So the European Council is to meet to consider whether AML/ATF rules should be harmonised across the EU. Personal views on Brexit aside, this feels very much like a validation of one of the criticisms of the Council: that of discussing the concept of a potential conference to decide if something should be done. Ministers have expressed broad support for the idea, which is encouraging. Good to know that they're not directly opposed to the concept of a single rule of law to combat crime.
The Council is undoubtedly doing the European Commission's bidding, but what's the motive? Is it to stamp out financial crime, or is it just another land-grab to bring ever more activities under the Commission's aegis? If it's the former, then it's conspicuously failed so far. We have plenty of regulations already, but enforcement is lax, process is sketchy and, quel surprise, financial crime continues to rise.
I firmly believe that the change has to come, not from regulation or unified governance, but from a change of culture. Blame culture shifts the aim of all concerned from resolving a problem to proving it was someone else's fault. We see it in health and safety procedures, legal disclaimers and equal opportunity manuals. We don't prevent people falling down a hole, swallowing poison or being discriminated against, but we make damned sure we won't be the ones who get into trouble. That's why we see banks submitting barrages of barely intelligible SARs. Something happened, we didn't prevent it, but we've reported it, so no foul, right?
Wrong. Very wrong. Undetected financial crime costs banks billions of dollars a year - and I'm not just talking about non-compliance penalties. Banks have responded to their own failure to combat money laundering and other such crime by simply disconnecting from the channels that may contain it.
All of these measures avoid blame, but do they actually fix anything? Money is like water; ultimately, it always reaches its destination. So money-laundering continues unchecked. Terrorists continue to get funding via the black markets generated by the absence of legal channels. Guys, you might not get blamed, but the crime carries on and the criminals profit from all the perfectly legal business you send their way. And for that, your shareholders won't forgive you, and nor will I.
We have to move to a culture of detection, preventing crime by spotting it before it even happens. To do that we have to look at individual transactions, every individual transaction, and judge it accurately by its own merits, not those of a small number of criminals from roughly the same neighbourhood. That's a tall order, but even a well-conceived manual process could open up opportunities that are currently being ignored, at a profit that outweighs its increased cost.
But this is 2020. We don't need a manual process; there are plenty of first-rate tools at our disposal to automate most of the tasks. I'm a huge fan of technology in its place, and this is definitely its place. The final overview and decision should always be made by a qualified risk officer, but we can make that risk officer's life a whole lot easier by automatically detecting and highlighting anomalies that could indicate wrongdoing. Having highlighted the potential problem, automation can impose the appropriate response. This is a vital factor; recent history has shown that most instances of non-compliance have resulted, not from a failure in detection, but from failures in the ensuing process. We must set an unbreakable sequence that automatically blocks the progress of a suspicious transaction until an active decision permits it or confirms the lock. And, whatever that decision is, it must be immutably and auditably recorded. The technology exists to do this, all we need to do is implement it correctly.
This has been our focus throughout the development of biz.Clarency. We set out to enable a practical solution, not just to the detection of money laundering and other fraud, but to its reporting and ultimate eradication, and the immutable recording of every step of the business process, from onboarding to transactions and all the associated checks and decisions.
There are five pillars to the process:
There's a balance at work here. We're making organisations accountable, potentially more accountable than they are at the moment, but we're also making it far easier to comply. The process is policed with a consistent relentlessness that's only achievable by machines, but it's that very fact that protects users from prosecution. It's virtually impossible to non-comply except by a positive decision to do so. Now look at the benefits. Instead of backing away from whole regions and markets, we can boldly seize safe opportunities to profit from them. And by doing that we squeeze out the black channels. Not only do we detect more crime, we out-compete it.
The necessary shift to beat financial crime and create a prosperous, inclusive world market is cultural, not regulatory. We already have plenty of regulations; instead of making more, or turning their conception and enforcement over to a monolithic glacier, we should look again at the purpose for which they were first conceived.
Our job is to eradicate crime, not to make sure it's someone else's fault.