Banks’ Sharing Of Financial Crime Data Raises Questions On Ethics (#GotBitcoin?)

Banks, regulators and law-enforcement agencies are sharing more intelligence through voluntary networks to deter money laundering and terrorism financing. As the practice spreads, so do the risks of data mishandling, observers said. Banks’ Sharing Of Financial Crime Data Raises Questions On Ethics

Information-sharing partnerships are sprouting across the global financial landscape. The U.K. pioneered the practice in 2015, and new partnerships were launched in Singapore, the U.S. and Australia last year. The Netherlands, Hong Kong and law-enforcement agency Europol are running pilot programs with the goal of setting up hubs to share intelligence on financial crime.

The partnerships are evolving as a way to share patterns of criminality without regulatory burdens. But as more data is collected, these groups are facing ethical issues of privacy, disclosure and conflict of interest, according to experts who gathered last week at the International Symposium on Economic Crime at Cambridge University.

“Do we really want vast amounts of data in the financial system to be accessible to law enforcement investigators? Is there public consent for this development in intelligence gathering capability? How robust are the accountability and governance processes?” asked Nick Maxwell, head of the Future Financial Intelligence Sharing program at security think tank Royal United Services Institute in London.

Some ethical questions concern procedures for keeping open accounts that have been flagged by suspicious transactions, for instance, because of conflicting interests.

Investigators want the accounts open to gather evidence and to avoid assets being transferred to other jurisdictions, while the banks fear running afoul of regulations if flows stem from illicit finance. What’s more, closing an account prematurely can lead to great upheaval for the account holder if it is done erroneously because he or she will need to prove it was all a mistake.

Establishing some policies to keep accounts open during an investigation is one way to deal with the quandary. Already, the U.S. Department of Treasury has “keep-open procedures” in place, and such measures are under consideration in the U.K. and Australia, Mr. Maxwell said.

Another area of concern is the vetting of money-laundering reporting officers, who report suspicious transactions to authorities.

“[These officers] haven’t needed much vetting in the past,” Mr. Maxwell said. “But this may need to change as more institutions start to receive sensitive information from law enforcement agencies,” he said. “There is a risk of an intelligence breach, or even infiltration by organized crime groups or foreign intelligence agencies.”

Banks value the shift of combating financial crime through increased intelligence sharing because it is generally more effective than the compliance-mandated reporting of suspicious transactions.

“These partnerships are an integral part of how we manage financial crime risk,” said Ben Trim, head of financial crime policy at HSBC PLC, during a panel discussion at the symposium.

The bank is part of the existing voluntary partnerships because it believes sharing is key to preserving the integrity of the financial system. Coming together with law enforcement allows financial institutions to get information on “specific indicators or dangerous actors” banks wouldn’t otherwise have ways to access, he said.

The bank is developing a financial crime risk-management system that uses the data it collects to get a more holistic view of how swindlers operate. “That innovation within our bank will help us with what we bring to the partnerships,” Mr. Trim said.

The focus of case-building through intelligence will expand from a transactional basis to behavioral analysis. To succeed in its goal, though, HSBC will need more access to more information through the public-private intelligence-sharing hubs. HSBC monitors millions of transactions and investigates “every hint of suspicion” as part of its compliance program, he said, but very few of these lead to fruitful investigations.

The U.S. collects, on average, 2 million reports of suspicious transactions every year, and the U.K. approximately 500,000, according to RUSI, the think-tank. Around 85% of these aren’t of immediate value to authorities, and less than 1% of criminal assets identified through the reports are frozen or confiscated.

The mandated reporting is also costly. Banks in the U.K. spend at least £5 billion a year on core financial crime compliance, according to the Law Commission, which is reviewing the practice of reporting of suspicious transactions under U.K. law.