Managing Financial Crime Risks in a Changing Economic Environment

Managing financial crime risks
Managing Financial Crime Risks in a Changing Economic Environment

Financial Crime Risk in the Current Climate


The current social and economic climate is a new frontier for financial institutions seeking to navigate challenges posed by deteriorating market conditions, consumer panic and the ever-watchful eye of industry regulators. Meanwhile bad actors who pose an ongoing threat are also discovering new channels of opportunity to disrupt the integrity of our financial system and abuse banks and other market participants through new COVID-19 fraud scams and laundering the proceeds of crime. Accordingly, institutions need to be aware of the evolving typologies and vigilant in taking proactive measures to prevent this abuse from occurring in order to maintain robust regulatory and reputational posture.


The new scarcity of certain products, such as protective clothing in hospitals, facemasks, hand sanitiser and similar goods, has brought a lot of illegitimate providers on the market seeking to exploit the situation. Already authorities have uncovered sophisticated scams with organised criminals attempting to pose as Government bodies, financial institutions, not-for-profit organisations and manufacturers of personal protective equipment (PPE), to deceive individuals and businesses into divulging personal details and authorise misdirected payments. We are entering uncharted territory and the crisis will be seen as an avenue by some for opportunistic fraud and increased laundering attempts or activity. At the same time, we don’t know exactly what to expect from customers.

Examples of emerging COVID-19 related financial crime risks and vulnerabilities:

  • Reliance on online delivery channels and absence or reduction of face-to-face verification with simplified customer due diligence measures.
  • Control deficiencies due to weak or immature processes and remote handovers.
  • Delayed sign-offs due to technology constraints or unavailability of authorisers.
  • Fast tracking of approvals due to hardship and increased pressure on call centres.
  • People withdrawing hard currency in a state of panic about market volatility.
  • Influx of people using virtual currency in a volume greater than ever encountered
  • Risk of transaction-service gatekeepers for struggling companies ‘looking the other way’ as they struggle to meet job demands in their work from home (WFH) environment.
  • Wire transfers declining in volume, balancing out the surge in cash withdrawals, online banking and cryptocurrency-related activity.
  • Inexperienced customers turning to mobile apps for banking in hope that it’s safer.
  • Change in consumer behaviour resulting in AML officers finding it difficult to discriminate between legitimate activity and illegal transactions.
  • Increase in use of ‘money mules’ (individuals being used by organised syndicates to launder money, who may be either complicit, or unaware of the underlying criminal activity).
  • An increase in cybercrime, made possible by weakened security defenses of WFH arrangements.

Critical times call for decisive measures

Financial institutions should closely scrutinise transfers linked to the procurement of medical products, government subsidies and charitable donations, as well as conduct more robust reviews on large cash transactions as criminals seek to exploit the coronavirus pandemic. While scams are being exposed every day involving cybercrime, procurement fraud, investment fraud and government subsidy fraud, amongst others, much remains unknown about the emerging fraud and money laundering risk landscape. Therefore, it is especially important that financial institutions evolve their ongoing customer due diligence programs, and report suspicious activity in a timely manner.

Protiviti’s team of specialists assist organisations with protecting their brand and reputation by proactively advising on their vulnerability to financial crime, fraud and corruption, professional misconduct and other financial business risk issues.

UK regulators expect banks to ensure that their policies and risk assessments remain fit for purpose, while maintaining effective controls through robust business continuity protocols. Now is the time to take steps that will demonstrate to regulators that your institution recognises and has responded to the likelihood that it will increasingly encounter both internal and external fraud indicators in transactions, and be the target of exploitation by criminals seeking to launder the proceeds of crime.

Managing Financial Crime Risk During Covid-19

Identifying, Detecting and Mitigating External Financial Crime Risk

Financial institutions need to remain vigilant of red flags related to potential impostor, investment and product scams, including government funding schemes, charities and cyber fraud related to the outbreak, while also operating with reduced resources.

The red flags below identified by global FIUs and regulators relate to COVID-19 vulnerabilities that institutions should consider, inclusive of  a customer’s overall financial activity and the institution’s risk profile, to determine whether a transaction may be suspicious

Identity scams

  • Impersonation of government agencies such as the National Health Service, the World Health Organisation, or other healthcare organisations.
  • Transactions where the payee name has a resemblance to, but not the same as, those of reputable charities.
  • Payments to websites that are seemingly identical to legitimate charities and humanitarian relief organisations, often using URLs that end with a “.com” or a “.net”, while most legitimate charities’ websites end in “.org.”

Vaccine and medical supply scams

  • Fraudulent marketing of COVID-19-related supplies, such as personal protection equipment (PPE) or potential vaccines.
  • Offers to participate in unverified COVID-19 vaccine research and development crowdfunding schemes.
  • Selling unapproved or misbranded supplies that make false COVID-19 related health claims. A scam website was recently identified fraudulently claiming to offer “World Health Organization (WHO) vaccine kits”.
  • Promotions making false claims that products or services of publicly traded companies can prevent, detect, or cure coronavirus, especially where the claims involve microcap stocks.
  • Investments or trades that suggest urgency, obscurity, unverifiable credentials, testimonials, free gifts, or assert special insider knowledge, unusually large returns, guarantees or low-cost account opening.

Government support schemes

  • Multiple emergency assistance payments to the same individual.
  • Multiple emergency assistance payments or electronic funds transfers into the same bank account, particularly when the amounts of the payments are the same or very similar.
  • Emergency assistance payments, when the accountholder is a retail business and the payee is an individual other than the accountholder.
  • Opening of a new account with an emergency assistance payment, where the name of recipient is different from that of the potential accountholder.
  • Furlough subsidy and government backed loan scheme fraud (eg. ‘pay out first, validate later’).
    • Company receiving wage compensation but has no employees.
    • Company receiving wage compensation but does not pay the wages.
    • Company withdraws a large sum of cash immediately after a support payment is received.
    • ‘Pop up’ companies being set up quickly, possibly in order to fraudulently apply for government support (eg. companies wanting to setup new bank accounts)

Other red flags and suspicious transactions

  • The use of money transfer services for charitable donations.
  • Price gauging of medical supplies and high- demand goods leading to potential offboarding or restriction of accounts.
  • Crowdfunding platforms that have limited policies and procedures to protect customer funds and identification.
  • ‘Pop up’ companies being set up quickly, possibly in order to launder and mix funds that are normally laundered by other entities, such as cash intensive businesses.
  • Companies that are or should be struggling suddenly start receiving unexplained payments.
  • Informal value transfer (eg. manipulation of invoices, exploitation of correspondent accounts, trade diversion schemes, use of credit/debit cards by multiple individuals).

Implementation and Enhancement of Controls to Mitigate COVID-19 Financial Crime Risk

Below are some considerations for financial institutions to demonstrate best practice when detecting and preventing misconduct based on lessons learned from the 2008 financial crisis and recent guidance from global Financial Intelligence Units (FIUs) and regulatory authorities regarding COVID-19. Financial institutions should consider these scenarios to reduce the risk of financial crime, misconduct and potential regulatory violations by employees, vendors and independent contractors during and after the COVID-19 pandemic.

  • Continuity of critical functions

    Financial institutions will need to review resource allocation to adapt to the changing social and economic environment. The continuance of critical risk and compliance functions such as AML/CTF monitoring and sanctions screening is crucial to maintain integrity of the financial system and protect institutions from potential regulatory breach.
  • Supervision of internal systems

    Ensure internal systems are closely monitored for potential vulnerabilities to financial crime risk intensified by reduced workforce, operational restructuring, social distancing and remote working measures
  • Good governance practice

    Where robust compliance or risk management standards are interrupted, ensure that consistent and centralised governance decisioning is maintained (eg. involving compliance supervisory board committees). Decisions should be rationalised and documented, along with clear action plans to address deviation from normal operating standards.
  • Enhance Financial Intelligence Capabilities:

    Engage with regulators and representatives of law enforcement, and other industry participants who are continuously monitoring the changing risk landscape and can offer insights on new and emerging threats, impacts observed locally or globally, and prioritization of risk-based AML/CTF countermeasures.
  • Create Employee Awareness of New and Emerging Risks

    Use internal communications (written or video training) to educate staff on risks and typologies.
  • Implement Agile Risk Assessment

    Ensure financial crime risk assessments reflect the volatility of current conditions, adequately measure the potential impact of known vulnerabilities and articulate the level of control your organization can reasonably expect to exert over those risks. This will likely require more frequent updating of risk assessments.
  • Know Your Customer

    Consider whether different information, verification techniques are necessary to compensate for lack of face-to-face contact.
  • Adequacy of transaction monitoring programs

    Ensure transaction monitoring systems include appropriate scenarios to identify red flags applicable to the institution’s customers and activity and all thresholds (existing and new) have been retuned / validated to ensure appropriateness. Consider use of data analysis and data analytic tools to enhance monitoring capabilities and quality assurance of monitoring output.
  • Monitor government funding schemes

    Ensure that deposits and transfers involving funds from government support schemes are scrutinised in accordance with imposed conditions and irregularities suggesting potential abuse. Employees should be familiar with terms, conditions and restrictions associated with such schemes
  • Insider trading

    The noise of increased market volatility can provide camouflage for securities fraud and market manipulation. Ensure surveillance measures are heightened and adaptative to the current volatile environment.
  • Keep compliance records

    Where technology solutions are unable to support compliance obligations, such as voice-recording of trader communications, consider temporary alternatives such as contemporaneous records that are consistent with regulatory guidelines.
  • Preserve Privacy and Data Security

    Ensure remote working systems and virtual private networks (VPNs) are updated with security patches, multi-factor  authentication is enabled, user access rights are effectively maintained, and employees are adequately educated on the principles of customer privacy and information security.
  • Management Reporting

    Identifying, reporting and tracking trends in financial crimes compliance have never been more important to surface and respond timely to escalating risks.
  • Plan for Sustainable Transformation

    To the extent that the pandemic and the need to WFH accelerated digital initiatives or otherwise resulted in the adoption of practices that enhanced compliance activities and outcomes, develop a plan for making these changes permanent and sustainable.
  • Communicate with Regulators on Program Challenges

    Keep regulatory supervisors informed of any challenges faced with meeting regulatory requirements, to ensure the necessary guidance, support or exemptions can be provided individually or multilaterally.
  • Monitoring and Testing

    Notwithstanding the added challenges resulting from working remotely, now is not the time to ease up on monitoring and testing financial crimes compliance programs. It is imperative that program gaps be identified and addressed to protect the institution from undue compliance and reputation risk.

What Happens Next as the Landscape Evolves?

With the pandemic now becoming a way of life for most, and with some countries tentatively looking to resurrect local economies from hibernation, financial institutions equally need to consider pre-emptive actions in response to these restorative challenges. The implementation of practical measures to address new threats, fluctuations in operational capacity, increased charitable activity, fiscal stimulus and government relief packages will promote control and resilience as the world slowly returns to a sense of normality.

  • Coordinate available resources and engage key stakeholders to develop a response plan that communicates a clear pathway to emerge from COVID-19 conditions with a range of time- horizons and variable outcome scenarios (eg. COVID-19 second wave or discovery of a vaccine).
  • Ensure your risk assessment reflects the volatility of current conditions, adequately measures the potential impact of known vulnerabilities being exploited and articulates the level of control your organisation can reasonably expect to impose on those risks.
  • Engage with regulatory supervisors, who are continuously monitoring the changing risk landscape and centrally positioned to provide appropriate guidance on new and emerging threats, impacts observed locally or globally, and prioritisation on risk-based AML/ CTF countermeasures.
  • Cooperate with regulatory supervisors and other industry participants to understand and monitor the evolving risk environment. As with the introduction of many new industry-wide changes or events, criminal behaviours and typologies soon begin to reveal themselves, providing valuable regulatory and risk management intelligence.
  • Keep regulatory supervisors informed of any challenges faced with meeting regulatory requirements, to ensure the necessary guidance, support or exemptions can be provided individually or multilaterally.
  • Adopt a risk-based approach where regulatory supervisors have communicated appropriate interim standards under current conditions. These may include simplified CDD for lower risk accounts on government relief payments, legitimate reasons for customers being unable to provide information for know- your-customer (KYC) refresh, acceptance of government-issued ID for customer verification or implementation of provisional interim measures (eg. transaction limits) in lieu of typically acceptable documentation.
  • Ensure your organisation explicitly understands requirements in the context of economic relief measures, such as those outlined above.Reporting entities still have obligations to report suspicious transactions and retain records regarding customers and transactions.
  • Consider practical adjustments to electronic and digital payments to support customer activity while maintaining social distancing. Such measures might include increasing limits on point of sale purchasing, contactless payments or e-wallets and reducing domestic inter-bank transfer fees.

What Should your Organisation Consider?

Protiviti’s Financial Crime Risk and Compliance solution specialise in helping financial institutions satisfy their regulatory obligations and reduce their financial crime exposure using a combination of AML/CTF and sanctions risk assessment, control enhancements and change capability to deliver effective operational risk and compliance frameworks. Our team of specialists assist organisations with protecting their brand and reputation by proactively advising on their vulnerability to financial crime, fraud and corruption, professional misconduct and other financial business risk issues.

To assist your institution respond to increased financial crime risk as a result of the COVID-19 crisis, we would seek to determine higher AML/ CTF risk areas within the business, assess adequacy of the existing control environment and provide a robust roadmap for rapid enhancement, with focus on the following:

  • Operating model optimisation to support shift towards remote workforce while maintaining defined risk management and compliance strategy, business continuity, performance metrics, regulatory reporting and horizon planning for return to work.
  • Revision of financial crime compliance governance models to reflect changes to authorisation, sign-off and reporting procedures.
  • Incorporating COVID-19 vulnerabilities into the ML/TF risk assessment to ensure your institution is considering the “unknown- unknown” threats, identifying higher risk elements (eg. customer types, products offered, delivery channels) and to address change in your financial crime risk profile.
  • Adaptation of KYC/CDD procedures to reflect shift from face-to-face, to online identification and verification procedures during social distancing measures.
  • Production of new COVID-19 specific transaction monitoring scenarios, or fine-tuning existing rules, as customer spending habits change, and emergency assistance payments start to flow into customer accounts.
  • Enhancements to alert investigation, case management procedures and reporting protocols for suspicious transactions in a remote working environment.
  • Assessment of the AML/CTF and sanctions control framework and revisions to address new and emerging COVID-19 financial crime risk typologies.

Protiviti COVID-19 Financial Crime Health Check

The ongoing uncertainty of COVID-19 brings new challenges for financial institutions facing evolving threats posed by opportunistic perpetrators of financial crime. While the world adjusts to the changing economic landscape, your regulatory obligations remain unchanged. Protiviti can assist your organisation with assessing its exposure to COVID-19 related financial crime risk and provide pragmatic advice. Our team of Financial Crime Risk and Compliance experts can assist with identifying where potential weakness in your anti- money laundering framework exists and support you in designing and enhancing systems and controls that protect your organisation from unwanted criminal abuse, regulatory scrutiny or reputational damage.

We can offer a customised solution to provide a level of confidence that your organisation will not be an easy target. Protiviti can review your anti-money laundering framework and provide actionable recommendations to establish robust measures that preserve your organisation’s operational risk and compliance integrity.

Ready to work with us?

Bernadine Reese
Bernadine Reese
Managing Director
+44.20.7024.7589
Linked
Matt Taylor
Matt Taylor
Managing Director
+44.20.7024.7517
Linked