The UK has strengthened its measures to meet international standards and stamp out economic crime, but high-profile money laundering failures linked to some of the country’s largest banks indicate that there could be room for improvement. Alexandra Leonards reports.

The mere size and diversity of the UK in its role as a global financial centre means it is a natural hotspot for money laundering – attracting both legitimate investments and dirty money on a larger scale than most other countries around the world. In fact, when taking the GDP of each nation into consideration, recent figures suggest that Britain is second only to the United States when it comes to money laundering – with the crime on average costing the country more than £100 billion pounds a year.

The growing complexity of financial markets, driven by advancements such as Decentralised Finance (DeFi), as well as constantly evolving criminal methods which, for example, have seen the scale of ‘money muling’ – the practice of transferring stolen money on behalf of others – skyrocket over the past couple of years, means that UK financial institutions are operating in an even tougher financial crime landscape.

But the UK’s position as the largest centre for cross-border banking, even in a challenging environment, does not give banks operating within its shores a free pass for letting economic crime slip through the cracks. While the UK’s Anti-Money Laundering (AML) practices are well-rated by international regulators, a number of high-profile failures linked to some of the country’s largest and wealthiest banks hitting headlines in recent years, may lead the British public to believe these household names are neglecting their duties.

One such example is Spanish bank Santander, whose UK business was handed a £107 million penalty in December 2022 after the Financial Conduct Authority (FCA) found “serious gaps” in its AML controls. In one example cited by the FCA, a new customer opened a small translations business expecting monthly deposits of £5,000. Six months down the line, the company was pocketing millions. Despite being recommended for closure by the bank’s AML team, the financial watchdog said poor processes meant the account was active for a further 12 months.

Similarly, the notorious money laundering scandal at NatWest saw the bank hit with a £264 million fine in late 2021 and face convictions for three offences—the first time in the regulator’s 10-year history that it pursued criminal charges for AML failings. During the trial, the judge said that though NatWest was not complicit in the illegal activity, it was “functionally vital”. Without the bank, said Mrs Justice Cockerill, the crime would never have taken place.

Where have UK banks gone wrong?

”Banks have spent millions and millions on compliance, but I think we have seen from enforcement action that there are a lot of banks still getting the very basics wrong,” says Kathryn Westmore, economic crime specialist and senior research fellow at the Centre for Financial Crime and Security, Royal United Services Institute (RUSI). “Investment in fancy technology, for example, doesn’t help if you don’t have robust procedures and policies.”

In the case of NatWest, it was a dual failure of staff and technology. Despite many red flags and employees reporting their suspicions to bank staff responsible for handling suspected money laundering, no action was ever taken. At the same time, the bank’s automated transaction monitoring system incorrectly identified cash deposits as cheque deposits, which carry a lower money laundering risk.

The serious weaknesses found over a period of eight years at HSBC, which ultimately led to a near £64 million pound fine, are an example of how badly designed systems or poor processes can lower the effectiveness of the technology designed to identify money laundering cases. During this lengthy period, HSBC – currently the largest bank in the UK – failed to properly check the accuracy of data being fed into its monitoring systems. At the same time, it never considered whether the scenarios used to identify red flags for money laundering or terrorist financing covered relevant risks until 2014. The bank also didn’t test or update the parameters within the systems being used to work out whether a transaction could be suspicious.

Westmore claims that one of the key problems associated with these monitoring systems is that they generate thousands of alerts per day and are often reviewed by relatively junior or inexperienced employees. She notes that there is also sometimes tension between those on the monitoring team and client-facing employees who are keen to keep their customers happy; they’d rather avoid asking their loyal clients difficult questions.

Another place banks fall down on, explains Westmore, is truly understanding the customer and why “rich people get rich”. Banks sometimes struggle to identify risky customers, she says, for example former politicians who might be at a higher risk of bribery or corruption.

A change in the wind

It is important to note that most of these recent FCA fines – a result of the regulator’s more aggressive crack down on money laundering – have been dished out for relatively historical cases. Even though Santander was fined at the end of last year, the penalty was for failings that took place between December 2012 and October 2017 for example. The bank’s chief executive said that it had since made “significant changes” to address these issues through overhauling its financial crime tech, systems and processes.

Similarly, NatWest’s AML failures were recorded between November 2012 and June 2016, while HSBC faced its penalty for mistakes made between March 2010 and March 2018.

Figures from Fenergo also show that while the number of money laundering-related fines issued by the UK financial watchdog tripled in 2022, the largest of which was issued to Santander, penalties in the UK fell from $400 million in 2021 to $188 million last year.

Banking experts say that since these cases took place, many employees working at the banks moved on and were replaced to find a solution. Some banks have also been given more of a licence to operate with more resources by c-suites, moving away from more of an efficient compliance mechanism towards an aggressive transformation programme.

The economic crime plan, which ended in 2022 after three years, is also likely to have had an impact on the way banks are approaching AML. The plan included better sharing and usage of information and aimed to build greater resilience to economic crime by improving the management of economic crime risk in the private sector.

“Tackling economic crime including money laundering is a top priority for the banking and finance sector,” says Nick Van Benschoten, director of international illicit finance, UK Finance – which worked with government, regulators and law enforcement on the plan.

The financial crime specialist says that the trade association, which represents over 300 firms across the UK’s financial services market, has also recently welcomed the introduction of the Economic Crime and Corporate Transparency Bill. The new legislation, first introduced in the House of Commons in September 2022, aims to allow for more information sharing between banks and will “better identify threats and criminal networks”.

As it stands, those operating in the AML regulated sector – banks, law firms and accountants – are limited in their ability to share information with each other.

However, the Bill – which is currently passing through the House of Lords as of February 2022 – will allow direct sharing between two businesses in the regulated sector and indirect sharing through a third-party intermediary for businesses in the financial sector with cryptoasset exchanges and custodian wallet providers.

Government-commissioned independent analysis of these new rules estimates that they could prevent roughly 4,500 crimes every year, varying from “multi-million-pound money laundering schemes” to “people losing their entire life savings”.

Companies on the periphery

In its most recent review of the UK’s AML measures, the Financial Action Task Force (FATF) — the G7’s intergovernmental organisation for money laundering and terrorist financing — said that insurance providers, investment firms and wealth managers show a good understanding of compliance requirements, but banks and smaller money services providers have a mixed understanding of risk when it comes to money laundering.

It says, the understanding of these risks, as well as implementation of AML measures, is most developed for UK banks which understand their AML risks in relation to the National Risk Assessment (NRA).

With the breadth of financial services providers expanding and more e-money in the financial system, the watchdog highlights that there are a number of new risks to which the industry should pay attention.

While these money services businesses might not technically be digital banks with licences, they provide some of the same services. The FATF says that while the UK has appropriate fines, good asset recovery rules, and aggressive policing when it comes to money laundering, regulators are often only targeting the top banks. Ultimately, the authority said, the UK could do better at dealing with the smaller, modern financial services providers alongside the bigger financial institutions.

Currently, the FCA focusses on the 14 largest retail and investment banks, as well as a further 156 smaller firms which are assessed as ‘higher risk’. The international task force concluded that outside the 170 firms covered by its proactive supervision programmes there are a “significant number” of firms undertaking high and medium risk activities that fall outside its regular, cyclical supervisory attention.

Is tech the answer?

Manish Chopra, executive vice president, financial services at Capgemini, says that no single organisation, technology, or regulatory authority alone can bring sufficient change in reducing money laundering in the UK.

“More powerful and comprehensive tools for detecting money laundering are vital if we want to prevent our financial systems from being misused,” explains Chopra.

He says that there is a significant change happening in the mindset of AML regulators – they are moving away from mistrust to embracing the use of AI-based technology to enhance AML processes.

Chopra calls on the banking industry to appreciate and adopt technologies such as Robotic Process Automation (RPA), which can emulate the actions of a human user in a quick but specified sequence, and neuro-linguistic programming (NLP), which can help analyse documents and extract information from what the RPA bots gather, as part of their AML strategy.

Economic crime expert Kathryn Westmore agrees that technology is crucial, explaining that she can’t see a scenario in which tech is not the answer to tackling money laundering in the UK.

It’s difficult to say definitively if the changes banks are making are extensive enough to avoid embarrassing headlines and hefty fines, especially given that money laundering investigations can take years to progress or be made public. But what is clearly evident is that a balance between the right technology, people, regulation, and processes, alongside a better understanding of where some of the newer FinTech providers and digital assets sit in the remit of governance and responsibility is necessary to ensure criminals don’t continue to slip through the net.

Share Story: