RegTech is about much more than compliance.
Failing to screen customers leaves your business open to a host of consequences, from fines and reputational damage to the criminal prosecution of staff and directors.
Breaching sanctions— by doing business with a sanctioned individual or entity—is a criminal offence in almost all jurisdictions. In the UK, for example, prison terms of up to seven years can be imposed, in addition to the ability of regulators to levy fines of up to £1 million on individuals and organisations deemed to have breached sanctions or to have failed to take precautions to prevent such a breach.
Increasingly, these harsh penalties are also being applied by regulators and prosecutors to those businesses which fail to properly risk rate their customers. In certain cases, regulators don’t even need to demonstrate that an organisation had ‘reasonable cause to suspect’ it was doing something wrong—only that its controls were insufficient to prevent criminality.
In 2014, the New York Department of Financial Services fined Standard Chartered Bank $300 million only two years after a penalty of the same amount was imposed for the bank’s role in facilitating the breach of US sanctions against Iran. The second fine was imposed because of the Bank’s ‘fail[ure] to detect a large number of potentially high-risk transactions for further review’—no actual criminality was identified. The Bank had promised, as part of its remediation after the first penalty, to improve its due diligence procedures. It had not done so sufficiently, and this was a failing for which US regulators determined, as the NYDFS Superintendent at the time emphatically put it, ‘there should be consequences’.
RegTech is about much more than compliance. It’s about helping fight terrorism, human trafficking and the drugs trade, by tackling the way criminals finance their operations. Having instant access to the best, most recent data allows companies to stay one step ahead of criminals, rather than be several paces behind them.
From violent drug traffickers, to fraudsters targeting vulnerable people in online scams, the ability to move illicit money without getting caught is central to a vast range of criminal activity. If your business enables it, you are facilitating the movement of money which may ultimately result in great human suffering (this conclusion was at the heart of a $1.9bn fine imposed on HSBC bank in 2012 by the US for laundering money belonging to Mexican drug cartels).
Breaching financial sanctions can also have a profound impact on international politics.
As the UN recently reported, North Korea has been able to continue to fund its nuclear programme by means of a sophisticated network of shell companies and money laundering techniques, through which North Korean businesses are able to continue trading with the rest of the world.
Screening is not a panacea. It is a critical first step in ensuring that your business doesn’t become a conduit for criminal money.
Many banks say they’re not aware the tech is out there, but while people don’t know what they don’t know, if you’re running an organisation dealing with significant levels of funds, it should be your business to know.
Some businesses are frightened of what more accurate data might reveal about their book of business, but in the long run ignorance is not bliss. You’re much better off finding out what the problems are sooner rather than later. Senior people are starting to be held more accountable for failures to screen clients and prevent money laundering and terrorist financing, and this is a big step towards making companies embrace new tech instead of hiring more people to square the data circle.
The RiskScreen product suite provides the first end-to-end solution for management of, and protection against, financial crime. Our 3 technologies can stand alone or work together to create a full AML ecosystem for your organisation
You might also be interested in these articles: