Closed padlocks with an abstract background depicting internet security

Financial Crime Compliance in Securities

Financial crime in securities is on the rise, it’s time that an industry-wide response was made a priority.

By Colin Brooks - Vice Chairman, Securities Services, Transaction Banking

In recent years, there has been an increased focus on the potential for crime within the securities industry, with cases involving well-known custody and depository institutions.

In one or two high-profile cases, the institutions were acting upstream of the account-providing banks that had the relationship with those breaking regulations. One case concerned violations of Iranian sanctions, while another involved manipulation of penny stock dividends. In neither case were the criminals engaging directly with the CSDs.

Revised expectations

These events were a major wake-up call for the securities industry. The implication was that there needed to be a way to carry out due diligence on all parties at every stage in a transaction – from originator to ultimate owner or controller of the asset (‘ultimate asset owner’).

The securities industry gains efficiencies through the use of collective investment schemes and omnibus accounts, but these structures can help conceal the identities of the ultimate asset owners.

Subsequent enforcement actions against custodians contradicted the established view that a user only needs to know their direct contractual partner (who is either one level up or one level down the chain from the user themselves, even in a cross-border environment). There was a risk that securities companies would now be required not just to know their own customers, but also to identify and hold accounts for their customers’ customers – all of them. If this were to happen, it would quickly unravel the use of omnibus account structures and greatly increase the costs of the industry – and ultimately of investment in securities.

The enforcement actions also seemed to challenge the commercial and legal reality, and represented a potentially serious threat to the industry. The implication was that it was no longer enough for institutions to rely on the fact that their customers themselves were regulated by financial entities.

New mission, new models

Finding an effective means of identifying and managing the risks associated with parties further down the chain is a key issue for the securities industry. This is an urgent quest, as it is now apparent that criminals are equally able to use securities, as well as payments, as a means of shifting large sums of money.

There are two potential solutions to this issue, both of which have their adherents in the industry:

  1. The first is to move to a system that tracks the ultimate asset owner for every movement of securities. Taken to its ultimate extent, that could require having accounts for every ultimate asset owner at every stage of the investment chain. This would mean getting rid of omnibus accounts altogether and moving to a fully-segregated model, potentially a more extreme version of the segregated models that exist in Norway and South Korea.
  2. The alternative is a standards-based approach that uses the Financial Crime Compliance Principles from the International Securities Services Association (ISSA) to make appropriate risk-based arrangements that do not disturb the sound operation of markets.

Time to respond

The use of omnibus accounts is a fundamental part of how the securities industry operates. If we look at the CSD in South Korea (which follow a segregated structure) it’s clear that one client can have thousands of accounts – and that’s just going down one step to their immediate clients.

If we then go through each of the stages between the CSD and the end-investor, this can be multiplied many times. It’s easy to imagine a situation where, if the account structure ultimately went to the level of the ultimate asset owner, there could be millions of accounts at different stages of the investment cycle. The cost and effort involved in setting up, maintaining and reconciling those would be immense. Omnibus accounts permit more effective and more cost-efficient transactions because of netting and consolidation.

It’s critical for the securities industry that we implement an alternative – other than moving to that ultimate asset-owner level. That is why ISSA, in which Standard Chartered plays an active role, began to look at this topic. ISSA is the natural forum for developing a response, as its members comprise most of the principal custodian banks, broker-dealers and central depositories in the industry. Its members intermediate 95 per cent of all cross-border holdings of securities in the fixed-income and equities space.

Yannick Cherel, Head of Financial Crime Compliance for Securities Services at Standard Chartered, is a member of the working group set up by ISSA to look at what standards should be put in place to prevent criminals and terrorists gaining access to the securities industry. The group has made a series of proposals, known as the ISSA Financial Crime Compliance (FCC) Principles, which recommend the types of controls and safeguards that institutions should consider establishing.

Implementation to save the day

We should try to avoid a duplicative situation in which every institution carries out the same checks and controls. Instead, the aspiration is that when an institution is regulated by a recognised authority, the checks it carries out can be relied on by all other institutions.

The ISSA FCC Principles clearly lay out what checks should be done, to ensure a coherent and consistent set of controls. This promotes consistency of approach among different parties:

  • The sub-custodian knows that their client, i.e. the global custodian, has performed the proper controls and checks
  • The broader industry can be confident that we are not allowing criminals to access the system.

If regulators have confidence that the securities industry can control the flow of investment, conduct effective screening and monitoring, and prevent criminals from accessing the financial system, then there should be less need for further regulatory scrutiny.

We have the FCC Principles, but they now need to be fully implemented by global institutions. If our industry can implement a strict regime, based on consistency of controls and greater transparency of ownership, we would be in a strong position to prevent the movement and ownership of assets by criminal entities.

Focusing on implementation of the principles must be a priority for all of us.

Back to news and views