As the regulatory landscape is more complex than ever, the definition and scope of Financial Security can be difficult to figure out. Why is it important? What are its practical implications for financial institutions? How do financial institutions comply with current regulatory framework? Can Regtechs help? Let us dive in.
What is Financial Security?
Financial security refers to the management of risks related to illegal financial operations, should they come from clients or from internal resources.. Put it plainly, money illegally acquired should not enter the financial system, nor should money legally acquired be used for or by illegal means.
Like every security protocol, it is a chain, which relies on four main links:
Anti-Money Laundering (AML) refers to a set of procedures, laws and regulations designed to stop dirty money laundering.
For example, AML regulations, require banks and other institutions to perform Know Your Clients, Know Your Employees, Know Your Investors procedures; The ‘KYx’ list keeps growing and is not restricted to AML use.
Prior to enforcing the rules, one shall know the patterns that are used to break or circumvent them, in this case how money laundering works:
- Dirty money is obtained through illegal activities (e.g. : drug trades, deals in stolen goods, sales of smuggled goods, trade of people and organs, prostitution, assassination, crime…).
- Then, it is invested in cash-heavy businesses, such as, but not limited to casinos and bars.
- Cash is then injected in the financial system through those businesses banks, or with the direct help of a felonious employee (thus, KYE procedures).
- At that point, money is ’sanctified‘, through legal investments or expensive goods.
The reality is of course far more complex, launderers being endless innovators. However, the base principle is always the same. It has to be fought, as it allows criminal activities to perpetuate, and serves other immoral purposes, such as the financing of terrorism. The business impacts are dreadful as well: it endangers bank’s P&L, puts end client’s assets in danger and ultimately puts more regulatory weight on the financial sector.
Combatting the Financing of Terrorism consists in investigating, analyzing, deterring and preventing sources of financing for terrorist activities.
CFT laws hit terrorists in the purse by detecting suspicious financial transactions and tracking down their participants.
Terrorism financing is dual: it can be uncontaminated cash used to fund criminal activities, thus being the opposite of money laundering, or can implicate laundering mechanisms as to avoid detection, or to clean money acquired through terrorist actions.
Activities that endanger the integrity of human beings such as terrorism, and more straightforward political and economic considerations sometimes bring countries to implement embargoes. They have to be protected.
Embargo Protection refers to the set of regulations designed to ensure that. Embargoes and Financial Sanctions can apply to countries, individuals, specific activities or products. On top of protecting countries against major threats, these regulations are often used as leverage to settle geopolitical issues such as conflicts (eg. Financial Sanctions against Crimea and Sectorial Sanctions against Russia, new sanctions against North Korea) and lately as a weapon in global trade power balance.
Finally, Market operations oversight refers to laws designed to prevent markets and their participants from being abused by rogue operators: market abuse refers to the manipulations used to influence the market, hollowly increasing or shrinking the price of a security or other illegal attempts in manipulating the market for gain.
Why is Financial Security important?
Why combatting terrorism, protecting embargoes and financial markets is vital is rhetorical. The implications of money laundering for economies are less straightforward.
Money laundering, in addition to encouraging criminal activities, is a danger to financial stability: the more illegally acquired money weights in an economy, the less this economy is stable.
A simple allegory to an entire economic system would be a neighborhood. In this neighborhood compete two watch dealers. The first one launders money. The second one is driven by passion. They stand two blocks from each other. As the first one’s purpose is to launder money, it has no incentive to manage its business in an economically sustainable way. Its only goal is to sell by the number, as to maximize its laundering: it will dump prices to maximize sales, thus destroying competition (and our vintage horology aficionado). Someday, the felonious shop will disappear, leaving the neighborhood empty of its financial contribution.
The more money is laundered, the more distorted the competition is, the more illogical financial decisions from predictive models stand points occur, and the more huge sums of money disappear, putting fragile economic equilibriums at risk and making it even harder for countries to manage their economic policies.
Why is Financial Security’s importance for financial institutions increasing?
There are various types of risk involved in case financial security legal requirements are not observed:
- First, reputational risk: in our social networks era, information goes fast, and its effects, should they be positive or negative, are strong: the risk of “bad buzz” induced by an adverse news is a serious matter for banks (eg. the ‘Panama Papers’ chapter in 2016, when international media targeted several large international banking groups), especially when their historical monopoly is questioned by user-friendly Fintechs.
- Then, Legal and Regulatory risks: failure to comply with Financial Security regulations is extremely expensive, with related fines growing exponentially:
The lack of compliance with financial security requirements can also cause criminal penalties against companies and directors, as well as administrative sanctions.
How do financial institutions protect themselves from Financial Security breaches?
Financial Security enforcement relies on a complex and transnational set of rules and laws, led by UN’s international Financial Action Task Force, Europe’s ESMA, EBA and EIOPA, and the US’ OFAC.
To ensure these laws are respected, banks and other financial institutions rely on three ‘lines of defense’, oversighted by their regulators:
- The first line of defense is based on execution controls, during the trade lifecycle (pre and post trade), and is performed by the whole front to back chain.
- The second line of defense is based on the enforcement of those controls by Compliance, Risk, Legal and Tax teams.
- The third line of defense is periodic and performed by internal auditors as well as the Inspection Générale.
To be able to fulfill their duty, these lines of defense need to be trained and guided by a strong internal framework within the organization. As regulatory requirements pile up, organization such as financial institutions rely more and more on specific tools that are implemented to support operational efficiency and prevent and detect potential issues in the same time.
Can a Regtech improve Financial Security strategies?
Identity management and security through cryptography, distributed ledger or biometrics, automated monitoring of client activity through advanced analytics, fraud research platforms through cognitive computing, many Regtechs are specialized in AML and market abuse oversight. They are rebuilding the traditional financial regulation landscape. For example, rather than relying on pre-existing rules to perform enhanced transaction filtering, they compare individual transaction patterns to large sets of historical data to identify abnormalities.
Where current technologies focus on improving detection capacities of existing pre-configured tools (for instance reducing ‘false positives’, i.e. false alerts triggered by a money transfer to a client based rue de Téhéran in Paris), RegTechs specialized on transaction monitoring and identity management are about to re-conceptualize the whole Front-to-Back process, thus cost-optimizing procedures. One of these startups, Cardabel, was interviewed in one of our previous article.
Very aware of those transformations in the way AML and CFT processes are implemented and managed, European Regulators are open to those compliance opportunities but will also be very cautious in the oversight of those means – that will become standard in the future-, as stated in a recent opinion from the joint committee of the European supervision authorities.
How can Headlink help?
Headlink has developed over the years a solid and recognized expertise in strategic regulatory transformations. We successfully implemented numerous compliant and cost-effective regulatory plans and processes. We are always looking for new ways to help our clients make strong and innovative decisions, regularly exchanging with historical and new actors in our intervention areas. As Headlink is strengthening its Financial Security offer, our objective is to help you deal with these comprehensive topics’ complexity, specifically by taking advantage of suitable transformation opportunities.
Do not hesitate to contact us, should you be interested in elaborating your Financial Security strategy.