Why are compliance and due diligence regimes important?

Every type of crime and every terror attack can be looked at through the prism of "follow the money". Put it simply if we can trace who paid, for what, and to whom, we can trace the workings of any criminal syndicate and any terrorist organization. But neither criminals nor terrorists want to be found. It costs a lot of effort to investigate and unravel complex relationships and identify suspicious transactions, even more so if prevention is the main goal.

Post 9/11 era has seen a great deal of progress in this "follow the money" approach. Investigating terror networks and the way they were financed globally. Using approaches known to law enforcement agencies engaged in an existing struggle against money laundering criminal syndicates. It became apparent that there are similarities. Terrorists like criminals do not respect borders and do not care for jurisdictions. To catch them – both criminals and terrorists, international cooperation is needed. Not just the high-level type with diplomats at fancy receptions, but also the nitty-gritty type where law enforcement agents talk to each other across borders. Which due to the nature of national law enforcement is always tricky.

In addition to borders, there is another hurdle, that is banking secrecy; a principle that without the explicit consent of the customer banks, will not share information with anyone else. This rule means different things in different countries. It can be really strict non-sharing or slightly less strict, for example under the condition of a court order information about specific transactions of specific clients can be shared with a law enforcement agency engaged in an investigation of that particular client. As a rule, though banks will not give up information on their client’s transactions easily.

To help with increasingly complex structures to launder money or raise funds for terrorist extremists there exist specialized agencies called – financial investigation units. And to help countries with cooperation, these agencies have a club. It hides under an acronym FATF - Financial Action Task Force. It is truly a global money laundering and terrorist financing watchdog. With a membership of over 200 countries. It worked out recommendations and standards for countries to follow, to help authorities deal with criminal networks laundering proceeds from drug trafficking, human trafficking, and illicit trade. Its recommendations work on terrorists too. Terrorist organizations are using very similar methods to criminals, but instead of keeping the proceeds of the money laundering, they use it to support radicalization – recruitment and to plan and fund further attacks.

Most at risk are private companies as well as not-for-profit organizations, the nature of business requires partners, suppliers, vendors, and customers/clients. All of these can potentially be involved in some sort of illegal activity. The commonsense principle of knowing who you do business with happens to be one of the main principles of compliance and due diligence regimes; its acronym is KYC – Know Your Customer. The process of due diligence is important as it protects businesses from being abused by criminals or terrorists as accessories for their illegal activities. The risk increases exponentially for any company or non-governmental organization that crosses a border or welcomes a partner from abroad.

The cost of compliance and due diligence have risen in recent years to exorbitant levels. This is due to the sheer amount of man-hours it takes to investigate all the possible risks. The methods of checking and what is being checked have evolved into rather complex and lengthy affairs if carried out properly. The threat of legal responsibility in case something was missed during a due diligence process and the possible cost of non-financial damage to reputation or worse criminal prosecution is incentive enough for most companies to err on the side of caution. The higher the stakes the more thorough the checks must be. No company intent on acquiring another business wants to find skeletons buried on the accounting books in the form of shady transactions or news stories about the wrongdoings of its executives.

The answer might lie in new technology breakthroughs. Digitization of registers and introduction of transparency, to complicated business ownership relationships that are designed to confuse businesses and the public about who really benefits and stands behind various companies. AI in spotting suspicious transactions among millions and millions of transactions daily without the need for hundreds of humans spending long hours trawling through mountains of data. There are dangers as well, the unfettered access to data can lead to misuse. The restriction of personal financial privacy could also be in danger.

Financial crime is a cat and mouse game between those who would like to profit from illegal activities or would like to finance such activities as organized crime or terror attacks. And those whose job it is to prevent these from ever happening, or if they do happen to make sure that they do not go unpunished. Although technology can help in some aspects, Financial Intelligence Units and recommendations of the Financial Action Task Force are not going away any time soon. Neither is compliance and due diligence. Nor should it.