Scrutiny of money laundering, terrorism financing and sanctioned individuals have been keeping private banks in Asia on their toes, and experts are saying that the onus falls squarely on the shoulders of the board of directors.
A number of transgressions in Asia’s private banking industry have come to light in recent years, especially in the wake of the 1Malaysia Development Berhad scandal that shook Singapore.
The Monetary Authority of Singapore has consequently taken wide-reaching actions and released two best practice papers on trade-based money laundering last week.
As a result, questions have arisen over where responsibility lies for implementing rules around anti-money laundering (AML) and sanctions at banks – the frontline staff, compliance heads, senior management or the board of directors.
‘It’s the board’s job to demand the management come up parameters on what money they are going to take and what they are not going to take,’ said Reshmi Khurana, managing director at consultancy Kroll.
‘The risk that needs to be taken into account is not just from a financial risk perspective but from a regulatory, political risk, reputational risk perspective as well,’ she told Citywire Asia.
The board of directors obviously sets the tone at the top in banks, yet there are some glaring deficiencies that need to be addressed for wealth managers to avoid hefty fines - or even closure as in the case of Falcon Private Bank and BSI Bank in Singapore - due to regulatory breaches.
A 2017 AML survey carried out by consulting firm AlixPartners found that 33% of the board of directors at Asia’s financial institutions did not receive regular training and briefing on AML rules.
The lack of education of some board members needs to be addressed before they can take strategic decisions on how to run the business, said Sven Stumbauer, AlixPartners’ managing director for financial advisory services.
Of these decisions, the first and foremost is to address the incentive structure for relationship managers, he noted.
Private bankers globally are compensated on the trading activity of their clients or their assets under management. Instead of rewarding the banker purely for bringing in greater AUM, the board should set a compensation structure that takes into account the riskiness of the client.
This is even more significant because the liability for breaches falls with the institution, sometimes long after the relationship manager has left the bank, the executive noted.
‘To tie a non-sanctions compliance to the individual’s compensation means that if the individual is trying to bring an account that poses greater risk, the compensation should probably be withheld for a certain time period or lowered to account for the heightened compliance costs,’ Stumbauer said.
Next, the board should set aside adequate budgetary resources for the compliance division to upgrade technology, systems, research databases and manpower, and to better align the capabilities of the different units within compliance.
‘It’s one thing to say we are committed to AML and sanctions compliance and then to give the head of compliance a de minimis compliance budget that virtually makes it impossible to build or maintain an adequate AML or sanctions compliance programme,’ Stumbauer added.
In fact, AlixPartners found that 47% of the surveyed Asian financial institutions said their AML and sanctions budget was inadequate.
Both Khurana and Stumbauer noted that the patchwork of legacy systems are part of the problem at banks. AML rules have evolved at different points in time, international players have penetrated new markets at different stages and acquisitions have led to the adoption of very different IT systems.
‘That makes it a fairly big challenge for a financial institution to even identify all the accounts that one individual might control or might be involved in,’ Stumbauer said.
What’s more, added the executive, there’s a need to bring in outside directors and rotate the members of the board to change the dynamics of the interaction at the top.
‘Regulators are sending a message with every regulatory action,’ Stumbauer said, adding ‘so it would be prudent business to review the enforcement action and look at what is happening in your own institution.’