Culture choked on strategy

Culture has choked

Post the global financial crisis which exploded in 2008, culture became the most talked about subject in the business of compliance. Some blamed the culture of banking, in particular investment banking for the crisis and many others got on board with this theory. Regulators talked a great deal about the need for change and the importance of culture. Pursuant to all of this some compliance commentators asserted everything was based upon culture and “culture ate strategy for breakfast”.

Post the huge penalties paid by Goldman Sachs for laundering the proceeds of the 1MDB fraud and more recently the losses incurred by banks, specifically Credit Suisse, related to the collapse of Archego Capital and Greensill Capital, it is reasonable to assert culture has choked on its breakfast.

Culture is reliant upon people understanding why it matters and more pointedly, what the consequences are when, as individuals, they ignore the perceived cultural norms of a firm. Regulators published many papers and made multiple statements about the importance of culture, but have failed to take appropriate action against individuals who have undoubtedly ignored such regulatory messages and expectations.

Absent to individual accountability, which is all too often a factor within regulatory enforcement, culture fails. At an individual level, people make decisions upon a number of factors, most of which are influenced by personal gain and loss. With nothing to lose, individuals are more inclined to make selfish decisions and take increased levels of risk, because there are no personal, or minimal downsides and potentially huge upsides.

It follows, cultural failure is as much regulatory failure as it is within any single firm or bank. The Organisation for Economic Cooperation and Development (OECD) once stated, regulation without enforcement, equals no regulation.

So what is the answer? More individual accountability? That will help, but at a higher level it is strategy and in the world of financial crime compliance, strategy has failed, at the very highest level. Any person who sees it differently is in denial of the facts and the numbers. Against this backdrop, firms have spent huge sums and employed armies of financial crime operatives, only to fail.

But what is failure?

In very simple terms, failure is a lack of success, which does not take us very far forward, because the more important question is what are we trying to achieve? At this point we should pause and give some considered thought to this question. The answer should be, we are trying to stop money laundering, but all too often the answers do not reflect this. Some firms and banks seek to meat regulatory expectations, others seek not to be caught, whilst some actually try too hard and ultimately fail.

The next question is, what causes the failure?

Many definitions state failure arises because of defects in design, process, application and sometimes, human error. In the world of financial crime and specifically anti-money laundering (AML) there are numerous causes, but the primary cause is indeed a defect in the wider design of AML. Yes, this is a bold, perhaps an accusatorial statement, but it is also logical and the basis is easily found.

Most countries started to draft and implement AML laws from the middle of the 1980s onwards and in many instances the legislation was rushed. Almost all laws are based upon Forty Recommendations provided by the Financial Action Task Force (FATF), a division within the OECD. This is a body which some believe sets the rules and applies negative labels to countries which do not adopt and follow them. Thus, the FATF Forty Recommendations are the foundations upon which this monumental failure is built.

All this time, law enforcement agencies have adopted and applied the mantra, “To catch a thief, it is necessary to think like a thief”. Dare I state, when the Forty Recommendations were made, no one really knew how a launderer thought and many still do not. Thus, whilst law enforcement have focused strategies to catch, thieves, robbers and burglars the AML community adheres to the thinking that all people are potential money launderers.

If we accept this proposal, it is akin to accepting all males are potential rapists. Of course, we reject the latter, but wholly illogically we accept the former, which has driven the failed AML strategies and falsely relied upon culture.

Notwithstanding our continuing inability to determine what a money launderer looks like, we do now have a far better understanding of what a money laundering account looks like. Some of you are now asking, do we? Indeed, we do and the distinct advantage of this, is the ability to identify and segregate accounts which do not have the characteristics of money laundering.

Simply put, money laundering bank accounts receive a lot of credits, logically, because this is the money which needs to be laundered and this is the placement or layering stage within the laundering process. One of the primary examples of this is the infamous Bank of New York money laundering case. Here, the accounts of two Delaware incorporated companies, controlled by one man; a plumber, generated 35 pages of account statements every working day, for each company. Half of the transactions were credits and the other half debits.

All of this informs AML practitioners that when money launderers identify a weakness, they exploit it and commonly flood it with money. Ater all, there is a lot of money to be laundered and there is no time to drip feed it into the system. Significantly, we can correlate accounts with customers and identify people who are not money launderers, which is of course, the majority of people. Accounts with single monthly credits, such as a salary or a pension or a combination of two, maybe three monthly credits do not have the characteristics of money laundering accounts. Moreover, all of the debits from these accounts, originate from a known source of funds, the said salary or pension.

New thinking, new strategy

Strategy drives culture, because culture is in fact tolerance. Collectively, it is time for a re-think and re-set of AML strategy. The smart AML practitioner should be actively identifying low risk accounts, whereas the courageous and bold AML practitioner is seeking to identify no risk accounts. This strategy provisions a much better focus of AML resources and will undoubtedly generate better outcomes, reducing failure and driving success.

Why monitor customers, accounts and transactions which present no money laundering risk? Moreover, just as airline passengers are responsible for what is in their luggage, make customers responsible for what is paid into their bank accounts. Reduce costs to the customer, by giving the customer responsibility. This would require the customer to notify the bank/firm of changes, including a large deposit, failing which the firm/bank may block the account and apply charges to the same. If you want to take extra luggage on to a plane, you pay right.

Assuming we all agree that we are failing, the culture is wrong, because the strategy is wrong then we must be looking for improvement. In the event you disagree with my thinking and proposals, please do share your own thinking and ideas about how to address our ongoing, collective AML failures.