Hasan Rauf, DTCC (top) and Jamil Ahmed, HSBC, (bottom).
In the financial services world, legislation plays a crucial role in providing a regulatory framework to enable the smooth running of financial markets, ensure cross-border and domestic compliance and protect market participants from financial risk and fraud. Efficient compliance management is crucial to cope with the evolving landscape of regulatory requirements.
As business becomes increasingly virtual, firms will have to remain vigilant to accurately identify red flags or gaps in compliance. To seek answers on the alliance between technology and compliance management, Hasan Rauf, DTCC Executive Director, Head of Business Development – APAC, recently spoke with Jamil Ahmed, Chief Compliance Officer of Hong Kong and Shanghai Banking Corporation Limited (HSBC), based in Singapore.
Rauf: How critical is the role of technology in supporting internal and regulatory compliance to manage trade execution and management processes?
Ahmed: Trade execution and management processes tend to be rich in metadata, making them ideal candidates for technology adoption. Much of the technology usage is focused on front-end trading algorithms featured heavily in trading desks and have since extended to use cases for regulatory compliance. There is value in adopting services provided by market utilities for post-trade processing to ensure that the trade data transmitted remains safe and secure and a complete audit trail is available to assist in meeting regulatory compliance.
On the trading floor, technology is relied on to mitigate financial crime and conduct risk analysis, such as scrutiny of market transactions, to detect signs of misconduct, abuse or insider trading. However, surveillance processes can be cumbersome often requiring significant manual interventions to monitor. This is where advanced surveillance systems that can effectively monitor the various forms of trader communications – be it voice, chat or email – hold much promise and potential for continuous enhancements to existing surveillance processes. To replace tasks traditionally performed by humans, cognitive algorithms, using machine learning and natural language processing that can effectively detect and monitor anomalous behavior or red flags to capture data bias across diverse data sources and voluminous data sets, is really where compliance from a surveillance perspective is headed.
Rauf: How does HSBC adhere to different market practices – global vs local – when doing business in Asia? Does technology come into play?
Ahmed: For a global universal bank like HSBC, regulatory compliance essentially spans across several jurisdictions and entities involving numerous regulators with different regulatory requirements. Fortunately, there is some form of regulatory convergence on some aspects of regulatory regimes, particularly in the areas of prudential standards, conduct and culture.
That said, banks and financial institutions have been relying on regulatory technology (RegTech) to improve the effectiveness and efficiency of regulatory compliance processes particularly in data intensive areas such as regulatory reporting, transaction monitoring, and when implementing Know Your Customer and Customer Due Diligence procedures. A key feature of many of these RegTech applications is the ability for algorithms to have a rule-based engine incorporating specific regulatory rules in a particular area – to ensure that the underlying process complies with the most stringent rule set that may apply. While technology does introduce some significant benefits in these areas, ongoing monitoring is required to maintain these rule sets and ensure that changes to underlying upstream systems and feeds are not disruptive to processes to facilitate straight through processing across the entire trade lifecycle.
Rauf: As driving digital client engagement is now the norm, what are the requirements for leveraging technology to tackle cyber-crimes? What are some of HSBC’s recent implementation to fight cyber-crime?
Ahmed: Digital banking products and services essentially generate significant efficiency gains and caters to the needs of a tech-savvy clientele. With increased interest in digital banking solutions, traditional banking incumbents are pushed to innovate as threats of the digital bank revolution persists. Whilst much emphasis is placed on improving front-end user interfaces and expanding the delivery of more sophisticated product sets encompassing wealth management and corporate products, banks are also on high alert for cyber-crime and fraud risks exposed by digital channels. We have seen how quickly cybercrime tactics have evolved during the pandemic – capitalizing on the vulnerability of remote working and individual sensitivities to the changing environment. In Singapore, the Singapore Police Force reported a 28% increase in cyber scams in Q1 2020 compared to the same period the previous year. In response, banks and financial institutions are refining their fraud monitoring systems to detect suspicious activity to ensure that red flags are immediately detected with appropriate actions taken to prevent funds from being fraudulently misappropriated.
At HSBC, we are exploring advanced technology capabilities and systems that help identify suspicious behaviors through anomalies in the biometric and behavior profile of clients – to prevent or mitigate any risks associated with account take-over or business email compromise events. These advanced capabilities complement our existing set of controls to collectively protect our customers.
Rauf: Is it better to address financial crime as part of a consortium – through the implementation of golden rules and instilling collaboration across the financial services industry?
Ahmed: Supranational bodies, such as the Financial Action Task Force (FATF) and other industry groups like The Wolfsburg Group, have a rich history of setting standards, issuing best practice guidance documents and typology reports which collectively provide focus and attention on raising standards to fight financial crime. As a result of these collaborative efforts, we have benefited from guidance papers that leveraged the collective inputs of different organizations across geographies. As illicit funds and tainted money continue to flow across borders, greater cooperation among nations, market utilities and financial institutions locally and globally is required to mitigate financial crime risks.
Aside from the ongoing efforts of international bodies and industry groups, local working groups also play a significant role in fighting financial crime. Public-private partnerships comprising law enforcement representatives as well as those from banks and regulators, are exploring methods to effectively address the idiosyncratic nature of identifying and reporting potential illicit activity – thereby enabling investigative outcomes and concerns to be shared with other market players who may also be at risk.