The international community has made the fight against money laundering and financing of terrorism a priority. The estimated size of money laundering worldwide through the banking sector is more than $500bn to $1 trillion annually.
To combat this menace, international authorities including FATF (The Financial Action Task Force) have formulated recommendations meant for financial service providers including banks, insurance companies, asset management companies, brokerage firms and other financial intermediaries.
To tackle risks money laundering and financing of terrorism, a common trend for both large and small financial institutions is the transition away from task-oriented compliance programs to process-oriented compliance programs. Process-oriented programs require compliance and security procedures to be practiced, tested, validated and evolved throughout the organization on an ongoing basis.
Financial services firms need to be decisive next to have a clear vision and the courage to make changes when needed. Flexibility and a mid- to long-term vision, that is open for changes within the market or region, are key elements when addressing security issues.
In order to benefit from structural changes, financial firms need to integrate the complete chain of partners. All members need to understand and agree on implementation, deployment and follow up. The chain always fails at the weakest link. Recent incidents within financial institutions have shown that just a partial update leaves doors open for fraudsters probing to achieve access, install malware and/or redirect transaction traffic. In a short timeframe huge financial losses can occur, again putting your reputation and bottom line at risk.
Banks have another important role to play – and that is education. Banks are robbed through organized fraud: there are online schemes, credit card breaches and counterfeit checking scams. As a result, banks today are dealing with a wide range of security challenges, and they’re using a variety of strategies. They rely on the basics, thorough staff training and investments in physical infrastructure, and increasingly, a bank’s physical security is tied in more closely with the company’s IT infrastructure.
Security includes the interaction with law enforcement agencies and that is not always very straightforward. They partly rely on the intelligence they get from bank staff or through the payment card industry. In many cases reporting these incidents is not a priority for banks as they see it as being vulnerable. On the contrary, a lot of valuable time and usable information is being lost, knowing that fraudsters are constantly on the move. Interpol and Europol have shown a huge interest as well as the technical laboratories, that are more than willing to move forward and put their resources in reengineering seized devices. But a lack of cooperation or achieving a global standard with no dedicated task force from both regulators and law enforcement, slow down the process drastically, leaving criminals the chance to do their thing.
According to EastNets, this is why it is critical for there to be a support system between banks and financial institutions to partner with the law enforcement professionals who investigate fraud. A committed team – in both arenas – will help to make these professionals’ jobs easier and more effective.
According to PwC’s recent Global Economic Crime Survey, internal fraud is more prevalent in the financial sector than in any other. The closing-down of certain activities within financial institutions could for example impact the incentive to commit fraud for those who will leave the company in the near future.
PwC considers it will be useful to take stock and discuss where companies stand in terms of fraud, and how internal auditors are responding to it.
— Paul Buelens, product manager at EastNets and Eric Marks, director of PricewaterhouseCoopers