Organised crime and terror - the risks to the business environment
Speech by Philip Robinson, Sector Leader, Financial Crime, FSA
Cambridge Symposium – Monday 5th September 2005
Introduction
I would like to thank Professor Barry Rider and the organising committee for inviting me. I am delighted to have been asked to speak at this event. This is the second time I have been invited since I became the Sector Leader for Financial Crime at the Financial Services Authority in April of last year. Last year I set out how I would like to see things develop during 2005. I am pleased to say, perhaps because of the helpful environment at this Symposium, that many of these things have been accomplished, or are well advanced. Unfortunately, some others have not made such good progress.
What do I mean, specifically?
-
The UK will soon have a single offence of fraud on the statute book. This will help with a number of things relating to the use of law enforcement resources to address fraud issues, something that the Attorney General and James Hart mentioned this morning. The creation of a National Fraud Strategy is now very real and welcome prospect.
-
We have made some progress with convincing the industry that they should be defending against the criminal, not the regulator, by emphasising that we will not penalise a single failure as long as a realistic risk based approach has been implemented because risk based cannot be zero failure.
-
The financial services industry has been revising its guidance on AML procedures to make it more risk based and deliver what Law Enforcement really need.
-
The FSA has set out an approach to the fraud element of our Financial Crime objective that acknowledges the market incentive to prevent fraud, but encourages better information sharing about fraud occurrence and fraud prevention within and across industry sectors.
-
FSA has made real progress in improving its collaboration with others. I said last year that we needed to understand fully our partners' needs and capabilities, and what we needed to tell each other, and when. I also said that the FSA must ensure that it was itself a good team player, engaging with our partners wherever we should, making sure that our partners know our capabilities and needs. We have made good progress on all of this. For example, earlier in the year, the Asset Recovery Agency took its first referral from FSA. FSA has recently joined CICFA, the joint law enforcement committee addressing money laundering and asset recovery issues, and as you will see later, FSA is working with intelligence analysts from law enforcement to better understand the financial crime threat from serious organised crime.
-
In the autumn of last year HMT published a UK AML strategy. This work, led by Lucy Makinson who will speak shortly, has brought real and increasing coherence to the high level efforts of all those working on AML in the UK financial services industry.
- The one area mentioned last year where little progress has been made is in the area of Law Enforcement resource to follow up on reports from the Industry. I said last year that “ the long and the short of it is that financial crime needs to be a higher priority in the objectives that Government sets over crime and in the resources it provides to law enforcement”. I would still say the same today, although the announcements from the Attorney General this morning show that things may be beginning to move on this front as well.
Content
The FSA does not have a choice about whether we address financial crime in the financial services industry. We have been given a public objective to do so by government, and I am certain that having such an explicit public obligation (even though it is a high level objective) is of great value in facilitating its delivery. It signals to all our partners in the fight against those who seek to use the financial system for nefarious purposes that the FSA is committed to playing its part, and as a result it helps us to begin to build effective operational collaboration with others who share that task. It means we must give appropriate weight to financial crime risk, as part of our risk based approach to managing risks to our public objectives, and it means there is much less confusion or ambiguity about our responsibility in the overall task of fighting financial crime which should make for more effective resource allocation within the system as a whole.
In the UK and internationally, the fight against financial crime requires a collaborative partnership approach, with FSA involvement being just one part of the jigsaw – not always a very large part, but one that cannot easily be performed by others in the UK system. In the time available you will appreciate that I cannot share much of the detail of what we do, but I will aim to give you a flavour of how we aim to make a difference; how we arm ourselves and our partners to detect and disrupt the activities of the financial criminal.
The FSA
The Financial Services Authority is the single financial regulator in the UK, responsible for the regulation of some 25,000 firms, ranging from small mortgage brokers and insurance advisers to large multi-national banks and investment houses.
The FSA has been given four equal statutory objectives: maintaining market confidence; promoting public understanding of the financial system; the protection of consumers; and, the reason I am here today, the reduction of financial crime.
As mentioned this objective gives us, for the first time, an explicit duty to join the fight against financial crime. The objective requires us to take steps to reduce the scope for firms "to be used for a purpose connected with financial crime". Financial crime includes fraud or dishonesty, market misconduct and money laundering. My role as Sector Leader is to ensure that the FSA and its staff adopt a co ordinated approach to discharging this duty; to ensure that tackling financial crime risks form part of our everyday thinking; and that we have the skills and procedures to identify and mitigate financial crime risk.
How the FSA tackles financial crime risk
Our day to day work involves the assessment and mitigation of financial crime risks on several levels.
We “police the perimeter” of the industry, putting out of business the fraudsters who remain outside the net but market investments or take deposits and disappear with the cash.
We act as the gatekeeper to the financial services industry. We authorise only those firms and individuals who satisfy our Threshold Conditions, and we will, for example, run intelligence checks on those wishing to own or control firms regulated or applying to be regulated by us. We aim to keep the financial criminal out and ensure that the integrity of the system is not diluted by those that would damage confidence in the market.
We require firms to meet specified standards – principles, rules and guidance as to how a firm should organise itself, including, where necessary, how they should manage their financial crime risks.
We supervise firms – carrying out checks to ensure that businesses are run as they should be.
We use our enforcement powers to intervene or discipline firms if they have fallen short of our requirements, acting both in private and with public statements.
We raise awareness amongst firms and consumers – to make them aware of the risks of financial crime, and to take steps to protect themselves.
Lastly, we gather and share intelligence to help us and those we collaborate with in law enforcement and the industry to keep abreast of the risks emerging in the financial services industry, both generally across the industry and specific to a firm or firms, and it is this function that I wish to spend some time discussing today.
Analysing the risks
Intelligence is vital in the fight against organised crime and terrorism. We know that the criminals are becoming ever more innovative. And financial crime and terrorism have a very significant multiplier effect: the cost of lost business and rebuilding after the Bishopsgate bomb in 1993 was estimated at £1 billion. Yet criminal and terrorist activity is hard to trace: according to law enforcement colleagues, the operation to plant the Bishopsgate bomb cost £3,000. Putting this in context, there were over 8.3 billion transactions made on UK plastic cards in 2004, with a total value of £464 billion (according to APACS). Paul Evans said this morning that the SOCA estimate of serious organised crime harm in the UK is up to £40 billion per year, that is about £166 million per day ( if spread evenly through 240 business days a year). By comparison APACS say that the daily turnover of payments through the UK financial system is around £260 Billion. And if this shows that even looking for the proceeds of serious crime is looking for a needle in a haystack, looking for Terrorist Finance is like looking for the needle in the needle!
In order to find these elusive funds, we need better targeting of our efforts: Law Enforcement effort, Industry effort, Regulatory effort and Legislative effort. And we need better prioritisation of resources to where we can together create the most deterrence or identify the most exploitable weaknesses in the current regime. The effective development and use of intelligence are key to this. Developing our understanding of how criminals are laundering money, and how we can best use our resources to make life uncomfortable for them, is essential if we want to multiply our effectiveness together.
Developing intelligence on criminal use of financial services
When managing risk, one key aspect is to look for risk concentrations. These are the areas where the greatest threat is presented and where, it can be argued, the greatest risk reduction can be delivered at the lowest cost per pound of risk. Serious Organised Crime is just such a risk concentration for the financial sector. We recognise that serious organised crime is a business, and needs access to the financial system much the same as a legitimate business does. Understanding how legitimate businesses run successfully is the everyday stuff of MBA students and Business Schools, and we can learn to copy them, or if we are their competitors, we compete by analysing their business model. We must do that with serious criminal businesses, and to do so we need to be better at getting intelligence about how they do things on a financial level.
It seems to me that the main risks to the financial services industry from serious organised crime and terrorists fall into three main categories, namely that the industry will be used to facilitate crime or terrorism, perhaps by the placement of individuals within the business; that they will be used to launder the proceeds of crime; and that they themselves will be the victims of crime, by being either defrauded or attacked. We have not systematically gathered and shared enough information about how that has been done that in the past, and we have not sat down together to consider how criminals might do so in the future. This has been in part because the intelligence experts in law enforcement do not understand finance very well, and the financial experts in the industry do not have access to intelligence. Considerable efforts have been made to redress this need in the area of terrorist finance, but hardly any, by comparison, for serious crime.
The FSA have made a commitment – a public commitment - to work with our law enforcement partners to develop intelligence to enable us to understand how those involved in serious and organised crime are using the financial system – to map the flow of criminal money. We are aiming to understand how serious and organised crime interacts with the financial services industry – we want to get inside the minds of the criminals
We see this work as providing us with an overview of where the greatest risks to the financial services industry lie. But this "map" will not just be a one-off exercise. We will use the results to develop a framework to:
- identify risks and vulnerabilities to enable us to target resources (in the industry, the FSA and law enforcement) effectively;
- inform our own policy, supervisory and enforcement activity;
- help the institutions we regulate to strengthen their systems and controls in a risk-based way.
As a banking supervisor I was always interested in capital and liquidity. I wanted to ensure the banks I supervised didn’t fail and therefore had adequate capital and liquidity. Criminal businesses need capital and liquidity – and we want to see how they raise it and how they manage it and use it, because if we can reduce their capital or liquidity via asset seizure or by denying bank facilities falsely obtained, we can disrupt the flow of funds and reduce the harm caused by serious organised crime. In a sense therefore the system needs to carry out “reverse banking supervision” by ensuring the criminal business doesn’t operate successfully. These criminal businesses aim to make illegal profits, and launder them, and the successful serious criminal will innovate in the quest for greater success, just like the legitimate business. So together we must aim to reduce those opportunities, to stifle criminal innovation, and to place the criminal economy into permanent recession.
How we will do this
So how will we develop this intelligence? We have already increased the resource employed by our own Intelligence function, which increases our capability to harvest the information we need. We will also need to work closely with our law enforcement partners, most notably NCIS, the National Crime Squad and Her Majesty's Revenue and Customs. As you have heard from Paul Evans, these organisations (in whole or in part) will form the Serious Organised Crime Agency in April of next year. We are, therefore, proactively engaged in developing a collaborative approach with SOCA and we very much welcome and support the approach Paul has outlined. We look forward to building on our current work with the new agency in due course and playing our full part in their work to reduce the harm from serious organised crime.
We will need to work closely with these colleagues to understand and analyse their own intelligence at both a strategic and operational level. I should say that we do not intend to add to the already heavy workload of our law enforcement partners. Indeed we are already offering FSA support to law enforcement and intelligence agencies to improve their understanding of the financial system. My aim is that we will thereby ensure the success of the FSA's own efforts to make the UK financial services industry a hostile environment for serious organised crime. The message is that the UK's financial system is not open for criminal business.
This collaborative approach should also increase and improve the flow of information between ourselves and our law enforcement colleagues. In addition to the SOCA "precursor" agencies, we will be making contact with all law enforcement agencies to help them better understand both the FSA's intelligence requirements and how we may be able to help them in the collaborative effort against serious crime.
We will also develop a clearer picture of the typologies used in financial crime – this will educate our thinking on anti-money laundering and fraud prevention work. And we want to work with our partner agencies to increasingly make this sort of material available to the financial services industry and again I welcome Paul's thinking on how SOCA will interact with us and others and the existence of the SOCA gateway.
That is not to say we will be cavalier with confidential material. My colleague Bob Ferguson will be speaking about this issue in more detail on Thursday afternoon, if you want to hear more about that aspect of things.
Conclusion
I am delighted to be here today to explain that the FSA, through its statutory objective, is intrinsically linked to the fight against financial crime, and firmly committed to tackling it in a risk-based manner.
We are joining forces with our colleagues in law enforcement to better understand the criminal economy and the businesses within it, to enable us to better target efforts to deter, detect and disrupt the activities of those involved in serious organised crime. Understanding the criminal business will put us on the road to reducing the harm caused by financial crime.
Good progress has been made in the last year, and, if invited, I look forward to having the opportunity to report even more progress next year.