Latest Products

Talking Regulatory Intelligence with Niall Coburn

Tuesday 21 March 2017

The GRC Professional speaks to Niall Coburn Regulatory Intelligence Expert for Asia-Pacific, Thomson Reuters about the changes in regulation and the risk landscape in 2017. 

What has changed since the media storm of the Panama Papers last year?
Since 2016, the UK, US, Hong Kong, European and Australian Governments have implemented various approaches.  This arose out of cross-agency meetings at a Summit held in the UK led by former British Prime Minister, David Cameron.  Internationally, all governments are reviewing their beneficial ownership requirements and the recent G20 priorities communique in relation to Hamburg indicated a will to co-operate internationally to improve beneficial ownership transparency to fight financial crime.
In particular, the US recently implemented new Fincen rules that lift the corporate veil of shell companies who purchased real estate in the US.  The UK has also put pressure on the British Virgin Islands to improve transparency and they have produced their first fine of USD440,000, in relation to Mossack Fonseca for money laundering violations.  Additionally, Messrs Mossack and Fonseca were arrested in Panama in February 2017 in relation to money laundering violations and a corruption scandal in Brazil.
Hong Kong and Australia are currently consulting on their beneficial ownership transparency obligations.  In relation to Europe, France is emphasising the need to advance the Fourth Money Laundering Directive by September 2017 to increase the scrutiny of corporate ownership and review of PEPs and extend AML reporting to lawyers, real estate agents, and casinos.

It was said that the Panama Papers had an impact on regulatory and enforcement priorities—did you see this happening?
 There are certainly investigations being undertaken in Australia, the UK and the US.  In the UK, the Serious Fraud Office and National Crime Authority are conducting criminal and civil investigations into approximately 22 individuals with a further 43 under review.
In the US, the Department of Justice said that they opened a number of investigations regarding matters to which the Panama Papers are relevant.
In Australia, there was an announcement from AUSTRAC that it is working with the Serious Financial Crime Action Task Force to examine over 1,000 entities that have been identified in the leaked information from Mossack Fonseca.
Belgium, Denmark, France and the Netherlands, have all indicated that they are reviewing data and individuals of interest arising from the Panama Papers in relation to a taxation perspective.


In the article, last year, you spoke about the importance of having people in senior positions with investigative skills—are organisations making more of an effort to have those kind of people?
 The new CEO of AUSTRAC has police and investigative background which is important for the Agency.  ASIC is currently interviewing people for Commissioner positions.  It is without question, that corporate investigative skills will play an important role in the leadership of regulatory organisations in the future.  It is not clear yet if this has occurred.


In our last conversation, you spoke about the inextricable connection between corruption and AML, and how corruption can take advantage of AML policies that have not been evenly embedded.  Do you think that there is a general understanding about this now or is there still a kind of siloed approach to the implementation of AML?
 I think, last year made it clear how corruption and money laundering are linked which is clearly exemplified in the 1 Malaysia Development Berhad (1MDB) case which involved an international scandal of corruption from the US, Switzerland, Saudi Arabia, Dubai, Singapore, and Malaysia.  Two banks have lost their licenses in Singapore and three bankers have gone to jail in Singapore with numerous investigations internationally.  This case shows how senior executives, within banks, who are corrupt, were able to bypass AML procedures and put pressure on junior staff to conduct unauthorised transactions.
There is still a lot of work to do in this space and you only have to consider current investigations into Unaoil and the recent Rolls-Royce scandal where the company had to settle a claim for £671 million in relation to bribery and corruption allegations.
Internationally, I think we are far from where we should be and Australia has a got a lot more work to do to respond to anti-corruption in relation to some large Australian companies and formulate more international compatible policy approaches in line with the UK and the US.

Has there been any change in the jurisdictional roadblocks that prevented investigations from uncovering beneficial owners?
 I don’t think enough has been done and what is being undertaken is more piecemeal that filling the real loopholes.  Nobel prize winning economist, Joseph Stiglitz and Swiss anti-corruption expert, Mark Pieth, have called for a complete overhaul of the offshore economy in a report to the Panamanian Parliament.  In their view, not enough is being done to bring “pariah and rogue states” such BVI, Cayman Islands and the Dominican Republic into international norms.
I think these points are absolutely correct.  The rogue states funnel laundered money through shell companies for illegal purposes and really need to be overhauled.  In my view, there is no point in having first class laws in the world economy, yet these can all be bypassed by individuals who can “skirt” around laws with anonymity using offshore jurisdictions plugged into international banks.
Beneficial ownership is only one part of the problem, you need to give regulators the powers to introduce the concept of unexplained wealth orders and pursue the “enablers” of the shell structures and bring them into account.  If there is no willingness to do that, then the estimated US$2.5 trillion money laundering from financial crime will just continue to grow.

What lessons can be learned from 1MDB scandal?
 The main lesson from the 1MDB scandal in Singapore and other banks is that senior bankers were able to bypass embedded AML compliance procedures.  It means that some banks were able to turn on and off these procedures by putting pressure on junior staff and use their positions for a corrupt purpose.  No one has come out and said how this has actually been fixed.  There should not be one large transaction that is able to avoid scrutiny.
I think regulators have to look at these issues more carefully and do unannounced random inspections on banks.  There is also the issue of shadow banking from China to other parts of Asia and it is not clear what the standards of scrutiny in this area actually is.

Digital currencies are soon going to be regulated under the AML/CTF act, but there is some concern of regulatory overkill as the consultation draft does not only look at regulation those points where digital currency and Fiat currency overlap, but also looking at digital wallets.  Do you think that the regulation of digital wallets is a good thing to tackle the anonymity of a digital wallet?
Digital currency is an area where many professionals are looking to the future, yet there are not secure compliance parameters around it to ensure safeguards.  This is going to be a futuristic nightmare for regulators and a way for organised crime to benefit from technological advancement in the short term.  You must have regulation of digital wallets to protect the market economy from the unknown.  There is still much for us all to understand from these developments.

When it comes to the question of KYC and meeting those regulatory obligations, is there something that even organisations who are committed to doing their due diligence and best practices get wrong or misunderstand when it comes to dealing with financial crime and meeting their regulatory obligations?
 I think one of the most important things of KYC, is that you can’t just rely on automation or “onboarding” technologies alone.  There has to be some form of human intervention on checking the client bona fides.
The most important thing is to train staff appropriately and ensure that junior staff have access to senior individuals and are not afraid to ask questions and clarify red flags which occur.  Mistakes appear to fluctuate in organisations when important matters in compliance are buried or are overlooked.  It’s not only about procedures or technology, it’s about staff being able to ask questions and have guidance from experienced compliance individuals.  I suggest a lot more organisations should consider these issues.

While waiting for even jurisdictions what should organisations in post-Panama Papers, Post-Bribe Factory post-1MDB world should be paying closer attention to?
The main issues that organisations can focus on are the following:
  • Improved beneficial ownership scrutiny by understanding the directors, agents and beneficial owners who operate accounts in relation to shell companies, foundations, and charities.
  • Spend more time looking at the red flag areas in AML to understand where your risks really lie.  In other words, focus on the high-risk areas and entities and do specimen checks in relation to shell companies from offshore companies. 
  • Provide more training for junior staff and ensure that they have access to competent senior compliance staff to answer questions when red flags occur. 
  • Encourage staff to raise concerns about any risks or any issues that they come across that they believe may be compliance concerns.
  • Test your compliance regimes by using fake customer transactions to see if they go through and what happens and the reactions of staff.  If you don’t test the system yourself, how do you know it’s robust? 
  • If senior management have concerns about compliance procedures or some operational red flags, get an independent expert to review the circumstances.  It’s better if the organisation acts rather than a regulator pointing it out months later.
  • Lastly, always make decisions as though a regulator is in the room.

Any words of advice to risk and compliance professionals on what they should be doing and looking out for the rest of 2017 and beyond?
 I have written a paper “The Ten Top Regulatory Insights for Asia-Pacific in 2017” published by ThomsonReuters Regulatory Intelligence on 9 February 2017.  I see the top ten this year as the following: 
  • Risk culture
  • Management accountability
  • Aligning interests of the customer with those of the organisation
  • AML/STR processes, beneficial ownership, and trade base finance
  • Regulatory governance – by preparing for the BASEL Committee implementations and Insolvency II
  • Cyber security
  • Dealing with corrupt activities inside and outside the organisation
  • Improving whistle-blowing procedures
  • Considerations of Fintech and Regtech
  • Incentive fraud and remuneration considerations

Niall Coburn Regulatory Intelligence Expert for Asia-Pacific, Thomson Reuters