This blog focuses on suggested improvements to information sharing between financial institutions, and between financial institutions and governments, to better combat money laundering and terrorist financing. As we recently blogged, the Royal United Services Institute (“RUSI”) for Defence and Security Studies — a U.K. think tank – has released a study:  The Role of Financial Information-Sharing Partnerships in the Disruption of Crime (the “Study”).  The Study focuses on international efforts — including efforts by the United States — in reporting suspicious transactions revealing criminal activity such as money laundering and terrorist financing.  The Study critiques current approaches to Anti-Money Laundering (“AML”) reporting and suggests improvements, primarily in the form of enhanced information sharing among financial institutions and governments.

In our first blog post in this series, we described some of the criticisms set forth by the Study regarding the general effectiveness of current suspicious activity reporting.  These critiques related to an ever-increasing amount of SAR filings, coupled in part with a lack a feedback by governments to the filing institutions regarding what sort of information was considered by law enforcement to be actually useful.  In our second post, we discussed the current landscape of AML information sharing in the United States, which is governed by Section 314 of the Patriot Act, and is an important component of many financial institutions’ ability to fulfill successfully their AML obligations.  This third and final blog post pertaining to the Study examines its findings and proposals for developing effective public–private financial information sharing partnerships (“FISPs”) in order to better detect, prevent, and combat money laundering and terrorist financing.  Observing that modern financial crime “operates in real time, is most often international in scale and can be highly sophisticated ad adaptive to avoid detection,” the Study generally posits that AML systems ideally should include real-time and cross-border information sharing. Since 2016, over twenty national governments have committed to developing public–private FISPs. The Study is a self-identifying “toolkit” for stakeholders in those jurisdictions, and prescribes five principles to consider in developing a FISP.  These five principles are:  1) leadership and trust; 2) legislative clarity; 3) governance; 4) technology and analytical capability; and 5) adaptability and evolution.  We discuss each principle below.

The authors of the Study developed these principles after conducting a series of roundtables, workshops, and interviews with current and former leaders from the private and public sectors. Moreover, the Study illuminates good practices and applications of these principles – or the lack thereof – by analyzing six existing FISPs:  1) the U.K.’s Joint Money Laundering Intelligence Taskforce (“JMLIT“); 2) Section 314 of the USA Patriot Act and its contextual briefings; 3) Australia’s Fintel Alliance; 4) Hong Kong’s Fraud and Money Laundering Intelligence Taskforce (“FMLIT“); 5) Singapore’s Anti‑Money Laundering and Countering the Financing of Terrorism Industry Partnership (“ACIP“); and 6) Canada’s Project PROTECT, run by the Financial Transactions and Reports Analysis Center, or FINTRAC.  Section V of the Study discusses each of the principles by providing the intention behind each principle (“objectives”) and suggesting action items for the proposed objectives (“recommendations”).  Using the six spotlighted FISPs, Section V also features “Relevant National Examples of Current Practice,” illuminating perceived best practices and weaknesses.

Leadership and Trust

The Study found that the first guiding principle, leadership and trust, is created through an “explicit leadership commitment with some level of publicity.” Publicly announcing and promoting the partnership sets the appropriate “tone from the top” necessary to engage parties with AML obligations.  Australia’s Fintel Alliance, for example, developed privately its objectives and organizational structure, and later unveiled the partnership at a “high-profile, public event” geared towards leaders in both the public and private sector.  Conversely, the United States created its program through legislative action, and in doing so, failed to engage CEO-level bankers from the program’s genesis.  This lack of cohesion, the Study found, slowed this partnership’s development and delayed consensus among public and private entities regarding the appropriate “level and intensity of” information sharing.

Although public-facing appearances matter, the Study found that legitimate trust among members of the partnership also must exist. The Study found that, even absent a formal agreement between individual law enforcement investigators and banking officials, information sharing between these parties occurred organically “through trusted relationships.”  The Study essentially proposed that participating public and private agencies should integrate in a way that deepens the partnership’s collective knowledge of each agency’s relationship to financial crimes and AML efforts.  The Study suggests accomplishing this by sharing office space or implementing a secondment process (secondment is the temporary assignment of an employee to another organization).  For example, Australia’s Fintel Alliance has a secondment program that requires private sector employees to temporarily work at a public agency, which culminates in the employee obtaining “entrusted public official” status.  The Study suggested, however, that public sector employees should also receive secondment placements in the private sector.

Legislative Clarity

The second principle promulgated by the Study is legislative clarity, meaning passing extremely clear laws surrounding “what types of information can be shared, with whom, when and for what purposes.” The Study found that it is “crucial” that public and private agencies have confidence in their interpretation of such provisions.  A lack of clarity may cause extensive litigation of the issues and conflicting judicial interpretations of the statutes and regulations.  Lastly, since AML information sharing implicates private information, legislative bodies must write the law in accordance with its privacy laws and constitutional protections.  According to the Study, international leaders perceive the U.S. Patriot Act as “the strongest legal basis to enable both public–private and private–private sharing in the world.”

Governance

In order to comply with the partnership’s legal obligations, a FISP must focus on self-governance: the Study concluded that strong internal governance “improve[s] the effectiveness and resilience of the partnership in the face of any disputes or operational pressure.” The Study does not prescribe one preferred organizational structure.  Instead, a FISP should organize its leadership based upon the size of its jurisdiction and the number of participating entities.  Hong Kong’s FMLIT, for example, is relatively small with only ten banks tapped as “members” for a twelve-month term.  These members take leadership roles in one of FMLIT’s two governing bodies: the Strategic Group or the Operations Group.  FMLIT chooses which banks should be members based on their “local and global footprint, their involvement with Police in the past, and their relevance and ownership to the subject matters.”  The United States, on the other hand, has no specific governing body; the Study suggests that it may be beneficial to have an overarching, federal governing body as well as state or regional leaders.

The Study argues that three main functions of FISP leadership are: 1) establishing clear operating documents, policies, and procedures; 2) measuring the partnership’s achievements; and 3) disseminating information in a helpful way to AML-compliant industries. According to the Study, the Fintel Alliance published an impressive Member Protocol manual, which clearly outlines the partnership’s objectives, governance, information security, vetting, and dispute-resolution arrangements.  The Study notes the clear need for information security procedures, and elsewhere concedes that privacy and data protection laws may present obstacles to some information sharing.

The Study further recommends that, as part of their governance function, a FISP should analyze its members’ decisions to close or retain customer accounts based on the information-sharing process, in order to curb the phenomenon of “broad de[-]risking, which may hinder attempts to ‘follow the money’ by forcing activity into un- or less-regulated sectors.” As we have blogged, industry and groups such as the International Monetary Fund have raised concerns about the trend of “de-risking” by U.S. banks – i.e., the approach, born out of fear of aggressive AML/BSA enforcement by U.S. regulators and law enforcement, of simply terminating customer accounts and types of customer relationships deemed to be more likely to draw regulatory scrutiny. De-risking, although presumably a safe choice for the individual institution, can produce unwanted and negative long-term consequences, such as the unnecessary hindering of the international financial system. Further, and as noted by the Study, it can lead ultimately to less overall transparency by ensuring that certain customers and practices will go underground.

Technology and Analytical Capability

Technology and analytical capability — the fourth principle — are essential in helping governing bodies measure their partnership’s performance, disseminate information to concerned parties, and stop financial crimes. The Study stresses the virtues of real-time and cross-border sharing of information.  FMLIT and JMLIT, for example, use technology to develop new typologies, methodologies, and other ways of detecting money laundering and terrorist financing.  They then send out industry-wide “alerts” sharing these new analytical tools.  The Study criticizes the United States’ stagnant, “on demand” approach to information sharing (discussed in our second blog post in this series) which creates a transactional relationship between the parties regarding a limited amount of cases, rather than a dynamic, constant flow of information.

The Study criticizes the United States’ stagnant, “on demand” approach to information sharing which creates a transactional relationship between the parties regarding a limited amount of cases, rather than a dynamic, constant flow of information.

The Study cites Australia as the most ambitious FISP “with regard to near real-time data exchange, shared data analytics and cross-border sharing,” particularly because Fintel Alliance is the only FISP with international partnerships. Australia is limited in the types of information sharing systems it develops, however, because the law does not provide for private–private information sharing.

Adaptability and Flexibility

The final principle of a prosperous FISP is adaptability and evolution. The Study imagines that artificial intelligence may play a useful role in monitoring financial information and analyzing it in real time.  Of course, the authors caution, development of such AI systems “will require careful oversight to ensure that the outcomes are justified and controlled.”  In looking ahead at future developments among FISPs, the Study concluded that international partnerships are ideal for “following the money” effectively on a global scale.  The current limitations on international information sharing hinder law enforcement’s ability to disrupt large-scale money laundering and terror financing operations.