The year-on-year cost of compliance. Are we now less compliant than ever?
As we venture into the fourth quarter of this unprecedented year, still many uncertainties loom over the heads of businesses, large and small alike, as to what the futures of our covid-stricken economies may look like. On one hand the cost of AML compliance fines for q1 & q2 of 2020 alone amounted to a figure exceeding US$706 million according to Duff & Phelps, which when placed in comparison to 2019’s full year total of US$444 million, looks like a sharp uptick in global compliance costs - possibly brought about by the dramatic rise in covid-related cybercrime. But on the other hand, this pandemic has brought with it a number of positive externalities, including forcing big industry to finally adapt by driving the largest acceleration in digital transformation seen in years.
With regulatory compliance becoming increasingly difficult pre-covid, the pandemic has served as the final kick to send many industries over the edge. Even sectors which have been continuously late to the party with change, such as big banks, have managed to transform their business models to be able to provide open banking despite the birth of FinTech nipping at the heels of the incubators.
Consistently finding reliable and accurate information at the moment however, seems to be a challenge given the world's current political, economic and social climate. Despite now being connected more than ever through the means of the internet, telephone, and airplanes, the environment created by covid has demonstrated to us in a very harsh light, a reality where we’re more disconnected from one another than we may have realised, a reality where the line between fact and fiction is manipulated in media to suit agendas, and where some actively capitalise off the misfortunes of others. I think that people have been silently aware of these facts for years, but only in our post-pandemic world will these issues be addressed.
In situations of crisis having accurate and reliable sources of information is critical for making clear and informed decisions, the consequences of which will often be felt greatly later down the line. As a society we must demand higher standards from the media. Manipulation by omission of information is still manipulation.
As firms switch to an increasingly digital presence, we’ve observed how organisations and individuals are forced to make quick decisions on often incomplete information, or seemingly complete and reputable information that has been deliberately been manipulated to fit particular narratives of agendas. In part resulting from this, regulators have observed a notable spike in global financial crime since the beginning of 2020 in comparison to previous years.
As families and businesses worldwide struggle to stay afloat amidst the economic turmoil of the pandemic, cybercriminals have exploited this uncertainty in the forms of prevalent e-commerce scams, theft of personal details, theft of money through blackmail, phishing and impersonation, among other methods, but perhaps the most appalling - fake loans. Fake loans are some of the most profitable scams and are often specifically targeted at some of the most desperate people in dire financial circumstances, many of whom having already amassed large debts with no foreseeable way to repay them. In Singapore, a nation which for many years had been at the forefront in the fight against cybercrime, fake loans rose 27.9% from the same period last year, with scammers getting away with an estimated SG$41.3 million (US $30.4m) in quarter 1 of 2020 alone. Though a seemingly insignificant figure for larger nations such as the US and UK, this is a huge blow to the reputation of the tiny island state with a population of a mere 5.6 million.
Despite the undeniable rise in cybercrime, the figure provided earlier in this blog concerning AML compliance fines in the first half 2020 outstripping the whole of 2019’s fines, as reported by many mainstream news outlets, though technically correct, isn’t as honest as it may seem. The critical information omitted from many mainstream re-publications of this study are the statistics of AML fines from the years 2018 and 2017, which were US $3.297 billion, and US $2.136 billion respectively. When placed alongside previous years, it is notable that 2019’s AML aggregate of US $444 million was unusually low. The sharp drop in AML fine values between 2019 and 2018 came despite only a small drop in the number of cases - a decrease of just 14%, meaning that though there were a similar number of fines awarded in 2019 and 2018, the monetary value of fines in 2019 were noticeably smaller than previous years.
Some speculate this may in part be due to the mass presence of new tech (particularly RegTech and FinTech) in compliance workspaces, which have helped to automate and facilitate traditionally tedious and labour intensive compliance processes allowing for companies of all sizes to be more compliant than ever despite the rapid and continuous regulation changes observed over the last few years. But as covid has continued to forge an ideal environment for cybercrime to prosper starting very much in Jan 2020, regulators have began cracking down on financial institutions harder as cybercrime skyrockets and organisations continue to make the same mistakes they had made, and been punished for years earlier. Customer due diligence was the most frequently punished failing according to the report, with 115 significant cases reported since 2015. The resurgence of high noncompliance fines in 2020 demonstrates regulators willingness to punish and publicise the regulatory shortcomings of firms and make it very much known that 'you are being watched', perhaps more now than ever.
It is, however, important to note that different nations have been differently affected, though not explicitly mentioned in the articles, the above statistics refer only to the United States but are valuable in putting the global situation into perspective. Nonetheless, in many cases, the issue of compliance, to comply or not to comply, is non-negotiable. The cost of regulatory compliance has a big price tag, sure, and these costs add up, but when placed alongside the costs of regulatory breaches, they're a drop in the ocean. It doesn't take an expert to tell you that breaches lead to fines, negative publicity, and in some cases - being prohibited from running the business. If there has ever been a time to invest in Regulatory Technology or cyber security it would be now.
“Firms should pay attention to the key AML failings that are consistently identified by regulators globally in their major enforcement actions. Despite the repeated messages in these enforcement cases it’s clear that market participants are continuing to struggle with their obligations in relation to client due diligence, transaction monitoring and AML management and oversight.”
- Nick Bayley, managing director, head of UK regulatory consulting at Duff & Phelps
“When it comes to preventing and tackling fraud, our research shows that a dollar invested now is worth twice as much when a fraud hits.”
- Kristin Rivera, PwC Global Forensics Leader