key learns from the 5th Australian Financial Crime Summit
Marking the 30th anniversary of Australia becoming an Anti-Money Laundering (AML) jurisdiction, professionals from financial services and other industry sectors gathered in Sydney for the 5th Australian Financial Crime Summit.
Our Business Development Manager, Gary Clarke, and Mike Kearney, Product Marketing Specialist, took in the busy two-day schedule and share the key themes and some of their learnings.
executives are responsible for compliance culture
Because meeting regulatory requirements remains an issue of culture, an institution’s board and executive team must take responsibility for setting “tone from the top” to ensure a compliance culture flows through their organisation.
During the presentations, an executive from a large bank observed that, while driving transformational change to operationalise laws is difficult, institutions have no choice.
Two years ago, the bank in question employed 17 people as specialists in financial crime risk. As part of a multi-year, enterprise-wide change programme with a global view, it will soon employ 70 professionals experienced in fighting financial crime in their second line of defence (2LoD).
More than 1000 professionals in the first line of defence (1LoD) are educated in determining what is and what is not appropriate, and are trained to detect and prevent criminal activity. For the bank to build a team of compliance professionals of this scale meant recruiting internationally, from jurisdictions with advanced compliance regimes.
This theme was also examined in a presentation from two experts from an international bank, who said that regulators expect senior managers to lead by example and to demonstrate commitment to strong compliance.
Discussing this expectation further, what we learn is that executives who fail to instill a compliance culture create cynicism in their teams, which has a negative impact on employee morale.
While “tone from the top” is essential, building this compliance culture depends on all employees being empowered to assess risk and trusted to act and escalate without fear of reprisals.
What came through is that a very visible way that executives can demonstrate their commitment to establishing such a culture is to take responsibility for education: first, the CEO or Country Manager trains the executive team, and then each executive trains their team, and both the company and the staff are likely to experience a synchronised shift in mindset.
It is crucial that senior managers understand policy and procedures and all inherent risks, commit to leading by example, as well as making ethical decisions, and support and encourage their staff to do the right thing.
Making an important point, another speaker at the summit told how a reputation for strong compliance with financial crime regulation brings competitive advantage when operating in markets perceived as high risk, as clients trust these institutions to safely manage their business.
organise as three lines of defence
While most presenters reported that their institution aligned people within their risk management system as three lines of defence, these experts provided valuable insights and advice on operating these teams to ensure effective compliance.
In large institutions, where many professionals work in each line of defence, it pays to consider the interfaces.
Within the client-facing 1LoD, dedicate either one individual or a small team to working with 2LoD. Similarly, in 2LoD, dedicate a small number of compliance and risk specialists to working with 1LoD and with 3LoD. Within 3LoD, dedicate a team within the internal audit function to working and communicating with 2LoD. Additionally, 3LoD is constantly involved in assurance work with their colleagues in 1LoD and 2LoD because, ultimately, internal audit will be responsible for demonstrating assurance to regulators.
During an interesting later presentation on this subject, the audience was reminded that an institution’s broader role is to protect national economies against the impacts of financial crime.
Consideration of the three lines of defence model should be extended to include an institution’s relationship with its nation’s 4LoD (external audit) and 5LoD (regulators). Technology capable of securing, managing and making Know Your Customer (KYC) evidence readily accessible across all five lines of defence plays a critical role in supporting the requirement to explain decisions and actions of 1 and 2LoD to the other three lines.
Another point made that was particularly relevant was that, while an institution’s technologists will likely be eager to build this technology, such in-house projects are subject to budget blowouts and can over run. The emergence of RegTech now provides commercial off-the-shelf software that is built for the cloud and available through APIs, which allows for fast and low risk implementation.
Experts in 2LoD and 3LoD can work together to strengthen an institution’s defences. For example, when the institution submits a Suspicious Matter Report to AUSTRAC, the teams can then investigate how the matter got through their systems and controls without being detected.
Similarly, looking at enforcement actions made against other reporting entities presents opportunities to ask “could this happen to us?” Challenging your own defences is a way of reinforcing a compliance culture while strengthening controls.
Delving further into this area of discussion, two presenters highlighted feedback loops as an effective way of encouraging dedication to what can be difficult work for those working in compliance operations within 2LoD.
We were then told of real examples that backed this up and showed how sharing tangible results of a compliance team’s successes across the whole company not only raised their profile but also recognised the value of their work.
The Australian Superannuation sector manages AU$2.5 trillion of retirement funds for nation. The Super sector was well represented at the conference and several presenters said that, as banks tighten their controls, criminals are turning their attention to retirement savings. Inevitably, this requires Superannuation fund administrators to follow the banks and invest greater resources in compliance and defence against financial crime.
We were pleased to be involved in the 5th Australian Financial Crime Summit, and thank the organisers, presenters and delegates, who created an invaluable forum for dissemination and discussion of strategies and ideas.
about Mike Kearney
SENIOR MARKETING MANAGER
As a product marketing professional, Mike specialises in technologies that deliver business innovation by managing, analysing and presenting information. Mike’s career spans working in Australia, Europe and USA with experience in financial services, telecommunications, energy, pharmaceuticals, electronics and public sector, and with vendors including Netezza, Oracle, Vignette, BMC Software, and IBM.
Encompass’ intelligent process automation conducts live document and data collection, analysis and integration from public and premium sources to bring transparency to complex corporate structures and ultimate beneficial ownership, delivering the most accurate and complete KYC on demand.