Food for Thought: Exiger’s Financial Crime Audit Roundtable

“Food for Thought” is a series showcasing insights and best practices from attended events, where senior financial services professionals and industry thought leaders come together to discuss the latest industry developments over a bite to eat.Request an invitation  Exiger hosted a round table event under Chatham House rules for Heads of Financial Crime Audit at a range of financial institutions in Nov 2019 to look back on the year to identify key learnings: share best practices on how audit teams have responded to changes in the regulatory or macro-economic environment and dealing with new technologies and business disruptors in the FinTech space. We looked ahead to 2020 and beyond to share our insight into “Hot financial crime topics”. We then engaged in a round table discussion with attendees so they could hear from each other on key areas of financial crime focus for their respective 2020 audit plans. Attendees completed an anonymised survey on their FCC 2020 audit plan which we captured in the attached graphics that provided a valuable takeaway from the event. See survey results below that we hope you find useful to benchmark your 2020 planned audit coverage:Aside from coverage of topics that are routinely considered in FCC audit plans relating to AML and sanctions risks as well as trade finance and correspondent banking products, the survey highlighted some interesting FCC audit trends: Corporate fraud was very much in focus for 2020 but the approach to fraud audit risk coverage was diverse – thematic audits were desirable but lack of resources and competing audit priorities in certain FIs meant fraud risk would need to be audited piecemeal, resulting in potential gaps in coverage. Several firms commented to having constrained resources with some having to make trade-offs in audit coverage in terms of what was the least amount of coverage they could “get away with” in 2020 particularly in jurisdictions where they had to provide mandatory annual AML audit coverage. Although this is not a new trend, it’s one that must be monitored to ensure Audit is not doing too little real audit work to provide reliable assurance. An uptick in coverage of tax evasion risk, where firms planned to assess the extent to which processes and controls employed – many leveraging other areas of their compliance programmes, such as those for the UK Bribery Act and Money Laundering Regulations – were sufficient to provide “adequate procedures” to prevent the facilitation of tax evasion which became a criminal offence in the UK under the Criminal Finance Act in September 2017. This is a welcome trend in light of an uptick in the UK tax authority’s further investigations into the failure to prevent the criminal facilitation of tax evasion. An uptick in planned coverage of ABC and ABC audits, attributable in part to an increase in regulatory coverage of ABC as part of supervisory visits. Coverage of the implementation of the EU 5th Anti-Money Laundering Directive (5AMLD), as well as the impact of legislative divergence (e.g. secondary sanctions/blocking statute) and payment transparency controls. Multiple firms commented that they were in the midst of establishing how to audit AI-enabled technology. Areas where there was limited or no coverage included:Financial crime cross-border information sharing controls – an area that may warrant revisiting in light of Brexit planning when this picks up again. Coverage of FinTechs as a customer group – again, another area that may warrant revisiting in light of the surge in new FinTechs with a variety of different business models that auditors should undertake deep dives in to understand their unique FCC risks. One risk that no attendee predicted was pandemic risk. While all firms will have business continuity plans, many of the assumptions underlying these plans will not be adequate in a pandemic because it will be people rather than infrastructure that will become unavailable. How is your audit plan changing in light of recent events?