How data leaks and whistleblowers can set the tone for culture shifts and AML controls

Blog | 23 Jun 2022
Author, Enda Shirley

You don’t need to take too much of a deep dive to find recent examples of data leaks in the financial services sector. One of the latest cases in February – Credit Suisse – has thrown the spotlight on the importance of anti-money laundering (AML) controls once again. However, it has also ignited conversations around the importance of a strong organisational culture in today’s financial services sector, if we are to tackle money laundering effectively.

The latest data leak at private bank Credit Suisse, impacted 30,000 customers, revealed a vulnerability in client due diligence, and is said to have revealed the beneficiaries of around £80 billion in funds. These beneficiaries were said to include “human rights abusers, fraudsters and businessmen who had been placed under sanctions”, according to the investigation that was carried out after a whistleblower leaked information.

There has been growing protection around whistleblowing in general, for example via the recent introduction of the EU Whistleblowing Protection Directive in December 2021 and, in the UK, chapter 18 of the FCA’s Senior Managers and Certification Regime (SM&CR) is specifically focussed on internal policing and whistleblowing.

This increase in protection is perhaps one of the reasons why there have been recent additional instances of whistleblowing following 2016/2017’s infamous Panama Papers and FinCen Files leaks; which also brought tax avoidance and unfavourable patterns to people’s attention.

In addition to the Credit Suisse incident described above, the 2021 Pandora Papers are a further example of whistleblowing in the financial services sector. These shone light on shell companies, tax avoidance, corruption, bribery and lax AML controls by Designated Non-Financial Business and Professions (DNFBPs); encouraging further EU legislation to clamp down.

And yet, it could be argued that it is not just regulatory pressure that is the primary catalyst for these leaks; or thereafter, the industry response. Rather, this trend for whistleblowing stems from a growing cultural recognition that financial organisations have the opportunity to make a difference in the fight against money laundering if they have stringent AML controls in place.

Making a difference to culture with stronger AML controls

As populations are becoming more ethically, environmentally and morally conscious, many financial services organisations are keen to respond with tighter AML controls. With the help of social media, customers and employees have a stronger voice and a more immediate, receptive audience. We can ask what our businesses are doing, how they’re conducting themselves, how they’re protecting customers, and what their future-proofing strategies involve.

In turn, the pressure is mounting for financial institutions to demonstrate increased anti-money laundering responsibility – complying with regulations, and also enabling a cultural shift to drive positive change within the sector.

Many financial organisations are continuing to gain robustness when it comes to AML controls; bolstering and maturing existing processes and controls. This includes:

  • More comprehensive KYC and CDD protocols during onboarding, and ongoing monitoring thereafter
  • Improved visibility and AML controls by DNFPBs as part of this strengthened framework
  • A proper risk-based approach that meets existing regulations and compliance demands, while also futureproofing the framework and outcomes
  • Continuous technical improvements to remain up-to-date with (and preferably ahead of) emerging crime threats, cybersecurity risks and AML solutions

It is now proven that internationally-significant, multi-million pound AML vulnerabilities can be exposed by even one individual. However, the practices, controls, rules and models we put in place moving forward can support an ongoing corporate culture shift, helping organisations better prepare for the future of finance.