Blog

FINMA Report Indicates Unchanged Cybercrime and Money Laundering Risks

Richard Marley
November 17, 2021
7 minutes read
8251

Money laundering, identity theft, and various other cyberattacks risk have been elevated over the last few years. A sizable portion of Swiss asset management industries’ customers come from emerging nations, which creates a substantial risk of criminal activities. Due to this reason, 2021 was noticeably challenging for Swiss Financial Institutions. Therefore, for financial institutions, the Swiss Financial Market Supervisory Authority (FINMA) published a report about Risk Monitor 2021 on November 11, 2021. The report highlights the most prevalent risks faced by businesses and their resulting focus.

According to the Risk Assessment Report For Financial Institution, cyberattacks and money laundering risks are still prevailing in 2021. The Swiss Regulatory Authority stated that these factors are amongst the primary risks apparent in the financial market.

Prevalent Cyber Attacks on Swiss Financial Centers in 2021

The Covid-19 pandemic has given businesses opportunities to adopt digital tools but also gave rise to cyberattacks amongst financial institutions. For instance, disturbances in the IT systems can create problems in the availability of confidential and critical services. Thus, depending on the severity of the cybercrimes, the vulnerabilities in the security systems can have adverse effects on global and Swiss financial centers. As a result, cyber risks are still prevailing in 2021, and several cyberattacks were successful in companies situated in Switzerland and abroad.

For instance, some of the significant cyberattacks that happened in 2021 were on:

A US company Colonial Pipeline

The largest fuel pipeline is the U.S Colonial Pipeline which faced a major ransomware attack resulting from a leaked password. The cybersecurity consultant of the company stated that the attackers gained access through the VPN account. Even though the VPN account has now been deactivated, it did not comprise a basic cyber security tool known as “two-factor authentication,” allowing the fraudsters to breach into the network.

The Swiss Municipal Administration

The Swiss Municipal Administration faced a severe cyberattack that they thought was a weak attack, but an investigation revealed that it was indeed a massive attack. It took only thirty minutes for a cybersecurity expert to extract sensitive data from the servers of the Rolle municipality. This is another example of not providing extra security to the users through 2FA or other essential cyber security tools.

The rising cyberattacks make it important to effectively prevent these attacks, which are posing as a major challenge for Swiss financial centers.

The Perspective of Swiss Regulatory Body on Cyber Attacks

After implementing the FINMA law on cyberattacks, 80 such instances were reported to the authority in the first year. The reports that FINMA received are mostly related to DDoS attacks, unauthorized access, and identity theft.

Identity theft is usually prevailing due to the increase in phishing attacks in Switzerland. However, FINMA stated that supply chains of supervised entities have been facing an increased number of attacks since the start of 2021. The risk assessment report mentioned that approximately 25% of cyberattacks were on supply chains, posing a serious threat to the Swiss financial sector. These attacks cannot be deemed weak because they prove to delay or render it impossible to perform financial services. Financial sectors can face substantial reputational damage; hence, it is imperative to give training to combat cyber risks and eliminate weak points.

In addition to the importance of training, FINMA elaborates to supervised entities the process, strategies, and approaches it expects. It has also expanded its resources to conduct on-site supervisory reviews to combat cyberattacks. The Swiss regulatory authority also stated that it is actively conveying cyber stress scenarios to financial institutions.

Increased Money Laundering Risks towards Swiss Financial Centers

Swiss financial services are global leaders in cross-border wealth management for individual clients. As a result, it is particularly vulnerable to money laundering risks. Breach of due diligence and reporting responsibilities can result in sanctions and damage to Switzerland’s financial institutions’ reputation and cross-border.

Recent worldwide money-laundering violations demonstrate that there are substantial risks for financial institutions engaged in cross-border wealth management. As a result, background screening of Politically Exposed Persons (PEPs), state or quasi-state organizations, and sovereign wealth funds must be performed on global transactions. Furthermore, complex structures increase risks that impair the transparency when identifying the beneficial owners of the assets in question. Domiciliary corporations, fiduciary relationships, and insurance wrappers are all examples of these structures.

FINMA has been involved in five corruption cases involving Venezuela oil corporation PDSA over the last year, with three of these cases already closed.

Two of the most talked-about money laundering cases in the world are

Mozambique loans: Credit Suisse

Credit Suisse violated the AMLA reporting obligations when it failed to report suspicious activity with the MROS. Rather, the bank ended the relationship with the client, who made a USD 8 million payment. The bank could not dispel the suspicions, and questions remained unanswered regarding the background of the payment. Hence, FINMA appointed a third party to monitor the proper implementation by the bank.

Money Laundering: Julius Baer

A Venezuelan customer laundered USD 78 million, therefore, the Swiss regulatory authority, initiated a lawsuit against the senior management at Julius Baer, a Swiss-based private bank.

These cases have exemplified the following points:

It is a must to tailor the compliance structure of a bank to the risk appetite of the institution
The institution must ascertain the origins of assets and determine whether the clients in question are indeed beneficial owners
They must notify the Money Laundering Reporting Office (MROS) of any suspicious activities

What the Swiss Regulatory Body has to say regarding Money Laundering Risks

According to the Swiss regulatory body, transaction monitoring is the tool that most frequently uncovers suspicious behavior on the part of financial intermediaries. Previously, for an extended time, the media served as a primary source of information which indicates that banks are becoming more aware and proactive in reporting suspicious activities.

FINMA further implied that the money laundering risks (particularly in the context of cross-border asset management) in the crypto space are becoming increasingly apparent, specifically in connection with cryptocurrency. While new technologies improve efficiency in the financial sector, overcoming the risks of money laundering and monitoring cross-border transactions have increased. Hence, cryptocurrencies are frequently used in cyberattacks or to illegally trade on the dark web, therefore, the risks associated with ML might be serious for fintech companies as well.

Additionally, FINMA, in its risk assessment report, specified the need for an audit program that takes various business models into account when supervising anti-money laundering measures. The audit’s scope and content are to be determined by the type of money laundering risk that financial institutions possess. FINMA also stated that it would continue to pursue enforcement actions whenever necessary. Lastly, FINMA noted that financial institutions operating in this sector that lack an effective anti-money laundering defense system could substantially threaten the Swiss financial center’s credibility. Hence, it is important for financial institutions to adopt a risk management approach to deal with PEPs or quasi-state clients.

How can Shufti Pro Help?

Money laundering and identity theft cases are skyrocketing in all financial sectors, whether situated in Switzerland or in other parts of the world. Therefore, it is essential for businesses to uplift cybersecurity measures to combat money laundering risks and other financial crimes seamlessly.

Shufti Pro provides identity verification and AML screening services to financial institutions and helps them stay put with changing money laundering and terrorist financing regulations. The benefits are available to all big and small businesses, with 2-factor authentication for overcoming cyberattacks and AML screening for regulatory compliance. Shufti Pro’s vision is to make identity verification considerably accurate and provide seamless verification in less than a second.

What to know more about AML screening and 2FA?

Talk to us

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
US Rated as The Most Secretive Financial Jurisdiction in the World
Prevalent Cyber Attacks on Swiss Financial Centers in 2021
The Perspective of Swiss Regulatory Body on Cyber Attacks
Increased Money Laundering Risks towards Swiss Financial Centers
What the Swiss Regulatory Body has to say regarding Money Laundering Risks
How can Shufti Pro Help?
The US has been ranked the most secretive financial jurisdiction in the world due to deterioration prior to Financial Secrecy Indices (FSI), as per lax rules in US anti-money laundering (AML) and tax laws.

As per the Finacial Secrecy Index (FSI) 2022, the United States has been classified as the most secretive financial jurisdiction in the world. Due to the unaddressed loopholes and flexible rules in US tax and anti-money laundering (AML) laws, the US ranking is worsening prior to Financial Secrecy Indicies.

Ian Gary, Executive Director of the FACT Coalition stated “These findings point accusations towards US secrecy and should be a rallying cry for monetary clarity” While talking about the Biden Administration, he further said “The Biden Administration is continuously working for the making a number of anti-corruption reform for implying effective penalties. Now it is the responsibility of the Administration and the Congress to execute and fund them”.

Identified as the second most financial jurisdiction in the world in 2020 by FSI, Congress issued a Corporate Transparency Act (CTA). The CTA will put restrictions by requiring corporations and similar entities to register their authentic beneficial owners to a central directory maintained by the Financial Crimes Enforcement Network (FinCEN) at the Treasury Department.

The expected rule was to be enforced on January 1, 2022, but only one of the three proposed rulemaking has been implemented till now due to the funding and capacity constraints of FinCEN.

“To fight corruption, we need to execute the CTA Act and for that purpose, we need to generate funding for FinCEN now” as made evident by Congresswoman Carolyn B. Maloney, the co-author of the CTA.

The US treasury is devoted to only finalising rules executing the CTA Act by 2024, as made clear in the “National Strategy for Combating Terrorist and Other Illicit Financing” report on Friday. These structural reforms will authorise law enforcement and national security officials to refrain from the sanctions “whack-a-mole” in favour to comprehend the nature of US entity ownership and tackle large-scale sanctions evasion.

The 2022 International Anti-Corruption Conference to be held in Washington, D.C. later this year has been called in for the final implementation of the CTA Act, whose delays have been warned by the FACT Coalition.

Suggested Read: US DOJ Stresses Disclosure of Beneficial Ownership Information to Curb Illicit Finance

FINMA Report Indicates Unchanged Cybercrime and Money Laundering Risks

Prevalent Cyber Attacks on Swiss Financial Centers in 2021

A US company Colonial Pipeline

The Swiss Municipal Administration

The Perspective of Swiss Regulatory Body on Cyber Attacks

Increased Money Laundering Risks towards Swiss Financial Centers

Mozambique loans: Credit Suisse

Money Laundering: Julius Baer

What the Swiss Regulatory Body has to say regarding Money Laundering Risks

How can Shufti Pro Help?

Businesses that Need to Oblige

California Consumer Privacy Act (CCPA)

California Privacy Rights Act (CPRA)

New Types of Businesses Under the Updated Regulations

Parties that Fall Under the Regulations

What are Consumer Rights Under the Regulations?

What Shufti Pro Offers

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.