Contact us
Contact us
ANTI-FINANCIAL CRIME

Forget the 'Future of FinCrime': First, Get the Basics Right

In the fast-moving world of anti-financial crime (AFC), where tech and innovation tend to hog the spotlight, it’s easy to get swept up in the excitement of the next big thing. AI solutions. Big Data. Whatever’s around the corner.

But here’s the thing: none of that fancy tech matters if you haven’t nailed the basics. Without solid foundations, even the most cutting-edge AFC programme is destined to fall apart. 

A case in point? Look at what’s happening in some of the UK’s most forward-looking firms. 

Just last month, the FCA slapped Starling Bank with a £29 million fine for failings in its financial crime systems. And Revolut? The 'financial superapp’ has been named in more fraud complaints by the Ombudsman than any major UK bank in the last year. 

These are the fintech disruptors; the trailblazers. Yet they’re stumbling on the basics, and the results are catastrophic. 

Meanwhile, even established financial institutions continue to slip up. Last week, we saw Toronto Dominion hit with a massive $3.1bn fine, split across FinCEN and the DOJ, due to failings in their BSA / AML compliance programmes. 

Basic building blocks
Basic building blocks
Put in place World-Class Basics

The lesson from these recent failings? If you’re responsible for AFC at your firm, don’t get ahead of yourself. 

As we always say: focus on World-Class Basics, applied consistently, and build from there. 

You need to build strong foundations before getting swept up in the latest tech or in future trends. And getting the basics right is harder than it sounds, as Starling, Revolut and TD are proving. 

At BeyondFS we have the privilege of working across a wide range of organisations, all facing similar challenges. What we see, time and time again, is that firms are excited to talk about future trends, but many haven’t yet gotten the basic building blocks in place. And without those foundations, you’re setting yourself up to fail. 

Case study
Starling Bank: A case study in basic failings

Let’s dig into what went wrong at Starling Bank, according to the FCA’s recent Final Notice. 

Between September 2021 and November 2023, the bank opened 54,000 accounts for 49,000 high-risk customers, despite explicit restrictions against onboarding such clients. That’s right: they weren’t meant to onboard a single high-risk customer. 

It didn’t stop there:

  • They missed screening for sanctions in critical areas, like payments from crypto platforms and multi-currency accounts, due to a systemic issue.
  • They had no operational management information (MI) relating to sanctions alert volumes and trends.
  • They only screened customers against their Consolidated List every fortnight, where standard practice in the industry is every day.
  • They had no system in place to test whether their sanctions screening was working post-implementation. They couldn’t even tell if the system was working, and therefore if they were compliant with regulations. 

These are not technical, complex failures: they are relatively basic oversights.

Mastering the basics isn’t easy

The problem is, getting the basics right isn’t as straightforward as it sounds. 

In Starling’s case, as with many others, it comes down to the people and culture. Are the team asking the right questions? Are they spotting weaknesses? Are they taking action when something doesn’t look right? Are they getting the support and investment needed they flag issues?  

At its heart, success in AFC depends on having people who are diligent, proactive, and effective, and having management that supports teams to do a good job and sets the right culture from the top. The right systems, controls and processes flow from there. 

Sure, Starling was growing enormously quickly, both in terms of number of customers and staff, and they faced a shifting regulatory environment. But these challenges aren’t unique to them. It’s happening across the industry. 

Conclusion
Know where to start

Yes, the future of financial crime prevention is exciting. New tech and regulations mean there’s always something on the horizon. But through it all, one thing remains constant: it’s the people who make or break your programme. 

Policies, procedures and tech are just tools. At the end of the day, it’s the people: on the front-line; in leadership positions; and those behind the controls, who determine whether your organisation stays compliant or faces the wrath of the regulator.  

Good people will put in place the right governance and controls. They’ll know that regular reviews, stress-testing, and external audits aren’t optional extras: they’re essential to catching gaps before they turn into big, expensive problems. 

We must remember that when organisational compliance fails, it is the responsibility of the whole organisation. 

So, before you start thinking about the future, ask yourself this: are your basics world-class? Because if they’re not, you need to start there. 

After all, while we absolutely need to stop financial crime occuring, our job is also to protect the firms we work for from incurring fines and from reputational damage. And for that, you need to make sure your organisation has World-Class Basics in place.

 

Are you facing a mammoth task transforming your financial crime and regulatory operations functions? As the old saying goes, “a journey of a thousand miles begins with a single step”.

At BeyondFS we’re here to help you understand what it will take to put in place World-Class Basics and more. Get in touch today. 

Let's make change happen.

We help Financial Institutions accelerate digital transformation – delivering improved efficiencies, better risk controls and enhanced customer experiences.