This guest article has been written by Gunnar Nordseth who is the CEO of Signicat.
Money laundering is a global problem, big enough that the World Bank conservatively estimates money laundering activity to be 2% of global GDP – that’s $1.5 trillion. No city is untainted, but London has been dubbed the money laundering capital of the world, despite attempts to crack down.
So how do regulatory bodies tackle this huge issue? The cost of implementing anti-money laundering (AML) regulation is already staggering. In 2003 the combined cost of AML in Europe and the USA was already $5 billion. Now it’s at least $7 billion in the USA alone.
And what do we get for this investment? According to a University of Chicago report, not very much – their estimate, described as ‘generous’, was that only 0.2% of money attempted to be cleaned is seized – for every dollar caught by AML regulation, $499 is successfully laundered.
Despite the rising costs to meet compliance, the rules are proving increasingly difficult to implement. Fines for failing to meet the rules are breaking records: for example, last year HSBC was fined £28 million by Swiss authorities, and Barclays fined £72 million by UK authorities.
Is AML regulation broken?
It’s very easy to reach the conclusion that AML regulation – and the ‘know Your customer’ (KYC) procedures used by financial institutions to meet these regulations – just aren’t good enough. More must be done.
But the rules, ineffective as they might seem, already have unintended effects beyond what they set out to achieve. Thanks to AML rules, a Somali expatriate living in the US will find it completely impossible to send money home – banks just aren’t willing to take on the liability of sending money to certain countries where money laundering is seen as a risk.
This isn’t the only example of AML rules hampering commercial activity in the developing world. Mauritius has 25 government officials working on implementing money laundering legislation. That might not seem like too many – but it is in fact more than the number of opticians in the country.
Analysts and trade bodies are also unhappy with the current regime. Ecommerce Europe claims that KYC procedures are long and burdensome for the consumer and have a negative effect for the e-commerce sector. Dave Birch of Consult Hyperion has described current AML rules as “fatally flawed”.
It seems pretty clear – AML regulation is broken. The rules place onerous demands on those who have to implement them, and are seemingly ineffective.
Not so fast
AML regulation does have its defenders. The regulatory authorities are, understandably, more positive about the regulations – they describe them as “clear, strict and enforceable”.
There is also a good argument for AML regulation being not just necessary, but increasingly necessary. Criminals are increasingly sophisticated in their money laundering methods, and legislation needs to evolve to reflect that.
What would it mean to relax AML rules? One of the biggest drivers behind AML legislation in recent years has been the prevention of funding terrorism. Terrorism is, compared with other crimes where laundering is necessary, relatively cheap and uses smaller amounts of money. Relaxing current rules is likely to mean missing this sort of suspicious activity altogether.
New EU legislation on money laundering is already on the way: EU member states will need to maintain central registers listing information on the ultimate beneficial owners of corporate and other legal entities. The aim is to have greater transparency in financial transactions.
Pleas to relax regulation are unlikely to be heard. If anything, regulation is going to get stricter and financial institutions will be more responsible for the transactions they undertake.
What’s the solution?
The solution to making AML regulation work is not by making it stricter, nor by relaxing it. Instead, KYC checks need to be smarter.
Financial institutions are increasingly digital businesses and interact with their customers through digital channels. The ID required for KYC checks are, however, paper based. These checks have to be repeated each time KYC checks need to be done, whether that party is known to the institution or not. This makes identity impossibly complex and needlessly expensive. Systems are also fragmented by national and corporate boundaries.
What’s needed is a system which re-uses credentials that have already passed KYC checks. The major issue is the authentication and ongoing use of fraudulent ID. Using existing credentials would eliminate this, allowing fraud teams within financial institutions to focus on those customers who lack credentials. This would be particularly effective for high-risk cross border transactions – transactions like those to Somalia that many banks simply refuse.
In addition, a federated model of identity that connects financial institutions to a range of existing public and private ID systems would mean faster and easier KYC. Making KYC simpler makes regulations less onerous, and AML more effective without adding more and more rules. The re-use of identity also allows simplification of legitimate economic migration. For example, a verified UK identity could easily be transferred to any other country, doing away with the painful, counter-productive system currently in place.
There is no regulatory solution to the problems of money laundering – increasing fines has just meant banks get fined more, and more legislation has just meant more pain and more cost for those implementing KYC procedures without recovering more laundered money. The solution lies in fundamentally changing how identity is checked, and creating a system that is more in keeping with the increased use and reliance on online, digital channels. In this interconnected, digital world we need to move beyond forms of identity that are rooted in local jurisdictions.