Carmen Chu, Executive Director (Enforcement and AML), Hong Kong Monetary Authority
Good morning, ladies and gentlemen. It is my great pleasure to address the Fraud and Financial Crime Summit again this year. Let me start by thanking Regulation Asia – there really is no substitute for face-to-face events to share knowledge and experience in our objective of combating fraud and financial crime.
And I don’t need to highlight here that our common task has got harder. In the last few years, financial crime, especially digital fraud, has become a more serious concern. A number of reasons account for this. The pandemic which pushed more of our financial business online was a contributing factor, as were the rapid advances in financial technology that make things so convenient for us, in particular the rise in online-only services and real-time payments, which have also proved very attractive to criminals. The speed of some of the changes has been unprecedented.
The situation is worrying: in Hong Kong, a city with a population of 7.5 million, deception cases reported to the Police have more than tripled in recent years with similar increases in financial losses to victims, local and overseas. And there are no signs of this slowing down yet: the HKMA received 637 fraud-related banking complaints in the first six months, already exceeding the total of 555 cases for the whole of last year. I’m sure you can all quote similar figures from your own jurisdictions.
This leads me to the theme of this forum: How do financial institutions, regulators and law enforcement agencies innovate their response to fraud? How will financial crime systems evolve in the coming years, and what does a more strategic, proactive response look like?
We have all heard much about data-driven and technology-aided response to tackle increasing financial crime, and today I want to place these terms in the wider context of a whole-system strategy, and discuss the role of the public sector, in particular regulators, in driving this agenda.
The banking sector not only acts as gatekeeper but also provides the majority of data and intelligence on which the success of our mission depends. As the banking regulator, we have been challenging ourselves: how can we be more dynamic and creative, and how should we adapt our own supervision to encourage and enable banks in adapting their front-line controls in a way that collectively improves outcomes for our anti-money laundering regime? How can regulators and financial institutions work together to make sure that the public has strong confidence to conduct business online with financial institutions (FIs), and has faith that effective financial systems could help protect customers against the harm, and the sometimes life-changing losses, from fraud and financial crime?
Let me start with the role of data, or evidence, and what we have been doing under our data-driven supervision initiative. By using more complete, accurate, and timely data, both supervisor and banks can analyse threats and track the results more effectively – or put another way, we can better measure and judge the success of our efforts to mitigate identified threats.
Based on that understanding, the HKMA has transformed its supervisory approach to the collection, storage and analysis of data, in support of more data-driven supervision, which in turn drives more targeted interventions. We call this our Anti-Money Laundering (AML) surveillance enhancement programme, a long-term commitment to and investment in data and technology, as well as supporting capabilities and culture. The objectives are to better understand and target higher risks in banks, and to create such supervisory and data and analytics environment that supports larger data sets and uses technologies to perform enhanced risk profiling.
The implication is an uplift in how we engage with banks on AML data – we will shortly move to an automated common submission portal for data - through which each bank is able to demonstrate effectiveness based on its risks and corresponding Anti-Money Laundering and Counter-Financing of Terrorism (AML/CFT) programme.
Another important part of our roadmap towards a more effective response is the role of technology in aggregating and analysing the huge volume of data that financial crime models generate. Starting in 2019, we engaged banks to understand where they were on their Regtech adoption journeys and then tailored tools and approaches to suit different levels of maturity and use cases, where we and banks see value. Since then we have published a number of guidance documents providing insights and case studies, while in parallel organising AML Regtech Labs - or AMLabs – which allow small groups of banks to target common pain points, identify relevant technology solutions, and gain hands-on experience working alongside technology and data experts.
As a result, about 60% of our retail banks are now deploying network analytics, more than twice as many as three years ago, a capability which has already resulted in banks increasing the number of intelligence-led suspicious transaction reports by about 320% in 2022 over a year ago, leading to an increase of over 110% in criminal proceeds restrained or confiscated.
The important point to take away is that this roadmap supports a stronger collective response which can tackle changes in threats based on stronger risk understanding and evidence base, and this is where the leadership from the public sector is so important, driving all stakeholders to work more closely together, sharing more data, more information and more know-how.
You may have heard this referred to as a whole-system response to financial crime. Public-private partnership amongst the regulator, law enforcement agencies and banks, like the Fraud and Money Laundering Intelligence Taskforce (FMLIT) in Hong Kong is a very good example of this in action, as is the innovative approach to anti-fraud coordination demonstrated by the Anti-Deception Coordination Centre with banks’ strong support, amidst many similar arrangements including for example Anti-Scam Centre here in Singapore.
But the roadmap does not end at public-private information sharing channels, successful though they are. The next stage of our roadmap is private-to-private partnership, and when combined with the other elements we have already put in place, such as data analytics capabilities, we start to see the potential which bank-to-bank information sharing represents.
The HKMA has collaborated with the industry and Police to recently launch the Financial Intelligence Evaluation Sharing Tool (FINEST), a bank-to-bank information sharing platform which helps increase banks’ ability to share information for detecting and disrupting fraud and mule account networks more effectively. And we actively participate in international discussions to exchange experiences and adopt consistent approaches in the fight against fraud and financial crime, which poses growing threat to the integrity and stability of global financial systems in the digital era.
In parallel to these developments, the HKMA is also running a pilot – Macro Analytics – which for the first time applies analytics to granular financial crime data across multiple banks, including eight retail and virtual banks, to generate new supervisory insights that we hope will help us target and tackle vulnerabilities and threats – such as mule account networks – and therefore help safeguard the integrity and stability of the banking sector.
These collaborative approaches are perfect examples of what I spoke of – to be dynamic and creative in how we upscale our results and demonstrate the value we have all invested in the whole-system approach: banks, regulators and law enforcement sharing a common purpose to turn the tables on fraud and financial crime, to reduce harm and losses to members of the public.
The public sector stands ready to provide the leadership to embrace new opportunities as part the commitment we have all made as members of the Financial Action Task Force (FATF) and the Asia Pacific Group on Money Laundering. The private sector is equally important in that commitment and needs to be both dynamic and creative if we are to fully leverage these new opportunities, and make the best possible use of data and technology to empower our new ways of working and innovate our response to the increasing threat which fraud and financial crime present to our societies.
I very much hope that I have been able to offer some food for thoughts in the very active debate around effectiveness in anti-financial crime work. I look forward to seeing that debate extended in the panel discussions today and wish you all a truly dynamic and creative day.