This is how authorities can help banks identify money-laundering

Good luck finding a major bank in Europe that has not breached money-laundering regulations.

In Denmark, the two largest banks, Danske Bank and Nordea, are both currently subject to criminal investigations. BNP Paribas received the highest-ever fine in 2014, when it settled with US authorities and had to pay $9bn for sanctions violations. Many others — from HSBC and Standard Chartered in the UK to Deutsche Bank and UBS and Credit Suisse — have had to answer for offences.

These cases show that living up to money-laundering regulations is difficult, but not doing so is one of the biggest risks to a bank’s reputation. Banks and authorities share the same goal — to stop the bad guys — but both are struggling to find a way forward. While the EU has proposed establishing a dedicated authority on the crime, company expenses to combat laundering are ballooning.

Research we conducted at the Danish Financial Supervisory Authority suggests a less expensive solution: improve the technology for monitoring and reporting suspicious bank activity. Doing so could significantly cut down on money laundering, though it would also raise questions about privacy that would need to be addressed.

Banks are generally required to do three things to combat laundering: know their customers and their expected patterns of transactions; monitor transactions and examine those that seem atypical; and report suspect behaviour to the government.

These steps may sound simple, but the quantity and complexity of transactions make them anything but. In a small country like Denmark, the central payments systems process the equivalent of €80bn a day. Such monitoring can also be a hassle for customers, who have little patience when trying to execute simple transactions.

This is where investment in tech can be useful, especially if it improves co-operation between regulators and banks. I see six ways for authorities to help banks better identify and investigate high-risk activity while sparing most ordinary customers inconvenience.

Create (or enhance) national electronic IDs to verify customer identity. This data could ease the onboarding of most customers, as banks would no longer need copies of passports and other documents to set up accounts. Reducing costs and hassle for the many would free up resources for monitoring transactions of higher-risk customers.

Build digital data registers to verify business identity. Registers should be able to provide high-quality information (for example certified by lawyers) that banks can use in onboarding uncomplicated businesses. This would make it easier for companies too, since they can then maintain most of their data in one place. Again, this would free up bank resources to focus on higher-risk accounts.

Encourage banks to build shared Know Your Customers utilities. The banking sector would greatly benefit from a centralised database of customer information that can also be linked to public registers. There is no economic sense in banks gathering the same information separately, which is the current practice. Establishing such utilities may require supervisory guidance, however.

Allow banks to share data on risk flags. Money launderers often use multiple banks, making it difficult for any one company to identify problematic transactions. Being able to share data will give everyone a fuller picture of a customer’s banking activity. That would prevent those who get barred from one bank for suspicious activity from simply moving to another lender.  

Make it easier to screen for politically exposed people. Governments generally have information on individuals — and close relations — who’ve been entrusted with a prominent public function and are therefore at greater risk of corruption. Right now most authorities don’t share this data with banks, making it hard to identify potentially risky accounts. (For example, it’d be easy for a bank to identify me as a politically exposed person, but given my common name, it’d be harder to identify my children living at another address.) Making this information available for bank queries would vastly improve their screening process.

Give banks access to other select data. Public authorities hold all kinds of information that could be useful for lenders trying to prevent laundering. For instance, governments have a better view of businesses that have the same owners or are connected in other ways. Sharing this data would give banks a better perspective on a particular business’s activities. Another option is for police to share what they know about how criminals behave to help banks identify dubious transactions.

These proposals are probably easier to implement in a highly digitised society like Denmark. But they are to varying degrees applicable to most other European countries. In Denmark, allowing for increased use of national eIDs should be doable within a year. The others may have longer time horizons, and some would require legislative changes.

Several of the initiatives, however, will require particularly careful consideration about the trade-offs between combatting money laundering and protecting privacy. For example, granting increased access to authorities’ data and allowing banks to share risk flags could conflict with General Data Protection Regulation, the EU’s Anti-Money Laundering legislation and even banking secrecy norms. Sharing data also creates a risk that an individual or a business becomes non-bankable without being able to query why. Policymakers and regulators need to be explicit and thorough in analysing these issues.

The EU is pushing ahead in setting ever-higher standards for the fight against money laundering and terrorist financing on the continent. At the global level, the Financial Action Task Force is doing the same. If our efforts are to succeed, technology and data will have to play a bigger role.

Bloomberg Opinion. For more articles like this please visit Bloomberg.com/opinion