Prevention of Financial Crime Seminar

Our seminar saw over 300 compliance professionals gather in person and virtually to listen to engaging talks by industry leaders. Attendees also had the opportunity to participate in interactive polls, network with their peers and learn from insightful Q&A sessions. CISI endorsed this event for 4 hours' worth of structured CPD points.

We were joined by experts in anti-money laundering, sanctions compliance, cybersecurity and fraud prevention. Our panellists included speakers from CIFAS, UK Finance and HM Revenue and Customs, who shared insights throughout the afternoon on creating a culture of financial crime prevention.

The system of financial crime and fraud involves a wide range of actors, and as risk controls become more stringent, customer engagement becomes increasingly difficult. As financial crime has evolved into an industry of its own, there are many levels of concern.

One key reason 1.1 million people remain unbanked is concerns over financial crime risks. We've outlined some of the discussion points and takeaways from the afternoon.

Prevention of Financial Crime Seminar Agenda

• Session 1: Exploring AML Challenges
• Session 2: Navigating Sanctions in Compliance
• Session 3: Fraud, Cyber & The Ombudsman
• Session 4: Fostering a Culture of Compliance & Ethical Conduct

After a networking lunch, the seminar began by delving into our first session on exploring challenges and developments in one of the biggest financial crime topics: anti-money laundering (AML).

Session 1: Exploring AML Challenges

Paul Coady, Founder & MD, ComplianceLnD
Ian Mynot, Director, Advanced Financial Crime
Neil Giles, Co-founder, Traffik Analysis Hub Stop the Traffik
Dr Liliya Gelemerova, Head of UK Financial Security, Credit Agricole CIB

Our AML panel discussion was moderated by ComplianceLnD founder and MD, Paul Coady. This session focused on the key challenges and opportunities in managing AML risk and the role of Suspicious Activity Reports (SARs) in law enforcement.

The discussion outlined the current AML landscape and how technology and collaboration can address emerging risks. It also offered practical guidance strategies for MLROs and practitioners to navigate the challenges, adapt to new technologies, and strengthen collaboration efforts.

Discussion points

• Challenges in AML investigations: the identification of AML risks, responses to new technologies and law enforcement struggles
• The use of SARs: unpack how SARs are vital for preventing societal harm, supported by data sharing between Financial Intelligence Units (FIUs) and Public-Private Partnerships (PPPs).
• Emerging risks and regulatory responses: cryptocurrencies introduce new money laundering risks, necessitating updated resources and guidance for Money Laundering Reporting Officers (MLROs).
• Collaboration and innovation: AI can enhance SAR quality, while proactive strategies and intelligence are key to combating financial crime.

SAR reporting and AML challenges

Challenges in AML can arise from a number of factors. These challenges vary depending on business size and context, such as Retail versus Corporate & Investment Banking, and often stem from the volume and quality of information. Retail space might see more red flags than corporate and investment banking.

A lack of effective intelligence sharing, both within organisations and across the industry, compounds these issues, especially in cross-border cases.

Additional challenges include ensuring explainability and auditability when deciding whether to file a SAR, building a rationale, and managing governance and decision-making post-filing. The FinCEN leaks highlighted the sensitivity of these processes.

It is essential to ensure you ask the right question when you are gathering facts otherwise the exercise becomes meaningless. Apart from establishing solid GDPR frameworks (incorporating tactical and strategic intelligence, NGO roles, and economic crime legislation)and defining clear roles and responsibilities, it is important to:

1. Understand the business context to ensure AML strategies are tailored to specific operational environments and risks.
2. Apply an outcomes-focused, risk-based approach that identifies what adds the most value in mitigating financial crime.
3. Maintain a clear audit trail and be able to explain decision-making processes to third-party reviewers for transparency and accountability.

SAR data use challenges

Recent developments in the UK, such as the Economic Crime Corporate Transparency Act 2023 and the NCA/bank information sharing pilot, have improved the quality and relevance of SARs submitted by firms, aligning them better with law enforcement priorities.

Compared to the new EU law under section 75 of the AMLR, the UK's position is more favorable. Despite this, firms must still report all suspicious activities, contributing to the high volume of SARs that FIUs struggle to manage. The sheer volume of money laundering cases and SARs is staggering with the latest figures showing 860k SARs recorded in 2022/23.

Establishing effective prioritisation systems is crucial, and AI could play a significant role in identifying emerging risks and improving efficiency. As AI becomes more integrated into firms, it has the potential to enhance risk identification and free up resources for more productive activities, though the broad reporting requirement will persist.

Emerging risks and responses

Many professionals in AML and compliance teams across the industry are committed to meaningful work and take pride in their role, especially when closely collaborating with organisations like Stop The Traffik (STT). However, some believe that suggesting collaboration with external organisations could harm their career prospects, as senior leadership often hesitates to engage.

The industry can sometimes resemble a chaotic football game, with everyone focused on regulatory directives while missing broader opportunities. Engaging in meaningful dialogue with organisations could improve staff morale and regulatory outcomes.

Additionally, as crypto introduces both new and old crimes in innovative ways, blockchain's transparency offers advanced tools for mitigating risks, especially when dealing with Virtual Asset Service Providers (VASPs).

Understanding how VASPs are regulated and their risk levels, as well as leveraging blockchain analytics, can help firms manage these risks effectively. For customers interacting with VASPs, cooperative approaches can enhance visibility into their activities, providing further risk mitigation.

Collaboration between firms, FIUs & law enforcement

A good example of collaboration is the Harcourt Programme in Ireland which involves Non-governmental organisations (NGOs) and various stakeholders. This is aimed at combating human trafficking through financial intelligence. Its journey has involved active engagement from NGOs, adding valuable perspectives to the fight. Ireland are generating law enforcement reporting that is immediate.

The programme plans to launch an intelligence-led communications campaign targeting at-risk communities, raise awareness across Irish financial institutions, and collect survivor narratives to identify unique red flags.

Additionally, it focuses on active operational intelligence sharing with the FIU and law enforcement, reducing traffickers' confidence in exploiting financial systems and measuring the programme’s impact over time.

Key takeaways

• Effective collaboration enhances your ability to proactively identify red flags and address risks. Engaging in Public-Private Partnerships (PPPs) and working with NGOs will help you to utilise intelligence from both internal and external sources for more effective monitoring and timely issue identification.
• Implementing dynamic KYC, due diligence, and risk assessment procedures, along with thematic reviews of high-risk transactions, helps in cross-referencing and identifying issues more efficiently.
• AI is emerging as a crucial tool for spotting emerging risks and improving efficiency in SAR processing. As AI technology becomes more integrated, it can help identify risks more effectively and allocate resources more productively.
• Cryptocurrency Risks and Opportunities: Addressing new risks from cryptocurrencies by leveraging blockchain transparency tools and understanding the regulation and risk exposure of Virtual Asset Service Providers (VASPs).
• SAR Volume and Prioritisation Challenges: The ongoing struggle FIUs face with managing SAR volumes, emphasizing the need for improved prioritization systems while considering the costs and benefits of current reporting regimes.

Session 2: Navigating Sanctions in Compliance

Ruby Hamid, Co-head, Ashurst Corporate Crime Investigations
Ian Bolton, Founder & CEO, Sanctions SOS
Anna Bradshaw, Partner, Peters & Peters LLP
Kevin Newe, Illicit Finance Threat Lead, HM Revenue & Customs

Our next session unpacked the complexities of sanctions and financial crime. This discussion was moderated by Ruby Hamid, head of Ashurst Law Corporate Crime Investigations, and focused on the challenges of navigating sanctions compliance and financial crime risk. 

One of the main challenges with sanctions compliance is the cost. The UK is spending the equivalent of Estonia's GDP on fighting financial crime. We need to be pragmatic in establishing and implementing compliance programmes.

Discussion points

• Holistic view of sanctions and AML: the artificiality of separating sanctions from AML and what a holistic approach looks like.
• Sanctions as a temporary measure or long-term strategy: the implications of viewing sanctions as temporary and the evolving nature of these measures.
• Sanctions circumvention and ethical conduct: the concept of sanctions circumvention, ethical challenges, and preventive measures.
• Forward-looking insights: prepare for new sanctions and geopolitical shifts by prioritising compliance spending to address future regulatory challenges.

Integrating sanctions with AML framework

Overcoming the artificial separation of sanctions from AML requires a more holistic approach that integrates both areas within a unified financial crime framework. Sanctions and money laundering are closely interconnected, as sanctions evasion often involves money laundering tactics.

However, the challenge lies in addressing the complexities of this interface, as it can be difficult to separate the two effectively. A comprehensive approach would involve aligning compliance strategies, intelligence sharing, and investigative efforts to tackle both sanctions violations and money laundering in a cohesive manner.

Challenges around sanctions enforcement

Office of Foreign Assets Control (OFAC) has highlighted the fact that Russia is reallocating its resources to support military activities in Ukraine. There is no clear separation between organised crime groups and the Russian state, which is considered hostile. This presents a complex challenge, particularly in law enforcement, due to its multifaceted nature.

Additionally, there is an element of sanctions fatigue. The UK is leveraging its full intelligence capabilities, but sanctions enforcement remains difficult, especially since certain areas are not fully covered by traditional legal frameworks, leaving gaps that cannot be addressed through conventional legal means.

Sanctions as a tempory measure vs a long-term strategy

Sanctions are typically viewed as temporary interventions, often imposed as emergency responses during times of conflict or crisis. Initially designed as short-term measures to exert pressure on targeted entities or governments, they aim to prompt behavioral changes or address urgent threats.

However, the duration of sanctions can vary significantly, sometimes extending well beyond their original intent, raising questions about how long they should remain in place and whether their objectives are still relevant or achievable over time.

Sanctions circumvention and ethical conduct

Sanctions breaches are often the result of the evolving nature of sanctions, making it challenging to develop tools that match the scale of the problem, especially from a compliance perspective. There are two key difficulties:

1. circumvention of sanctions and
2. exposure to secondary sanctions. 

These challenges are unique to sanctions enforcement and do not exist in other areas of financial crime. Circumvention hubs are a particular concern, and investigations, whether civil or criminal, tend to be slow and expensive. Secondary sanctions, where individuals or entities are added to a list based on suspicion, add another layer of complexity, especially as the EU’s approach to applying these rules remains unclear.

Sanctions breaches and circumvention tactics are not new phenomena, having existed since the Cold War. While some level of sanctions compliance is already in place through established governance systems, enforcing trade-based sanctions remains difficult, particularly when monitoring the flow of dual-use goods to sensitive regions.

Compliance professionals play a critical role in identifying keywords and jurisdictions to track these transactions. However, as enforcement efforts increase, it is crucial to target the non-regulated sectors as well.

Enablers can become involved in various ways, but circumventing sanctions before they are adopted is not possible. Individuals may be added to a sanctions list for a wide range of reasons, including suspicion of circumvention or providing financial services to someone suspected of such activities.

Future of sanctions compliance

We asked the audience what they could see the biggest sanctions-related risk in the future. The word cloud below reflects some of the strong thoughts around specific sanctions compliance risks and how compliance professionals see risks evolving in the future.

Looking ahead, the focus will shift toward leveraging data and transparency to enhance sanctions enforcement. This will involve more targeted approaches, especially in sectors that have previously been less regulated, relying on improved governance and compliance structures to address the complex and evolving nature of sanctions.

Key takeaways

• Rising financial crime risks and evolving organised crime tactics require law enforcement to adapt, emphasising the need for collaboration across sanctions, AML, and financial crime prevention.
• Managing rapidly changing sanctions, strict liability implications, and fostering a strong ethical corporate culture is essential to addressing sanctions evasion risks.
• Tackling evasion tactics, especially with emerging technologies like cryptocurrency, requires a comprehensive approach that integrates sanctions with broader compliance efforts.
• Concerns around sanctions compliance include hidden ownership, the complexity of sanctions, integrating AI and evasion.

Session 3: Fraud, Cyber & The Ombudsman

Katharine Leaman, CEO, Leaman Crellin
Mark Courtney, Chief Product Officer, CIFAS
Paul Maskall, Strategic Fraud Prevention & Behavioural Lead, UK Finance
Kevin Fielder, Chief Information Security Officer, Natwst Boxed

Our third session saw Leaman Crellin's CEO, Katharine Leaman, lead the discussion on a few key areas of fraud and cybercrime.

Although fraud accounts for 40% of all crime, it only receives 2% of law enforcement's attention. It is an exceptionally easy crime to commit, and economic pressures are pushing more people toward it. Fraud has evolved into a professionalised industry, with distinct roles and functions, much like any other service sector.

Discussion points

• Understanding fraud in the UK: an explanation on why a significant portion of crime in the UK is fraud, discussing key factors like siloed operations, underreporting, and risk perception, along with their professional experiences.
• Current trends in fraud: unpack recent fraud trends, providing insights from CIFAS data and actions taken to address rising online fraud.
• Future impact of fraud: a look into how fraud is impacting financial services, focusing on the increasing costs and exploring strategies to mitigate future risks.

Fraud in the UK

A frequently cited statistic reveals that 40% of all crime in the UK is attributed to fraud. Several key factors contribute to this including fragmented and siloed working practices which often impede effective communication and collaboration. This leads to missed opportunities for detecting and addressing fraud.

Additionally, there is often a lack of comprehensive reporting on fraud cases, which further complicates the understanding of its true extent. Risk perception varies widely, influencing how fraud is reported and managed across different sectors.

Collectively, these issues contribute to the significant prevalence of fraud in crime statistics, highlighting the need for improved coordination, better-reporting mechanisms, and a more unified approach to tackling financial crime.

Recent fraud trends

Online fraud has risen by 15%, with a notable increase in identity fraud and misuse of facilities (using them for unintended purposes). Phishing remains a major threat, now more sophisticated than ever. AI has played a useful role in addressing these challenges. Additionally, the growing use of remote technology, which grants access to bank accounts, has contributed significantly to the problem.

Information security is widespread in part because it is often perceived as victimless. In most cases of fraud, victims can recover their money, which blurs the line between security and financial crime. Social engineering techniques exploit human nature, with scams typically relying on fear, offers that seem too good to be true, or appeals for help.

Authorised Push Payment (APP) fraud is particularly hard to detect, emphasising the need for better public education. The internet’s underlying systems also offer limited protection, highlighting the need for improvements. When assessing risk, people tend to rely on how easily information comes to mind and the emotions associated with it, making risk perception highly subjective.

Fraud in financial services

In banking, deepfake fraud is emerging, though it hasn’t been highly successful yet, as criminals often leave behind metadata. The challenge lies in how we authenticate identities without relying solely on humans, especially since AI can be effective when it plays on emotions.

The difficulty of APP fraud and reimbursement arises from the manipulation involved—victims often don’t realise they’re being deceived. The difference between fraud and marketing largely comes down to intent, as both use tactics like scarcity, emotive language, and urgency. While fraud can be devastating, reimbursement focuses on restoring financial losses, but it doesn’t necessarily address the emotional or psychological impact on victims.

Key takeaways

• There is high fraud incidence in the UK with 40% of all crime attributed to fraud, however it is only 2%  of law enforcement which reflects how easy it is to take part in this type of crime.
• Reporting challenges are an issue where inadequate reporting and varying risk perceptions complicate understanding and managing fraud.
• There is a need for unified approach. Improved coordination, enhanced reporting mechanisms, and a comprehensive approach are essential to addressing the widespread issue of fraud.

Session 4: Fostering a Culture of Compliance & Ethical Conduct

David Kenmir, Advisory Board Chair, Skillcast
Catriona Razic, CRO, Skillcast
Jourdain Tambo, VP, Risk & Compliance, Curve
Jonathan Chibafa, Partner, CCO, Keystone Law & Cavotec

Our final session, moderated by David Kenir, explored the topic of fostering a culture of compliance and ethical conduct in the workplace. Having a culture of compliance and awareness underpins financial crime prevention. 

Discussion points

• How organisations can embed cultural values into processes to ensure they deliver good customer outcomes while managing risk.
• The possibility of measuring culture in the workplace and what this looks like in practice
• Investigate the best practices for supporting a positive culture within an organisation.
• How can innovations in training help embed cultural values in the workplace

Embedding cultural values 

To embed cultural values into the processes we use to achieve desired customer outcomes while managing risks, we must first focus on awareness. Compliance should not be pursued merely for the sake of following regulations, but to protect society, which often suffers as the unseen victim of financial crime.

Our role as compliance professionals is to satisfy regulators and actively combat these crimes. To enhance this, we can offer bite-sized, audience-specific training modules that explain the purpose behind compliance.

Additionally, there is a strong link between customer experience and how technology is programmed, making it crucial to design systems that prevent financial crime without causing unfair outcomes for clients. This challenge was highlighted in the FCA's letter to EMIs, where temporary blocks and freezes on accounts often lead to negative consequences for consumers. Striking a balance between crime prevention and fairness requires a holistic view of the customer’s position, with real examples shared to illustrate best practices.

To effectively address financial crime, organisations must go beyond regulatory requirements by adopting a consumer-centric approach. This means genuinely understanding customers to make reasonable judgments on their behalf, as highlighted by the FCA’s investigation into private account access following the Nigel Farage incident.

Both direct and indirect strategies are key: employees should be incentivised to prioritise customer needs, and organisations must project this customer-focused ethos outward. Embracing initiatives, like Arsenal’s use of inclusive team kits, offers an opportunity to make customers feel connected to the brand. However, caution must be taken to avoid superficial "greenwashing" or "social washing" – the efforts must be authentic.

Measuring culture in the workplace

Metrics can be used to assess company culture and risk, such as through a Risk Reporting Committee and Key Risk Indicators (KRIs). We can categorise customers into two busckets - internal customers (staff) and retail. It is important to foster a speak-up culture

Employee satisfaction, which can be tracked through platforms like Glassdoor, is a strong indicator of cultural health, as people shape the culture. Training completion rates and policy attestations also reveal engagement with rules and regulations.

An engagement index, like PwC’s survey, can provide insights into non-financial data, which should be audited for accuracy. Surveys show that managers’ perceptions may differ from frontline staff regarding risks. Departmental stress levels, confidence in leadership, and employees' connection to the company’s purpose are all key indicators of a healthy culture. Focus groups, such as those in a skilled person review, can bring hidden issues to light by providing anonymous feedback without management influence.

Positive culture in the workplace best practices

To achieve consumer-focused outcomes, departments should integrate compliance with product, brand, and marketing by bringing regulations to life. This involves moving from a rules-based approach to one focused on outcomes, such as those under the Consumer Duty.

Small focus groups with product and marketing teams can help capture the essence of this duty, encouraging them to think of customers as they would their own family, ensuring fairness and transparency. This mindset influences product design, features, and overall customer experience.

Breakout sessions can present Consumer Duty in ways that are relevant to each department, fostering genuine intent to deliver positive outcomes for customers and aligning with the FCA's goals for all businesses. 

We asked the audience what they thought the biggest challenge is in embedding cultural values. The result can be found below - the majority find that the lack of engagement from employees is the biggest struggle.

Innovations in training help to embed cultural values 

To foster innovation and learning, it's essential to engage people by helping them understand real risks, rather than relying on a "rinse and repeat" approach to training.

In terms of culture, the compliance department has shifted from a rules-based function to acting as a business partner. Training is now tailored by breaking content into smaller, role-specific pieces that reflect both the individual's responsibilities and their associated risk level.

Innovation package unpacked 

Those in the financial crime industry have innovated, so it is important to have training that is equally innovative. Skillcast has an innovation package that takes staff training to the next level and creates a culture of awareness.

Diagnostic quiz 

Identifying strengths and weaknesses allows us to automatically assign only the necessary learning throughout the year.

Embedded learning 

This integrates seamlessly into your digital environment, making educational content accessible within the tools and platforms you already use. All learning activities and progress are tracked and recorded in the Learning Management System (LMS), ensuring that engagement and achievements are monitored effectively.

Nudge learning 

This involves receiving regular, targeted questions on various topics delivered directly to your inbox. This approach aims to gently prompt and reinforce learning by integrating brief, relevant queries into an individual's routine. 

FastTrack

This involves starting any Off-The-Shelf (OTS) course with a pre-course quiz, utilising a ready-to-use question bank. This approach streamlines the learning process by assessing prior knowledge and ensuring participants are prepared for the course content.

Key takeaways

• Purpose-driven compliance: Focus on the societal impact of compliance rather than just regulatory requirements, emphasising the broader benefits and values.
• Targeted training: Develop bite-sized, audience-specific training that clearly explains the purpose and benefits of compliance, enhancing understanding and engagement.
• Balancing technology and customer experience: Ensure that fraud prevention measures, such as account blocks, do not negatively impact consumer fairness, considering the holistic customer experience.
• Measuring and fostering workplace culture: Use key metrics like KRIs, employee satisfaction, and training completion to assess workplace culture, and adopt practical approaches such as consumer-focused outcomes, mindset shifts, and department-specific sessions to build a positive and purpose-driven culture.

Join SkillcastConnect

SkillcastConnect community brings together compliance professionals for unique group networking free of vendors. Join today for priority access to unique insights from best-selling authors, leading academics, training gurus and industry insiders in a friendly, supportive environment.

1. Networking Events
2. Expert-led Webinars
3. CCO Roundtables
4. Compliance Workshops
5. 100+ free video-based learning courses

If you are interested in joining our community, you can find out more on our dedicated SkillcastConnect page.