Speech by Sarah Pritchard, Executive Director, Markets, at the Financial Crime Summit – 1LOD.
Speaker: Sarah Pritchard, Executive Director, Markets
Event: The Financial Crime Summit – 1LOD, County Hall, London
Date: 7 September 2022
Note: This is a drafted speech and may differ from the delivered version
Key points
- Working together with firms and agencies to share intelligence and quickly respond to evolving threats makes us better at spotting and stopping financial crime.
- Cost of living crisis will lead to criminals trying to exploit people even more through scams such as loan fee fraud and APP facilitated scams.
- Fighting financial crime underpins the FCA’s priorities and we are taking action at pace on areas from spotting sanctions-busting to driving improvements on money laundering controls and raising consumer awareness through Scamsmart campaigns.
First responders in the fight against financial crime
WHY are you here? That question is not as existential or philosophical as it sounds.
I mean why are you here at a financial crime summit? Why does fighting financial crime even matter? Is it an over-hyped problem?
Do people even matter in the fight against financial crime when we have tech tools that can spot scams as we sleep?
Well, the clue as to why you are here is in the name of the conference providers: the First Line of Defence.
You are the first responders and front line in the fight against financial criminals, and together we can limit their spread.
Financial crime is a bit like Covid.
Like the virus, which mutates to evade destruction, criminals seeking to cash out and carry out financial crime are ever-changing – they will adapt to exploit new weaknesses in the financial system and will constantly vary their tactics when targeting the vulnerable for fraud.
The pandemic finally looks like it is being curtailed and that is thanks to a range of actions and efforts.
The body’s immune system, the vaccines developed by pharma companies, and information sharing about the changing nature of the threat all played a role.
The response was agile and dynamic and involved doctors, businesses, data scientists, politicians and the public.
That is how you defeat a complex and ever-evolving enemy. No one group can do it on their own.
If it takes a village to raise a child, it takes a community to defeat a threat.
Likewise, the constantly mutating threat of financial crime must also be countered by many measures and groups which must constantly adapt to defeat it as it evolves. In this fight, we all play a part.
And you are the first, second and third line of defence. You will be the first ones that spot how criminals are changing through unusual transactions or to detect new trends through reports from customers.
Sadly, we expect financial crime to become even more prolific during the cost of living crisis.
More than seven in ten[1] people say they have been targeted by scams in the past three months as con artists try to exploit the cost of living.
The best way of us getting ahead of this new wave of financial crime is through being alert and through joined up action and joined up intelligence.
Force multiplier effect
Like the virus, no one is unaffected by financial crime. We must respond systemically, in order to limit and defeat it.
Whether you work in one of the 50,000 firms regulated by the FCA[2] in the UK or are a member of a professional body that we oversee - an effective defence is needed.
We aim for the force multiplier effect: professionals in firms scanning and being alert to red flags, using their human knowledge and instinct to interpret the clues from conversations and customer behaviour; technology identifying unusual patterns of activity; and information shared with regulators, and law enforcement.
We cannot do this job without each other, and collectively we can help keep the system healthy.
Our role
So how does the FCA contribute to this effort?
Our strategy sets out how we work with UK and global partners to drive a whole system response to financial crime and how intelligence sharing is key to this.
We are changing.
We are unleashing our tools more rapidly, driving improvements in firms’ controls and issuing warnings where we see harm, flagging up names on our warnings list more quickly and firing up our Scamsmart[3] campaigns.
We are sharing more of what we are seeing – examples of good controls and bad controls – so that everyone can learn and improve their response.
We shared findings from our recent review[4] of challenger banks widely, as the risks there are no different than in the whole retail sector.
We found system weaknesses that could be exploited – weak customer due diligence and insufficient rigour in dealing with transaction alerts.
These are important – if you don’t know your customer, how can you know what to expect and what is unusual? And if you don’t review how alerts are dealt with, how can you know that your alerting system is calibrated well, or is acting the way it should?
But we saw good things too – using data, tech and geolocation data to verify customer identity quickly, and advanced monitoring for fraud by checking customers who were using multiple devices to log into accounts.
My message to all firms is this: embed your financial crime checks in your systems from day one, but keep evolving as the threats evolve. Use the power of data and tech, and stay alert for situations in which you may need to recalibrate your defences and alerts.
Robust defences and actions
We set robust standards for crypto firms on anti-money laundering measures, knowing that this sector is targeted as a potential weak link, and open for abuse by criminals.
So far 37 firms have met these standards after following our guidance, but they will need to continue to meet those standards to keep their registration.
But it is not just the new, high-tech offerings that can be exploited.
When we saw criminals targeting the post office network to funnel criminal cash, we worked with law enforcement, the NECC, industry and government partners to close down these money laundering routes and change the system-wide controls. And we have to stay agile. Just as criminals transform their methods to evade capture, we have to keep changing our controls to close any gaps.
We are taking action too.
We ordered the closure of crypto ATMs[5] which were opening without regulatory permission.
We are working with firms and our partners through joint taskforces to help drive a whole system response. We prosecuted a major bank[6], NatWest, for money laundering system and control failures – and since 2018 we have fined ten other firms for money laundering weaknesses. Fines issued, including the NatWest fine, have totalled over £665m.
Thinking ahead
Foiling crime is about thinking ahead and acting at pace, before threats increase exponentially.
Earlier this year when it was clear that Vladimir Putin was planning an invasion of Ukraine, we acted swiftly[7].
Two days before the invasion, we told firms our expectations in the event of war.
Within days of the invasion, we reached over 10,000 firms within retail banking, payments, cryptoassets, wholesale banking, wealth management, insurance and asset management sectors.
Our work on sanctions is ongoing, using data and intelligence to identify firms with potential weaknesses in controls, and then using data tools to test the effectiveness of those firms’ sanction screening systems, and at pace.
And we will warn firms that if they use vendor solutions for their sanction screening processes, they need to make sure that solution is tailored and suitable for their customer and business profile.
Cost of living
We are asking firms to plan how they are going to respond to the risks of the cost of living crisis.
We are already seeing more scams such as loan fee fraud, ghost broking, and false access to rebates from utility companies.
And we anticipate a potential rise in people being recruited to act as money mules[8] too, where they are asked to transfer money through their accounts by strangers in exchange for a payment.
The temptation for people in difficult circumstances is huge. But so are the consequences. This is money laundering – criminals trying to move cash ill-gotten from modern slavery, drugs, fraud, terrorist financing and other crimes. It can be detected, and can result in prosecution and a red flag in financial records.
As you all sit here today, have you asked what your firm is doing to calibrate your financial crime controls to changing risks in the cost of living crisis?
How are your firm’s customers likely to be impacted, and is your firm doing enough to raise their awareness of crimes such as APP fraud, pension scams and ghost broking so they are not easily exploited?
A whole system response
We need a whole system response to effectively limit the threat.
The FCA has a unique role in this – working with government partners – the Home Office, Treasury, NECC and NCA – international regulators, and industry.
We can reach into financial services not just to set standards and inspect adherence, but to find solutions.
Later this month we are holding one of our regular techsprints.
Together with the Payment Systems Regulator and industry partners, we want to understand the tech solutions that could help prevent APP fraud in real time[9].
We want to test how financial services and other sectors can share data and analytics in real time, and how to spot fraud at source.
We have reached into the legal and accountancy sector too, through the Office for Professional Body AML Supervision[10] (OPBAS[11]) housed in the FCA.
Four years old, OPBAS is increasingly seeking to test how effective professional body supervisors are in the money laundering supervision of their sectors. OPBAS is currently consulting on expanded guidance, in a consultation which closes later this month.
Much as I am fond of lawyers – well, someone has got to be and I have been one – we cannot leave crime spotting to legal, compliance or other experts.
Fighting crime should never be left to one body or one team within an organisation.
It takes action and vigilance across all sectors in the UK, from the Home Office, to the NECC, the NCA, the Treasury, other regulators, internationally – through our networks, and most importantly through you, our partners in the private sector, the eyes and ears on the ground.
It is that partnership between firms, regulators and government, that holds the key.
Together we can have a bigger force multiplier effect that leaves consumers more secure and confident, boosting the health of the financial systems we all rely on and ready to face the next challenge.