The incoming chief of New York’s top financial services regulator called cybersecurity “the number one threat facing all industries and governments globally” during a speech on Friday, April 12, 2019 at the Association of the Bar of the City of New York.
Linda Lacewell, acting superintendent of the New York State Department of Financial Services (“DFS”), made her remarks at an event focused on insurance regulation and they come at a time when the state’s sweeping cybersecurity regulation — initially implemented more than two years ago — is now in full force. Lacewell, a former federal prosecutor, was nominated in January 2019 by New York Governor Andrew Cuomo to head DFS, which oversees banking and insurance in the state. Lacewell was Cuomo’s chief of staff. Her confirmation has not yet been scheduled. Continue reading →
Financial authorities worldwide are focused on how new technologies can be used to more effectively combat money laundering and financial crime. The UK’s Financial Conduct Authority (the “FCA”) is one of the leaders in the movement towards using financial technology (FinTech) and regulatory technology (RegTech) to fight money laundering. In the FCA’s most recent conference on this issue, which was attended by over 100 technology firms, regulators, and law enforcement agencies from the US, Europe, the Middle East, and Asia, participants were tasked with developing proposals to address fifteen problem statementsrelating to how new technologies can more effectively combat money laundering and financial crime. This article addresses one of the proposals that received significant attention during and subsequent to the conference.
The proposal, offered by a team from Santander Bank and others, called for financial institutions to use distributed ledger technology to develop a database of “bad actors” without requiring the institutions to share the underlying transactional data that led to the “bad actor” designation. The goal for the database was to create a money laundering detection network to benefit all financial institutions in the ecosphere without running afoul of data privacy restrictions. This “Catch the Chameleon” proposal won the “Eureka” award at the conference for the “most original idea” and, according to the FCA website, will receive “support to progress” from Level 39, RegTech Associates and The Disruption House. Following the conference, the proposal continued to receive attention from other major financial institutions. For example, Credit Suisse highlighted the proposal in its letter (PDF: 338 KB) responding to FINRA’s request for comment on FinTech innovation, deeming the proposal worthy of exploration.
There is clearly merit behind the “Catch the Chameleon” proposal. Data and information sharing between the private and public sectors and among and between the different institutions in the private sector is essential to combat money laundering. Additionally, the use of distributed ledger technology to help facilitate the sharing of such information seems to have significant benefits, such as requiring relatively low implementation costs and allowing enforcement agencies to access a single source of data for all financial institutions in real time. However, there are at least three significant dangers of the platform or database as described on the FCA website, and in light of the heightened attention this proposal has received, these concerns are worthy of further discussion and exploration. Continue reading →
A surge of investor capital into FinTech has created new offerings in data and network analytics that are impacting expectations for financial crime and legal compliance. A number of leading financial institutions and global corporates have embraced the opportunities created by emerging technologies, thereby setting new standards for risk management. The U.S. Department of the Treasury and bank regulators have taken notice, and are encouraging the private sector to explore innovative technologies as a better means of protecting financial integrity, in particular with respect to illicit financial activity conducted by networks targeted by sanctions.
At the Financial Crimes Enforcement conference hosted by the American Bankers Association and the American Bar Association on December 3, Treasury Under Secretary for Terrorism and Financial Intelligence Sigal Mandelker said, “Private sector innovation, including new ways of using existing tools or by adopting new technologies, can be an important element in safeguarding the financial system against an array of threats.” That day, five U.S. regulatory agencies released a statement (PDF: 67.4 KB) encouraging banks to use new technologies to help “identify and report money laundering, terrorist financing, and other illicit financial activity.”
This is not the first time the U.S. government has called for deployment of new technologies to manage risk. Continue reading →
Recently, the White House chief of staff announced that a major priority of the federal administration is de-regulation. According to the proponents of de-regulation, companies should be free to determine their own risks without governmental interference. This view is myopic and, if continued, will lead to increased risk to our financial system. Certainly, cybersecurity is not an area that should be part of any de-regulatory agenda.
The job of the regulator, particularly in the financial services industry, is to ensure the safety and soundness of an industry that serves the public. Promoting a compliance culture is a key part of the regulator’s job. For government actors to make political statements about the propriety of regulations as a binary proposition is a very bad idea. We have been there before and must resist the impulse to think it cannot happen again. Continue reading →
“Too big to fail” (or “TBTF”) is one of the most widely used phrases in the present-day vocabulary of finance. In both high-level policy discussions and popular press, it stands for the core dysfunction of the modern financial system: the recurrent pattern of government bailouts of large, systemically important financial institutions. The financial crisis of 2008 made TBTF a household term, while also leading to the creation of even fewer and bigger financial institutions. To this day, TBTF remains at the center of the policy debate on financial markets and regulatory reform. Yet, the analytical content of this term remains remarkably unclear. In many ways, it still functions as the discursive equivalent of the common “you know it when you see it” philosophy.
In a forthcoming article, I attempt to offer a novel framework for understanding the complex of closely related but conceptually distinct regulatory and policy challenges the TBTF label actually denotes. I start by identifying and defining a fundamental paradox at the heart of the TBTF problem: TBTF is an entity-centric, micro-level metaphor for a cluster of interrelated systemic, macro-level problems. I further argue that this largely unacknowledged inherent tension between the micro and the macro, the entity and the system, renders TBTF a uniquely complex phenomenon and explains the seemingly intractable and persistent nature of the TBTF problem. Continue reading →
On 31 January 2019, the UK’s HM Treasury published the first set of regulations (the “Regulations”) under the Sanctions and Anti-Money Laundering Act 2018 (“SAMLA”). The Regulations are due to come into force on “exit day”—29 March 2019 at 11.00pm—if the UK leaves the European Union without a deal. The UK Office of Financial Sanctions Implementation (“OFSI”) has also published new guidance on post-Brexit financial sanctions, which should be read in tandem with the Regulations. In many respects, the Regulations mirror sanctions measures currently in force in the UK under EU regulations and merely give them an independent statutory footing in the UK. But the Regulations do diverge from established EU sanctions practice in certain places and may require companies in the UK to change their sanctions compliance practices. Continue reading →
The views expressed within this post are those of the author alone and do not represent those of the OECD or its member countries.
A decade after the global financial crisis, most of the financial regulatory reform package to make the system stabler and fairer has been completed. The agenda is is now changing to evaluation of reform effects. This post draws on a recent article on implicit bank debt guarantees  and asks whether the progress in limiting them has made the financial system fairer.
The financial regulatory reform, designed and subsequently rolled out over the past decade following the global financial crisis, is explicitly described as an attempt to make the international financial system fairer. In defining what is involved in this goal, the Financial Stability Board (FSB), an international body set up in April 2009 to monitor and make recommendations about the global financial system, refers to large banks at the centre of the financial system that did not internalize the social costs that their excessive risk-taking created. Gains of risk-taking activities were privatized and losses socialized. A fairer system involves funding conditions that are more closely aligned with the riskiness of the entities. In other words, there would be no room for implicit bank debt guarantees.Continue reading →
Financial firms play an integral role in preventing, identifying, investigating and reporting criminal activity, including terrorist financing, money laundering, and many other finance-related crimes. It is a critical role that depends on financial firms having the information they need to identify and report potentially suspicious activity and provide other relevant information to law enforcement. However, there are significant barriers to information sharing throughout the US anti-money laundering (“AML”) regime. These barriers limit the effectiveness of AML information sharing within a financial institution, among financial institutions, and between financial institutions and law enforcement.
Much has changed in the 17 years following the passage of the USA PATRIOT Act (“Patriot Act”), which, among other things, sought to enable greater information sharing among law enforcement, regulators and financial institutions regarding AML risks. Of note, Section 314(a) of the Patriot Act and its implementing regulations (“Section 314(a)”) enables federal, state, local and European Union law enforcement agencies to reach out to US financial institutions through the US Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) to locate accounts and transactions of persons that may be involved in terrorism or money laundering. Section 314(b) of the Patriot Act and its implementing regulations (“Section 314(b)”) provides a limited safe harbor for financial institutions to share information with one another in order to better identify and report potential money laundering or terrorist activities. Continue reading →
FinCEN and Federal Financial Institution Supervisory Agencies Issue Joint Statement on Innovative Efforts to Combat Money Laundering and Terrorist Financing
On December 3, 2018, the Financial Crimes Enforcement Network (“FinCEN”) and the four federal financial institution supervisory agencies (“the agencies”) issued a joint statement (“Joint Statement”) encouraging banks (i.e., banks, savings associations, credit unions, and foreign banks) “to consider, evaluate, and, where appropriate, responsibly implement innovative approaches to meet their Bank Secrecy Act/anti-money laundering (BSA/AML) compliance obligations, in order to further strengthen the financial system against illicit financial activity.”Continue reading →
Whether the macroprudential regulation enacted to protect the stability of the financial system is sufficient to prevent another crisis is uncertain. Although much of that regulation represents good faith and, in many cases, highly thoughtful efforts to control systemic risk, its primary focus is on banks and other systemically important financial institutions (“SIFI”s). This entity-based approach may be too narrow because it largely ignores other critical elements of the system, such as financial markets.
Furthermore, influenced by political and media pressure to assign blame for the financial crisis, some of the entity-based regulation is itself imperfect. A major focus of that regulation, for example, is on controlling morally hazardous risk-taking by SIFIs that deem themselves “too big to fail” (“TBTF”). Capital requirements epitomize this approach, protecting SIFIs against losses by requiring them to hold minimum levels of capital. However, the ability of capital requirements to control systemic risk is unclear. The cost of capital requirements is also uncertain; some argue they impose no public costs, others argue to the contrary. Continue reading →