Why Financial Firms Need to Focus on Communications to Meet Sanctions Compliance
With continuous regulatory and enforcement environment changes, financial institutions struggle to meet immediate and long-term compliance challenges.
As regulators continue their sanctions regime against Russia, financial institutions everywhere are struggling to keep up with the different levels of restrictions and ensure every member of their organization complies with the new protocols. As this ever-changing regulatory and enforcement environment continues, banks will need to reassess how they meet both immediate and long-term compliance challenges, shares Shiran Weitzman, CEO of Shield.
Since the start of Russia’s invasion of Ukraine, authorities across the United States, United Kingdom and European Union have led an unprecedented sanction campaign against Russia that has resulted in a global impact on the financial industry. Due to the speed at which these sanctions have been imposed, banks everywhere are now tasked to keep up with the different levels of restrictions and ensure every member of their organization complies with the new protocols. As this ever-changing regulatory and enforcement environment continues, financial institutions struggle to meet immediate and long-term compliance challenges.
In fact, a new compliance report from Reuters revealed that financial firms have found keeping up with regulatory changes to be the most difficult challenge in 2022. An aspect that can be largely traced back to the geo-political tension the industry has been grappling with throughout this year. While strong compliance functionality remains challenging, firms must prioritize certain compliance aspects to meet sanction enforcement and overall regulatory standards.
Banks Should Turn Inward to Comply with Sanction Requirements
While many regulatory components make up this current sanctions regime, banks hoping to strengthen their financial crimes risk management as this war continues – and also in the general sense – should turn inward to catch any schemes or illegal activity. Specifically speaking, compliance teams will need to begin prioritizing monitoring and archiving all employee communications on all channels, including emails, calls and direct messages. This is because governments have traditionally relied upon trader communications to build cases against banks for any breaches in regulatory standards.
Whether it’s an email being sent or a direct message on a third-party application like WhatsApp or Slack, most financial schemes can be initially traced back to conversations between employees and their counterparts. And as these sanctions continue to ramp up, so do Russia’s attempts to evade the restrictions and infiltrate financial institutions’ internal operations. It was actually found WhatsApp usage increased following Russia’s invasion of Ukraine, as many firms and companies attempted to continue cross-border communication with traders and clients.
To stay ahead of these workaround attempts and ensure all members of their organization are complying with the regulatory requirements, banks will need to implement a surveillance solution that can automatically capture, archive and monitor all of an organization’s communication channels, including third-party applications. By prioritizing communications surveillance over other regulatory components, banks will be able to negate any schemes at their source, avoiding major fines and unnecessary scrutiny from the industry as a whole.
See More: Middle Market Companies Should Wake Up to the Potential of AI in Finance
Banks Will Need to Evaluate Surveillance Solutions
Historically, legacy security and surveillance vendors completed monitoring banks’ internal business communications. Yet, as the proliferation of third-party communication channels has taken over financial institutions’ internal operations these past two years, coupled with the rapid changes brought on by these sanctions, legacy technology is proving to be both inefficient in surveillance and time-consuming.
A large reason today’s banks are struggling to monitor these new channels with legacy technology is that the majority of third-party applications have an encryption that blocks a vendor’s ability to analyze. To stay on top of any nefarious activity that is taking place in these channels, banks will need to replace their legacy technology and turn to solutions that utilize artificial intelligence (AI) and machine learning (ML). This will allow banks to quickly catch any schemes before they are even in motion, as AI allows for automated compliance and security oversight, regardless of whether a channel is encrypted. And as these sanctions are constantly changing due to the war between Russia and Ukraine continuing to unfold, banks will need a solution that allows them to adapt and implement restrictions when needed quickly.
The Future of Communications Compliance: How Can Banks Prepare?
With more sanctions on the horizon and more financial institutions turning to modern employee communication channels, the industry can expect to see a continued increase in internal investigations from regulators and more communication requirement changes in the future. As investigations increase, we can expect firms to continue leveraging advanced technology solutions. Gone are the days when compliance officers could manually monitor employees and ensure organizations are meeting regulations.
This is especially true as the industry is also struggling to find, hire and keep senior-level compliance staff that possesses the skills needed to manage more complex, scrutinized and liability-laden compliance programs, according to the U.S. Treasury’s Office of the Comptroller of the Currency’s Semi-Annual Risk Perspective. While turning to advanced technology will definitely provide banks the tools to catch any schemes or suspicious activity, firms must begin integrating a practical and comprehensive compliance program throughout their organization to take their compliance strength one step further. To comply with regulators and avoid any fines or reputational damage, banks should really focus on building policies and procedures and educating their employees on the latest compliance requirements to ensure they are keeping up with the new sanctions environment.
What Happens to Banks Who Fail to Make Changes?
Banks who fail to meet these compliance sanction standards can expect to face an increased likelihood of enforcement action and an elevated risk of serious reputational and financial damage. Even before these sanctions were imposed, regulators have been investigating global banks’ internal communications channels, resulting in billions of dollars in fines for financial leaders such as JP Morgan and Wells Fargo. Banks should expect this regulatory enforcement on communication channels to increase throughout the year, especially as conflicts with Russia continue.
In the U.S., violations for failing to comply with these sanctions are already increasing. Today, failure to meet compliance includes a maximum of 20 years in jail and fines of up to $1 million per violation, however, President Biden has recently requested new protocols to increase the penalties for those working around these sanctions. The President has asked Congress to allow prosecutors longer amounts of time to build cases against those who fail to comply with Russian sanctions by extending the statute of limitations on money laundering prosecutions from five years to 10. In the U.K., those violating sanctions compliance are looking to see fines reaching $13 million or more.
No matter how these regulations change and evolve, the responsibility to implement protocols and ensure all members of their network comply rests solely on a financial institution. Banks must begin prioritizing how they search and monitor employee communications to maintain sanctions compliance and detect any potential operations that could violate the designated sanctions.
How do you think financial institutions can keep up with compliance regulations better? Share with us on Facebook, Twitter, and LinkedIn.
MORE ON COMPLIANCE:
