When it comes to complaining about the cost-benefit analysis around AML regulation (ie, costs but no benefits), I am first in the queue. But it is interesting to reflect on what mechanisms there might be available to institutions to take some of that costs and use it to obtain organisational benefits, part of what I’ve taken to calling the Digital Due Diligence (DDD) replacement for the current analogue/digital mishmash of Customer Due Diligence (CDD).
The good people at Banking Circle published a white paper about this in May. The paper “Better By Design? Rethinking AML for a Digital Age” looks at a variety of means to make AML not only more efficient but also an element of competitive strategy for financial institutions. I strongly agree with what their CEO, Anders la Cour, writes in his introduction: “Indeed, far from being a burden, the right approach to AML can be an enabler – driving efficiencies and leaner processes, and in turn helping to create the mindset for urgent digital transformation initiatives”. What I think this means in practice is a focus on collecting vastly more data to support decisions and using artificial intelligence and machine learning to make sense of that data, technologies and activities that have wider benefits to an organisation if not confined to compliance.
That’s a good point, and it is an interesting report for many reasons, but what really stood out to me was a comment from Professor Brigitte Unger, Chair in Public Sector Economics at Utrecht University and the principal author of the European Parliament’s report on money laundering. Prof. Unger argues that previous policy approaches to AML cannot prove that they have had any positive effect. Not “some” positive effect or a “limited” positive effect but “any” positive effect at all. Any. She says that there is “no solid evidence that these approaches have achieved anything”, going on to observe that “AML regulation has a big legitimacy problem. Regulators and politicians must do more to prove their effectiveness.”
Well, indeed.
I took part in an educational and enjoyable discussion about the future of compliance earlier in the year and I remember that one of the speakers said that it was difficult to construct efficient compliance systems when no one knows where the goal posts are. I think the situation is actually slightly worse than that, because the sixth anti-money laundering directive, (6AMLD) is expanding and homogenising the list of “predicate offences” across the EU without helping anyone to figure out how to prevent (or even detect) the flows of funds.
Whether we can see the goals or not we clearly not winning at the moment since, as I pointed out in Forbes recently, the colossal expenditures on compliance do not seem to have resulted either in an increase in the amount of criminal funds uncovered. The Economist say that the numbers tell of a war “being lost”, referring to a report from John Cusack, an ex-chair of the Wolfsberg Group, an association of banks that helps develop AML standards. The report estimates some there was some six trillion dollars of financial crime perpetrated in 2018, almost 7% of global GDP, and while statistics on how much is intercepted by authorities are patchy, a decade-old estimate by the United Nations Office on Drugs and Crime put it at just 0.2% of the total. I’d be surprised if it is that high.
It isn’t only financial institutions being forced to shell out for 6AMLD, because it expands on the number of crimes that are categorised as money laundering. It attempts, in particular, to target the use of property transactions to facilitate money laundering and “aiding and abetting, inciting and attempting” now falls under the money laundering bracket and enforces the same criminal punishment as money laundering.
Is it really worth spending all of that money in order to recover so little (i.e. zero to all intents and purposes) when the money could be spent on developing new products and services to improve the overall financial health of the nation? I think not, which is why Anders’ comments caught my eye. Making the new technologies part of a digital transformation strategy that delivers more cost-effective compliance almost as a byproduct, rather than as a compliance function with no return on investment beyond reduced fines from regulators, has to be a better way forward.
Right now, I am hearing estimates are that British banks are trying to shed something like a quarter of their compliance staff and boost their IT spending to cover for them. Perhaps this is a real opportunity for change. UKplc as a jurisdiction should rethink compliance for competitive advantage. As part of a post-Brexit project to boost British invisibles, we should take jurisdictional competition seriously and create a compliance regime built on this new technology rather than an industrial age mishmash of shaky identification documentation and millions of false positive suspicious transaction reports.
Snippings 