FinCrime is a Financial Risk.
Traditionally, the work of compliance departments has been viewed as ancillary to the function of a modern bank. Most banks do not view the work of compliance departments as providing financial value in and of itself, Compliance is indeed a “cost center”. While it is true that Compliance does not directly generate revenues, it plays a key role in protecting the bank from substantial financial harm, and should be understood as an essential financial risk management function. Based on recent FinCrime cases, a number of banks involved have indeed paid a substantial price and have seen considerable drops in their share prices. Danske Bank, for example, and several peer institutions, have seen their share prices and valuations drop, a consequence of oversights in their FinCrime programmes. Danske Bank lost nearly half its value in under a year. In the past, banks did not suffer as heavily for such failures, but if recent trends continue, they must be prepared to adjust to this new paradigm.
FinCrime is a financial risk, and can be very costly if not managed as such.
As recently as 2014, the greatest risk posed to a financial institution by exposure to a money laundering or sanctions scandal largely derived from the financial burden of fines imposed by regulators. In 2012, HSBC was found to have been involved in money laundering, after “allowing itself to be used to launder” approximately $881 million from drug cartels into the United States. While the fine imposed upon the bank was upwards of $1.9 billion, its share price was relatively unaffected (Reuters). In the months following news of the scandal breaking, HSBC saw an ~11% drop in its share value, concentrated within July of 2012, with the price recovering by the end of the month, and the bank’s overall share value increasing by 45% at the close of the year (Macro Trends).
In 2014, BNP Paribas was found to have “conspir[ed] to violate sanctions” and “conceal” over $8 billion in funds out of Sudan, Iran, and Cuba. In response, the United States government imposed a record $8.9 billion fine on the bank (Financial Times). In the following months, BNP’s stock value saw only a minor dip, finishing the year down 4% from the point at which the information was made known (Yahoo Finance).
While these share value drops are not insignificant, they are relatively minor losses compared to what banks today may face and the link between the regulatory fines and the share price drop is not yet evident.
The news of late 2018 and the spring of 2019 seem to have brought with them a paradigmatic shift in the way investors view FinCrime scandals. Whilst information on the full extent of the events that took place was not made public until the early months of 2019, initial reports on Danske Bank’s involvement in money laundering through its Estonian affiliate caused substantial damage to the institution’s share price, losing nearly half its value in only 10 months. Danske Bank was found to have been exposed to a wide-ranging scheme aimed at illicitly transferring over €200 billion out of Eastern Europe, and into bank accounts across Western Europe and the United States (Forbes). From August of 2018 to today, Danske Bank’s share price has declined 47% with no signs of recovery (Yahoo Finance).
Seemingly involved in the same series of events, Swedbank was found to have been exposed to approximately €400 million of these same illicit flows (The Economist). As a result, the bank incurred a 36% drop in its share value from February of 2019 to today (Nasdaq Nordic).
Lapses vs. Systemic Failures
While the examples of Danske Bank and Swedbank should prove to be cautionary tales for banking executives, simply finding oneself involved in a scandal is not necessarily the end of the story. Acting in an ancillary role to the larger scheme, Raiffeisen Bank International (“RBI”) lost nearly 20% of its share value after it was revealed that the bank had received roughly €1 billion derived from the Danske Bank network (Financial Times/Yahoo Finance). While such a drop is worthy of note, RBI saw a rapid recovery in its share price within just a few weeks. One can hypothesise that this divergence from the experiences of Danske Bank and Swedbank may have resulted from the non-systemic nature of the control failures within the institution. Compared to Danske Bank and SwedBank, the amounts that passed through RBI were relatively small in relation to the total amounts laundered (Bloomberg).
One can contrast the experience of RBI to that of Deutsche Bank, an institution that has dealt with a number of scandals over recent years, and paid a substantial price as a result. Compared to RBI, the issues at Deutsche Bank may not simply be bad luck, but instead the result of ongoing issues within the institution. Even though Deutsche Bank has worked diligently to resolve many of these issues, the bank’s reputation has suffered, and the stock price seems to reflect that (Deutsche Welle). Overt the past five years, Deutsche Bank has seen its shares lose nearly 90% of their total value (Yahoo Finance). Of course, the entirety of this drop cannot be attributed to the FinCrime failures of the bank alone, but it is impossible to ignore the impact that these events have had on the value of Deutsche Bank’s stock.
Financial Crime is Costly
What must be made clear is that the impact of these FinCrime events is not abstract: it is reflected concretely in the share prices of these banks, and in the costs investors pay as their share price and portfolio value declines. This is clearly a financial loss. Graphed below is Danske Bank’s five-year share price, with the daily closing price prior to the revelations surrounding its Estonian branch in blue, and its share price post-scandal in yellow. The scored blue line shows the projected day-on-day average change in share price for the bank prior to the first news of the scandal, extrapolated outward into the future. It is the separation between that scored line and the yellow beneath it that is of importance: that gap is the value that shareholders have lost. Looking at the most recent share value, versus the latest projected value, the estimated loss is approximately 1,680Bn DKK (~225Bn EUR) (Danske Bank Annual Report 2018/Bloomberg).*
FinCrime, though it may go largely unseen, invisible to the public eye, exists perpetually, lurking in the global financial system. Launderers are always seeking new ways to take advantage of any gaps in a bank’s FinCrime risk management programme. It does not matter to a criminal which bank they use, only the ability to clean their money, safe and undetected by taking advantage of a bank’s infrastructure, and any gaps in its FinCrime risk management programme. Regardless of a bank’s best intentions, when a launderer finds this gap, they will exploit it, and the bank may gain a reputation as an institution launderers feel safe exploiting. It is probable that in the near future other institutions will be found to have been involved, in some capacity, in the harbouring of illicit funds. If the current trend continues, these banks will not simply face fines from regulators primed to rein in non-compliant banks, but will bear the burden of investors uncertain of the institution’s value, and as a result, a rejection of the bank by the market. This bank will likely pay a hefty price for its failures. The banking world must come to terms with this reality: financial crime is a financial risk, and any bank that does not effectively manage its exposure, will pay for it on the trading floor.
Managing FinCrime risk as a financial risk
The purpose of Elucidate’s FinCrime Index (“EFI”) is to transparently assess the risks a bank and/or its counterparties are facing. We use modelling approaches similar to those used to quantify financial risks such as credit or operational risk supplemented by BigData technology, machine learning and automation. We view FinCrime risk not only as a compliance matter, but as a substantial financial risk affecting financial services institutions. Our view is that by shifting the focus from procedural compliance to risk management, we also shift the focus from operational design to operational effectiveness and, in doing so, optimise the prevention and detection of FinCrime.
The EFI evaluates data (i.e. outputs) to identify specific exposures. As such, on an ongoing basis, the EFI will evaluate inherent risk indicators and associated controls and provide transparency enabling data-driven risk management.
Elucidate advocates for a change in the way that financial institutions, shareholders, and regulators view financial crime so as to bring clarity to the ways in which FinCrime risks exist in the banking industry, the ways in which we understand that risk, and as such, the ways in which we manage that risk. FinCrime is preventable, and the EFI empowers decision makers to prevent it.
*This number was calculated by taking the difference between Danske Bank’s actual market capitalisation, using the most recently recorded share price, and the contemporaneous projected market cap, using the projected share price.