Hong Kong regulators take a positive view of RegTech, the UK faces a fraud epidemic, and the Biden administration reviews its regulatory options on cryptocurrencies.
We share our financial crime regulatory highlights from the week of January 25, 2021.
Hong Kong Publishes RegTech Adoption Study
The HKMA (Hong Kong Monetary Authority), the jurisdiction’s lead financial services regulator, has recently published a new report investigating the ways in which Regulatory Technologies (RegTech) can be deployed to enhance the private sector’s Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) controls.
Based on a collaboration with Deloitte, the professional services provider, the report follows up on HKMA’s inaugural AML/CFT RegTech forum, held in November 2019. This new report explores developments in three categories of financial service adopter identified during the Forum: accelerators, who were at an early stage of deployment of RegTech solutions in AML/CFT, enablers, who were continuing to explore the potential of such solutions, especially with machine learning, and collaborators, who had the more advanced experience of AML/CFT RegTech usage.
The report suggests that there has been substantial progress since the end of 2019, and that the adoption of RegTech solutions specifically for AML/CFT is “generally more mature than in some other risk disciplines.” The report suggests that 80% of all ‘accelerator’ Financial Institutions (FIs) are now actively using AML/CFT RegTech, while 77% of ‘enablers’ were developing plans, ‘proofs of concept’ or even making initial deployments.
To illustrate the point, the report features several examples of FIs using RegTech techniques such as Robotic Process Automation (RPA), supervised machine learning, and Social Network Analytics (SNA) to improve vital AML/CFT processes, ranging from Customer Due Diligence (CDD) and screening to transactions monitoring. The general finding of the report is that the introduction of RegTech solutions can have an impact on both effectiveness and efficiency, with one case study involving the use of machine learning in screening processes reducing the need for manual reviews by 35%.
The report also highlights the activities of ten ‘collaborator’ FIs – also part of the Fraud and Money Laundering Intelligence Taskforce (FMLIT), the jurisdiction’s Public-Private Partnership – which have worked with HKMA throughout 2020 to create a framework of basic requirements – technical, structural and skills-based – that support the successful deployment of RegTech solutions. A study looking at the key themes of this project will be issued later in the year.
In the meantime, the current report also provides practical guidance for FIs looking at AML/CFT RegTech adoption, stressing the importance of data readiness, the benchmarking of what ‘success’ looks like, and the nurturing of the right skill sets and culture. At the launch of the report, HKMA Chief Executive Arthur Yuen noted that its “case studies show the importance of early and continuing stakeholder buy-in; interdisciplinary adoption teams…[and]…forums to share views and experience.” The report also noted – importantly – the need for strong and reliable third-party vendor relationships with credible RegTech providers.
Yuen said that in light of the ongoing positive developments in the field, “the adoption of Regtech for AML/CFT will continue to be a strong focus in the HKMA’s supervisory engagement with the industry,” over the coming year. This powerful endorsement, from one of the most innovative regulators, is likely to provide further encouragement within and beyond the jurisdiction for those FIs looking at whether to explore the potential of RegTech.
UK Reports Highlight Fraud Threat
Two recently published reports have argued that the UK faces growing problems with the scale of fraud, and its capabilities to tackle the challenge.
According to ‘The Silent Threat: The Impact of Fraud on UK National Security’, a new report from the London-based think tank, the Royal United Services Institute (RUSI), fraud has now “reached epidemic levels in the UK”, with fraudsters even offering “crime subscription services,” for some types of fraud.
Analyzing figures from the 2019-20 Crime Survey, the report identifies 3.7 million incidents of fraud in England and Wales alone, most typically credit card fraud, identity theft, or cyber-related criminality, making fraud the crime UK citizens are most likely to experience. The report also assesses that fraud is generating escalating costs to business, estimated to be around £140 billion per year, and to the public sector, estimated to fall somewhere between £31-48 billion per year, around the value of the UK’s national defense budget.
According to RUSI, the UK fraud epidemic is now a national security issue, not only because of its scale, but because of the sources from which it emanates. The report notes that the UK has become a primary fraud target for international Organised Crime Groups (OCGs) and terrorist networks, citing one case where Islamic State activists defrauded UK pensioners out of £1 million to support funding for travel from the UK to Syria and Iraq. The fraudsters impersonated police officers and gained access to account funds by telling their targets that their accounts had already been compromised.
RUSI also believes that at its current levels, fraud has “the potential to disrupt society…by psychologically impacting individuals, undermining the viability of businesses…[and]…putting pressure on public services.” It further undermines the UK’s reputation as a secure place to do business, which is a particular concern as the country seeks to build wider global economic relationships after its departure from the European Union (EU).
A separate report, the UK 2020 ‘Fraud Barometer’ from professional services provider KPMG, has also recently been published. At first glance, it provides a slightly contradictory picture to RUSI, noting that by value, fraud cases that passed through UK courts in 2020 were down 36% by value on the previous year, at £724 million, and that the volume of fraud cases had decreased by 51%. However, as the Barometer notes, their figures do not reflect broader levels of societal fraud “but rather fallout following the COVID-19 lockdown restrictions on the courts.” Indeed, the paper also notes that certain types of fraud cases had risen by value during the pandemic, including a 200% increase in procurement and 675% increase in loan and mortgage fraud.
Both reports, therefore, acknowledge the need for renewed action to tackle the fraud challenge in the UK. For RUSI, part of the answer lies in the development of a national fraud strategy, and its integration into the country’s national security structures. The police and National Crime Agency (NCA) should enjoy better resources, and the UK intelligence agencies should play a greater role, with intelligence directly from the National Security Council (NSC). The authors of the report note that this is one way in which to address the “responsibility vacuum” around fraud, where the crime is “everyone’s problem but no-one’s priority.”
Nonetheless, RUSI also argues strongly that an effective response to fraud will need the full and close cooperation of the private sector, enhancing the role of Public-Private Partnerships (PPPs) and the opportunities they bring for intelligence and knowledge sharing between the sectors. The private sector will also need to increasingly focus on ensuring that their own financial crime controls and platforms are agile and flexible enough to handle the scale and fluid character of the threat.
Biden Administration Takes Stock on Crypto
On January 26, the US Treasury’s Financial Crimes Enforcement Network (FinCEN), the US Financial Intelligence Unit (FIU), announced that it would further extend the comment period on a proposed new rule on crypto wallets and Customer Due Diligence (CDD).
FinCEN originally issued a ‘Notice of Proposed Rule-Making’ (NPRM) on the subject under the Trump administration in December 2018. The proposed changes put forward by then-Treasury Secretary Steven Mnuchin stated that AML/CFT obligated Financial Institutions (FIs) would need to record and/or report transactions over certain thresholds involving private or ‘unhosted’ cryptocurrency wallets, or wallets hosted by an FI in a high-risk jurisdiction identified by FinCEN.
The new rule has proved highly controversial amongst the Virtual Assets (VAs) community, because of technical difficulties it would create for ‘smart contracts’ and other aspects of Decentralised Finance (DeFi) that do not have collate user names or other identifying information. Earlier in January, FinCEN had already responded by providing additional time for comment, and following FinCEN’s new Extension Notice, a further 60 days have been allowed.
Although the extension of the consultation period is not necessarily significant in itself – the Biden administration has already placed a regulatory freeze on all proposed new rules across the board – it will also provide an opportunity for the new Treasury Secretary, Janet Yellen, the former chairperson of the Federal Reserve Board (FRB), to take stock of her position on cryptocurrencies.
Some observers expect a positive change in governmental attitudes. Posting on Twitter, Jake Chervinsky of the Compound Finance General Council commented that “we fought hard & earned the right to take a breath & reset. Janet Yellen isn’t Steve Mnuchin. I’m optimistic.” Whether this will prove justified is not clear as yet, as the new Treasury Secretary appears to have a nuanced position on VAs. During her Senate confirmation, Yellen commented that she found “cryptocurrencies…of particular concern” because of their potential role in facilitating crime and terrorism, but in additional written testimony, she also noted their potential “to improve the efficiency of the financial system.”
The comments come at a time of positive market news for cryptocurrencies and indications that the criminal abuse of such assets is less rampant than previously feared. In its 2021 Crypto Crime Report, Chainanalysis, a blockchain analysis company, has found that the proportion of crypto activity linked to known criminality fell from 2.1% of transaction volumes in 2019, or roughly $21.4 billion worth of transfers, to just 0.34%, or $10 billion, in 2020. This is particularly good news, as it suggests that the criminal abuse of crypto is declining, even as the overall scale of the crypto economy is growing.
The combination of the extended consultation, Yellen’s balanced comments, and the good news from the ‘frontline’ of financial crime risk management are thus positive signals for the industry in the US. The federal government is open to debate on how best to regulate the world of VAs, and wants to hear from those that know it well. Nonetheless, to get the best out of this dialogue VA service providers of all types will need to accept that AML/CFT regulation is necessary and that if they are to thrive, they will need to find ways to combine innovation with the needs of social and legal responsibility.