By Neil Tansley, Chief Executive Officer, Efficient Frontiers International
In early March, the United Kingdom’s new Economic Crime (Transparency and Enforcement) Act became law. This reform bill has been in the offing for several years, but progress has been slow. It was accepted that other legislations (such as those relating to Brexit and COVID) were just more important—until Russia invaded Ukraine, that is. It has now been catapulted to the top of everybody’s agenda following the shocking invasion and the subsequent “Economic War” unleashed by Western governments in response.
The Act is an important step in addressing the source of wealth, particularly from those overseas in regions where there has been potential tax evasion, money laundering or other criminality relating to the funds. There may be justification. For example, at least £1.5 billion of UK property is owned by Russian nationals with either close ties to the Kremlin or who have already been accused of financial crimes in the past, according to global anti-corruption organisation Transparency International. It is a sizeable amount.
The considerable public and political pressure to get this information requires financial institutions (FIs) to both interpret and enforce the regulations set out by each national regulator. UK regulation in this space has had a significant impact globally due to the scale of the City of London, which is still the leading global financial centre by many measures, even with Brexit having eroded some of its glory. The regulations broadly require FIs to work out where all funds have come from, what they are being used for and, importantly, who is involved.
The Economic Crime Act gives UK regulators and enforcement agencies a bigger stick to take action directly against both economic criminals and any FIs that breach the rules. If any further incentive was needed for FIs to take their financial-crime obligations seriously, this is it.
While much of the regulatory framework around financial crime has been in place for some time, the Economic Crime Act has strengthened regulation in three major areas:
- Requiring the registration of beneficial owners of UK property purchased through overseas corporate structures, regarded as a key loophole in allowing purchasers of significant assets to remain effectively anonymous.
- Strengthening the Unexplained Wealth Orders (UWOs)—introduced in 2017 but little used by enforcement agencies so far—designed to require individuals to prove that their assets are not gained as a result of criminal activity and grant the power to confiscate if the courts are not satisfied.
- Remove some of the constraints on applying sanctions when urgent action is required, such as a test for appropriateness and, critically for FIs, moving to a strict liability test for involvement in sanctions breaches.
It is the last of these that is likely to worry FIs the most, as the government’s Office of Financial Sanctions Implementation (OFSI) can now both impose fines and name institutions that have been involved in breaching financial sanctions without first testing whether the entity “knew or had reasonable cause to suspect” that its actions would breach such sanctions. While the US Office of Foreign Assets Control (OFAC) has operated in this manner for some time, this level of power is new for the United Kingdom.
Given the widespread political and public support for Ukraine and the measures taken against Russia, being named and shamed even without the impact of fines would be disastrous for most FIs. The updated powers should (and are very much intended to) focus the minds of compliance professionals and senior managers on managing compliance risks. Any leeway that the regulators were granting to institutions over the COVID period is now very much at an end.
This threat motivates most institutions at the corporate level to ensure they fully understand the risks associated with everyone connected to the entities with which they are doing business. This relies on the accuracy of the FI’s due diligence in understanding the identities of all individuals connected with its clients. The temptation for FIs is often to oversimplify their processes in this area and treat this as any other operational task. This often involves trying to standardise as much as possible to aid both automation and the employment of less-skilled resources, often in lower-cost locations.
In practice, this can often involve analysing the complex structures of interconnected entities, frequently established in high-secrecy locations with limited public transparency. So, unravelling the actual individuals involved often requires access to privately held information, the ability to understand the limitations of different types of evidence and knowing where best to place reliance.
In many ways, the current challenge parallels a previous one from 2010: the US Foreign Account Tax Compliance Act (FATCA), which required FIs worldwide to sift through their account-holders’ data to look for undocumented American taxpayers hidden in a web of complex offshore structures. These requirements are also reflected in the Common Reporting Standard (CRS) and other international tax-transparency initiatives.
In an environment that looks likely to become more acute for FIs regarding anti-money-laundering compliance, institutions should now take action to ensure that they are on top of their due diligence, guaranteeing their sanctions screening is fully effective. Key steps to prioritise are:
- Focus at the top: Boards and their risk committees need to be focused on ensuring they understand the risks to their specific businesses, be aware that these risks are evolving as criminals continue to look for ways into the system and push their executive teams to demonstrate effective control.
- Understand the unknown: Senior managers need to be aware of the risks of incomplete information, particularly the risk of beneficial owners being hidden in complex ownership structures. This may mean that individuals can bypass the usual regular screening designed to highlight individuals connected to the firm who appear on global sanctions lists.
- Build the team: In-house compliance teams are stretched, and while technology can certainly help, it has limitations and can leave processes open to being manipulated, as they are “figured out” by financial criminals. Institutions need to ensure adequate skilled resourcing and strong external partnering to bring in new ideas and react flexibly.
It seems likely that the current environment will continue for some time and could spread further in scope; a follow-up to the Economic Crime Act is already under discussion.
More recently, we have seen the Financial Conduct Authority (FCA) place greater scrutiny on challenger banks in the UK for perceived financial-control failings. Financial-crime control has become a mainstream agenda point for government institutions beyond the financial regulator; naturally, so, too, will financial-crime defence continue to be a priority for institutions operating in the banking sphere.
Positively, we already see banks spending more resources trying to limit risk linked to money flows. Governments, regulators and citizens are unlikely to have much sympathy with FIs that undermine political actions to tackle Russian aggression—however unwittingly it occurs; meanwhile, the Ukraine-Russia conflict has provided fresh impetus for enforceability.
Financial institutions need to act now to build up their defences.