“Who are you really working for? Is it the regulators or the victims of crime?” That was the call to arms laid down by financial crime expert and author, Oliver Bullough at Dun & Bradstreet's Power of Data event. Oliver presented a brief history of anti-money laundering (AML) and then set the scene for how compliance officers can get ahead of the criminals.
According to detectives Oliver has interviewed, the iconic TV show Miami Vice was, “as much a documentary as a drama”. Laundering drug money in Florida in the early 80s was as easy as walking into a bank with a bag full of cash. It was also the time that federal regulators started to fight back – passing bills such as the Money Laundering Control Act which introduced mandatory reporting of transactions over $10,000. This started an arms race between criminals and law enforcement that is still raging to this day. Each time a new law is passed, criminals find a new loophole that allows them to stay half a step ahead. “Criminals have an advantage – because they’re criminals”, says Oliver. “They can share or hide as much information as they like. They are borderless in a way that police officers are not.”
The answer, according to Oliver is data. “We need huge, connected databases that let us look across borders and see ultimate beneficial ownership (UBO) structures and what is hidden behind shell companies and chains of shell companies. However, what we’re currently seeing is the opposite”. Although regulators around the world continue to pass laws that aim to get ahead of criminals, it is often a case of ‘two steps forward, one step back’. A recent example of this is the EU ruling that made it harder for businesses to access UBO databases in other countries. Winning the arms race requires a coordinated effort between regulators and law makers – but the front line will always be compliance managers.
“Compliance officers need to approach the problem with the same creativity and cunning as criminals. They also need access to data and analysis tools to support them,” said Oliver. To talk more about this, Oliver was joined by Neil Isherwood, one of Dun & Bradstreet’s credit risk & compliance experts. Neil offered three tips for businesses on how to use data more effectively for Know Your Customer (KYC) and third- party risk and compliance management .
Neil’s first tip is to minimise the ‘busy work’ that can swallow so much of compliance manager’s time. Chasing, sorting, cross-referencing, and standardising data – in different languages, formats, and platforms – from dozens or even hundreds of data sources can take a lot of time and money.
To use your time more effectively, find a global data provider that can take care of that foundational work and provide you with standardised data as a starting point. That way, you can focus on analysing, identifying and mitigating compliance risk. It’s also important however, that your provider has the local expertise to put data into your local context and make sure that what you do complies with your local regulations.
Tip number two is to use a broad range of data sources to create the context needed to spot suspicious activity. This is because the vast majority of financial crime operates in networks of entities and shell companies. Money launderers are skilled at making transactions blend in with the millions of others that happen daily. But by using more sources of data to generate more context – it becomes easier to identify patterns. For example, if a software development company in one country sends large sums of money to an agricultural supplies company in another country – that was only incorporated two months ago – it might need further investigation.
“The important thing is not to think like a compliance officer defending the financial system – but to think like someone who is defending the victims... because they are depending on you.”
Neil’s last point is one that is becoming increasingly important as regulators continue to increase the burden of responsibility on companies for what their partners, suppliers and customers do. It’s no longer enough to do due diligence at the onboarding stage and consider the job done. If the status or risk profile of a partner, supplier, or customer changes at a later date – you are still responsible to know about and act upon it. That’s where perpetual KYC and always-on compliance monitoring comes into play. By ensuring that the data you rely upon is “live” and constantly updated, you can maintain a clear view of risk and set alerts or triggers to inform you if anything of note should happen.
Oliver ended his keynote by reinforcing the role compliance managers must play. “Regulators and law enforcement play crucial roles in preventing financial crime. But at the end of the day, it is you who is on the front line.The important thing is not to think like a compliance officer defending the financial system – but to think like someone who is on the front line, defending the victims of the kleptocrats and the drug traffickers – because they are depending on you.”
Stay compliant with real-time monitoring, eliminating the need for periodic reviews. Discover streamlined compliance and accelerate third-party risk management with D&B Risk Analytics Compliance Intelligence. Optimise your compliance processes by combining unrivalled UBO data coverage with a policy-led risk engine. With highly configurable workflows, D&B Compliance Intelligence offers real-time KYC monitoring. Swiftly verify, assess, and monitor entities, including beneficial owners.