Momentum is building in Congress for federal privacy legislation and several states have their own privacy laws in the works. But, as concerns grow that companies are collecting and sharing personal information about U.S. residents without their knowledge and not adequately protecting that data, regulators and plaintiffs aren’t waiting for new laws. Instead, they are refitting existing laws to meet their data privacy and security objectives. Continue reading →
Financial authorities worldwide are focused on how new technologies can be used to more effectively combat money laundering and financial crime. The UK’s Financial Conduct Authority (the “FCA”) is one of the leaders in the movement towards using financial technology (FinTech) and regulatory technology (RegTech) to fight money laundering. In the FCA’s most recent conference on this issue, which was attended by over 100 technology firms, regulators, and law enforcement agencies from the US, Europe, the Middle East, and Asia, participants were tasked with developing proposals to address fifteen problem statementsrelating to how new technologies can more effectively combat money laundering and financial crime. This article addresses one of the proposals that received significant attention during and subsequent to the conference.
The proposal, offered by a team from Santander Bank and others, called for financial institutions to use distributed ledger technology to develop a database of “bad actors” without requiring the institutions to share the underlying transactional data that led to the “bad actor” designation. The goal for the database was to create a money laundering detection network to benefit all financial institutions in the ecosphere without running afoul of data privacy restrictions. This “Catch the Chameleon” proposal won the “Eureka” award at the conference for the “most original idea” and, according to the FCA website, will receive “support to progress” from Level 39, RegTech Associates and The Disruption House. Following the conference, the proposal continued to receive attention from other major financial institutions. For example, Credit Suisse highlighted the proposal in its letter (PDF: 338 KB) responding to FINRA’s request for comment on FinTech innovation, deeming the proposal worthy of exploration.
There is clearly merit behind the “Catch the Chameleon” proposal. Data and information sharing between the private and public sectors and among and between the different institutions in the private sector is essential to combat money laundering. Additionally, the use of distributed ledger technology to help facilitate the sharing of such information seems to have significant benefits, such as requiring relatively low implementation costs and allowing enforcement agencies to access a single source of data for all financial institutions in real time. However, there are at least three significant dangers of the platform or database as described on the FCA website, and in light of the heightened attention this proposal has received, these concerns are worthy of further discussion and exploration. Continue reading →
The beginning of the year allows us to look back at recent developments in the white collar front involving Brazil and the United States, and prompts us to consider what to expect going forward, especially in light of the election of President Jair Bolsonaro and the appointment of former judge Sergio Moro as Minister of Justice.
Lava Jato, Carne Fraca, and Zelotes are among the Brazilian anti-corruption operations that have echoed in the United States over the last few years. Intensified cooperation between authorities in the two countries has fueled countless investigations, settlements, convictions, and related civil litigation. U.S. criminal enforcement also has reverberated in Brazil, with the FIFA prosecutions being perhaps the most headline-making example. Continue reading →
In a recent submission (PDF: 2.36 MB) to Congress, the U.S. Securities & Exchange Commission (SEC) reported that, for fiscal year 2018, the SEC paid the largest whistleblower awards since the institution of its program in 2012 following the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank). Specifically, in FY 2018, the SEC awarded 13 individuals over $168 million collectively for tips that led to actions by the SEC to protect investors.
Other statutes likewise provide financial incentives to whistleblowing. Under the False Claims Act (FCA), for example, persons who report fraud in government contracting can receive up to 30 percent of the government’s recovery in an action. Many states, including New York, have enacted state-level equivalents of the FCA. For many decades, the FCA has contributed to large recoveries to the U.S. Treasury, with an expansion of recoveries in part due to the reporting of violations by whistleblowers. Continue reading →
In 2011, during NATO’s bombing campaign against Libyan ruler Muammar Qaddafi’s forces, NATO bombs hit a particular oil company’s storage facility containing thousands of barrels of chemicals used in oil drilling. While most barrels were destroyed, a substantial number were intact but their contents were permanently altered, due to extreme heat from bomb explosions and fires. The chemical changes made the barrels’ contents useless for their intended purpose.
Some days later, the oil company’s compliance lawyer with responsibility for the region was contacted by an oilfield operations manager for the company. The manager said that they had been approached by unnamed “authorities” in eastern Libya, who were offering millions of dollars to buy the chemicals to use for drilling for water. He explained that the company would not permit use of the altered chemicals to drill for oil because they no longer met company quality standards.
The oilfield manager also told the lawyer, “We need this deal” and “We haven’t had any significant revenue for years.” He showed the lawyer “photos of the damaged chemicals and the letters requesting the deal from the authorities,” as well as “the approvals from the commercial lawyers and a chain of emails from our leaders showing their desperation to screw some profit out of this situation.” The manager also asserted that “the authorities were running out of patience. They had a window in which they had to get drilling and if we couldn’t help them they would need to find someone who could. So time was of the essence and all that was lacking was the compliance seal of approval.” Continue reading →
Recently, the White House chief of staff announced that a major priority of the federal administration is de-regulation. According to the proponents of de-regulation, companies should be free to determine their own risks without governmental interference. This view is myopic and, if continued, will lead to increased risk to our financial system. Certainly, cybersecurity is not an area that should be part of any de-regulatory agenda.
The job of the regulator, particularly in the financial services industry, is to ensure the safety and soundness of an industry that serves the public. Promoting a compliance culture is a key part of the regulator’s job. For government actors to make political statements about the propriety of regulations as a binary proposition is a very bad idea. We have been there before and must resist the impulse to think it cannot happen again. Continue reading →
“Too big to fail” (or “TBTF”) is one of the most widely used phrases in the present-day vocabulary of finance. In both high-level policy discussions and popular press, it stands for the core dysfunction of the modern financial system: the recurrent pattern of government bailouts of large, systemically important financial institutions. The financial crisis of 2008 made TBTF a household term, while also leading to the creation of even fewer and bigger financial institutions. To this day, TBTF remains at the center of the policy debate on financial markets and regulatory reform. Yet, the analytical content of this term remains remarkably unclear. In many ways, it still functions as the discursive equivalent of the common “you know it when you see it” philosophy.
In a forthcoming article, I attempt to offer a novel framework for understanding the complex of closely related but conceptually distinct regulatory and policy challenges the TBTF label actually denotes. I start by identifying and defining a fundamental paradox at the heart of the TBTF problem: TBTF is an entity-centric, micro-level metaphor for a cluster of interrelated systemic, macro-level problems. I further argue that this largely unacknowledged inherent tension between the micro and the macro, the entity and the system, renders TBTF a uniquely complex phenomenon and explains the seemingly intractable and persistent nature of the TBTF problem. Continue reading →
Financial firms play an integral role in preventing, identifying, investigating and reporting criminal activity, including terrorist financing, money laundering, and many other finance-related crimes. It is a critical role that depends on financial firms having the information they need to identify and report potentially suspicious activity and provide other relevant information to law enforcement. However, there are significant barriers to information sharing throughout the US anti-money laundering (“AML”) regime. These barriers limit the effectiveness of AML information sharing within a financial institution, among financial institutions, and between financial institutions and law enforcement.
Much has changed in the 17 years following the passage of the USA PATRIOT Act (“Patriot Act”), which, among other things, sought to enable greater information sharing among law enforcement, regulators and financial institutions regarding AML risks. Of note, Section 314(a) of the Patriot Act and its implementing regulations (“Section 314(a)”) enables federal, state, local and European Union law enforcement agencies to reach out to US financial institutions through the US Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”) to locate accounts and transactions of persons that may be involved in terrorism or money laundering. Section 314(b) of the Patriot Act and its implementing regulations (“Section 314(b)”) provides a limited safe harbor for financial institutions to share information with one another in order to better identify and report potential money laundering or terrorist activities. Continue reading →
Intangible capital is becoming an increasingly important determinant of firm value. For example, the ratio of intangible capital to the United States’ GNP is totaling 1.7, according to McGrattan and Prescott (2010). Companies are further prioritizing their brand and perception among consumers and the media, which can affect the way they do business by influencing corporate strategy and investment. In this sense, how employees and/or the general public think about a company can ultimately influence the company’s ability to retain and attract talented employees, which is an integral determinant of firm value.
While there are many different circumstances that firms find themselves in, some can be particularly damaging. For example, the public revelation of a cyber security breach can have lasting reputational effects when a company prides itself on privacy and security, as was the case with Equifax and their 2017 breach. Much like data breaches, the public revelation of an accounting fraud can have a lasting effect on a company’s reputational capital. If employees and/or the public do not trust senior leadership, then employee engagement and retention will quickly dwindle. No one wants to work for an infamous company, especially skilled workers, given their ability to find alternative options in the labor market. Continue reading →
With limited time, corporate directors are accustomed to monitoring firms by using aggregated information that is supplied by firms’ management. Nearly every task conducted by a board of directors involves data curated by employees working for a firm’s CEO. A critical challenge for directors is to be informed of important situations that may have been lost in data aggregation or that may have been selectively not reported. Indeed, this is why firms with stellar directors and high-quality external auditors still have major public debacles. One way a corporate director can obtain unfiltered information regarding a firm’s operations and potential problems within a firm is by reviewing reports made by employees through internal reporting systems (also known as internal whistleblowing systems). The problem with this solution is that there have been differing views and understandings as to how to appropriately manage these systems and interpret these submitted reports—until now. Continue reading →