Why the COVID-19 crisis poses such a compliance challenge for banks
In times of crisis, we often see the best of people, with selfless and heroic individuals doing all they can to alleviate the suffering of others. Unfortunately, there are also people for whom crisis brings out the worst – they exploit the weaknesses and vulnerabilities that emerge for their own advantage. So it is that financial regulators and policing groups across Europe are warning that the COVID-19 pandemic poses a risk of escalating crime, from cyber attacks to fraud.
The banking sector must therefore be on its guard during this difficult period. Its due diligence responsibilities remain as demanding as they have always been, but may now be tougher to fulfil. In this context, know-your-customer (KYC) procedures, anti-money laundering (AML) processes, corruption controls and other tools in the fight against financial crime are all more important than ever.
Threat level high
The challenges will be numerous. For example, some banks are already logging very different patterns of behaviour from their customers, which in ordinary times might signal suspicious activity. Customers stuck largely at home may make much more sizeable cash withdrawals than usual, or engage in a much broader range of digital transactions. In these circumstances, identifying questionable activity without impeding customers already struggling to adjust to the crisis may be difficult.
In other cases, customers whose behaviours haven’t changed may give compliance cause for concern. Banks know well that high-cash businesses such as restaurants and certain types of retail outlet are a favoured channel for money launderers. Businesses that now continue to deposit sizeable cash sums despite being closed because of COVID-19 may require further investigation.
Some of these businesses, of course, will be receiving emergency support from the various stimulus packages unveiled by governments around the world. But with so much money injected into the economy – the UK alone has announced a £330bn bail-out – some criminals will inevitable see opportunities to take advantage. Banks will be expected to demonstrate they have robust processes in place for ensuring that financial flows are legitimate.
In fact, compliance with money laundering regulation is becoming increasingly difficult, with ever larger volumes of cash withdrawals taking place around the world, a significant increase in the use of mobile banking tools and a flow of cash into virtual currency. Any bank with AML or KYC weaknesses is now at a much-increased risk of being caught out by an inability to properly monitor transactions and customer behaviours. The risk of regulatory sanction and reputational damage is very real for such organisations.
The rise of remote working brings another potential headache for compliance. Both banks themselves and their business customers now have to work out how to keep their AML and KYC obligations at the top of the agenda amid the challenges of virtual client contact and customer onboarding. In the effort to maintain productivity and efficiency, there is a danger that standards slide, and rogue individuals slip through the net.
The list of issues to contend with goes on and on. Banks must be aware that their customers are highly vulnerable to an increase in frauds such as phishing, with fraudulent emails up more than 600% since the end of February according to some reports. Other types of cyber crime are also surging – there was a 56% increase in ransomware attacks in February, for example.
The power of technology
The reality for banks and other financial services businesses is that manual processes and workflows will very quickly be overcome by the threats now posed on so many different fronts. Maintaining the quality of due diligence will be almost impossible without a technology-powered response, particularly as compliance staff fall sick or are required to self-isolate.
For this reason, banks now, more than ever, need sophisticated compliance tools powered by technologies such as automation, machine learning and artificial intelligence. The importance of good data analytics tools is almost impossible to exaggerate.
At the same time, simplicity and consistency will be important too. Banks that operate through a single platform that standardises their approach to KYC, AML and other types of due diligence will ensure they are embedding best practice throughout their businesses, while maximising efficiency and effectiveness. These platforms also provide crucial record-keeping and reporting functionality, enabling banks to provide regulators and other third parties with clear audit trails.
This is not to suggest that the banking sector must now embrace a one-size-fits-all approach to regulatory and compliance technology. Inevitably, individual banks will have their own specific requirements and priorities; platforms that offer flexible and extendable functionality will therefore be vital.
The goal is a technology-driven response to the mounting and evolving threat – that is systems and processes that will not be overwhelmed by the potential chaos that the COVID-19 crisis threatens. Human intelligence will remain crucial too, of course, but smart use of technology will enable banks to deploy their regulatory and compliance experts to maximum effect.