The global financial crisis served as a catalyst for sweeping regulatory changes that show no sign of fading, in particular regulations concerning international information exchange. Furthermore, following a series of leaks that exposed the sheer volume of capital stashed offshore (‘Swiss-leaks’, ‘offshore-leaks’ and ‘Panama Papers’) as well as sweetheart tax deals awarded to major corporations and heads of state, subsequently regulators radically changed the rules of the game, introducing unprecedented levels of trans-national transparency. To enforce these new measures, regulators levied harsh sanctions against financial institutions for failing to stay abreast of the exact tax, legal, and/or political exposure of their customers. At the same time, thanks to the ‘information revolution’ and the nature of today’s ‘global village’, regulators have also raised their expectations regarding the intelligence financial institutions should gather on their customers.
The past few years have corroborated the worst fears of secrecy-based professions – secrets will inevitably become public knowledge. ‘Panama Papers’ – the latest major leak to date - destroyed what was seen as one the ultimate ways of shielding beneficial ownership. Luxembourg’s financial industry is closely linked to international markets, including markets in key developing nations, and is subsequently exposed to major compliance risks such as corruption, bribery and unorthodox commercial practices. As such, Luxembourg’s financial community must further develop its compliance expertise. Major compliance vendors – external to the financial institutions themselves – serve as an excellent solution to today’s dynamic regulatory environment.
Luxembourg, as one of the world’s leading financial centres, will see increasing global transparency requirements for account holder information that will require global scalable solutions. The underlying challenges include timely reporting, relationships with multiple authorities, compliance cost increase and complying with data-privacy laws.
« When transparency reflects reputation management concerns – Better safe than sorry »
Reputation risk often tops the list of worries keeping senior executives and board members up at night. This is particularly the case in our new global environment, where incidents and decisions that would escape notice five years ago, now instantly find a global audience within minutes, ready to take organizations and even countries to task within hours and often with serious repercussions. Not incidentally, reputation risk usually falls outside traditional risk management frameworks and Enterprise Risk Management (ERM) capabilities. Yet reputation risk must be proactively managed as it has the ability to damage brands, lines of business, and entire organizations.
As with most risks, the sooner the reputation risk is recognized and addressed, the better. The traditional approach to managing reputation risk focuses mainly on cultivating a good reputation and then countering crises and setbacks as they arise through effective communication. While essential, these activities are no longer enough.
The latest scandals show how important it is to anticipate reputation exposure before a crisis occurs and highlight the challenge of executing enhanced due diligence as part of the protocol for prospect on-boarding and existing client screening.
« The need to do business vs. the need to be compliant »
The underlying need is still – and will be – to create new business opportunities and accept new clients. In order for the Luxembourg financial industry to compete in the increasingly challenging landscape, it cannot turn its back on ‘riskier’ revenue yielding regions in the developing world. The inherent tension between drawing business from « non-traditional » markets and risk control forces the financial sector to turn to new specialized risk mitigation players. These experts must provide a level of quality as demanding as the constraints faced by the compliance professional, but also provide a balanced and holistic picture of relative risk, separating facts from unproven allegations.
As today’s regulator environment grows increasingly stringent, Luxembourg’s financial community must take measures to ensure that its compliance practices are one step ahead.
Additionally, KYC vendors play an important role in mitigating risk to allow the local financial industry to boldly expand into new markets. By “knowing” the new markets, its key players and inherent risks, decision makers - equipped with information to avoid pitfalls and recognize opportunities - can bravely venture into ‘riskier’ lucrative markets.
« Third Parties to serve the highest demands: How can the industry help to support the Compliance in their mission of excellence? »
The right capabilities, enabled by innovative technologies, can position the organization to identify, detect, monitor, mitigate, and manage reputation and strategic risk more proactively and objectively than traditional in-house professionals and reactive communication. As access to information and data grows, the need for professional analysts who can contextualize and analyze information using a broad spectrum of sources has become crucial.
The recognition that third parties are key in assisting the financial industry to maintain an adequate level of compliance calls on the regulators to recognize the new growing sector and enable it to fulfil its mission. For instance, the fourth EU Anti-Money Laundering Directive (AMLD) calls for establishing a UBO register. To date the register is set to be accessible to competent authorities, FIUs, obliged entities such as banks, notaries and lawyers conducting their “customer due diligence” duties and any person that demonstrates a “legitimate interest”. “Special Interest” is deemed as including investigative journalists, however it is imperative that it gives access to accredited due diligence providers in order to assist “obliged entities” meet their requirements.
« Hand in hand with the regulator…»
Luxembourg’s government, the regulator and the local actors have joined efforts in order to put in place the best practices to strengthen compliance procedures, de facto creating a new industry for reputation management. This new sector has given way to a favourable environment, providing tools to the financial industry that allow it to expand to emerging markets and sectors that would have otherwise been too «risky ». It is time to face reality and recognize (and regulate) this new sector so that the financial industry can enjoy greater confidence when confiding with such third parties, create a base line for information security and privacy and enable the accredited providers access to information as part of the information sharing revolution.
Chief Executive Officer of Sqope