Blog

FINMA Report Indicates Unchanged Cybercrime and Money Laundering Risks

Richard Marley
November 17, 2021
7 minutes read
6129

Money laundering, identity theft, and various other cyberattacks risk have been elevated over the last few years. A sizable portion of Swiss asset management industries’ customers come from emerging nations, which creates a substantial risk of criminal activities. Due to this reason, 2021 was noticeably challenging for Swiss Financial Institutions. Therefore, for financial institutions, the Swiss Financial Market Supervisory Authority (FINMA) published a report about Risk Monitor 2021 on November 11, 2021. The report highlights the most prevalent risks faced by businesses and their resulting focus.

According to the Risk Assessment Report For Financial Institution, cyberattacks and money laundering risks are still prevailing in 2021. The Swiss Regulatory Authority stated that these factors are amongst the primary risks apparent in the financial market.

Prevalent Cyber Attacks on Swiss Financial Centers in 2021

The Covid-19 pandemic has given businesses opportunities to adopt digital tools but also gave rise to cyberattacks amongst financial institutions. For instance, disturbances in the IT systems can create problems in the availability of confidential and critical services. Thus, depending on the severity of the cybercrimes, the vulnerabilities in the security systems can have adverse effects on global and Swiss financial centers. As a result, cyber risks are still prevailing in 2021, and several cyberattacks were successful in companies situated in Switzerland and abroad.

For instance, some of the significant cyberattacks that happened in 2021 were on:

A US company Colonial Pipeline

The largest fuel pipeline is the U.S Colonial Pipeline which faced a major ransomware attack resulting from a leaked password. The cybersecurity consultant of the company stated that the attackers gained access through the VPN account. Even though the VPN account has now been deactivated, it did not comprise a basic cyber security tool known as “two-factor authentication,” allowing the fraudsters to breach into the network.

The Swiss Municipal Administration

The Swiss Municipal Administration faced a severe cyberattack that they thought was a weak attack, but an investigation revealed that it was indeed a massive attack. It took only thirty minutes for a cybersecurity expert to extract sensitive data from the servers of the Rolle municipality. This is another example of not providing extra security to the users through 2FA or other essential cyber security tools.

The rising cyberattacks make it important to effectively prevent these attacks, which are posing as a major challenge for Swiss financial centers.

The Perspective of Swiss Regulatory Body on Cyber Attacks

After implementing the FINMA law on cyberattacks, 80 such instances were reported to the authority in the first year. The reports that FINMA received are mostly related to DDoS attacks, unauthorized access, and identity theft.

Identity theft is usually prevailing due to the increase in phishing attacks in Switzerland. However, FINMA stated that supply chains of supervised entities have been facing an increased number of attacks since the start of 2021. The risk assessment report mentioned that approximately 25% of cyberattacks were on supply chains, posing a serious threat to the Swiss financial sector. These attacks cannot be deemed weak because they prove to delay or render it impossible to perform financial services. Financial sectors can face substantial reputational damage; hence, it is imperative to give training to combat cyber risks and eliminate weak points.

In addition to the importance of training, FINMA elaborates to supervised entities the process, strategies, and approaches it expects. It has also expanded its resources to conduct on-site supervisory reviews to combat cyberattacks. The Swiss regulatory authority also stated that it is actively conveying cyber stress scenarios to financial institutions.

Increased Money Laundering Risks towards Swiss Financial Centers

Swiss financial services are global leaders in cross-border wealth management for individual clients. As a result, it is particularly vulnerable to money laundering risks. Breach of due diligence and reporting responsibilities can result in sanctions and damage to Switzerland’s financial institutions’ reputation and cross-border.

Recent worldwide money-laundering violations demonstrate that there are substantial risks for financial institutions engaged in cross-border wealth management. As a result, background screening of Politically Exposed Persons (PEPs), state or quasi-state organizations, and sovereign wealth funds must be performed on global transactions. Furthermore, complex structures increase risks that impair the transparency when identifying the beneficial owners of the assets in question. Domiciliary corporations, fiduciary relationships, and insurance wrappers are all examples of these structures.

FINMA has been involved in five corruption cases involving Venezuela oil corporation PDSA over the last year, with three of these cases already closed.

Two of the most talked-about money laundering cases in the world are

Mozambique loans: Credit Suisse

Credit Suisse violated the AMLA reporting obligations when it failed to report suspicious activity with the MROS. Rather, the bank ended the relationship with the client, who made a USD 8 million payment. The bank could not dispel the suspicions, and questions remained unanswered regarding the background of the payment. Hence, FINMA appointed a third party to monitor the proper implementation by the bank.

Money Laundering: Julius Baer

A Venezuelan customer laundered USD 78 million, therefore, the Swiss regulatory authority, initiated a lawsuit against the senior management at Julius Baer, a Swiss-based private bank.

These cases have exemplified the following points:

It is a must to tailor the compliance structure of a bank to the risk appetite of the institution
The institution must ascertain the origins of assets and determine whether the clients in question are indeed beneficial owners
They must notify the Money Laundering Reporting Office (MROS) of any suspicious activities

What the Swiss Regulatory Body has to say regarding Money Laundering Risks

According to the Swiss regulatory body, transaction monitoring is the tool that most frequently uncovers suspicious behavior on the part of financial intermediaries. Previously, for an extended time, the media served as a primary source of information which indicates that banks are becoming more aware and proactive in reporting suspicious activities.

FINMA further implied that the money laundering risks (particularly in the context of cross-border asset management) in the crypto space are becoming increasingly apparent, specifically in connection with cryptocurrency. While new technologies improve efficiency in the financial sector, overcoming the risks of money laundering and monitoring cross-border transactions have increased. Hence, cryptocurrencies are frequently used in cyberattacks or to illegally trade on the dark web, therefore, the risks associated with ML might be serious for fintech companies as well.

Additionally, FINMA, in its risk assessment report, specified the need for an audit program that takes various business models into account when supervising anti-money laundering measures. The audit’s scope and content are to be determined by the type of money laundering risk that financial institutions possess. FINMA also stated that it would continue to pursue enforcement actions whenever necessary. Lastly, FINMA noted that financial institutions operating in this sector that lack an effective anti-money laundering defense system could substantially threaten the Swiss financial center’s credibility. Hence, it is important for financial institutions to adopt a risk management approach to deal with PEPs or quasi-state clients.

How can Shufti Pro Help?

Money laundering and identity theft cases are skyrocketing in all financial sectors, whether situated in Switzerland or in other parts of the world. Therefore, it is essential for businesses to uplift cybersecurity measures to combat money laundering risks and other financial crimes seamlessly.

Shufti Pro provides identity verification and AML screening services to financial institutions and helps them stay put with changing money laundering and terrorist financing regulations. The benefits are available to all big and small businesses, with 2-factor authentication for overcoming cyberattacks and AML screening for regulatory compliance. Shufti Pro’s vision is to make identity verification considerably accurate and provide seamless verification in less than a second.

What to know more about AML screening and 2FA?

Talk to us

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
1803 Arrested in Money Laundering Crackdown Coordinated by 27 Countries
Prevalent Cyber Attacks on Swiss Financial Centers in 2021
The Perspective of Swiss Regulatory Body on Cyber Attacks
Increased Money Laundering Risks towards Swiss Financial Centers
What the Swiss Regulatory Body has to say regarding Money Laundering Risks
How can Shufti Pro Help?
In a major money laundering crackdown, European police identified more than 18,000 money mules, arresting a total of 1803 individuals.

On December 1, the seventh European Money Mule Action (EMMA 7) concluded after two and a half months. 27 countries were involved in this initiative along with Europol, Eurojust, the European Banking Federation (EBF), the FinTech FinCrime Exchange, and major companies from the private sector including Microsoft, Western Union, and Fourth line.

The EMMA has been operational since 2016 and the purpose of this initiative was not only to identify money launderers but also the sources of their illicit gains.

According to Europol, the EMMA initiative is the biggest international operation of its kind, where 400 banks successfully reported 7000 fraudulent transactions. As a result, losses counting up to €70m ($79m) were prevented and 324 recruiters were identified.

Europol also claims that money mules are used for money laundering and a variety of online scams, including e-commerce fraud, phishing, SIM-swapping, and man-in-the-middle attacks. These claims are based on the leads that came in from police intelligence and private-sector reports.

Immigrants, students, and those in difficult financial situations are often targeted by giving the hope of easy money. They are approached through various methods including job adverts on social media.

Fraud experts and police issued warnings of an increase in the recruitment of money mules in the pre-pandemic time. A spike was seen in these scams when many lost their jobs during the COVID outbreak.

Recruitment of money mules and the subsequent crimes have called for the police to run regular awareness campaigns like Europol’s “Don’t be a mule” initiative.

Suggested read: Money Laundering Ring Pushed $4bn through 60 HSBC Accounts within 2 Years

FINMA Report Indicates Unchanged Cybercrime and Money Laundering Risks

Prevalent Cyber Attacks on Swiss Financial Centers in 2021

A US company Colonial Pipeline

The Swiss Municipal Administration

The Perspective of Swiss Regulatory Body on Cyber Attacks

Increased Money Laundering Risks towards Swiss Financial Centers

Mozambique loans: Credit Suisse

Money Laundering: Julius Baer

What the Swiss Regulatory Body has to say regarding Money Laundering Risks

How can Shufti Pro Help?

1. Phishing Attacks to Remain a Major Issue

2. Internal Threats & Cloud Attacks

3. Artificial Intelligence as a Saviour

4. Securing the Supply Chains

5. Identity-based Security Protocols

Key Takeaways

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.