According to Nasdaq, money laundering reached $3.1 trillion globally in 2023, funding human trafficking, drug trafficking, and terrorist financing. Losses from fraud, meanwhile, reached $485.6 billion. Moreover, financial regulators have been hit with 80 fines in H1 2024, totaling over $263 million or a $62 million increase from the same period the previous year. Amid this, financial institutions need to educate and protect themselves against increasingly sophisticated – and expensive – fraud.
Enigma chatted with Luke Raven – an expert in AML, compliance, and financial crimes – about how financial crime is changing, the rise of online big butchering schemes, and the efficacy of fines on FIs to combat financial crime. This is Part One of a two-part interview with Raven, check out Part Two here.
This interview has been edited for clarity and length.
Can we chat about the differences in financial crime five years ago compared to now? How have rates been rising and how have the types and sophistication of those crimes changed?
Money laundering generally flows from an offense – you commit a crime, you generate proceeds of that crime, and then you need to make it look legitimate. And I think that the Covid-19 pandemic had such an impact on businesses – including organized crime groups.
So predicate offenses have changed. When you said to me 5 or 10 years ago, “Hey, Luke, what bad guys are you after? I was after drug dealers, cartel members, organized crime groups, and money laundering syndicate. And then came Covid-19 and it forced all of these sort of old school criminal empires to adapt and to make themselves online businesses.
Fraud and scams have become such a prolific topic. We had a downgrade in the losses last year in Australia to $2.7 billion from over $3 billion from scams the year before, but that is still five times as much as it was five years ago. It’s slapping people in the public in the face: everyone knows someone who’s been scammed and everyone’s worried about their grandma or their kids or their cousins or their mom.
It's very interesting, because at the same time as that has happened, all of the financial services have evolved over this time as well to be more online, more digital, and constantly making leaps and bounds in that regard. So that progress enables that cross-border moving of funds more instantaneously. Everyone wants to remove friction from onboarding because, of course, there's competitive advantages in offering your product to market with the least amount of clicks and the least amount of friction for customers – delivering Ferraris compared to horses and carts in terms of the capabilities you get – but that includes as a money launderer.
So I think it's chalk and cheese. Obviously, there are still massive drug problems and organized crime groups, but they're increasingly turning to cyber crime and we need to turn our minds to that. And it's fascinating, as well, because five years ago, I was very easily able to root out amateur money launderers, someone dealing a small commercial quantity of drugs, for example. It was easy to find them, because it was all cash. But now we are dealing withwith organized crime groups, unorganized crime groups like solo attackers, and even nation states sponsored groups all in the same realm. It’s an incredible transformation and I think that we really need to get our skates on as an industry to keep up with it.
Have you seen any particular interesting examples demonstrating the changes in financial crime?
We're living in the age of data breaches. That that is the new trend. You no longer rob a bank anymore to get a bag full of cash and a bullet for your troubles. You go online and you attack the bank’s customers. Big butchering scams – and I hate that term – are very well known already, but are gaining impetus.
This rise in money laundering seems to be corresponding to a rise in fines on financial institutions – is this a good way to combat this sort of crime?
I don't think it is effective. The problem with it comes from the word itself: compliance is something you do because you have to do it. If that's the only reason you're doing it, you typically try for a least-compliant product approach, 50 out of 100. The problem with organizational goals like these is that it's much easier to get an A+ by aiming for 100 out of 100 then falling slightly short. But many are aiming for bare minimum.
So I'm a huge proponent of meaty fines when they're appropriate, but they really should be aligned with intentionality, deliberate flouting of the law. You've had some really interesting cases in the US recently – the world's largest crypto exchange and things along those lines – but I think that that is really appropriate. But what's lacking in terms of the industry overall, we've got all the we've got, we've got these sticks, right? Where are the carrots?
Where's the incentive to improve if someone is doing an okay job and they're probably not going to get fined or even if they're doing a pretty subpar job but it's not egregious. You can look back at the fines against some of the world's largest institutions, they're repeat offenders because they don't really have an incentive to this. They're just trying to do it well enough to not get whacked right now, and I think they need a carrot from the regulators.
We haven't seen a lot of creativity in this space from legislators and I think that we need it. The other thing that feeds into this is that fines would be a more effective mechanism if we really, really funded our public sector more. I saw a recent article that the US compliance authorities are going to have a $2 billion budget – including the IRS and everything – going forward which is great and it sounds like a lot to a layperson. But that's budget pales in comparison to the financial services industry. So it's a little bit like roulette.
If you're a senior banking executive, you have a million priorities to balance: you need to grow your customer book, you need to return value to shareholders, and you have these historical compliance issues. What incentive do you have to be the person that says, “You know what? Knock it all down. Let's start again. Let's do this. It's going to cost money, it's going to cost customer friction, but we're going to be leaders in the space of financial crime.” An executive could do that but why would they when they can just go, “Well, I didn't do this and it's not great, but we probably won't even get found out.” I think that that's a real problem with this enforcement approach.
Are there carrots for FIs to fight financial crime beyond what the government provides them? Why should FIs care about investing in better AML processes and can they make AML a competitive advantage?
I think that's a great question and it goes back to my initial answer about how fraud has become much more prevalent. I tend to think that trust is the new customer service. But trust and safety are only competitive advantages if you make them that way: if I never get defrauded, and I never suffer at the hands of bad guys and I don't blame my bank, then potentially I don't even realize that lack of friction in my life. It only becomes a problem when it becomes a problem and then I complain.
But what banks are moving to more and more, is talking about AML because they have to invest all this money in it anyway. And what I see is a really virtuous circle here, where talking about it more, brings more awareness to the public. Customers start to make decisions based on where they find their money is safe and they are more understanding of compliance challenges. This strategy is the kind of thing that I think that banks need to steer into, but it is an intentional and a strategic shift that you have to make if you want to make financial crime a competitive advantage. It doesn't become one by doing it silently.
--
Learn more about how Enigma can help your institution combat financial crime – with lower overhead and more automation – or check out Part Two of our conversation with Luke Raven.