“We work hard to protect our customers, and by working closely together on issues like this we are able to deliver better outcomes for customers and the broader community. The threat landscape is constantly evolving and we continue to invest in both detection and prevention to protect our customers.”
The above quote from NAB Enterprise Security Officer, David Fairman, comes as after the bank’s recent collaboration with NSW Police to bring down a criminal syndicate that exploited customers by claiming there was a security flaw in their accounts’ internet access and using their details to then take control of their internet banking.
The Australian Government has also added its weight to tackling the issue of financial crime, committing $28.4 million over the next four years to help to expand the Fintel Alliance.
According to AUSTRAC, between now and 2024, the public-private alliance will aim to:
Increase operations in line with high-priority themes;
Provide better operational feedback, outcomes and current risk information to ensure industry is better able to respond to the changing environment and report suspicious financial activity;
Leverage technologies to provide the most effective collaborative working environment; and
Explore advanced technologies that will extend financial detection capabilities of AUSTRAC and industry.
The Fintel Alliance was set up in 2017 as a public-private partnership to better protect the Australian financial system. At the time, however, questions surrounded AUSTRAC’s ability to play a dual role as both partner and regulator.
Then AUSTRAC CEO, Paul Jevtovic, said at the Fintel Alliance launch in Sydney that this was opportunity to leverage the public-private partnership relationship, suggesting the traditional adversarial relationship between regulators and those they regulate needed to change.
“When we think about the relationship between regulators and the industries they regulate, they are often transactional, they are often silent, and in AUSTRAC, we are not immune to that description,” Jevtovic said. “The traditional perception of regulation has been a barrier, and the prevailing notion that we can’t be both regulator partner and collaborator is dangerously outdated.”
At the time, of course, the Panama Papers breach was in full swing. Then Minister for Justice, Michael Keenan, also stressed the significance of a public and private relationship collaboration to tackle financial crime.
The notion of a private-public partnership was highlighted when, under current AUSTRAC CEO Nicole Rose, the Financial Intelligence Unit brought action against the Commonwealth Bank of Australia (CBA) for over 50,000 breaches in their reporting obligations of the Anti-Money Laundering and Counter Terrorist Financing Act though their Intelligent Deposit Machines.
After AUSTRAC formally announced they would take regulatory action against the bank, CBA said that:
CBA has historically had a good relationship with AUSTRAC, with which it collaborates extensively, including through the Fintel Alliance and the AUSTRAC private/public sector partnership. AUSTRAC has acknowledged CBA’s contribution in this field, including by inviting the executive in charge of CBA’s financial crime prevention team as the Australian financial services delegate to participate at the Joint Experts Meeting of the inter-governmental Financial Action Task Force in Moscow in April 2017.
The bank suggested a possible breakdown in the public-private partnership the Fintel Alliance was meant to represent.
Is the Fintel Alliance enough?
The GRC Professional reached out to Anthony Quin, Founder of the Arctic Intelligence, who said the regulator has made a great start when it comes to the Fintel Alliance, but noted that there is more that can be done.
“The AUSTRAC Fintel Alliance was set up a couple of years ago to help make the financial sector more resilient to preventing financial crime and to assist law enforcement agencies investigating and prosecuting serious crime and national security threats. It is a great initiative to bring the private and public sector closer together under a common objective to fight financial crime,” said Quin.
However, he added that the Fintel Alliance has been a ‘relatively closed shop’ with only 25 participants—less than half of which are major reporting agencies. Quin hopes this might change with the Government’s recent funding boost.
So, who’s missing from the 25?
“Firstly, other than Tabcorp, there are no representatives from regulated entities (or their professional bodies) from the casinos, online gaming, hotels, pubs and clubs sector, which are high-risk and see billions of dollars every year being channelled through these sectors,” Quinn explained. “The second notable absence are the AML/CTF Professional Advisers who work across a diverse range of clients and sectors and who often have a good understanding of the levels of risk and compliance that would be beneficial when inputting to the Fintel Alliance’s strategic objectives and initiatives.”
Finally, Quinn said that Regtech providers are conspicuously absent.