July 30 2020
Observations and industry practices to assist Authorized Institutions (AIs) in developing sustained efforts to cope with the evolving COVID-19 situation
(I) Customer due diligence under social distancing and travel restrictions
Social distancing and a significant reduction in travel due to COVID-19 continue to significantly impact the ability of AIs to interact with existing and potential customers.
We have observed that AIs are increasingly using video conferencing to interact with customers in the course of on-boarding and ongoing customer due diligence reviews. Some AIs utilise the flexibility provided in the Anti-Money Laundering and Counter-Terrorist Financing Ordinance to delay verifying the customer’s identity, while adopting appropriate risk mitigating measures.
(II) Pressure on AML/CFT resources
All AIs have some form of business continuity planning in place to maintain sound operations. To address the pressure on resources, AIs have been adopting a number of responses, which collectively have minimised potential impact to AML/CFT processes. These include reprioritising work on the basis of ML/TF risks, reallocation of staff, staggering office hours and equipping staff with work-from-home capabilities. Some AIs are also expediting their exploration of regulatory technology (RegTech) solutions (e.g. machine learning) to reduce the number of false positives generated from transaction monitoring and screening systems, and thus enhancing efficiency and effectiveness. (III) Emerging threats and changes in customers’ behaviour
AIs have increased their understanding of and vigilance to emerging COVID-19 related financial crime risks, including through the Fraud and Money Laundering Intelligence Taskforce (FMLIT) and a recently established Fraud Risk Management Taskforce under the Hong Kong Association of Banks. These collective efforts can help enhance the overall effectiveness of cooperation and information sharing between the public and private sectors on typologies and best practices. We are also seeing examples where RegTech is helping to build out a more collaborative, intelligence-led approach to financial crime risk management and that some AIs are applying advanced analytics to help detect networks and common vulnerabilities.