Financial Crime: your complete guideYour complete guide to prevention through data

Financial crime is an ever-present threat for sectors and businesses across the world. For the UK alone, it costs the economy billions every year and poses risks to society as a whole. A new approach to tackling financial crime means everyone now has an important part to play when it comes to data, even those who haven’t been subject to financial crime compliance before.

The challenge of financial crime

Crimes like fraud, terrorist financing, and identity theft can ruin businesses and destroy lives. In fact, the National Crime Agency estimates that just money laundering costs the UK economy around £290 billion annually^[1], highlighting how wide-reaching the impact is and how crucial the correct prevention measures are.

Add to this the fact that new ways to commit financial crime are continually emerging and evolving – thanks to things like AI and machine learning – and it becomes clear that the fight for businesses to protect themselves and their customers is a significant one.

So how can we combat such a large challenge?

We believe the answer lies in data. By sourcing, managing, and sharing data to fill in the potential blanks or corroborate information on a customer or company, businesses can build a clear picture of a customer’s profile and risk potential, which can help stop financial crime before it even happens.

The Economic Crime and Corporate Transparency Act (ECCTA) 2023 particularly recognises the benefits of sharing data and insights peer to peer between businesses, private sector consortia and the private and public sector. By encouraging participation in such initiatives the Act clearly highlights the benefits of preventing, detecting and investigating economic crime as a collective group.

Understanding financial crime

Financial crime – or FinCrime – has devastating effects. It can:

1. Fuel other crimes

Most FinCrime doesn’t happen in isolation. Take fraud, for example. Often fraud will have been perpetrated as a predicate offence to obtain things like banking services. Once the money has been illegally acquired, it then needs to be laundered for criminals to be able to spend their ill-gotten gains.

2. Lead to a loss of revenue

Economic crime is estimated to cost the UK around £350 billion^[2], which is equal to 17.5% of the UK’s GDP. Someone is footing that bill and unfortunately, it’s innocent customers and businesses of all shapes and sizes, across all sectors.

3. Damage your reputation and bottom line

Being the victim of a financial crime can cause devastating reputational damage to your business. As well as harming the working relationships with your customers, it can lead to expensive economic consequences, such as regulatory fines and sanctions.

Types of financial crime

What’s the risk to your business?

The UK is a popular choice for criminals to undertake FinCrime activities, as setting up a business here can be quick and easy with little verification needed. In fact, in the last three years alone there’s been a sharp increase of businesses being set up with non UK-based directors and “suspicious” business addresses. This means, more than ever before, every industry is at risk.

A common misconception is that banks and financial institutions are most in danger of becoming a victim of financial crimes. While it’s true they shoulder a large part of the burden and get hit with significant fines for non-compliance of regulations, emerging reports and statistics show that all sizes of business, across every sector, are also at risk.

This means everyone now has a duty to remain vigilant and compliant with FinCrime regulations and compliance. Whether an art gallery or estate agent, if there’s a mechanism or opportunity for laundering money through your business, it is now under the spotlight.

Introducing the Economic Crime and Corporate Transparency Act

Discover more about the importance of data sharing, challenges to overcome, what we can learn from other similar initiatives, and how the importance of collaboration between UK private and public sectors. Download white paper

One of the primary purposes of the Economic Crime and Corporate Transparency Act (ECCTA) is to better detect criminal networks, prevent financial crimes and pursue the perpetrators. The ECCTA gives the National Crime Agency and Serious Fraud Office additional powers to compel businesses and individuals to provide information. Encouraging innovative data sharing between businesses, industries and law enforcement is an essential part of this.

The ECCTA establishes a framework for cross-sector data sharing, encouraging organisations to participate and provide relevant data information or suspicions when…

• A criminal activity like fraud has taken place.
• A product has been restricted or a relationship terminated as a result of suspicious behaviour.

This is set to span all anti-money laundering-regulated businesses and financial institutions, as well as other sectors such as telecommunications or retail.

Until now, it was difficult for businesses and financial institutions to share that information or any concerns, due to…

• Privacy and data concerns
• Reluctance of sharing data that could impact a competitive advantage
• No way of sharing information in a consistent and standardised way
• Slow and untimely sharing of data from law enforcement

However, the ECCTA is changing all of this by bringing together all of these obligations, as well as Anti-Money Laundering (AML), Know Your Business (KYB), and Know Your Customer (KYC) checks, in order to create an overarching picture of a customer’s activity and risk profile.

Here’s how FinCrime data sharing works

Let’s say that a person has been identified by Organisation A as undertaking fraudulent activity. Organisation A swiftly puts a stop to it by cancelling their account, but this situation only stays with them as all the data and evidence of fraud is logged within their in-house system.

The person then went over to Organisation B and successfully opened a new account. All the due diligence checks came back clear, so Organisation B had no reason not to accept them as a legitimate customer. The new account in turn allows them to continue their criminal activity.

Now, imagine if Organisation A was able to share that data on the person’s fraudulent activity with Organisation B, resulting in the person being refused a new account. Not only would it save Organisation B’s financial crime teams the time, resource, and hassle of detecting the fraud, but it would also help put a stop to the illegal activities being committed through the financial institution.

This is exactly what the ECCTA aims to do.

By ensuring Organisation A shares information with Organisation B, they can better detect crime before it happens.

What kind of data will be shared?

Until the introduction of the ECCTA, most UK banks and financial institutions would use complex transaction monitoring as a key deterrent in their fight against FinCrime. The primary goal would be to assess risk, uncover a potentially criminal customer, and identify suspicious behaviours and they would do this be adhering to strict AML obligations such as:

• Customer due diligence to verify the identity of their customers and understand the nature of their business.
• Regular ongoing monitoring of customer transactions to detect unusual or suspicious patterns and activities.
• Prompt suspicious activity reporting of money laundering to the National Crime Agency^[3].
• Current Account Turnover data to assess the total inflows and outflows for a business across any current account and establish what is considered ‘normal’ account activity.
• Multi-source data corroboration to validate that customers are presenting themselves consistently across various data sources, effectively meaning they are who they say they are.
• Robust internal training and guidance to ensure AML-regulation compliance.

ECCTA will still feature all of this data, but the real magic comes in having it in one place and accessible to all who need it.

Whose responsibility is it?

Previously, the responsibility of ensuring that a financial institution adhered to applicable laws and regulations would typically fall to the compliance department to establish policies and ensure good governance and controls are effectively implemented, with the heads of appropriate departments ultimately responsible.

The ECCTA expands the so called “identification principle” which applies in attributing liability to corporates for economic crimes. Under the new ECCTA, however, this has changed to ensure responsibility is more evenly shared. Now, senior management, the C-suite and the board can be held liable, responsible and accountable.

Sharing this burden signifies a wider cultural shift at play and ensures that compliance and FinCrime regulations are at the forefront of everyone’s minds. This means that if there’s any area of the business that could be used or exploited for FinCrime gains, it should be investigated and tightened up.

So as not to burden small businesses, the offence of ‘failure to prevent’ financial crime in the ECCTA will only apply to larger organisations which meet 2 of the 3 criteria: more than 250 employees, more than £36mn turnover, more than £18mn total assets. Despite this, strong FinCrime controls should be put in place whatever the size of your business.

How to protect your business against financial crime

Financial institutions have a key responsibility in mitigating and defending against financial crimes. However, as discussed, this responsibility isn’t theirs alone.

To protect your business, customers, and wider sector in the fight against fraudsters and cybercriminals, you should focus on four key pillars.

1. Policies and procedures

Undertake a comprehensive risk assessment and create policies from your findings. This means looking at every area of your business, from customer onboarding to transaction monitoring, reporting, and training. You should also be prepared to update your policies and procedures in line with any regulations and compliance policy changes.

2. Detection and monitoring

Fraudsters are utilising AI and machine learning to commit more sophisticated crimes. To have a chance of beating them, such technologies should be used alongside data analytics for detection and ongoing monitoring to help identify suspicious behaviour and prevent criminal activity.

3. Partnerships and intelligence

Using the ECCTA’s framework, sharing information and data with industry peers and authorities should be a key aspect of your FinCrime defence strategy. Due diligence and customer checks should also remain robust and comprehensive, adhering to the relevant legislation.

4. Culture and governance

If your executives and board set a tone that compliance comes first, you’ll create a culture where employees feel empowered and supported to raise issues. Also be sure to establish accountability for risk decisions and provide regular training on financial crime trends.

The benefits of data in your fight against financial crime

With the right data you can gain accurate insights into your financial crime risks, as well as your customers’ background and behaviour.

We have a broad range of automated processes and solutions to help minimise the pressure manual data sourcing, validation, and management can put on your team. These include:

Conclusion

The fight against financial crime is ongoing and ever-evolving. The advances in technology and changes to legislation can drive companies to remain agile and up-to-date – all of which takes up valuable time, resource and money within your business.

However, the global regulatory shift and innovative use of systems, data and data-sharing may be the best way to mitigate against those challenges, helping you to identify risk sooner, build greater clarity, and create genuine and effective defences against FinCrime.