Over the past several years, fines levied by regulators across Asia-Pacific have grown exponentially. In a region that has previously been criticized as being a hotspot for money laundering and financial crime, regulators have demonstrated that illicit activity will no longer be tolerated.
Throughout the region, regulators are not only dishing out more fines, but the financial penalties are growing increasingly larger. Large enough to start taking a real financial toll on financial institutions. Following the recent leak of files from the US Financial Crimes Enforcement Network (FinCEN), which highlighted billions of dollars’ worth of transactions originating from banks in APAC countries, the repercussions and fines will be unprecedented.
Prior to the FinCEN files disclosure, 2018 set the previous record for fines in the region, with the total number amounting to US$540 million; this brought the ten-year total for APAC from 2008-2018 to US$640 million. The year 2019 was quieter with US$3.5 million in fines, but in 2020 fines across APAC have gone through the roof, with this year’s fines amounting to US$4 billion. And that’s only for the first half – there have already been some more high-profile banks dealt fines in the second half of 2020, which will put that figure closer to US$5 billion, if not more.
So, why are fines across APAC increasing at such an astronomical rate? Simply put, the number of regulations has increased, while regulators have become more stringent. Now, it’s virtually impossible for banks to violate AML (anti-money laundering), KYC (know your customer) and CTF (counter-terrorism financing) regulations without facing harsh financial penalties.
The massive spike in fines for 2020 can largely be attributed to the 1Malaysia Development Berhad scandal (1MBD), where a major US-headquartered global bank was fined for its role in the theft of billions of dollars from a Malaysian government fund. Cracking down, Malaysian regulators issued two of the highest value enforcement actions in 2020 to date, having reached a settlement with a major US-headquartered global bank that included a US$2.5 billion penalty and the guaranteed return of US$1.4 billion in assets.
This was a monumental fine that set a new precedent for APAC – and we haven’t yet heard the last of the 1MDB scandal. The US Department of Justice (DoJ) investigation remains open, so it’s possible we’ll see further penalties issued in future.
Fine values increasing
When calculating the appropriate penalty to impose in response to compliance failures, regulators and authorities will consider a number of factors, not least relating to the severity of the breach. In many cases, regulators will consider the systems and controls in place to detect and prevent financial crime, as well as the response by financial institutions in remediating the issues. As a result, penalties can vary depending on the mitigating factors in each case. In the 1MBD scandal, however, the crime was more easily quantified and takes into consideration the funds that were withdrawn from a sovereign wealth fund; this made it much easier for regulators to levy such hefty fines.
However, even without the 1MBD scandal, the monetary value of fines throughout APAC has been steadily increasing, to the point they are making punitive inroads into profit margins. Prior to 2020, the largest fine levied in the region was to a prominent Australian bank, with the Australian Transaction Reports and Analysis Centre (AUSTRAC) levying a massive US$534 million fine. In the second half of this year, another Australian bank has been issued an even larger fine totalling over US$900 million following an investigation relating to 23 million AML/CTF breaches and failures to report US$11 billion in transactions, alleged to be related to child exploitation.
Following the FinCEN files leak, questions are being raised about the effectiveness of financial penalties – but as fine values increase, the financial loss is still significant. In an increasingly competitive climate, with traditional banks losing ground to digital and neo-banks, the prospect of being dealt such a hefty fine due to AML, KYC or CTF breaches is no longer something banks can take lightly. Not to mention the reputational damage and shareholder impact that significant enforcement actions can cause.
In 2020, the countries where fines have increased substantially include Pakistan (845% rise compared to 2019 mid-year), Hong Kong (+223%) and Taiwan (+116%). These are the same places which have received criticisms and concerns by the Financial Action Taskforce (FATF), highlighted in recent mutual evaluation reports.
FATF’s mutual evaluations are designed to assess the implementation of its recommendations by using two basic components – effectiveness and technical compliance. The inter-governmental body conducts peer reviews using an in-depth analysis of the AML/CTF framework of each country’s system against the current FATF methodology; it’s a lengthy process which can take up to 18 months to complete, comprising of multiple stages including an onsite visit.
There is typically an increase in regulatory and legislative activity in advance of scheduled FATF onsite visits and this year was no exception, demonstrated by the sizeable increases in the number of fines across Pakistan, Hong Kong and Taiwan.
Regtech is no longer a ‘nice to have’
With fines across APAC skyrocketing and in the wake of the recent FinCEN files leak, it’s clear that financial institutions, and the industry as a whole, are still struggling to keep up with the ever-changing regulatory requirements and address financial crime. Not only are the monetary values of fines increasing in a way that’s designed to decimate profits, but the additional reputational damage and the effect on shareholder profit are also detrimental.
Regulation technologies which improve processes and controls for AML and KYC compliance are no longer a ‘nice to have’ – they are a necessity. The ability to understand complex entity ownership structures, conduct robust risk assessments and identify relationships with high-risk clients, including politically exposed persons (PEPs) and potential criminals, is quite simply impossible to manage manually. Add to that the fact that institutions across APAC are dealing with over 40 different regulators with varying degrees of overlap, it makes regulatory compliance within APAC all that more difficult.
The FinCEN files scandal will trigger a new wave of regulatory investigations and enforcement activity and the focus will be on improving the effectiveness of the AML regime. Ticking boxes to show that a financial institution has met the minimum requirements clearly isn’t working. A cohesive approach by the entire industry, including financial institutions, regulators and investigators, that focuses on effective outcomes will help to improve the regime.
What has become clear amid rising fines and the FinCEN crisis is that it has never been more important to embrace new technologies that automate and streamline the compliance process. With more FATF visits scheduled, and the proposed Wealth Management Connect scheme set to commence, financial institutions will need to do everything they can to future-proof their organizations against upcoming and evolving regulation and to address financial crime. Failure to do so may have unwanted ramifications, resulting millions, if not billions, of dollars’ worth of fines and long-term reputation damage.
Rachel Woolley is global director of Financial Crime at Fenergo