Financial crime is a persistent menace for Nordic banks. The only way to tackle it is closer co-operation between banks and the public sector, using smarter technology. The building blocks are already there, and so are the potential rewards.
Financial crime is a massive global problem. According to the UN, criminals currently move around 2-5 per cent of global GDP, or $800 billion - $2 trillion through mainstream financial systems each year¹. And very little of it is traced or seized. Instead, it continues to flow from – and fund – activities like counterfeiting, modern slavery, drug- and people-trafficking, and terrorism.
Scandinavian banks endure their share of the headache. In September 2018, Danske Bank’s CEO resigned after an internal investigation found it didn’t have proper money laundering controls on the €200 billion worth of transactions flowing through its Estonian branch, resulting in many suspicious customers and transactions.² In February 2019, the Estonian Financial Supervisory Authority (FSA) ordered Danske Bank to cease banking operations in the country within eight months.³ Other banks may also face scrutiny. Recently, the European Banking Authority opened a formal investigation into the Estonian and Danish supervisors⁴. And this is just the most high-profile recent examples. It shows financial services businesses, governments and law enforcement agencies in the Nordics – as elsewhere – must do better.
We believe that means two things: sharing more data more widely and using smarter technology to analyse it faster and more deeply. Only then can banks follow crime in real time, instead of trailing in its wake. In our view, the Nordic countries are currently behind others when it comes to anti-crime partnerships and data sharing. But, importantly, many building blocks are already in place for that situation to change rapidly.
Not that banks do nothing – far from it. Around the world, they spend billions on anti-money laundering measures every year. Like those in other countries, Nordic banks file Suspicious Activity Reports (SARs) about anything that looks suspect. But it’s inefficient and unproductive.
SARs are often manually produced and submitted in a laborious process. Also, law enforcers act on very few SARs. According to Europol, the number is as low as 10 per cent, a figure that is unchanged since 2006.⁵ This is part of the reason why, across Europe, they only seize about one per cent of dirty money each year.⁶
Criminals exploit the sophistication and speed of digital systems, mingling legitimate funds with the proceeds of illicit activity and covering their tracks in seconds. But the system to combat them still relies too much on manual processes that are flat-footed in comparison.
To change this, financial services businesses need to collaborate more closely. And the industry needs to collaborate more with the public sector, whether that’s law enforcers, regulators or other government agencies. These partners will then need a standardised, automated approach to sharing and analysing data.
In the system we’re proposing, partners collaborate and share more, including reference, transaction and behavioural data. Also, everyone shares this data with each other. It doesn’t just go in one direction, from banks to law enforcers, for instance. Finally, all the partners need to gather the data from a central communication hub and analyse it. All this must be automated to let everyone spot emerging trends and typologies of crime in real time. This is the key to disrupting crime, not just piecing it together after the event.
The Nordics are starting to make progress, but we believe they can do more. For instance, there’s no equivalent, to the UK’s National Economic Crime Centre. From this year, this will move beyond the basic Financial Intelligence Unit model to encourage genuine public-private partnership and eventually multidirectional data sharing. Nor are there true public-private intelligence forums, as in several other countries including the UK, US, Hong Kong and Australia. In the UK’s Joint Money Laundering Intelligence Taskforce (JMLIT)⁷, heads of financial crime regularly interact with the public sector, and banks work collaboratively to address key crime trends identified.
But there’s potential for the Nordics to leapfrog other regions. Importantly, Nordic banks have a long track record of collaboration. For example, the Nordic Financial CERT⁸ now works across the Nordic countries to counter cyber risks in real time. It enables banks to share relevant data to combat cybercrime. The new know your customer (KYC) utility being established by major Nordic banks will share onboarding data using a common infrastructure. While the current scope is limited to large corporates, it will involve building a tech platform that could potentially adapt to counter crime. And in Norway, the publicprivate development programme run by Bits, the bank and finance industry’s financial infrastructure company, is piloting automated exchange of account information for investigative purposes between banks, tax authorities and the Police.⁹
By further joining up efforts at a Nordic level, we believe the impact will be substantial.
Even so, banks will feel they’ve already invested heavily in compliance systems and technologies. To build a case for more funding, they’ll need to view what comes next as an investment in innovation that has real rewards, including:
These benefits surely make it worth taking the next step to combat financial crime.
Explore our latest insight and perspectives on the Nordic Financial Services market