Tue, May 28, 2019
There is a curious dynamic at the heart of the current regulatory efforts to counter money laundering and terrorist financing. On the one hand, regulators and law enforcement are increasingly vigilant in monitoring institutional checks and balances. On the other hand, regulators are taking a principle-based approach, providing guidelines and then leaving it to individual institutions to assess their risks and design the controls they deem appropriate. Having institutions take ownership of defining and solving the ML/TF problem is understandably thought to be an effective way of preventing the box-checking that seems thorough but can be easily evaded.
Unfortunately, this arrangement, which provides the rationale for the risk-based methods used to combat ML/TF today, has the potential to create a serious conflict between regulators and the firms they supervise. This is because giving institutions the latitude to create their own AML/CFT policies also means that there is a greater possibility of differences in interpretation and judgment–a situation that puts institutions in considerable jeopardy if they fail to correctly apply the risk-based approach to their business. The financial and reputational damage which flows from such failures can be costly.
Giving institutions the latitude to create their own AML/CFT policies creates a greater possibility of differences in interpretation and judgment.
This regulatory risk is both high and somewhat discretionary, resulting in two types of institutional risk-avoidance behaviors. The first is an overabundance of internal policies and procedures, leading to such things as corporate headquarters issuing their foreign subsidiaries hundreds of pages of mostly inapplicable rules and forms. In other cases, however, firms don’t have the infrastructure to support the extra level of due diligence needed in high-risk markets or conclude after trying that the risks aren’t worth it, and curtail their activity in those markets or exit them entirely.
At the level of the individual institution, this is a perfectly rational decision. Multiplied across the financial system, however, it has the effect of disconnecting high-risk jurisdictions from the global financial community and driving their economies underground– developments precisely counter to the regulatory goal of reducing financial crime and fostering greater transparency. Consider that while high-risk jurisdictions undoubtedly attract bad actors, many of the enterprises working within those jurisdictions are wholly legitimate. Furthermore, those jurisdictions play an important role in the global financial ecology. Emerging economies, for example, provide access to new markets and expanded supply chains. In addition, many of those economies endeavor to establish the regulatory and enforcement infrastructure that will eventually elevate them out of the high-risk category–a process that takes not only resources and political will, but also time.
Finally, debanking penalizes offshore jurisdictions, which provide an important source of legitimate asset protection and help foster investment in countries with weak legal protections.
As an example of the law of unintended consequences, the debanking phenomenon provides both regulators and institutions an opportunity for introspection. For regulators, as well as intragovernmental organizations like the World Bank and the International Monetary Fund, there is the reminder that regulatory risk is very real–and that choosing to leave the field is a viable option on the risk management spectrum. But when this happens, the overall fabric of the global financial system suffers. The goal of regulation, after all, is not only a transparent financial system that invites user confidence, but also a system that promotes access and economic development.
Financial institutions, for their part, need to examine the decision-making mechanisms they use when evaluating whether to enter or exit markets. Those institutions are motivated by the same pursuit of revenue and opportunity as other business enterprises. Particularly when times are good, an institution’s assessment of a market can underweight inherent risk–including risk that can come from an increase in regulatory scrutiny. Similarly, when considering leaving a market, firms should examine if they are reacting to momentary conditions and if a longer-term view would suggest remaining.
Regulation provides the guardrails needed for a functioning financial system. It also adds another layer of incentives and disincentives to those generated by the market. In endeavoring to reduce certain risks, we need to closely monitor those incentives and disincentives and what happens when they combine, so that we do not undercut our ultimate objectives or create new risks along the way.
End-to-end governance, advisory and monitorship solutions to detect, mitigate, drive efficiencies and remediate operational, legal, compliance and regulatory risk.
Kroll provides a range of regulatory and compliance consulting services for firms registered in the Channel Islands.