Staying ahead of the financial crime threat
Ralph Nash is Global Head of Financial Crime Compliance and Group Money Laundering Reporting Officer, HSBC. He explains what the bank is doing to be as disruptive as possible towards criminals who attempt to abuse the financial system.
What is your role?
I’m responsible for the framework that HSBC uses to manage the risks associated with money laundering, sanctions, bribery and corruption, and terrorist financing. I help make sure we have the right defences to prevent HSBC, and by extension the wider financial system, from being abused by criminals.
How is the threat of financial crime evolving?
At one level money launderers are simple. They are driven by the need to access the financial system to launder the proceeds of crime – and they’ll take the easiest route to do so, with a range of sophisticated tools and techniques at their disposal. And every evolution in society and the economy presents new opportunities and techniques for them to exploit.
As more and more people have started shopping and banking online, for example, online fraud and financial crime have grown. More recently, the development of cryptocurrencies has created a potential new vehicle for criminals. It is vital for financial institutions such as HSBC to adapt and update their defences in response.
What is HSBC’s ambition in this area?
We want to deliver industry-leading financial crime risk standards. For a bank with a large global network, a robust and effective framework for managing financial crime risk is a must-have.
Over the past five years we have invested significantly in our capabilities to combat financial crime. But we want to do more than simply comply with the letter of the law. The aim is to make life as difficult as possible for financial criminals, so that HSBC is the least attractive firm for them to try to exploit.
What practical steps can HSBC take to lead the industry in fighting financial crime?
At the heart of our plans for the future is making more effective use of technology. Banks have been using technology to combat crime for many years. However, the solutions currently in place, while meeting regulatory requirements, are fairly inefficient and give the bank a fragmented picture of what’s going on.
In the future, we want to join up all the available data sources so that we have a better overview of clients’ activity and of systemic risks. Where possible we also want to use real-time information about current transactions, rather than records of what happened in the past. This will help us get better at spotting unusual behaviour and react more quickly when there are signs something is going wrong. It will also enable us to give law enforcement agencies better reports – drawing on richer information – that they can act on to detect and prosecute criminals. We call this an intelligence-led approach to financial crime risk management.
How can you bring different data sources together to manage financial crime risk?
Cloud technology makes it possible to store, cross-reference and analyse huge amounts of data in one place. That simply isn’t feasible with existing databases. We recognise that using the cloud has implications for the security of sensitive data and we need to manage these risks carefully, as keeping customers’ personal information safe is essential. But the potential benefits mean it’s worth doing, provided the right safeguards are in place.
What is the impact on HSBC’s customers?
The vast majority of our clients want to use our services for legitimate purposes. We want to be as easy to deal with as possible for them, but as disruptive and difficult as possible for those with bad intentions. If we succeed in using data more effectively, the number of times that we need to ask legitimate clients basic questions will be reduced substantially.
How will you convince regulators that this approach will be effective?
Most of what we are proposing does not necessarily require legal or regulatory change. But we do need the support of regulators, law enforcement agencies and lawmakers for this approach. We need to prove that our new approach is a better way of managing risk and of disrupting financial crime compared with what we, and the rest of the industry, are currently doing.
How will you know when you have succeeded?
When it comes to combating financial crime, we will never be able to say: “We’ve finished.” The threat landscape will change. As new technologies arise, criminals will find new ways to exploit them. HSBC will need constantly to reassess its performance, but we should always aspire to lead in this area.