The financial industry had been charged with the responsibility of leading the fight against crime and terrorism through focusing on drying up ilicit funds. This responsibility is more than just a regulatory requirement but a chance for the industry to play a key role in making our society safer.
Any self respecting crime organization or terrorist group will require funds to be moved internationally at one point or another. Evidence had shown that this is largely done through official financial institutions and non-official financial service providers facilitated by businesses; shell companies or real active firms (Colin P Clarke, Terrorism Inc.).
Crime and terrorist organizations use an array of methods to place and move funds from companies to financial institutions and then to other businesses / organizations; chief amongst which are manipulation of business staff in one way or another (EY corruption report 4/2017).
It has been largely recognized now by regulators and intelligence organizations worldwide (Europol, OECD, FCA) that if we, as a society, wish to root out crime and terrorism from our midst, we must champion businesses and FI’s to take the leading role since these are the gateways through which it is all facilitated. Businesses have the means, and I dare say, the moral obligation, to effectively reduce illicit activities, not just for the sake of fighting crime and terrorism but for the sake of public confidence in what society had evolved into.
What does it all mean? Well, in order to provide security and safety to our society we should start, like all long journeys, with one step at a time. Businesses are as vulnerable as their gateways and employees; employees are as vulnerable as the system in which they work. A decent KYE (Know Your Employee) policy is a system that will remove employees from the position of becoming an instrument in the hands of those who wish to gain unlawful access into businesses. This is true for all businesses, not just financial institutions.
This is not to suggest that all employees are corrupt or that even the majority are; far from it. But an effective KYC policy, coupled with the relevant tools would serve as a fantastic deterrent for anyone who finds oneself in a vulnerable position (Fraud diamond, Wolfe & Hamanson 2004). Furthermore, it would make it more difficult for crime members to approach businesses in an attempt to bribe, blackmail, convince and influence or manipulate in some way the participation of employees in illicit activities.
Employee vulnerability is a greatly underappreciated phenomenon in the world of AML / CFT. Vulnerability does not refer only to a conscience weakness but also to weaknesses that an employee may not realize exists. In an age of ever-increasing cybercrime, we are witnessing more and more manipulations of employee’s identities, passwords, access portals, mobile devices, etc. These are vulnerabilities that allow criminals to manipulate employees, not only for fraud but for system access and transaction authorization codes. Thus an employee may inadvertently be giving access to a hacker, in the service of a terrorist, through using a weak password or access sharing rights to a business payment account.
Achieving security can move up a notch if we approach the fight against crime and terrorism as a campaign and not as a collection of separate battles. Banks cannot fight ML & FT on their own, they need the support of businesses, (from which money arrives) and from business employees (who should be given the protection and incentives to participate). It is our responsibility as citizens of our society to empower businesses and incentivize them to thwart crime and terror.