Major banking institutions have been at pains to stress their determination to overhaul their ability to combat financial crime of late – following a string of high-profile corruption scandals. Unfortunately, these claims appear to be words without substance after a disturbing tale of leaked documents, dirty money, and international crime emerged – one that sounds more like something from a Netflix crime drama than the world of regulatory compliance.

Leaked documents paint a worrying picture

More than 2,500 files from FinCEN (the US Financial Crimes Enforcement Network) have been leaked – including internal bank data, public records, Freedom of Information Act filings, public records lawsuits, and requests for federal courts to unseal records.

The murky information within reveals how some Western banking giants have been moving trillions of dollars in suspicious transactions, which originate from drug cartels, organised crime groups, and corrupt leaders – money that is funding some of the most nefarious activities you can imagine: war, terrorism, human trafficking, drug trafficking, modern slavery. All laundered clean through these banks, despite the regulatory and legal compliance obligations that are in place to stop it.

Even more concerning is the banks complicity in this. Rather than complying with the law, some have repeatedly processed transactions from clients that had been flagged with Suspicious Activity Reports (SARs) – ignoring warnings and sanctions from US regulators in the process.

From reputational risk to reputational suicide

The actions of the banks identified in the leaked documents have severely compromised their reputation at a time when traditional financial institutions are already under the microscope – and now Britain’s banking system, in particular, is in sharp focus: over 3,000 British companies were named in the leaked SARs – more than any other country in the world. This unwanted tag is damaging the UK's international reputation. For example, a leaked report from the US Treasury has labelled Britain as a "higher-risk jurisdiction", comparing it to notorious financial centres "such as Cyprus" in its role.

This is corruption on a global scale, stretching far beyond just the shores of Britain. From Ukraine to the US, Turkey to Turkmenistan, the magnitude of the laundered trillions is mind-boggling. The banks identified in the FinCEN Files frequently processed suspicious transactions for companies registered with addresses in the UK, US, Cyprus, Hong Kong, UAE, Russia, and Switzerland – without knowing the ultimate owner of the account. If laundering profits from drug wars and fortunes embezzled from developing countries wasn’t bad enough, these financial institutions were warned of their actions by their own employees’ – but chose to turn a blind eye. By facilitating money laundering they can also be accused of accelerating economic inequality, draining public funds, undermining democracy, and destabilising nations – none of which are top of the to-do list when it comes to building consumer trust and confidence.

The impact on the banks named in the leak was immediate: HSBC's share price fell to its lowest level since 1995 amid the allegations – in Hong Kong, shares dropped more than 5.3% and in London, they fell by a similar amount.

How was this possible?

If consumer trust in the financial services sector was already fragile, it has been shattered by these revelations – which poses the question: how was this possible in the first place, given the banks regulatory and legal compliance obligations around anti-money laundering? After all, financial services institutions have a legal responsibility, as well as a moral responsibility, to prevent this from happening.

Banks are meant to be the first line of defence against suspicious transactions and money laundering. However, the laws that were supposed to prevent financial crime have instead allowed it to flourish – and some have been quick to cash in. Without adequate supervision and accountability for these institutions and their employees – who are often left to make sense of vast numbers of transactions using limited resources – they have little incentive to prevent suspicious activity. This creates an unhealthy environment in which SARs – and other safeguards – become hollow deterrents that can be easily exploited by criminals. While the banks view them as a kind of get-out-of-jail-free card, having chosen not to halt the suspicious activity they have already flagged.

These blatant failures are made more concerning when we consider the sweeping powers banks have at their disposal to investigate potential and existing account holders – and their inability to deploy them effectively. The leaked FinCEN Files reveal that some financial institutions fail to perform even the most basic due diligence checks on new customers, such as verifying where a business is located. These unacceptable oversights provide criminal organisations with a foot in the door; allowing them to hide behind shell corporations that have been registered without the necessary details – and ultimately infiltrate their criminal proceeds into the global financial system.

Driving cultural change

The question should be asked: do these banks care about reputational risk? After all, this is the latest in a long line of crises and scandal that have left consumers with a sour taste in their mouth – and few would bet on it being the last. Acknowledging a mistake and claiming your culture will vastly improve as a result is the easy part of the recovery process; actually doing something about it appears much harder. Some might suggest that the consistent failure to improve values and behaviours is indicative of a banking culture that is as economically driven as ever.

Any industry – and businesses therein – with anti-money laundering requirements can learn important lessons from these examples of cultural inadequacies. This should inspire a drive for cultural change and a standard level of ethical behaviour that is underpinned by transparency. Unfortunately, anti-money laundering programmes are often stifled because they operate as silos. This prevents relevant people from viewing crucial data in a reasonable timeframe and a comprehensible manner – isolating the risk and leading to mistakes. To overcome this common problem, businesses must implement proactive measures that support the transparent flow of information across the organisation – empowering the right people to make the right decisions at the right time.

Once a proactive compliance culture has been embedded in an organisation, it will be well-placed to implement robust risk management controls – from compliance management capabilities and incident reporting and monitoring tools to IT risk management platforms. Without the necessary culture required to drive these controls and make them meaningful, they will remain ineffective.

Camms can help your business to integrate robust risk controls and make informed decisions using solutions that provide a comprehensive approach to governance, risk and compliance. For example, through Camms Partner Network we can offer world-leading regulatory content and regulatory intelligence feeds integrated into Camm.Risk, to offer a rich repository of information – ensuring you remain up to date with changing rules and regulations.

Find out more about how Camms support our financial services customers and request a demo call today.

Beau Murfitt
Chief Strategy Officer

LinkedIn: https://www.linkedin.com/in/beaumurfitt/