Beyond Bitcoin: What Does the Future of Financial Crime Hold?
Whatever Bitcoin’s fate, one thing seems certain: rapid technological change will shape financial crime in ways we are only beginning to grasp.
China’s decision to halt trade and eventually perhaps ban activities involving virtual currencies has fuelled speculation about Bitcoin’s future. While some view Beijing’s actions as a blow that will hasten Bitcoin’s downfall, others interpret its continued price rise as a sign of its resilience and promise.
But for those interested in understanding the future of financial crime, which RUSI’s Centre for Financial Crime and Security Studies intends to explore in its Financial Crime 2.0 conference this November, Bitcoin’s ultimate success or failure is of secondary importance.
More relevant is that the entire financial sector is undergoing a period of tremendous technological upheaval that will shape the future of illicit finance, with Bitcoin or without it.
Bitcoin often dominates discussions about new forms of illicit finance owing to its appearance in high-profile criminal cases, which demonstrate how these financial technologies place new demands on law enforcement, forcing security agencies to adopt new tactics.
The entire financial sector is undergoing a period of tremendous technological upheaval that will shape the future of illicit finance, with Bitcoin or without it
But this is not unique to Bitcoin. An international financial system featuring deeply interconnected and rapid payment mechanisms could see the emergence of financial crimes of unprecedented scale and scope, and of new character.
New technologies can improve financial services, but they also shape the nature and direction of money laundering, terrorist financing and other crimes.
The future is already beginning to be visible. Take, for example, last year’s hacking of the Central Bank of Bangladesh, when North Korean-backed cybercriminals nearly stole $1 billion overnight.
Or consider alarming revelations that criminal groups are using social media to recruit the young to act as ‘money mules’” Or consider Europol’s recent assessment that compromised payment cards can be used in crimes such as human trafficking, and that ATM ‘skimming’ scams are accelerating.
These criminal typologies are evolving as a growing number of non-traditional players enter the financial sector, with new start-up financial technology (FinTech) companies and tech giants, such as Amazon, altering the payments space.
While they offer innovation, competition and prospects for expanding financial access, new entrants can present new systemic financial crime risks, depending on the nature of their products and services.
The traditional banking sector’s adoption of new technology also presents challenges, as they are vulnerable to sophisticated hacks and new fraud typologies. As decentralised computing, the Internet of Things, the proliferation of Big Data and other developments unfold, financial crime will transform concurrently, and often unpredictably.
Several questions arise. Can law enforcement keep up with proliferating high-tech risks? Can regulators monitor an increasingly digitised financial system? Will the global anti-money laundering and counterterrorist financing (AML/CTF) regime, established in the 1980s, remain relevant? At present, all signs point to an uphill battle.
It is true that law enforcement has achieved successes in tackling crimes such as cyber-enabled money muling, and crimes involving cryptocurrencies.
Can law enforcement keep up with proliferating high-tech risks? Can regulators monitor an increasingly digitised financial system?
However, broader systemic challenges in the global AML/CTF regime – such as the poor performance of suspicious activity reporting and asset confiscation measures – do not bode well for long-term efforts to disrupt sophisticated and high-tech financial criminality. What’s more, the public sector generally lacks the requisite technological literacy to keep pace.
As Christine Lagarde, Managing Director of the IMF, noted recently, financial regulators may need to become ‘experts in assessing the soundness and security of algorithms. Easier said than done’.
For example, some observers champion a role for artificial intelligence (AI) in improving the detection of financial crime. However, AI is still developing, and its promise in the field of AML/CTF requires further exploration, raising important questions.
How will the private sector’s use of sophisticated AML/CTF tools be governed and assessed, particularly if regulators still lack skills to evaluate their utility and effectiveness?
Other issues abound. How will countries establish jurisdiction over ransomware attacks and other financially motivated cybercrimes, with financial data stored on servers across the world?
Or take the future of cash. Even if cash thresholds can hinder criminal finance in the near-term, should we embrace a cashless future when the risks of tech-enabled financial products are still only being studied?
If the above challenges appear daunting, several near-term steps can make the future more manageable.
Christine Lagarde, Managing Director of the IMF, noted recently, financial regulators may need to become ‘experts in assessing the soundness and security of algorithms. Easier said than done’
First, the public sector must enhance understanding by engaging directly with new financial technologies. The UK Financial Conduct Authority’s April 2017 discussion paper on distributed ledger technology is a model for the open-minded but rigorous scrutiny governments should pursue – an approach that neither rushes blindly to embrace new technology, nor merely reacts against it.
To this end, the financial crime risks that new technologies pose must be assessed and understood with granularity, avoiding unempirical generalities. As noted in a recent FinTech Financial Crime Exchange white paper, co-authored with RUSI, hastily labelling the entire multi-faceted FinTech sector as ‘high risk’ for money laundering purposes without detailed study is unproductive.
It is crucial that the public sector honestly assess the money laundering risks of new FinTech products; but it is also critical that debates remain fact-based, and that unsubstantiated hyperbole does not predominate.
Second, the public sector must improve its own use of technology. This can include training for law enforcement on complex forensic techniques, or further exploration of ‘RegTech’ and ‘SupTech’ solutions to streamline regulatory compliance processes while enhancing regulators’ ability to analyse complex information and data.
These efforts must not use technology for its own sake, but should form part of strategic approaches that employ high-tech tools for specific ends, and for long-term capacity building.
Third, the international community must achieve much-needed coherence in global policymaking. Although financial crime has become increasingly globalised, policy responses often remain fragmented.
The Financial Action Task Force (FATF), the global AML/CTF standard-setter, can lead efforts to rectify this. FATF has taken an important step by convening a FinTech and RegTech forum, which meets in Berlin this week.
It can build on this by articulating key challenges associated with the impact of new technology on financial crime more broadly, determining whether its standards and recommendations require updating, and providing additional forums for detailed international discussion of appropriate responses.
It is critical that these forums tackle difficult questions directly. They should enable vigorous debate about issues such as the societal impact of curtailing cash, the possible effect that interconnected payment platforms may have on personal and financial data security and the consequences of new technology-driven AML/CTF techniques for financial and data privacy.
Wherever the future of financial crime leads, it is safe to say we are only just beginning.
The views expressed in this Commentary are the author's, and do not reflect those of RUSI or any other institution.
WRITTEN BY
David Carlisle
Associate Fellow; Independent Consultant