30 June 2020 by Guy Harrison
The continued spread of COVID-19 has upended everyday life and business operations across the globe
After its reign through much of Asia, the Coronavirus remains a force to be reckoned with in the European market. Many organisations are having to stockpile cash, halt unnecessary spending, lay off employees and rethink their entire business model in order to manage.
As the situation continues to evolve, the impact on operations becomes ever more apparent, especially in risk and compliance – from managing risk remotely to staying on top of new pandemic-related risks among clients and the supply chain.
As governments begin to ease lockdown restrictions for certain industries, the return to ‘normal’ still remains up in the air for others. And while working patterns and business landscapes have changed, and in some cases halted all together, it is clear regulators haven’t pressed pause.
COVID-19 has created new headaches for risk and compliance professionals, as they put crisis plans to the test in a bid to mitigate the deep impact the pandemic has brought.
With many companies experiencing significant supply chain disruption, and the crisis offering an opportunity for increased financial crime and heightened tensions between nations, we expect compliance, due diligence and investigation teams to be very busy in the coming months.
Financial crime is not a new phenomenon, but the crisis has changed the nature of the battle against it in a few ways.
Firstly, it has challenged organisations’ abilities to execute traditional detection and prevention methods. The banking industry, which in the past has largely relied on face-to-face checks to form the basis of its regulation and compliance, is no longer able to continue with its usual protocol due to working from home policies. As a result, financial institutions are turning to electronic due diligence such as open source documentation and data sources.
Adding to the pressures on the financial industry is the UK governments request to help the general public with unprecedented levels of lending. There will undoubtedly be a degree of misuse and appropriation of the financing aid and emergency funding used by criminals to conceal illicit assets. This illegal activity will be even harder to detect than usual amid the increased volume of customers and transactions these institutions will be trying to process.
And the rise of ecommerce and online shopping has only worked to accelerate the already growing trend of phishing emails and data leaks – directly attacking consumers in order to commit fraud and conceal illegal monies.
The nature of the crimes being committed has shifted in the wake of the pandemic. Those who commit financial crimes are opportunistic by nature. And as the Coronavirus presents a whole host of challenges for the financial sector, these individuals are becoming incredibly resourceful in adapting their activity in order to take full advantage of the current state of disruption. For instance, according to CipherTrace (2020), there has been a sharp uptake in crime associated with virtual and crypto currencies, a trend that compliance professionals have long been monitoring.
While it may appear as though regulators are taking a reasonable approach to help ease the burden, any release will be short lived. Risk and compliance professionals cannot become complacent.
In fact, as we edge closer to the post-pandemic period, financial institutions will need to invest time in retracing their steps to ensure transactions and onboarding during the COVID-19 period do indeed meet the necessary requirements – and quickly tackle those that are not adequate.
The Coronavirus pandemic initially hit hard in China, meaning it had a large knock-on effect on the European and American manufacturing processes. As the pandemic continues to ravage the rest of the world, many companies are forced to look for key suppliers elsewhere or face going out of business.
In an attempt to keep up with consumer demand, many businesses have been forced to onboard new suppliers at record rate and volume. In such haste, businesses are more likely to be susceptible to cutting corners – introducing risk in areas where they normally would have stringent checks in place to guard their value chains, such as bribery, environmental crime and modern-day slavery. Not only has the volume of checks required increased, but because of the pandemic, the best third-party risk management programmes have introduced new checks. This includes a deep understanding of new suppliers’ business continuity and infectious disease management plans.
To combat the temptation to cut corners in vetting the business partners they are taking on board, organisations should instead focus on shoring up their supply chain processes and ensure that they remain as agile as possible. After all, the supply chain is no stranger to disruptions – from geopolitical instability and price hikes to cyber-attacks.
Leading supply chain organisations use a range of automated or digitised risk management platforms that incorporate intelligent decision-making frameworks, which can accommodate exceptions and regional nuances in ways that still enable continuous, consistent management of the most common and prominent risk factors.
The Coronavirus pandemic has certainly emphasised a lack of digital literacy and capability needed to support such systems across various industries. Further to this, lockdown restrictions have contributed to the added pressure placed on communication infrastructure and limits the movement of people in creating challenges for professionals to effectively monitor and manage supply chain activity.
The global spread of the virus, alongside today’s international business network, means we cannot forget the implications that various governmental regulations and restrictions can have on our ability to move raw materials, components and finished goods to where they need to be.
Greater emphasis needs to be placed on access to good quality, reliable and accurate data. It has never been more important for risk and compliance leaders to keep abreast with changing international policies relating to taxation, trade restrictions, border controls, and labour laws – all of which are important elements of developing production and supply strategies.
The deterioration of certain international relations has been expedited by the pandemic. Amidst heightened tensions, there is an increasingly prominent notion that when it comes to compliance issues, economic security equates to national security. This creates a risk of sanctions and foreign goals being merged with other types of economic policy and political pressure when in reality, they really play the same role. At a time where organisations are already struggling to cope, the imposition of new policy could well bring them to the tipping point.
In April 2020, the US Bureau of Industry and Security (BIS) amended its Export Administration Regulations (EAR) to expand license requirements on exports, re-exports, and transfers (in-country) of items intended for ‘military end use’ or ‘military end users’ in the People’s Republic of China (China), Russia, or Venezuela. Specifically, this rule expands the licensing requirements for China to include ‘military end users’ in addition to ‘military end use’.
Companies doing business in any of these countries and across a wide range of industries must now consider the impacts of these rules and anticipate increased regulatory compliance obligations.
While frictions between these countries have been long documented, the Coronavirus appears to have exacerbated tensions.
The Coronavirus is increasing the rate and volume of our work as risk and compliance professionals – but the same standards need to remain. Whilst teams are stretched to their limits, it is important to stay on top of how compliance is changing. In order to cope, we are beginning to see a rise in self-reporting and self-regulation.
Organisations small and large cannot afford to pause, as legislators still expect regulation compliance to be upheld. The alternative comes at a staggering price. One only needs to learn from the Westpac scandal of last year, during which the bank was found to have committed 23 million breaches of anti-money laundering and counter-terrorism financing laws. The Australian Transaction Reports and Analysis Centre (Austrac) said each breach carried a maximum penalty of AU$21m (£11m). Nevertheless, the fines were the least of their worries in comparison to the related reputational risk and connected financial setback that followed as customers and investors looked to disassociate.
The speed and severity of this pandemic caught many off guard. Despite this, the Coronavirus will undoubtedly continue to deeply affect financial services, supply constraints, and operational capacity for the foreseeable future. Organisations that appear to be best weathering the COVID-19 storm already have a steadfast commitment to enterprise-wide risk visibility, insight and collaboration. This has always been, and should remain, a top priority for all risk and compliance professionals.