Bank security used to mean bulletproof glass, CCTV cameras and thick steel vault doors. And for a long time, the idea was to stop bank robbers from physically getting away with the money.
However, the main threat for banks is no longer physical. Now it's about the criminals digitally getting their money into the banks.
Anti Money Laundering (AML) procedures have been a part of financial services regulation for a long time and the emphasis has always been on identity verification. If you walked into a branch with a million pounds in a holdall to deposit, you’d have to prove it had come from legitimate sources and that you were who you’d said you were.
However, with a laptop and a few hours to spare, a skilled criminal can now falsify an online identity with records, social media accounts and receipts (all fake) to ‘prove’ who they are. It doesn’t need to be a million pounds either, ill-gotten gains can be drip fed into accounts and quickly lost in the online sea of transactions.
The problem is worsening, with the National Crime Agency receiving 463,938 Suspicious Activity Reports (SARs) in the 12 months to March 2018 – a 9.60% increase from the previous year. Plus, these are just the suspicious transactions that were noticed.
To give you a further idea of the scale of the problem, the US Treasury estimates over $300 billion in illegal capital is laundered through the financial services industry every year. Worryingly, the United Nations Office on Drugs and Crime (UNODC) estimates that less than 1% of this is seized or frozen.
So, what's being done?
More regulation has been introduced but the challenge really comes down to technology and its implementation in the field.
For instance, the EU’s Fourth Anti-Money Laundering Directive (4MLD) imposes strict compliance standards on financial institutions, intermediaries, lawyers, accountants and even estate agents whose clients may pose a money laundering risk. Under this new regulation, banks are no longer allowed to trust a single service provider for their know your customer (KYC) facilitation.
Unfortunately, the adoption of tech innovation has never been the fastest in the world of financial services. A recent survey asked banks how they'd face a new corporate account being opened, one where the company director had links to other organisations that have politically exposed persons (PEPs) as shareholders.
98% of respondents said this customer should not be able to open this account without a risk assessment being made, however, 46% said their systems and access to data wouldn’t have identified this potential risk. This indicates a clear problem. (Source: Kompli & Global/BBA)
Digital problems, digital solutions
Although technology opens up more opportunities for criminals, it can also be used defensively by banks. Leading financial services firms have invested billions in technology specifically to manage compliance and strengthen online security.
RegTech has become one of the highest priorities for financial services firms concerned about how they may be exposed in a digital world. To put that into context, more than $9.5 billion has been invested in RegTech companies globally over the last five years.
As well as the opportunities technology presents, banks must be acutely aware of the risks they face and ensure they keep the regulators happy - time will tell how they continue to react.
To learn more about the impact of digital transformation in banking, check out our latest Infographic: Banking’s digital revolution in 23 must-know numbers!