WMA Financial Crime Conference 2017

The Wealth Management Association hosted its Annual Financial Crime Conference in London, where industry experts, regulators and practitioners discussed a wide range of developments in the rapidly evolving financial crime landscape. Delegates included representatives from a range of wealth management firms and other organisations who gathered insights on the latest developments in policy and legislation, risk analysis, cyber defence, cyber liability and the impact of financial crime.

The WMA is the leading industry body for the private client investment community, whose members manage in excess of £825 billion of the country’s wealth.

"We are glad to be hosting the 7th financial crime conference: attendee numbers are growing rapidly, which shows how the industry remains laser-focused on fighting financial crime and mitigating risks including cybercrime," WMA Deputy Chief Executive John Barrass said. 

"Recent studies indicate that the value of fraud has risen to over £2 billion over the last year. As our industry responds to increasing digitalisation, it's hugely important to address the evolving threats and opportunities this will present".

The Financial Conduct Authority (FCA) informed delegates of upcoming data protection reforms to address the increasing use of digital and its integration into business development. Rob Gruppetta, Head of Financial Crime Department, Investment, Wholesale & Specialist Supervision Division, FCA commented: "We want to work together with industry, other regulators and government, both in the UK and internationally, to fight financial crime. But we also want to minimise the unintended consequences of regulation."

Over the last year there have been 3.6 million instances of fraud, 2.5 million of which were linked to bank and credit accounts, Gruppetta said. He further highlighted that cybercrime remains one of the FCA's top seven priorities. In this vein, he pointed to their recently launched ScamSmart campaign, designed to create awareness of financial fraud. The interactive warning list tool has received more than 35,000 checks in the past 3 months.

Regarding current Money Laundering regulation, the Chair of the Joint Money Laundering Steering Group (JMLSG) Louise Stanway, told the audience that the group remains focused on updating guidance ahead of the Fourth Money Laundering Directive implementation. "We are will be working on consulting on our proposed Guidance changes after the Treasury publish their consultation on the draft UK Regulations," Stanway said.

James McMillan,  Criminal Law Specialist at Maclay Murray & Spens offered insight on the measures being put in place regarding domestic and corporate offences and tax evasion.  Craig Kennedy, Head of Fraud, Investigations and Business Crime, Maclay Murray & Spens spoke further about the litigation risks presented by cyber crime and how companies can dilute the effect of any cyber attacks. "Cybercrime is a Tier 1 risk, listed on a par with terrorism", Kennedy said. 

Discussing recent high profile attacks on companies such as Sony, Talk Talk and the impact the attacks had, Craig quoted the FBI: "There are two type of companies: ones that have been attacked, and those who do not know it yet." Discussion highlighted the main four types of attacks faced by firms - data extraction, data destruction, data manipulation and data denial and the impact these attacks have. "The integrity of a company is at stake along with the financial losses associated with disruption in operations faced by associated partners and clients".

Failure to keep sensitive information safe can result in victims of a cyber attack being sued for breach of contract and negligence. Craig said: "Cybercrime is not an IT issue, but a boardroom issue. In order to mitigate the impact of cybercrime, businesses need to create a security culture which promotes good governance, identifies key assets for protection and how they can adequately recover and respond in the case of a breach".

Tackling systemic cyber risk by implementing proactive solutions is the aim of the Global Cyber Alliance, a not-for-profit group that is seeking to establish a global network of cyber security experts. Backed by the City of London Police, the NY District Attorney Department and the Centre for Internet Security, they advocate the use of DMARC, an openly available free of charge security protocol.   

On the data protection front, Garreth Cameron, Group Manager for Business and Industry, Information Commissioner’s Office (ICO) provided an update on reforms affecting data protection and financial crime. He emphasised the need to keep a balance between privacy and security, noting how digital innovation is an evolving process.  "(Digital innovation) is a power for great good but there is a need to ensure regulation is keeping pace", Cameron added. 

He went on to highlight the looming deadline for the implementation of the General Data Protection Regulation on 25th May 2018 that will be part of a 'package of measures' that the industry will need to prepare for.

Paul Scott, Advisory Services Director at Huntswood presented research which noted how wealth managers are grappling with the diverse and complex issues tied with financial threats. His good-practice guidance focused on the importance of a robust and ongoing risk assessment, with 67% of wealth management firms surveyed saying that they reviewed their risk assessment annually.