Standardised privacy laws, improved data sharing protection needed to combat financial crime more effectively
Financial crime costs global economy US$2.4 trillion annually, but banks and financial institutions are hesitant to share data with regulators, says Refinitiv CEO
Hong Kong, and other jurisdictions globally, need to standardise privacy laws and improve data sharing protection to combat financial crime in a more effective manner, said David Craig, chief executive of data and trading platform Refinitiv.
Such crime costs the global economy US$2.4 trillion annually. But banks and financial institutions have been hesitant to share data with regulators for fear of breaching privacy laws, or handing in evidence that could be used to sue them, Craig said on the sidelines of the Refinitiv Pan Asian Regulatory Summit, held in Hong Kong recently.
Hong Kong markets watchdog to sue 60 companies and individuals for corporate fraud in first half of 2019
He said it was crucial for financial stakeholders to share data as criminals had become more sophisticated and were investing in technology and networks. “Our argument is that we need to have a lot of risk intelligence and data across the system – more than just meeting compliance requirements,” said Craig.
A report released by Refinitiv in May found organisations in 19 countries had spent 3.1 per cent of their turnover, or US$1.28 trillion, to fight financial crime, which includes bribery, corruption, money laundering, fraud, theft, cybercrime and human trafficking. But Craig said the amount was “not invested effectively”. The report also found that 49 per cent of businesses in Asia-Pacific had been victims of financial crime over the past 12 months.
About 20 initiatives across the world, including Hong Kong’s Fraud and Money Laundering Intelligence Taskforce, are currently combating such crime, but their effort has been “very limited”, said Craig.
“[These initiatives] have to be protected … because regulations say you can’t share data,” he said. “Privacy is just one issue, there are also risks. If you’re a bank or a financial institution and you share your data with a regulator and they might find something [to prosecute you] … so they have to get into an environment where there’s safety, where a bank and a regulator can share data, but they won’t prosecute the bank,” said Craig.
“[Instead], they’re going to use the data to work with banks to understand where the financial crime is. There needs to be better data sharing protection. It's not just a privacy issue.”
Privacy protection rules need to be standardised. “There needs to be a global movement to harmonise what we mean by data privacy and what is an acceptable standard, and what isn't for people and for individuals’ rights,” said Craig.
Refinitiv, which was previously wholly owned by Thomson Reuters, is now 55 per cent owned by Blackstone and provides data services to 40,000 companies in 190 countries. The company provides information to firms about potential business associates and partners.
Simon Clarke, litigation partner at international law firm Allen & Overy, said the increase in financial crime was down to “the sheer number of businesses that have listed, and the regulations that are being implemented” in Hong Kong.
Clarke said that unlike the United States, Hong Kong did not have a law that allowed class-action suits, although the Securities and Futures Ordinance provides that the city’s financial watchdog, the Securities and Futures Commission, can seek a court order requiring those who have committed misconduct to compensate aggrieved investors.
“There is no comprehensive statutory provision in Hong Kong for investor compensation, no class action like US-style remedies for individuals,” said Clarke. “Also, if illicit activities are detected in other jurisdictions, enforcement of regulation becomes a major issue.”