On 22 May 2018, the FCA published a speech by Megan Butler (Executive Director of Supervision – Investment, Wholesale and Specialists, FCA) entitled Turning technology against criminals.

Key points in the speech include:

  • it is important to recognise just how much of the direct threat to customers from financial crime has moved online. Phishing and identity theft have been cited by firms as the most widespread fraud risks they now face;
  • the FCA are primarily interested in outcomes and therefore if there are methods, innovations or technologies that help a firm combat financial crime, it should tell the regulator about them and not be afraid to move first;
  • the FCA’s own analysis suggest that transaction monitoring is the area with most potential. The FCA is seeing a lot of firms using compliance technology to automate existing processes so they keep on top of volume (particularly reducing false positives in transaction monitoring);
  • the next big step is to apply intelligent technologies so that firms can spot suspicious transactions in real time from unstructured account and transaction data. This is not simple for two reasons. First, there are practical obstacles. Many large firms need to integrate legacy systems – in some cases dating back to the seventies. Others face significant clean-up exercises to address issues around fragmented, poor-quality data. Second, there are important questions around issues including bias and transparency. Proprietary algorithms, for instance, can become black boxes. Meaning developers themselves do not necessarily know why a machine is making the recommendations its making; and
  • the question the FCA is often asked by firms is “will you let me off the hook if we introduce new tech”. The FCA’s answer is “no”. However, that it not to say that new technology cannot significantly reduce a firm’s risk exposure if it implements it in a way that it would any other – involving proper testing, governance and management.

Leave a Reply

Your email address will not be published. Required fields are marked *