- The coronavirus pandemic is doing more than taking lives and life savings – it has the potential to also wreak havoc in financial crime compliance departments.
- The reason: as many financial institutions see profits fall and risks soar, they could decide to trim or reorganize now-scattered fincrime compliance teams.
- This could be a “perfect storm” scenario where banks will have fewer resources to review an avalanche of alerts – both from normal people drastically shifting money to themselves and others and from fraudsters, scammers and spammers trying to game the system.
- Regulators don’t have their heads in the sand. Top Treasury agencies are exhorting financial institutions to brace for a surge in disaster-related fraud to better protect their operations and safeguard confused and anxious customers.
- At the same time, these same financial sector watchdogs are also warning banks not shirk, scrimp and skimp on their compliance duties to quickly and completely review alerts and produce AML filings, while also promising in the same breath some measure of “regulatory relief.”
By Brian Monroe
March 18, 2020
The coronavirus pandemic, or COVID-19, is doing more than taking lives, wrecking the economy and tanking the stock market – it has a bevy of diseased tendrils snaking their way to financial crime compliance teams to try and infect these departments physically, financially and virtually.
The virus, which reportedly emerged in Wuhan China in December with just a handful of cases, has in recent months jumped borders and has infiltrated nearly 160 countries and regions, including the United States, Europe, Asia and the Middle East, surging to just under 185,000 confirmed cases and more than 7,500 deaths, according to the World Health Organization.
Some of the hardest hit areas have also instituted some of the most drastic and draconian measures to halt the disease’s aggressive progression – moves that have come with severe economic and societal tethers that may have inadvertently weakened financial crime compliance departments just as potential suspicious activities soar.
“It’s the perfect storm: more alerts, more false positives, fewer investigators,” said Jim Richards, the former head of AML at Wells Fargo.
How? Here are some snapshots of what could happen and, in some cases, is already happening to financial institution fincrime teams:
- From coughs to layoffs: As profits run aground and transactional throughput falls, some financial institutions could layoff staff, including fincrime compliance teams.
- Red alert: As institutions trim anti-money laundering (AML) and fraud teams, or disperse staffers to work from home, they may struggle to adequately analyze alerts, communicate about the proper disposition and create timely suspicious activity reports (SARs).
- Riding the wave: Compounding the difficulty of reviewing AML and fraud alerts with a scattered or depleted counter-crime team, the overall flow of transactional alerts will likely soar as normal customers change banking patterns to hoard cash or support foreign relatives – and bad guys will try to ride the wave of the alert storm.
- Put scammers, spammers in the slammer: Fraudsters love using international upheaval and uncertainty to plunder aplenty. So financial institutions must be more wary of fraudster posing as a charity or company selling anti-viral equipment.
- Methinks better avoid the links: They must also be wary of official-looking emails telling bank staff to click on a link to learn more about how to stop the spread of the virus, along with more adequately protecting customers from similar felonious fusillades.
These criminals and hacking collectives are as callous as they are opportunistic.
Case in point: Cyber hackers hit the U.S. Health and Human Services Department with an attack Sunday night during a presentation and update on the nation’s response to the coronavirus pandemic, according to three people familiar with the matter, as cited by media outlets.
The challenges for continuing compliance in a time of coronavirus could be particularly difficult for smaller banks, said Dev Odedra, a longtime financial crime consultant, thought leader and writer who has held top compliance positions at many of the largest banks in Europe and the United Kingdom.
“For larger banks, they should be able absorb additional work if aml/compliance staff become sick by handing over work to local colleagues temporarily e.g., in another state/country where they might have the expertise to do the work, if no one else in the department is capable,” he said.
“Another alternative is making use of cross-trained/skilled staff if there is a pool of talent already within the bank,” Odedra said. “Where you might get a problem is in smaller banks where there is no cross state/country resource. This is where institutions may need to bring in external expertise as cover whilst the sick employees recover. This is where mobile/skilled independent individuals may be of great help in such times as this.”