"Combating Financial Crime – Working Together, Working Smarter" – Speech by Mr Chua Kim Leng, Assistant Managing Director, Monetary Authority of Singapore, at The Association of Banks in Singapore (ABS) Financial Crime Seminar, at The Ritz-Carlton, Millenia Singapore on 27 July 2017
1 Good morning distinguished guests, ladies and gentlemen. I am happy to be here, and to have the chance to speak to you at this year’s ABS Financial Crime Seminar.
2 Let me begin by first thanking the ABS for organising this important Seminar, which has over the years become a cornerstone event for anti-financial crime professionals. This event is a great opportunity to get together with fellow colleagues and other experts in the industry, to think and learn about the ever-evolving financial crime challenges we face, and how best to deal with them.
3 Today, I would like to talk about how we can strengthen our financial system’s resilience to financial crimes, focusing on money laundering and terrorism financing risks or ML/TF risks. I’ll first provide an update on what the MAS has been doing on this front, share some of our observations, and then touch on a couple of areas where we can do more.
4 A quick scan of recent news reports will show that criminals are constantly finding more creative ways to perpetrate crimes, be it laundering money, financing terrorism or weapons proliferation, or engaging in fraud or insider trading. This is a useful reminder to us all of the need to keep up to date on the latest typologies and ensure that our organisations continue to have in place sound controls and risk management framework to combat these ills. More importantly, it reminds us that our methods of detecting and preventing the abuse of the financial system cannot remain static: we need to work together, through more effective cooperation between the public and private sectors; and we need to work smarter by using technology to better detect and deter crimes.
Observations from MAS inspections and industry engagements
5 Allow me to provide an update on what the MAS been doing on the AML/CFT (anti-money laundering / countering the financing of terrorism) front.
6 We’ve intensified supervision on financial institutions that have higher inherent ML/TF risks, and on control areas found to be lacking from past inspections. As you’re aware, our inspections go beyond rules-based compliance and focus on an institution’s risk understanding and risk management. We assess:
- whether the board and senior management have effective oversight of ML/TF risks and if they’re setting the right tone from the top;
- whether there is good risk understanding, sound risk culture and robust systems to support the proper execution of risk controls; and
- whether the institution takes timely and sufficient action to address risk concerns and control gaps.
7 I believe some of you here may have had the opportunity to be on the receiving end of these inspections. I hope you’ve found them to be useful and purposeful in strengthening your institution’s controls, even if they may not have been entirely enjoyable for you.
8 On a more serious note, I believe the message from MAS has been loud and clear, but still bears repeating here - we will not tolerate the criminal abuse of Singapore’s financial system. Besides carrying out inspections, we’ve been publishing guidelines and information papers to help institutions enhance controls and raise risk awareness, we’ve imposed severe financial penalties for major breaches of AML/CFT regulations, with even tougher sanctions for repeated violations, and we’ve held individuals accountable for egregious conduct, wilful breaches and negligence.
9 However, let me also emphasise that as regulators, we’re not out on a “witch-hunt”. On the contrary, our actions are intended to protect the integrity of our financial system so that the industry can continue to grow in a sustainable manner, contribute to economic development and provide good jobs. I believe the vast majority of finance professionals, not just compliance officers but personnel in the front, middle and back offices, want to do the right thing. We seek to ensure that the industry has the right incentives, risk understanding, controls and tools to do so.
10 Let me outline some of MAS observations through the course of our supervisory work and industry engagements.
11 A frequently observed typology is the abuse of offshore companies and investment funds. A small number of individuals may use trust and company service providers to set up a large number of corporate structures in multiple countries. Many of these are shell companies with no apparent economic purpose. These companies and investment funds open numerous bank accounts in different jurisdictions, then move large sums of money back and forth among themselves. Such “layering” and “pass-through” methods are used to disguise the origin and ultimate destination of the monies, as well as the true beneficiaries and purpose of these transactions.
12 So, how can banks protect themselves from such abuse of their services? At the most basic level, banks must know their customers well, and be alert to patterns, behaviours and transactions that are inconsistent with what they know of their customers’ wealth, business and risk profile, because these could potentially be tell-tale signs of illicit activities. All these translate into having strong on-boarding and customer review practices as well as robust transaction monitoring, with proper follow-through to address “red flags”. While my earlier example pertained to the misuse of offshore vehicles, we have observed that even accounts of long-standing clients who run operating companies could be used for illicit purposes. So it pays to be constantly vigilant and not let our guards down.
13 Beyond implementing robust risk management frameworks and systems, we can strengthen the industry’s resilience by developing stronger risk cultures and mind-sets. A healthy organisational culture dis-incentivises excessive risk-taking and the unethical pursuit of toxic client relationships. Having a sound risk culture will help institutions be vigilant to financial crimes, take a questioning approach to unusual client requests or transactions, and involve the entire organisation - not just the compliance function - in detecting and preventing crimes.
14 An institution’s board and senior management must play a pivotal role in keeping the organisation on the right and ethical path. They must set a strong tone from the top that profits do not come at the expense of unethical behaviour or misconduct. This must also be translated into real actions throughout the organisation, and not just remain as talk from the top. Strengthening risk culture, governance and controls will go a long way towards fortifying our defences, but there is more we can do. We can work together and work smarter.
Update on ACIP
15 Let me start with working together. You are no doubt aware that the AML/CFT Industry Partnership, or ACIP in short, was launched in April this year. Several of you here are already actively participating in the work of the ACIP. As one of the Co-Chairs, please accept my thanks for your meaningful contributions and good work. ACIP represents a new approach towards public-private collaboration, providing a dedicated platform to more effectively exchange views and information on industry-wide AML/CFT issues, and find ways to better mitigate ML/TF risks.
16 Since its launch, ACIP has formed two workgroups to look at ML/TF risks arising from legal persons as well as trade finance.
17 Let me touch on the workgroup that is looking into legal persons. The abuse of legal persons is a key feature of many typologies. As I pointed out earlier, shell companies have been used to obscure the identities of the individuals associated with money laundering and other criminal activities. The workgroup will highlight ways in which criminals have set up and abused legal persons. It will also propose a set of measures, including “red flag” indicators, to prevent the abuse of legal persons that both financial institutions and non-financial institutions, such as accountants, legal practices and corporate service providers, can take.
18 Turning to trade-based money laundering or TBML, this is another area of inherent risk given Singapore’s role as a trading and financial hub. Globally, there is concern about criminal abuse of trade and trade-financing channels. These include mis-declaring invoices, using unnecessarily complicated shipping routes or involving multiple trading companies to legitimise illicit monies and movement of goods. In more serious cases, such schemes, which can include the use of front companies, are also used to move contraband goods and dual-use materials into sanctioned countries. The workgroup will seek to improve our collective understanding of TBML typologies, outlining industry best practices on preventing and detecting TBML, and considering new analytical tools that could make detection processes more effective and efficient.
19 The two ACIP workgroups will deliver their findings when their work is completed, and I look forward to sharing these widely, with gatekeepers in both the financial and non-financial sectors.
20 Of course, sharing of information is not confined to ACIP. Financial institutions already provide valuable information and intelligence to relevant authorities via well-established channels. Where relevant, sharing of information should extend to the bank’s group-wide operations as well.
21 I understand that some banks have concerns that the Banking Act or the Personal Data Protection Act prohibit this. Let me assure you that they do not. Provided that the recipients maintain the confidentiality of the information, banks can share relevant information with their head offices, and any overseas branch or subsidiary designated by the head office, for risk management purposes. This includes the management of ML/TF risks. I encourage such sharing, as a holistic view of a client relationship is essential for a bank to implement a consistent group-wide AML/CFT policy to combat illicit activities.
Use of technology and data analytics
22 Let me now move on to my next point - working smarter. Along with the rest of government, the MAS strongly believes that innovation in technology could have a transformative effect on society, the economy and our daily lives. I am glad that the financial sector is equally if not more excited about these possibilities. I’ll focus on two areas where we can benefit from better use of technology – onboarding and transaction monitoring.
23 On onboarding, a number of banks in Singapore have come together to build a joint utility for KYC processes. Robust KYC processes are the front line of our defences, and they are by nature resource-intensive. MAS is working closely with these banks on the project and I am excited about its potential. The utility can be a platform for raising the waterline for KYC processes across participating banks, and strengthen the adoption of best practices for screening and on-boarding. It can free up resources and allow banks to focus on the more complex aspects of customer due diligence and on-going monitoring, including monitoring and investigating unusual and suspicious transactions. A well designed and well executed utility can also offer efficiencies of scale and reduce the need for customers to provide the same information to multiple institutions.
24 In the area of transactions monitoring, there is also room for improvement. Current systems largely flag out transactions based on pre-set rules, thresholds and scenarios. Though these are calibrated periodically, there is still a high rate of false positives. These alerts require extensive human effort to review. Throwing more “warm bodies” at the problem is not a sustainable solution. This is where better use of technology can help. The next generation of surveillance systems utilise sophisticated, techniques, such as machine learning, which can help identify unusual patterns of transactions across a network of entities and across time. These systems show promises and could succeed in picking out suspicious activities that are impossible for the human eye today.
25 Understanding how these complex and sometimes proprietary algorithms work is a challenge. Our responsibility, as professionals in this field, is to learn to “unpack the black box”, before we base our decisions on them. In this regard, I am glad that a number of financial institutions have started pilot programmes with data analytics providers for AML/CFT purposes.
Building capabilities and nurturing talent
26 Finally, I would be remiss if I did not mention the most important element of our defences - all of you, the individuals who make it your profession to prevent and detect financial crimes. Institutional partnerships or new analytical tools would count for little without the trained, dedicated professionals to make effective use of them and exercise sound judgements. In this respect, it is good to see such a strong turnout today. I would like to encourage you to constantly seek to upgrade your skills and expertise, and help your organisations strengthen their defences.
27 The growing complexity of financial crimes will continue to drive demand for a range of skilled professionals, including compliance persons trained in data analytics. The government, through Workforce SG, is offering incentives and training for working professionals who want to make a mid-career switch into this field. The MAS’ own Financial Scholarship Programme works together with Singapore-based financial institutions to co-fund the post-graduate education of specialist leaders in finance.
28 I understand that some financial institutions have capabilities gaps or are facing staffing pressures. Rather than rely on the zero-sum game of hiring off one’s competitors, I would like to encourage institutions to “plant your own trees”, “grow your own timber”, and seek to develop and retain good talent. With the support of our institutes of higher learning and continuing education, I’m confident the industry will be able to increase both the number and the capability of individuals in this profession.
29 Let me conclude by saying that by working together and working smarter, we can collectively be more effective at combating financial crimes. Upholding high standards of integrity in the financial industry is an absolute priority. Our reputation as a clean and trusted financial centre depends on our ability to protect it from abuse, and we depend on you in the industry to be our gatekeepers. On this note, let me wish you a very successful conference.