Fear of enforcement uptick just compliance theatre, says AML panel

Written by Ruby Hinchliffe
11th December 2020

Anti-money laundering (AML) fines have set new records this year. Firms have parted with some $10.4 billion over breaches spanning financial crime, the Second Markets in Financial Instruments Directive (MiFID II) and data privacy.

That’s according to the latest Fenergo report. There’s been a 26% rise in fine amounts, and the volume of fines has also increased.

“Compliance doesn’t solve financial crime,” says Woolley

Fines have seen one of the most notable jumps in the Asia-Pacific region. Sitting at just $6.6 million in 2019, the region jumped to $5.1 billion this year.

“The fact that APAC has overtaken the US in terms of the value of enforcement actions for the first time since 2015 is reflective of continued shifts within the global compliance landscape,” Ellison Anne Williams, Enveil’s CEO, tells FinTech Futures.

Whilst part of this APAC figure is down to increased regulation, Goldman Sachs’ 1MDB scandal also has a lot to do with it. In America, Goldman accounts for a staggering 91% of the $7.5 billion levied against US firms in 2020.

Westpac is a second example of a particular scandal, rather than general operating failure. The Australian bank was fined just shy of a billion for processing payments on behalf of alleged child sex traffickers.

All a bit of compliance theatre?

But experts think regulators are still encouraging firms to look at anti-money laundering through a regulatory or compliance risk lens, rather than from a financial risk perspective.

“The fear of an uptick in enforcement is a little bit of compliance theatre,” says Jeremy Keuster, a counsel at White and Case LLP, on a Fenergo webinar attended by FinTech Futures.

The Financial Action Task Force (FATF) does take out “discrete actions”, says Keuster. These include mutual evaluation reports, or measures of technology and standards effectiveness.

But “without the underlying ethos to do more”, Keuster thinks it’s questionable whether these actions will really make a difference.

Rachel Woolley, global financial crime director at Fenergo, agrees that “compliance doesn’t solve financial crime”. Instead, “it’s from the top down”, she says.

Is financial intelligence the answer?

One of the ways firms and regulators alike can be more “top down” in their approach to AML is to focus on financial intelligence, rather than solely compliance.

“Financial institutions can do a much better job with good intelligence,” says Keuster. “Penalties for compliance are necessary for the government, because they have to do something, but they aren’t changing the regimes.”

With financial data, Keuster explains that law enforcement can prosecute, “rather than making financial institutions the gatekeepers for money laundering”.

Prosecution on an individual level is something Woolley agrees on. She points out that the average individual fine this year was just $20,000.

“Either the individuals aren’t senior enough, or they are, but these penalties aren’t making much of a dent their paychecks.”

Complexity vs collaboration

AML breaches like Goldman’s international 1MDB scandal have seen local regulators issue separate fines, border by border.

But as Graham Barrow, presenter of ‘The Dark Money Files’, points out on the Babel panel: “Complexity is the friend of the money launderer”.

The US can bypass border restrictions to some extent, because its currency is global. But in the Netherlands and Belgium, banks are asking regulators’ permission to share AML data with each other.

“The current system doesn’t work,” says Barrow. “We fundamentally need to re-think it.”

Woolley thinks “collaboration needs to happen more”, as opposed to multiple fines. “Regulators haven’t worked together,” she says.

“This is a cross-border problem and it would be far more powerful if they work together.”

Juice has to be worth the squeeze

Of course, this is easier said than done. The supervisory regime “is really up against it”, according to Keuster.

Workers from an audit background find it hard to spot behavioural bad acts in a process-driven workflow.

“Enforcement actions take resources,” explains Keuster. “So, the juice has to be worth the squeeze.”

A regulator needs to return more through fines than what it spends on the investigation. In the US, penalties relate to the institution’s size and transaction volume.

Which means authorities tend to go after the larger firms which have the money to cough up.