist financing has been observed in more than 30 cryptoassets.

A key and geographically agnostic type of financial crime is environmental, social and governance (ESG)-related crime. ESG considerations are increasingly incorporated in financial crime systems, as firms become more cognisant of the connection between illicit trade practices and crimes such as money laundering, modern slavery and human trafficking. The Financial Action Task Force’s (FATF’s) report on ‘Money Laundering from Environmental Crime’ flagged that a number of countries erroneously assumed that a lack of domestic natural resources or environmental crimes means that there is no apparent need to assess potential money laundering threats from such crimes. The FATF encouraged the private sector to detect illicit flows from environmental crimes by being alert to various red flags, including frequent payments from companies in the logging, mining or waste trade sector to individuals or beneficiaries unrelated to the legal person’s activity or business. Interpol and the UN’s Environment Programme estimate that environmental crime is the world’s fourth-largest criminal enterprise. Compliance is again hampered by regulatory fragmentation, albeit there are initiatives underway that may address that – such as the European Union’s (EU’s) efforts toward a new Convention on the Protection of the Environment through criminal law.

The impact of financial crime is severe. Direct losses can amount to hundreds of millions and reputational damage to firms, while the aftermath can be felt for a long time – according to IMF data, banks involved in money laundering suffer more than a 15 percent drop in equity prices. What, then, are the themes that emerge from such typologies?

Compliance is not, and cannot be, immune to geopolitics. Professionals should be mindful that, in an era of protective policies by states and tensions in different geographies, horizon scanning is more critical than ever. Using sanctions as an example, current trends have shown that the US and the UK will often operate in lockstep in terms of designations. Similarly, there are commonalities in business sectors that the UK, the US and the EU will target. Geopolitical concerns have also been explicitly acknowledged in the imposition of sanctions. For example, an amendment to the US’ Export Administration Regulations in 2020 restricted exports of China, Russia and Venezuela to combat efforts by entities in those territories to use technology contrary to US national security interests. The recent reintroduction of sanctions against Iran and the lifting of sanctions against Venezuela is a further illustration of the need for professionals to have a dynamic understanding of foreign policy.

Screening tools alone are insufficient in terms of ensuring that a firm has a holistic understanding of its exposure to sanctions. Knowing which areas are or may be the focus of sanctions is paramount, as is monitoring judicial developments. The complexity and evolution of these developments is illustrated by a recent decision of the UK Court of Appeal, which sent ripples through the business community and ignited discussions as to whether all firms in Russia could be deemed controlled by President Vladimir Putin. Subsequent guidance issued by the government sought to clarify that it makes no presumption that a private entity is subject to such control merely because that entity is based or incorporated in Russia. A subsequent decision by a lower court has provided further clarification on how the Court of Appeal’s decision is to be interpreted and applied.

Evolving typologies of financial crime require an evolving response. Traditional systems may be, on their own, unfit for an era of cryptoasset-centric transactions, algorithmic trading and increasingly complex regulations. It is critical that firms have access to real-time information. Moreover, staff may need to upskill in order to effectively tackle sophisticated fraud. Artificial intelligence (AI) will play a critical role in levelling the playing field here. AI has the potential, through its enormous data processing capabilities, to enable firms to detect fraud efficiently and expeditiously.

Supply chain risk should be an integral part of a firm’s approach to financial crime compliance. Teams need to regularly assess what nexus the firm may have to jurisdictions implicated in sanctions, forced labour or other areas of concern. The bilateral imposition of restrictions on sensitive technology imposed by the US and China, for example, illustrates that the acquisition of materials, such as chipmaking metals, will require an analysis to confirm whether export control rules may be triggered.

Geopolitical turmoil shows no sign of abating. The recent expansion of the BRICS organisation may indicate that further divergence is expected.

AI solutions will increase in popularity. It is likely that such solutions, once they are sufficiently robust, will improve firms’ ability to tackle evolving typologies of crime and ever-expanding data sets. However, such solutions may involve significant spending; it may therefore be the case that larger organisations will be more willing to invest resources in order to integrate AI. There are separate important considerations in connection, for example, with the processing of personal data and the quality of results that an AI product may be able to provide. As it stands, any AI-derived analysis would still require interpretation and contextualisation in order to ensure that the right answer is reached.

Professionals in financial crime compliance who are already working hard to keep the ship afloat, should perhaps pay heed to another of the Bard’s plays and stiffen the sinews as their work becomes ever more critical in ensuring that the firm is able to operate in accordance with its obligations.

 

Menelaos Karampetsos is an associate at Brown Rudnick LLP. He can be contacted on +44 (0)20 7851 6181 or by email: mkarampetsos@brownrudnick.com.

© Financier Worldwide

BY

Menelaos Karampetsos

Brown Rudnick LLP

©2001-2024 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.