KYC360 Exclusive: Tom Keatinge on FATF, Terror Finance and the Misplaced ‘Obsession with Transparency’
07 Nov 2019

In this exclusive interview KYC360 talks to Tom Keatinge, Director of the Centre for Financial Crime and Security Studies at the Royal United Services Institute (RUSI) in London, where his research focuses on matters at the intersection of finance and security, including the use of finance as a tool of intelligence and disruption.

Tom has a Masters in Intelligence and International Security from King’s College London, where his research focused on the effectiveness of the global counterterror finance regime. Prior to joining RUSI in 2014, he was an investment banker for 20 years at J.P. Morgan.

You’ve been at RUSI for several years now. What is RUSI’s interest in financial crime and what role does it hope to play?

RUSI set up its Centre for Financial Crime & Security Studies in 2014; it will be our fifth birthday in December. We are a ‘policy-led’ research programme – in other words, our goal is to identify gaps in anti-financial crime policies at a domestic level in the UK as well as at a global level where bodies such as the Financial Action Task Force have a key role to play. Central to our work is promoting the value that public- private partnership can bring to tackling financial crime. The programme grew out of the same RUSI conference at which then-Home Secretary Theresa May talked about the ambition the UK had to set up the Joint Money Laundering Intelligence Taskforce, an initiative that has proved very successful, since it became reality in early 2015.

As RUSI isn’t a ‘market participant’, it has the benefit of objectivity. What are your observations on whether the AML war is being waged correctly. What’s working and what isn’t?

The effort to tackle financial crime has come a long way in the past five years. When we started, banks were grappling with DPAs and monitors; they were hiring financial crime compliance staff at a high pace to fill gaps and staff remediation teams; and, frankly, trying to figure out how to make up for ten years of neglect. The same can be said for governments and the key multilateral institutions like the FATF. Bear in mind, the FATF only started its fourth round of evaluations under its new effectiveness methodology in 2014 so it had little evidence as to how effective (or, as it turned out, ‘not’) the system was. The UK had no Criminal Finances Act with its UWOs and asset freezing orders; the UK anti-corruption summit had not occurred and the PSC register in the UK had not yet started. Five years ago seems like the dark ages for anti-financial crime. Today, there is a more dynamic and informed approach across the board. Does that mean the fight is being waged correctly? We would still argue that there is a long way to go. Everyone knows that doing the wrong thing efficiently is not effective – I fear that is the direction we are going in. What might change that? One thing will be critical – supervisors willing to take risks and allow banks that have proved themselves over the past 5-7 years to use some of the new tools they are developing to prove that anti-financial crime approaches that are still rooted in the 1980s need to be replaced. That is the only way we will achieve a step-change in effectiveness. Central to this will be the acceptance by supervisors that the filing by banks of fewer but better quality SARs as a result of in-house investigations is a better use of banks’ time than inundating FIUs with SARs that are based on no meaningful investigation.

RUSI has been very prominent in its analysis of TF. How is the TF threat evolving? Are there any particular hotspots? Are there any TF methodologies that really worry you because of their simplicity and effectiveness? 

If you cast your mind back to 2014, Islamic State (ISIL) was bursting onto the international security landscape. In the 2-3 years that followed, combatting ISIL financing was a central pillar of the effort to defeat the organisation. The group has now lost the lucrative territory that it controlled, but the threat has not gone. Neither has the need for finance; the modus operandi has just evolved away from ‘living off the land’ using oil receipts and taxing the population on its territory. Terrorist groups typically cut their operational cloth to match the financing they have available. ISIL will be doing precisely that. At the same time over the last few years we have seen an upsurge in lone actor and small cell attacks in London and other Western cities. After each of these attacks politicians and national leaders call for terrorist financing to be ‘cut off’ to help stop attacks. But this is naïve…. How much does it cost to hire a car and run down tourist on a bridge in a capital city or drive a truck along a crowded promenade? Next to nothing. And the funds that are used – if any are needed – are most often legitimately earned either from salaries or government benefits including student loans and welfare payments. These low/no cost attacks are the ones that are most worrying because no amount of traditional CTF effort will help. What we need to see more of is the use of financial intelligence. Just as communications data can provide a wealth of information about a suspect and their connections and activities, so too can financial data. 

The other area we are following closely at RUSI is non-jihadi threat finance, particularly related to the extreme right. We published a recent article on this topic. A key issue that jumped out at us is that this so-called ‘domestic terrorism’ is far more international (at least from a financial perspective) than you would imagine. This is something that banks, authorities and governments need to get ahead of rapidly. Fortunately, in the UK there appears to be a greatly enhanced focus on this threat; I am less convinced that this is the case elsewhere. 

Transparency International does a very good job of raising awareness of bribery and corruption risk and providing a practical tool for industry with its Corruption Perceptions Index. Do you think there is a need for a similar tool to help raise awareness of TF risk? 

I am not convinced. The FATF evaluations provide a useful guide although they are only conducted every 7-10 years. They do of course grey/ black-list countries that they believe represent a TF threat in between times. Look for example at the case of Pakistan. The other body that is seeking to show leadership in this area is the EU. You will remember the highly controversial high-risk list it published earlier this year that included not only FATF grey list countries but an additional dozen or so that were not on the FATF list. All hell broke loose and the European Commission withdrew the list, but there is a clear message in that process which is that TF risk is not *only* what the FATF defines; countries should conduct their own TF risk assessment. The European Commission determined that Saudi Arabia (for example) represents a TF risk to the EU and made that clear in its listing. I think it will be interesting to watch how the European Commission list developed when – as it will have to according to the 5AMLD – it returns. 

What are your observations on finance industry TF awareness and defences? What if anything can and should be done to improve them? 

Very mixed. Those that have hired former police or security officials tend to display considerably more awareness on TF than those that have not. In addition, those that are part of the JMLIT process (where there is a dedicated TF working group) benefit from insights that are 

not easily available to non-participants. There is a strong case for greater effort to be made to syndicate the learning that is developed through the JMLIT process. The only people who benefit from the current information asymmetry are the terrorists and other bad actors looking to identify gaps in the financial defences. Elsewhere in the world, with a few limited exceptions, finance industry engagement with TF risk is poor and awareness is very low. 

Of all the industry AML/TF defences which do you think is most defective and why? 

Without doubt the SAR/STR regime. It was designed for a different era and is simply not effective. In countries that have only a SAR regime and don’t require CTR or cross-border wire transfer reporting (such as the UK), the data that law enforcement have to draw on is almost worthless. I like to think of it as driving down the motorway, in the dark, in the fog, with the lights off, hoping for the best… 

What can you see on the AML/TF horizon? Do you think beneficial ownership transparency will have any practical impact in reducing the TF threat? 

The obsession with transparency is, in my view, misplaced. We should be obsessing about the quality of the information held in registers rather than transparency itself. Whether a register is transparent *to everyone* or is merely efficient at disseminating accurate information to those that need it for criminal investigations is a debate that has not been properly aired because those that believe in transparency at any cost (as demonstrated by the Hodge/Mitchell amendment in the UK Parliament to force transparency on the overseas territories) are dogmatic in their position. 

Sanctions are an important TF prevention tool. Do you think they work? How if at all could sanctions work better to prevent TF? 

Sanctions are here to stay. Their effectiveness is a function of the target they are trying to influence. For a territory-controlling terrorist group that does not require access to the international financial system, sanctions are merely a tool for signalling disapproval and demonstrating international unity. For a group that acts more akin to a global organised crime group, moving money around the world, sanctions may be more effective. But sanctions are only as effective as the implementers (the banks) make them and so to make them more effective, governments must empower banks via greater use of public-private partnerships. 

If you had to name one person you think has contributed more than anybody else to the global AML/TF effort who would you nominate and why? 

There are a lot of people who have pushed forward the work of their organisations in an impressive manner. In government Ben Wallace MP (former Security and Economic Crime Minister) showed a welcome commitment to the financial crime topic; there have been some strong and innovative thinkers in banks such as HSBC, Standard Chartered and Barclays; and FATF Executive Secretary David Lewis has done a good job of keeping pace with real world challenges. But all these examples are working within the status quo, not challenging and disrupting. 

The most effective impact I have seen over the past five years is from the former CEO of AUSTRAC, Paul Jevtovic, who turned AUSTRAC into an effective machine and also galvanised the SE Asia region to create the annual CTF summit with associated working groups and valuable outputs. To see the collaboration in the region that has grown out of that initiative that he drove forward from its inception in 2015 until he left to join HSBC in 2017 is very impressive. 

Download the full interview here

RiskScreen: Eliminating Financial Crime with Smart Technology

You can claim CPD minutes for this content, by signing up to our CPD Wallet

FREE CPD Wallet