With the passage of the EUs 5th 'MLD' (Money laundering Directive) to include VASPs (Virtual Asset Service Providers) / Crypto firms to ID&V and monitor transactions in line with recording and reporting obligations. There has been a rapid need for fellow Anti Financial Crime practitioners and operating model change agents within 'FS' (Financial Service) to upskill and expand their knowledge. That goes way beyond KYC and alert handling. The evolution of NextGen Tech 'DLT' (Distributed Ledger Technology) has generated a flourish 'DeFi' (Decentralised Finance) ecosystem of Crypto / 'VA's (Virtual Assets) that has paved the way for start-up tech firms to facilitate and offer exchange and safe custody of VA's. These VASPs as a start-up industry, is gaining the traction of transaction trust from a user community, as well as many established FS's (like VISA) and many jurisdictional regulators, that now embeds Crypto within the formal financial system.

A community of knowledge sharers

Considering current and historical wrongdoing. The inherit risks of borderless Blockchain that in many use-cases, abuses pseudonymisation to disguise identity to circumvent AML controls when storing or transferring dirty value, that facilitates illicit harm to people the environment. The good news is 'Anti Crypto Crime' communities, organisations and technologies are now GLOBALLY popping up, responding, and flourishing by offering brilliant FREE webinars, training sessions that in-turn are Masterclasses of refined and continued academic debate. All that have incredibly esteemed panellists and participants, via forum-chat, as a rich knowledge source.

It goes without saying, money laundering does not respect boarders, so I for one am grateful for such a global and borderless response from a group of diverse and talented thought leaders. Highlighting the ongoing challenges of the ramp up and adoption of VAs / NFTs (Non-Fungible Tokens) as a credible asset-class. As well as the technologies AKA Crypto RegTechs, that brings the much-needed confidence and integrity to the DeFi and smart contract marketplace, that again is a borderless ecosystem. That presents a new wave of jurisdictional enforcement problems, as well as operational pain points and accountability tensions that need to be ironed out and ratified , as the ecosystem evolves and compliance frameworks mature to meet sound governance expectation.

Further, these new learnings provide opportunity to be ahead of the curve, with the understanding and application of FATF guidance and the much awaited 'Travel Rule' that is generally cascaded and put into force by sovereign states. As stipulated regulation and legislation, thus deter governmental ignorance, and prevent member states going to grey list during the 'FATF country mutual evaluation' process.

Sanctions and ramifications of non-compliance

As we are all too aware Crypto / VAs can sadly be misused for nefarious activities predominantly with the rise of ransomware. COVID has created a work at home culture, that has expanded the cybercriminals attack surface to exploit certain vulnerabilities. Bad actors who have held many firms siege with ransomware for a ransom. Demands of a ransom always being requested via payment of Crypto. It must be noted that the U.S authorities have taken some lead to tackle this problem. OFAC has designated numerous malicious cyber actors under its cyber-related sanctions program. With over 800 VASPs in 80 countries, it is imperative to screen against OFAC watchlist irrespective of jurisdiction.

If there is any suspicion or evidence that bad 'cyber actors' are extorting ransomware payment may be sanctioned or otherwise have a sanctions nexus. OFAC has designated numerous nefarious cyber actors under its cyber-related sanctions program and other sanctions programs, including cyber criminals and those who facilitate ransomware transactions as a VASP. OFAC has provided clear details for contacting relevant U.S. government agencies -including DEA, FBI, FinCEN and OFAC and has highlighted sanctions risks in on the (US) treasury.gov website. VASP or any entity that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations, therefore putting themselves and the key principles at risk of being placed on the OFAC sanctions list. Which no law-abiding citizen would wish for.

Plausible justification for Crypto

Equally, legitimate rationales such as data privacy and humanitarian, like unbanked refugees who have worked hard and need to store value against oppressive regimes or those who got on the Crypto bandwagon early. As traditional and 'CeFi' (centralised finance) and DeFi converge as a trusted and traceable conduit to transfer value globally. Irrespective, if you are currently working for a FS firm that has an all-out ban on VASPs / Crypto firm onboarding. You simply cannot steer away from the complexities and nuanced affiliation that many AML practitioners will have to consider then opine, when met with a segment of Crypto when investigating both source of funds, wealth, and transaction. I very much doubt any bank will offboard Tesla or Elon Musk's interests, who publicly advocates and invests in virtual assets and coins.

Crypto's SOW

As this emerging breed of Crypto millionaires become HNWI (High Net Worth Individual) type, they will unequivocally have to demonstrate a credible narrative of how they derived their wealth, as they seek to diversify investment and spender (who would not!), that is SO reliant on traditional finance payment networks to procure luxury and high lifestyle living.

As this trend accelerates, there is an imperative discipline for rigorous, verified and validated 'SOW' (source of wealth) memo's that can sufficiently prove Crypto wealth, that is not placed or integrated from cyber-criminality or any other predicated offences, as prescribed within EUs 6th MLD. But, from the good investment of the surge of Crypto value, that will need a forensic and plausible audit trail to appease competent authorities and regulators.

Conclusion

illicit finance, be it proceeds of crime or good value funding wrongdoing like terrorism, unfortunately fuels adverse life changing ramifications, at worst costs lives, as well as conservation and environmental impact. As we all strive to continually improve to be vigilant and be better versions of ourselves. I could not encourage more a wider community of experts or Financial Crime experts to broaden their AML scope within VAs / Crypto. Again, these webinars are FREE and inclusive to all! That affords every AML practitioner, the permission to learn, by getting involved and participating into this evolving, comprehensive and fascinating conversation.

My view is Crypto is not going away, and compliance is a collective zeal, therefore, should be collaborative, never competitive.

This is a guest blog written by James Emin in association with Twenty84 and Raw Compliance.

James Emin is a qualified AML and GDPR compliance Business Analysis and Project Manager. 15 years of experience within Financial Crime, starting as a KYC analyst through to becoming an SME, as a career contractor. Whilst supporting and running change management projects at many leading regulated institutions, was then that he realised technology would be adopting much of the human effort that drove him to be a BA, tech change agent and thought leader. Therefore, he is passionate about nuancing the complexities of illicit value, from storage to borderless transfer and how Fincrime operating models need to be resilient to meet ongoing threats and typologies by using both agile and Value Engineering methodologies to optimise resources. Ranging from Proliferation Finance, FinTech and Regtech which led him to scribe other thesis's.

He holds an International Diploma in Business Analysis (BCS) and is AgilePM, Prince2, GDPR certified at practitioner level.

Raw Compliance provides ​a global platform for compliance professionals, and those interested in compliance, to build a global community to develop new skills, learn from experts, collaborate, network and try new initiatives.

Cryptoassets and cryptocurrencies have been gaining in recognition and awareness in recent times. There are now more than 4,000 cryptocurrencies on the planet, of which Bitcoin is the most well known. Here is a chart of the bitcoin price over the last 12 months (source Coindesk), which shows an increase greater than the factor of six:

Despite this increasing popularity, is there a danger that cryptocurrencies can be used for illegal activities such as fraud, money laundering and terrorist financing?

At one end of the scale is the view that as all transactions occur on a blockchain platform and are visible to all, there is no chance of misuse. At the other end of the scale is the view that just as "where there's muck there's brass", the corollary applies, and someone will always find a way into a system, or to abuse a system. The answer lies somewhere in between.

Cryptocurrencies and Money Laundering

It is possible to obfuscate the ownership of cryptocurrencies, some of which have more privacy features than others. The market has not just seen the rise of cryptocurrency exchanges, but also of mixing and tumbling facilities by which cryptocurrencies are bundled, divided and redistributed amongst different accounts. This makes tracing harder to conduct, but not impossible, as displayed in a Canadian case in 2019 involving seizure of CAD 1.4m of bitcoin, and the seizure by US authorities in 2020 of a USD 1 billion Bitcoin wallet associated with the notorious Silk Road dark web criminal supermarket.

The Financial Action Task Force (FATF) released guidance on VASPs "Virtual Asset Service Providers" (known as Digital Assets in certain countries) in 2019.* Countries are now required to assess and mitigate their risks associated with virtual asset financial activities and providers; license or register providers and subject them to supervision or monitoring by their national authorities. VASPs are subject to the same relevant FATF measures as those that apply to financial institutions. The guidance addresses:

• How do virtual asset activities and VASPs fall within scope?
• How should countries apply the Recommendations in the context of virtual assets or VASPs?
• How do the Recommendations apply to VASPs and financial institutions?

The guidance also includes examples of national approaches to regulating and supervising VA activities and VASPs to prevent their misuse for ML and TF. Cryptoassets are developing rapidly and the FATF guidance was revised a year later.**

The report reviews implementation and sets out:

• how ML and TF risks and the virtual asset market have changed since June 2019;
• progress in implementing the revised Standards;
• the private sector's progress in implementing the revised Standards, including the development of technical solutions for the implementation of the "travel rule";
• issues with the revised Standards and Guidance; and
• next steps regarding virtual assets.

The report finds that both public and private sectors have made progress in implementing the revised Standards. 35 of 54 jurisdictions advised they have now implemented the revised Standards, with 32 of these regulating VASPs and three prohibiting their operation. The other 19 jurisdictions have not yet implemented the revised Standards. While supervision of VASPs and implementation of AML/CFT obligations by VASPs is generally nascent, there is progress. In particular, there has been development of technological solutions to enable the implementation of the "travel rule" for VASPs, even though there remain issues to be addressed by public and private sectors.

The VA sector is fast-moving which means continued engagement between public and private sectors is necessary. FATF has agreed to continue its focus on virtual assets:

• continue enhanced monitoring of VAs and VASPs and undertake a second review of implementation of the revised FATF Standards by June 2021;
• release updated Guidance on VAs and VASPs, addressing stablecoins, anonymous P2P transactions and travel rule implementation;
• promote understanding of ML and TF risks involved in VA transactions and potential misuse of VAs for ML and TF purposes;
• enhance its engagement with the private sector, including VASPs, technology providers, technical experts and academics, through its Virtual Assets Contact Group; and
• continue its program of work to enhance international cooperation.

Cryptocurrencies and Terrorist Financing

Terrorist financing is a different issue to money laundering. It does not cost much to create a significant terrorist incident. The Bali bombing of 2002 killed just over 200 people. The cost for the terrorists to mount the operation was estimated at AUD 25,000 (about GBP 14,000). The attacks in the US in September 2001 killed nearly 3,000 and caused insurance losses of around USD 40 billion. The cost to mount the operation was estimated at USD 400-500,000. The costs of the "War on Terror" since are put at USD 6 trillion. This is just the cost to the US economy.

There is evidence that terrorists are now using cryptocurrencies to finance their operations. Last September French police arrested 29 suspected members of a Syrian related terrorist gang and charged eight of them with terrorist financing. French counter terrorism police alleged widespread anonymous purchase of cryptocurrency coupons from tobacconists across France, which were then credited to accounts opened from abroad by jihadists, who were then responsible for converting them into cryptocurrency on bitcoin purchasing platforms. France as a result has announced compulsory KYC requirements for all crypto companies operating in France, including companies not based in the country. Crypto-to-crypto exchanges will also have to be registered.

Red Flags

So how can you try and spot the misuse of cryptocurrencies? There are a number of red flags to look out for on transactions, which, depending on the circumstances, may lead you to develop a suspicion as to the true provenance of the value involved in a transaction, or the true activities of those involved. Here are the indicators developed by FINTRAC, the Canadian FIU, as an example (taken in isolation, these may be innocent of course, or there may be another legitimate explanation involved):

It is important to note that depending on your business activities, some of these ML/TF indicators may not apply.

• Client portfolio only consists of privacy coins or has a high value in privacy coins (For example, Monero, Dash, Zcash)
• Client transfers Bitcoin in large volumes in exchange for privacy coins (For example Monero, Dash, Zcash, etc)
• Client is unwilling or unable to provide information about the source of privacy coins they once held or currently have
• Virtual currency addresses match addresses on recognized watch lists such as the list of the Office of Foreign Assets Control (OFAC) or law enforcement information
• Many individuals register with the exchange within a short period using a shared address, mobile device, phone number, IP addresses and other common identity indicators
• The client's virtual currency wallet or address is linked to fraudulent activity in media reports and/or cyber security bulletins
• A platform receives unusual or persistent requests from other exchanges/vendors/service providers in respect of a client's deposited funds
• A broker charges abnormally high commission fees compared to the industry standard
• The white paper is of poor quality, incomplete, misleading, and has limited information
• Publicity is created around the initial coin offering (ICO) (advertisements, celebrity endorsements, social media ads), also known as pump and dump ICOs
• The developers are anonymous or information provided about the ICO cannot be verified
• There is no access to the smart contract, to the code or to technical information about the token's creation
• There is no possibility to sell the investment or to exit the project to recover the invested funds
• A series of complicated transfers of funds to multiple addresses or wallets that seems to be an attempt to hide the source and intended use of the funds
• Transactions take place at the same time of day. Transfers from fiat to virtual currency and virtual currency to fiat
• High volume and frequency of transfers between different types of virtual currencies
• Client provides an anonymous email address obtained through an encrypted email service
• Funds are deposited or withdrawn from a virtual currency address or wallet with direct and indirect exposure links to known suspicious sources, including darknet marketplaces, mixing/tumbling services, questionable gambling sites, illegal activities (for example, ransomware) and/or theft reports
• Funds flow through a large number of intermediate addresses in a very short period of time prior to being deposited in a client's wallet, or just after being withdrawn
• Virtual currency passes through mixers/tumblers and is transferred to multiple wallets, where the funds are cashed out
• The virtual currency's funds originated from an over the counter trade broker that advertises its services as privacy-oriented/anonymous
• Virtual currency address has links or hops from a wallet address that has appeared on online platforms indicating support for violent extremism or radicalization (including social media, ads on fundraising sites, sites on TOR or messaging sites)
• The source of funds used for the purchase of large amounts of virtual currencies is unknown
• The email address used in the transaction is linked to advertisements for the sale of virtual currencies on peer to peer exchange platforms. These advertisements may suggest that the client is buying and selling virtual currency on a commercial scale through a business as a non-registered money services business
• The client frequently receives funds from multiple payment processors
• The client makes frequent payments or transfers to companies, post office mailing services or uses money orders from agents of the Crown for the purchase of computer software or hardware

Cryptoassets are here to stay, but just as with non cryptoassets there are good ones and ones which are not so good. Thus you need to assess how to differentiate between them, how each particular cryptoasset ecosystem works, how it can be abused, as well as how to select the ones which work best for you, and avoid getting caught up in cryptocrime.

* FATF Guidance on VASPs
** FATF Guidance on VASPs revised

AML is not without its accomplishments. The UK has been instrumental in establishing the Financial Action Task Force. Money laundering has been criminalised and covers the proceeds of all crimes. Europol has established itself in the fight against money laundering. The Egmont Group of financial intelligence units has been set up. The UK and 14 EU member states (plus the European Commission) are full FATF members and the remaining 13 are members of Moneyval. Governments evaluate each others' AML performance every so often. The term "money laundering" is now in common parlance.

However, the amount of proceeds of crime recovered as a result of successful money laundering prosecutions, as against the amount thought to be available to be laundered, is around 0.1-1.1 percent at best. Commission of the underlying predicate offences remains rife, and increasing, particularly in relation to emerging and disturbing criminality, such as the exponential growth of green crime and cybercrime.

Brexit has thrown in more challenges:

• Title X of the Brexit Withdrawal Agreement advocates supporting international AML/CFT efforts, the need to cooperate and to share information, but this is much looser than previous arrangements. That part of the agreement relating to AML is a mere 2 ½ pages, of which 2 pages are focused on Ultimate Beneficial Ownership
• The UK no longer has access to the Schengen Information System and related crime fighting databases. There is liaison through British embassies locally, but it is very much a "dialled down" relationship
• Although the UK has implemented EU MLD 5, "implementation" of MLD 6 and copycat steps of future EU regulation remain to be seen. In many areas new UK regulation is being prepared which will diverge from the EU, making decisions of equivalence, and thus cross border trade and action against international organised crime, far more difficult
• At a practical level, UK firms will have to follow local rules when dealing with EU based clients, and vice versa. This impacts cost, speed, effectiveness and profit
• Criminal organisations will exploit areas of confusion uncertainty and bureaucracy around Brexit, and new scams are expected

Increasing AML Effectiveness: Three focal points

At the same time, the EU Task Force on Improving AML Effectiveness around Europe has just released its report (https://www.fmli.co.uk/aml-in-europe-time-to-get-serious/). In it, the major AML issues in Europe are divided into three pillars: governance, risk management and capability. Some feel improving effectiveness is a simple question of reforming the European AML supervisory architecture with a new EU AML supervisor, but the answer is much more complex and nuanced than that. Such a step needs to be matched with action, commitment and improvements in capability to fight money laundering.

Pillar One: Governance

There are many fault lines across Europe in relation to AML governance. Brexit only adds to them:

• Both Europe and the UK lack a clear objective for what the AML regime is meant to accomplish. Without clarity of vision, mission and modus operandi, it is difficult to see how progress can be achieved. Most governments seem to focus on fining gatekeepers rather than convicting the perpetrators of predicate offences. AML compliance has become an end in itself. This is ineffective in reducing the scourge of drug, people, wildlife and firearms trafficking across Europe, etc.
• Only 15 EU nations are FATF members of FATF. 19 of the 28 EU member-states are members of the Eurozone. These fault lines cause dislocations across Europe.
• There is no EU coordinating body for AML policy except for the European Commission, with certain monitoring and supervisory functions carried out by the European Central Bank and European Banking Authority, and some loose information-sharing arrangements between national authorities. The report recommends creation of a new EU AML body, but with caveats
• The enforcement of criminal laws is reserved for individual member-states. True, there is some coordination of investigations through Europol, and instruments such as the European Arrest Warrant have been created, but usage of such tools varies wildly across the bloc.
• There is a real bottleneck in the FIUs. However, care must be taken that removing this does not just shift the problem to law enforcement and judiciary

Governance is not just about architecture, however. It's also about "battle rhythm":

• The gestation periods of legal and policy measures are far too long. For MLD 4, "flash to bang" time (from FATF policy development to implementation of law) was well over a decade. This is far too long. Such lag times undercut efforts to respond to the explosive growth of green crime, cybercrime and other issues.
• The mutual evaluation cycle is also around a decade long. Businesses are subject to annual reports, examinations and monitoring. Why should this concept not also apply to AML deterrence at governmental level? There is currently no annual assessment of country performance against FATF recommendations.

Pillar Two: Risk Management

No key performance indicators (KPIs) have been set by FATF, and countries are not even collecting data on underlying offences in a scientific manner, yet this is vital for effective policy development. How can policies be effective if you don't know the numbers? FATF has developed some indicators ("Immediate Outcomes"), but these are not the same as KPIs directly tied to predicate offences. An assessment of what really needs to be measured is urgently required to develop the correct tools, fund the most effective action and reduce the ever-growing scourge of underlying crimes. Greater government commitment is necessary. The report recommends better use of OKRs and KPIs at national and institution level.

Risk-based deterrence has been introduced to reduce compliance burdens and increase effectiveness. Although highly attractive conceptually, it has stumbled in practice, largely because the regulator decides what the risk is, rather than allowing firms to carry out their own risk function, with regulators verifying that the risk process works and firms honing their risk-assessment skills.

In assessing how deterrence should work, many have latched on to the three-lines-of-defence principle. This follows the old concept of castle building—the outer wall is the first line of defence, the inner wall the second, and the keep the final line. While fine for mediaeval strongholds, the only organisation building castles these days is Walt Disney.

For financial institutions this concept has customer-facing staff as front line, compliance as second line and audit in the castle keep. As a fortification against money laundering, the principle is outmoded and ineffective. It encourages the wrong mentality. Better a system of integrated active defence, where all AML assets are designed to work together in a manner similar to Integrated Air Defence Systems or Carrier Battle Groups.

Pillar Three: Capability

Training of law enforcement in how financial markets work is generally below what it could be. Virtually all law enforcement officers are given financial investigation training, but this is not the same as instruction in the operation of financial markets. Specialist financial police are needed, properly trained and supported. Commitment currently ranges from FIUs of just one officer, to specialist police like the Guardia di Finanza with around 70,000 persons.

Huge fines are levied on banks, yet governments appear unwilling to fund even small law enforcement projects to upgrade creaking IT systems. They even talk of special levies. Transparency over fines money is needed.

AML compliance has become an end in itself, with the real objectives lost in organisational data kleptomania. Digitisation of business has given rise to a search for an automated AML nirvana, reducing human input to a bare minimum. Yet AML is a human issue and programming errors can increase costs dramatically, as battles to reduce false positives have shown. Certain banks employ more staff on false positives than their national police force has in fighting money laundering. This needs rethinking.

Compliance is often seen as all cost with little or no benefit. Do some CEOs prefer to run the risk of fines to ensuring their business models and compliance functions are properly aligned, effective and efficient?

The Way Forward

So where does the solution lie? The following steps and options are recommended:

Governance:

• Develop clarity of vision and mission. Processes need to impact the underlying crimes, or there is no point introducing them.
• Develop a new AML body within Europe but be careful on governance. Sort out FIU.net.
• Ensure coordination between EU member states, and third countries, at all levels.
• Improve cross border cooperation at all levels, including data collection, intelligence generation, policymaking, investigation, information exchange, prosecution, etc.

Risk Management:

• Adopt OKRs and KPIs that relate to AML objective and underlying crimes. Measure what matters. Use the right metrics. Improve databases.
• Allow firms to develop and use risk-based systems properly.
• Carry out effective benefit-cost analysis of new laws and procedures.
• Adopt aggressive, coordinated defences.

Capability:

• Encourage training and spending on specialised financial police.
• Increase funding and support of law enforcement, enabling following the money trail.
• Improve training standards, including the courts process, policy makers, investigators and intelligence analysts.

The Future

We cannot go on as we are. Money laundering, like climate change and the threats to the natural world, is a truly international issue and needs a truly international response. We need a new agenda aligned to climate change and biodiversity steps the world needs to take urgently for its own survival. We must not be found wanting.

This is a guest blog post by Richard Parlour. Richard is a co-rapporteur for the EU Task Force on Increasing AML Effectiveness Across Europe. His focus is on all aspects of AML from policy to due diligence, investigations and training.

Following the EU's publication of its proposed Regulation on Markets in Crypto Assets (MiCA) on 24th September, we are delighted to have had the opportunity to write a guest blog for BCB Group on what these new regulations entail, and how Brexit will impact this.

The Build Up

It is now more than a decade since bitcoin was created and some are asking whether the cryptocurrency world will attract some form of specialised regulatory coverage. If so, will it be treated like FX, which in many countries is unregulated as regards trading on a spot basis, but often regulated in terms of derivatives and funds? Will it be bespoke or will some other regime apply?

Legal and regulatory development has lagged far behind technological development in this area. Development of appropriate law and regulation has been sporadic and uncoordinated internationally. Commercially, bitcoin is very much the market leader, but there are now hundreds of cryptocurrencies in issue. Commercial use has started developing and you can now pay school fees, or professional bills in cryptocurrency. There are now ATM machines. Central Banks are debating about introducing their own digital currencies and the Chinese have started their first trial use.

Regulation usually follows the emergence of a new asset class, and cryptocurrency looks like it will be no exception... Click here to read the full blog on BCB Group's website.

BCB Group is Europe's leading provider of business accounts and trading services for the digital asset economy. BCB Group provides accounts and payments processing for the world's largest crypto-engaged financial institutions including Bitstamp, Coinbase, Galaxy, Gemini and Kraken, in most major fiat and cryptocurrencies.

It's no secret that blockchain-based systems are rapidly becoming a part of our everyday lives, not just in a peer-to-stealthy-peer, underground-darkwebs way, but also on a systemic level.

This list by Forbes titled "Blockchain 50: Billion Dollar Babies" illustrates the world's biggest companies like Google, Facebook, JP Morgan Chase, Amazon, and others all working on their own blockchain projects today.

Thanks to the genius of an unnamed coder(s?) known as Satoshi Nakamoto, who created the Bitcoin code, parts of this system were used to fuel thousands of cryptocurrencies, companies, and projects today, none of which would have happened without Bitcoin. Talk about creating your own business!

In fact, very recently was Bitcoin's 12th birthday, a round date that brought about equally round figures for its "CEO" (currently missing in action for over a decade) and early pioneers: bitcoin the token rose in price from tenth of a penny to $15400 apiece, in 12 years it has never been hacked, and now its creator's code is getting implemented all over the world. Not bad for a 12-year-old. But if these are just baby steps, what happens next?

Why are companies becoming more and more interested in blockchain?

This example of HSBC completing the world's first paperwork-free deal using Corda R3 blockchain is one no-nonsense illustration of what IBM.com calls "significant business benefits, including greater transparency, enhanced security, improved traceability, increased efficiency and speed of transactions, and reduced costs".

Transactions that take minutes, not days, fees smaller by several orders of magnitude, ability to provide complete proofs and auditable logs for anyone to see, are just a small snapshot of what blockchain can offer the world's companies today. And this is why in this rapidly developing sphere, the demand for people is desperate.

With over 140 000 000 users in Bitcoin alone according to Bitcoin expert Andreas Antonopoulos, this industry is increasing its sphere of influence at a staggering pace. But for that it needs people – and for people to take crypto seriously, and to trust this industry, there needs to be safety and security in the niche.

In response, more countries across the globe are beginning to introduce crypto regulations. But what does this mean exactly, and how is it likely to affect FinCrime and Compliance recruitment?

Are there regulations already in place?

Governments all over the world are already putting in dramatic efforts to make crypto safe everywhere. This industry is a lot safer than in the early days thanks to law and order (for instance, putting a stop to Silk Road made this sector a lot more secure; improving security mechanisms around Initial Coin Offerings and introducing Initial Exchange Offerings allowed for greater safety of public funds).

In the UK, just a few days ago (at time of publishing), Chancellor Rishi Sunak announced that the government is researching CBDCs as an alternative to cash, and that the Treasury is drafting proposals to regulate private stablecoins. This is a strong indication that the government believes digital currencies can transform financial services, and follows on from three other recent notable moves by the UK regulators in terms of crypto regulation:

• From 10th January 2020 any UK businesses carrying on cryptocurrency activity will have to register with the FCA and have until 10th January 2021 to do so, otherwise they must cease trading.
• The government are currently analysing responses to their consultation around bringing certain crypto assets into the scope of financial promotions regulations, with the purpose of "enhancing consumer protection while continuing to promote responsible innovation."
• Last Month, the FCA announced that the sales, marketing and distribution of crypto derivatives to retail consumers will be banned in the UK, arguing that the ban provides an appropriate level of protection to retail consumers, who are at a high risk of suffering losses from trading crypto-derivatives

Across the world, not only is crypto being affected by the classical banking structures, classical banking structures are employing crypto. Just one example of this happened very recently, when the Reserve Bank of Australia announced that it is planning a proof of concept (PoC) for a wholesale central bank digital currency (CBDC) based on distributed ledger technology (DLT), or more specifically, Ethereum blockchain technology.

"We are aiming to explore the implications of CBDC for efficiency, risk management and innovation in wholesale financial market transactions."

Michelle Bullock, Reserve Bank Assistant Governor

As government interest in CBDCs is increasing, crypto exchanges are also undergoing structural updates in accordance with emerging regulation requirements both from the outside and the inside:

• In many countries around the world crypto exchanges are required to have a license to operate.
• In terms of internal regulation, here's one illustration of having good controls in place: compare a crypto exchange today that makes sure it has a reserve fund to compensate users in case of a hack, and an exchange in the early days of Bitcoin like MT Gox, who didn't have any regulatory framework at all.

A certain balance has to be reached, of course, between users having security and privacy (this example of Coinbase users' indignation about exposure of their private data illustrates the importance of maintaining data integrity). But surely a way out could be put together that would protect users from fraud as much as possible and at the same time allowed them to keep their data their own?

With technologies like zero-knowledge proofs that enable users to confirm authenticity without giving up private data, there seems little doubt that enhanced regulations will be implemented soon.

If blockchain is such a tempting prospect why hasn't the government already fully regulated Crypto?

As many more global companies around the world use Bitcoin and blockchain to vastly improve their businesses, millions more users are joining the network. Since the beginning of the emergence of blockchain technology, governments have introduced regulation to try to minimize the risk of crimes, which were rampant pretty much from the beginning, giving Bitcoin a bad name from the get-go.

Just as dollars can be and are used to sponsor crimes, so can crypto, thanks to the fact that many, if not all, of its features are much more advanced than those of the fiat financial systems. Meanwhile, no-one is banning the USD on those grounds, and it logically follows that crypto shouldn't be seen only as the tools of drug lords and terrorists in just the same way.

Instead, introducing clear and meaningful regulation will put an end to lawlessness and fear associated with crypto for many users (take, for example, 80%+ of ICOs turning out to be scams) and could very well mean the beginning of rapid global adoption for crypto.

Governments are becoming much more accepting of crypto. This is evident when comparing in how many countries crypto was legal 5 years ago and now. In fact, all developed and affluent countries are now allowing crypto in one form or another, and comparatively there aren't many left who don't.

What's left to do?

As more and more governments study and understand Blockchain and its benefits, the crypto eco-system and its main players, it's becoming obvious that the only thing standing behind crypto's indescribable potential for good and a much more fair, simple, and noble world are clear regulations.

Ultimately, it is very likely that cryptocurrencies will become increasingly mainstream in the near future, and this increases both the potential for crime, and the need for regulations across the globe; so it follows that FinCrime and Compliance professionals will see openings for more crypto regulation-specific careers in the future.

Chancellor Rishi Sunak said on Monday:

"We are starting a new chapter in the history of financial services and renewing the UK's position as the world's pre-eminent financial center. [...] Our plans will ensure the UK moves forward as an open, attractive and well-regulated market."

At Twenty84, we are already starting to see an increase in regulatory roles in the Crypto and Digital Assets space. An example of some of the roles that we have seen so far include:

• Head of Risk and Compliance (Crypto)
• Crypto AML Officer
• Crypto Compliance Analyst
• Regulatory Crypto Markets Expert

Twenty84 recently partnered with CryptoUK

CryptoUK is the UK's self-regulatory trade association representing the crypto asset sector. Since their launch in 2018, they have been raising awareness of the need for a supportive regulatory framework for crypto assets in the UK.

At Twenty84 we are increasing our focus on Crypto/Digital Assets regulatory hiring and growing our experience in the sector, so this partnership helps us to understand the skill gaps and requirements in this fast-moving industry, which means we can offer a knowledgeable service to our Crypto and Blockchain clients.

We are excited about the potential to offer plenty of interesting new careers and opportunities to our Financial Crime and Compliance network!

Is this something you would be interested in?

Get in touch to find out about the digital assets / crypto regulation roles we have available, or to discuss the regulatory skills requirements in your Crypto / Blockchain business.

The world is now in the full swing of the Information Age.

Over the last few decades, technology has worked its way into almost every business sector and evolved from a luxury into a necessity for success.

The Financial Crime and Compliance sectors are far from exempt. The introduction of FinTech and RegTech alone is thought to have shaken up the industry significantly.

As a result, FinCrime and Compliance officers have already seen some major changes in how they carry out their roles, and it is predicted that these developments will continue well into the future.

The question that therefore arises is: Should officers be upskilling on FinCrime and Compliance technology now in order to prepare for these developments?

Let’s have a look at this in more detail:

How has technology affected FinCrime and Compliance officer roles already?

 As the world transitions into an increasingly cashless society, the opportunities for financial crime to take place physically have decreased but have subsequently increased digitally. Therefore, the need for technological preventions and interventions have also amplified.

Only last year, there was a significant focus on how advanced FinCrime features like intelligent automation and advanced analytics could assist in monitoring and detecting unusual behaviour.

Plus, just this year, there has been a call to favour contextualised and real-time monitoring of transactions over monitoring in isolation and in batch, alongside a whole host of other considerations.

At the same time, compliance technology has evolved from simple documentation data storage to encompass digital advancements such as automation, big data, AI/machine learning and more in order to help Compliance officers stay up to date with and manage regulatory requirements.

RegTech in particular, as noted above, has caused quite the stir by “providing technologically advanced solutions to the ever-increasing demands of compliance within the financial industry.” In fact, it has been said that “Systems, not people, are now the compliance guardians.”

Subsequently, FinCrime and Compliance experts are looking to digital solutions to combat financial crime and harness regulatory change more than ever before.

From big data-processing analytics to cybersecurity and other technologies such as blockchain and machine learning - plus much more - FinCrime and Compliance officers have seen a large shift from the more traditionally-known aspects of the role to a greater focus on technical skills and IT knowledge.

And how is it predicted that tech will continue to affect these roles in the future?

As technology becomes more advanced, financial criminals will adapt to discover new opportunities for crime and override the controls designed to prevent it. As a result, new regulations will continue being implemented, and new technologies created to align to them.

Some experts have questioned whether AI will take over the role of FinTech and Compliance officers altogether; indeed, it has been predicted that 50% of financial jobs could be lost in the future due to AI as more departments shift towards deploying technology rather than people to fulfil its goals.

However, it has been noted that the use of AI and other technologies in FinCrime and compliance are still very much a work in progress. Ultimately, human decision making, skills and abilities will remain the most vital component of success in the field, with AI simply complementing - as opposed to replacing - human judgement.

So, should FinCrime and Compliance officers start upskilling now?

When we consider what FinCrime and Compliance officer roles currently entail and how these roles are predicted to change further in the future due to technological advancements, then yes - upskilling on FinCrime and compliance technology is an important step to take.

In fact, in a Compliance Risk Study conducted by Accenture in 2018, 59% of employers stated that finding compliance professionals with the right technical skills was their biggest recruitment hurdle last year, and 76% feel that there is a significant gap between the current and required skills for effectively implementing compliance tools.

Strong technical knowledge will be needed by FinCrime officers in order to better investigate and understand any suspicious activity and subsequently prevent financial crime, while compliance officers with the right technology skills in-house will be called upon to support the development of RegTech to harness regulatory change.

However...

This may all seem quite daunting, but as mentioned above, technology and the skills it requires aren’t the be-all and end-all. Many FinCrime and compliance technologies are still in development, and even at their most advanced, will never be able to replace the human skills, experience and abilities of FinTech and Compliance officers.

As stated by Andrew Davies, vice-president for global market strategy, financial crime and risk management at Fiserv:

“Having a balance between people, process and technology is critical to maximising the return on technology investment and delivering heightened security in an ever-changing world.”

And similarly, the ICA states that:

“[Tech] may not replace the entire compliance function, but as with all industries, its impact at the manual level could be significant. It’s important that we understand this change so that as professionals we are best equipped to deal with the future, whatever it may bring.”

What next?

The future of FinCrime and Compliance officer roles is truly exciting. With so many new technologies currently in the works and on the horizon, the scope for officers to expand on their tech skills as well as hone more traditional ones offers a whole new level of diversity to a FinCrime or compliance career.

In fact, here at Twenty84, we have a number of different roles available that incorporate new and developing technology, and will give conscientious FinCrime and Compliance officers the chance to up-skill and truly advance in their career.

You can take a look at these roles here, or feel free to get in touch with our team today for more information:

Job hunting can be tricky at the best of times...

But while the world has been in the wake of the ongoing COVID-19 pandemic, finding the perfect role has become an even greater challenge.

However, it isn't impossible.

In fact, whether you’re looking for a role in regulatory compliance, financial crime, risk management or another regulatory role, this handy toolkit has all the tips you need to help you get started on your career-finding journey. You can also take a look at the roles we have available here!

Specifically, you will learn how to:

1. Find amazing risk/compliance risk roles
2. Optimise your LinkedIn profile for powerful networking opportunities
3. Get yourself noticed by hiring managers
4. Tailor your CV to ensure the greatest chances for success
5. Prepare confidently for your interview

An important note before we begin:

When it comes to finding a new role, it’s important to use a multi-channel approach in order to stand out from the crowd.

In today’s climate, simply applying for roles just won’t cut it, as competition for regulatory compliance, financial crime, risk management and other similar roles is rapidly increasing. Specifically, only around 1-3% of applicants get an interview through a job application!

For the best chances of success, you should spend around 40% of your time on applications, and the rest of that time on building your own personal “branding,” as well as building relationships with recruiters and potential hiring managers. Making the most of any current connections you may have who could potentially “put in a good word” for you can also be helpful, too.

So with that in mind, let’s get started!

The job hunter’s survival toolkit

Step 1: Setting up job alerts

Job hunting takes a significant amount of time, but one of the ways you can streamline your search in order to use that time more effectively and efficiently on developing your CV or taking part in training opportunities is through setting up job alerts.

Websites including LinkedIn, efinancialcareers, reed, CityJobs, indeed, Adzuna and others will allow you to sign up for new regulatory-centred job alerts based on criteria such as job type, salary, location and more.

You can set these alerts to arrive in your inbox as regularly as you like, whether that’s as soon as they’re posted or on a weekly basis. We would recommend setting these alerts to “instant” so that you can get ahead of the competition.

We’d also recommend registering to our automatic jobs-by-email list here so that you can be the first to know about the opportunities we have available!

Step 2: Setting up your LinkedIn profile

LinkedIn job searches are just one benefit of the website. An astounding 77% of recruiters rely on LinkedIn to find new employees, so it’s an extremely powerful tool to have in your job-hunting arsenal.

The trick here is to optimise your page to make it as easy as possible for financial crime, compliance, risk and other recruiters to find you, as well as making your profile stand out using your previous experience.

Optimising your profile

When optimising your profile, be sure to:

• Complete every section in the profile, including your industry, where you are based, your current employment position if you have one, at least two past roles, education and qualifications, and at least three skills
• Check that your current job title reflects the type of role that you want to be found for, as Recruiters often search on ‘current’ job titles. If you have finished your last role and are now immediately available, then be sure to add a new role which has a ‘To Present’ date on it, as well as the job titles that you wish to be found for. This will ensure that you still come up in Recruiters searches for ‘current’ job titles
• Use relevant and honest keywords within these sections that you want to be found for, such as “Financial crime expert,” “compliance consultant”
• Add any relevant links in the Features section – for example, any projects you have previously worked on and any relevant certificates or articles
• Move the sections of your profile around so that the most relevant parts that employers want to see will be visible above the fold – in this case, your previous roles and certifications.
• Create a vanity URL. When you first create a LinkedIn account, your page URL will be a mix of numbers and letters. Be sure to change this to your name.
• Set your profile to “open to opportunities” mode, and be sure to share it with “all LinkedIn users”

Making your profile stand out

• Ensure your profile headshot looks professional and relevant
• Feature any written recommendations from current and/or previous roles in the financial sector in the “written recommendations” section
• Showcase any awards or achievements you have accomplished in your current and/or previous roles
• Find and share – or even write – posts and relevant updates relating to the financial and compliance industry. If you’re busy, you can use a tool like Hootsuite to automate these posts for you! Remember to put any links to articles in the comments section so that your post gets more reach, too
• Encourage your friends, family and colleagues to like, comment on and share your post within the first hour that you share it – this will boost its visibility as it will enable algorithms to send it around
• Try and time these posts in line with the most popular times of day that employers browse through LinkedIn (currently mornings and mid-late afternoons on a Tuesday, Wednesday and Thursday)

Now that your LinkedIn profile is set up and optimised, it’s time to start networking!

Step 3: Get yourself noticed by hiring managers

According to TopResume, 60% of jobs are found through networking, rather than online. What’s more, platforms like LinkedIn actually have recruiter application, meaning that recruiters use them regularly to find potential employees.

Some of the ways you can take advantage of this include:

• Joining LinkedIn groups and webinars related to the financial crime, risk and compliance industry
• Sending connection requests on LinkedIn to current and previous colleagues relevant to your industry
• Connecting with people you haven’t worked with before and may hire you - just be sure that you give context to your invitation, such as noting that you have read their work or seen them speaking at an event, or noticed that they have a relevant role open that you could be suitable for. Once you’re connected, feel free to comment meaningfully on/share their posts to get yourself noticed, and aim to add value to them in some way
• During your LinkedIn job search and applications, also be sure to try and find hiring managers on the platform to let them know you have applied. This is a two-pronged approach that will ensure you have contacted both the HR and Talent Acquisition team through your application, as well as the hiring manager

By connecting with a network of professionals like yourself and using LinkedIn regularly to comment on, share and like posts, you’ll become easier to find as the LinkedIn algorithm likes active profiles. This way you’ll also become attractive to prospective managers, and be open to roles on the hidden jobs market.

This term is used to describe roles that haven’t been publically advertised, usually because businesses are looking to save money on advertising their positions on job sites or because they want to find candidates through employee referrals and networks.

Step 4: Tailor your CV to ensure the greatest chance for success

Typically, an employer will only read a CV for about ten seconds before deciding if its creator is worthy of the role they’re hiring for, so it’s essential that yours is tailored for the specific financial crime/compliance role you’re applying for and packs a punch! Here’s how:

• Read the job advert - whether that’s from your LinkedIn job search or the company website – plus any attached documents carefully, making note of any essential or desired skills or experience highlighted, and edit your CV to include these where possible
• Make note of the kinds of language they use, and alter your CV to match this
• Place your most relevant experience at the top of your CV, including training, qualifications and both soft and hard skills so they’re quick and easy for the employer to find
• Cut out any irrelevant information
• Explore the website of the company advertising the role to learn about their culture and values, and include anything you have done that links to these - for example, if they have a sociable culture and you have previously been in charge of a workplace social committee, mention that!

There’s plenty more information about CV-writing on our website, which you can access here.

Step 5: Preparing confidently for your interview

We recently wrote a helpful blog which goes into detail about preparing for financial crime and compliance job interviews, which you can read here.

However, as a result of the COVID-19 pandemic, it is highly likely that any interviews you have for the foreseeable future will take place via video call. In which case, be sure to follow these tips:

• Ensure that the room you will be in for your interview is free from noises and distractions (be sure your phone is on silent), and has stable internet access to avoid any connectivity drop-outs
• If you are sharing your living space with other people, be sure to remind them that you have an interview so that they know not to disturb you
• Test your webcam and microphone in the lead-up and on the day of the interview to ensure they are working
• If you are using a laptop or tablet, be sure it is connected to a reliable power supply
• Wear smart clothes as you would for a face-to-face interview, in line with the type of company culture that you are interviewing for. For example, a shirt and tie would be appropriate for an interview with a big bank, or an open-necked shirt and jacket for FinTech companies
• Use open body language and show that you are engaged and listening to the interviewer(s) by smiling and nodding. Also, look into the webcam and not at the screen to maintain eye contact
• Make your answers shorter and more succinct than they would be in a normal interview situation, as attention can be lost more quickly on a video call
• Ensure you have a pen and paper handy so you can make notes, as well as your CV/completed application form to refer back to. You could even attach post-it notes around your screen for any basic reminders and prompts
• Practice with a trusted friend or family member!

Bonus step: Keep track of company funding rounds

Back in June, £600 million of funding was released in the previous 90 days for UK FinTech companies – and funding often leads to hiring! You can see a full list of the companies that have benefited here (one-third of which have live compliance and risk management roles).

It is, therefore, worth keeping an eye on websites of similar companies to see whether they’ve received funding and are likely to have new roles in the pipeline.

Google Chrome’s Page Monitor extension is a handy tool for this, as it will let you know automatically when any of these websites make updates, so if any new opportunities arise, you’ll be among the first to hear about them! Alternatively, you could use a tool like Crunchbase, which tracks company funding rounds.

Twenty84 can help you further...

Here at Twenty84, we have helped financial crime, risk, compliance, regulatory and other relevant candidates succeed in finding and securing roles during the COVID-19 pandemic – without meeting the employer face-to-face!

If you are currently looking to find your ideal role, take a look at the opportunities currently available via our website, register your CV with us, or contact us to speak with one of our recruitment experts today!

As we mentioned in our recent blog about financial crime and compliance interview tips, getting a role in compliance or risk can be highly competitive.

As a risk and compliance recruitment agency, at Twenty84 we are proud to offer a versatile, proactive, and forward-thinking approach to recruitment that enables us to place candidates in their dream role.

One way in which we do this is by doing our bit in the compliance, financial crime, risk and regulatory community. In fact, a pillar stone of our ethos is that we are genuinely interested in helping and advising our community as much as we can.

The Covid19 crisis has brought this home more than ever, and we have found ourselves in a position where we can use our knowledge, network and technology to help get our risk and compliance community back to work and improve their careers, even if there is no monetary gain for us.

Doing our bit to help

How do we do it? For starters, by sharing jobs that we are not working on so that people can apply directly and collaborating with Heads of Compliance and Risk to provide interview advice based on actual questions they use. We are also giving practical advice and sharing useful data on the hidden jobs markets, as well as sharing video interview tips and information on how to apply to roles effectively. We have even often shared our networks with candidates to help them get in touch with potential hiring managers themselves.

‘Doing our bit to help’ has always been part of our ethos, which is why we make regular charitable donations to MyBnk. And now more than ever, it is important to us that this ethos underlies our recruitment practices and everything we do. Read on to find out how our approach to recruitment helps us to play our part.

Being agile and experienced

At Twenty84, we are extremely agile in our approach to recruitment, having gained years of intensive experience working with both small and midsize companies. As a result of this experience, we often deal directly with line managers or with direct recruiters in larger companies, and are known to adapt our approach to fit the culture and policy of each of our clients to make sure we find the right people for the job.

Offering a highly niche service

Many recruitment agencies will recruit for a large variety of roles across a multitude of sectors, but at Twenty84 we focus solely on compliance, financial crime, risk and regulatory roles – and we believe that our specialist knowledge of these sectors means we are best placed to prepare our candidates to succeed.

Our expertise in the sector has proven to be very effective in terms of ours and our candidates’ success rates; we're not a jack-of-all-trades and we have a lot of knowledge about the positions we recruit for and what they entail - which means we are able to give candidates the dedicated support they need to achieve their ideal role.

Keeping our finger on the pulse of regulatory updates

At Twenty84, we are also highly invested in the topics of compliance and financial crime and how they continue to develop. Updates, news and events in the sector take place almost daily, and by keeping our finger firmly on the pulse, we are able to gain a deeper understanding of the roles we are recruiting for whilst also advising our candidates in the most informed way possible. This knowledge also gives our candidates the confidence they need to succeed in their interviews and careers.

Providing our candidates with the best chance of securing a role

As we said above, roles in compliance and risk are especially competitive, so it's essential that compliance recruitment agencies provide their candidates with the best chance of securing a role. In order to do this, we offer preparation calls, emails and virtual meetings at every stage of our recruitment process, and - unlike many recruitment agencies - we treat each of our candidates as individuals as opposed to numbers that need to fill spaces.

And that’s not all. We also provide active feedback at each stage of the compliance recruitment process, including CV submission, where we will let candidates know if their CV is not selected and explain why. Additionally, we give all of our candidates interview feedback if they are unsuccessful too, to ensure that they are sufficiently prepared for the next opportunity. Finally, if our candidates do have any skills gaps, our knowledge of training opportunities within the sector means that we can point them in the right direction so they can enhance their skill set.

If a candidate isn’t successful at interview stage, that’s not the end of our relationship; we will keep working as hard as we can to help our candidates secure a position and keep them updated on the market, tips and advice. As a result, some of our candidates have been in touch with us for many years and enlist our expert help each time they are ready to make a change or further climb the career ladder.

Being honest, reliable and efficient

Honesty truly is the best policy when it comes to compliance, financial crime and risk and regulatory roles - so it is imperative to us at Twenty84 that we are equally as honest. We always “wear both hats” when it comes to our network because we often encounter situations where clients become candidates, or candidates become clients.

What’s more, we are also sensitive to the individual situations of each of our candidates and clients, and we have also proven ourselves to be especially reliable and efficient over the years due to our agile structure and approach. This means that we have the ability to act very quickly if required.

Utilising only the most advanced recruitment technology

Technology is fast evolving, so when it comes to the work completed by compliance recruitment agencies, it’s absolutely essential to keep up with the latest developments. At Twenty84, we have made sure that we utilise only the best and most advanced recruitment technology in the business, which has enabled us to improve our ability to source for roles and deliver the best candidate experiences, as well as stay on top of data protection.

How we can help you

These practices only just scratch the surface of the recruitment processes we implement here at Twenty84, and it is our mission to ensure that we continue to improve our services well into the future. If you are looking to progress your career in risk or compliance and would like to explore our services and processes further, please do get in touch; we’d be delighted to speak with you.

Equally, if you are a business in need of risk, compliance, or financial crime candidates, feel free to contact our team today and we’ll help you find your ideal candidate right away.

The COVID-19 pandemic has been a huge test of operational resilience.

No business sector has been left unaffected by the outbreak, and for those who do not have a business continuity plan in place, the impact has been huge. If you don’t have a business continuity plan or if your existing one needs updating, now is the time to do it - so read on to find out how to bolster your operational resilience and discover how our specialist financial recruitment services can help you to protect your business throughout the COVID-19 crisis and beyond.

The impact of COVID-19

As a result of the coronavirus pandemic, the international stock markets have experienced the worst week since the 2008 financial crisis. 79% of board members state that their organisations are not well prepared to deal with a crisis event, and according to a survey by the Fintech Fincrime Exchange, only 29% of companies with a business continuity plan included pandemic as one of the scenarios. As a result, a staggering 94% of the Fortune 1000 are seeing coronavirus supply chain disruptions, whilst the coronavirus has already shut down more than a quarter of UK businesses - and more than half a million UK companies are thought to be in significant distress.

Business continuity best practice

According to the Financial Conduct Authority, all firms should have a contingency plan in place to deal with major events and these plans should have been tested. Essentially, the message from the FCA is that despite these challenging times, companies should still maintain appropriate measures to ensure business continuity and regulatory compliance. A comprehensive business continuity plan provides a roadmap for continuance and/or the restoration of mission-critical functions during and after a disaster; however, there are distinct differences between traditional business continuity planning and pandemic planning.

How to plan for a pandemic

Pandemic planning presents a number of unique challenges. Unlike natural or technical disasters, the impact of a pandemic is much more difficult to determine because of the difference in scale and duration. As a result, pandemic plans should be flexible and effectively address a wide range of possible effects that could result from a pandemic. With that in mind, important questions to ask yourself include:

• Does your firm have sufficient technology to support remote working over a prolonged period of time?
• Can you effectively manage security and privacy requirements?
• Can you deliver transformations and changes in a controlled and efficient manner?
• How can you promote employee and client health and safety?
• How can you maintain engagement with the workforce?
• What business resources should be prioritised when it comes to resource allocation?
• Will your current contingency arrangement last the expected lifetime of the pandemic?
• And will it expose your firm to any other potential issues?
  
  

How to bolster resilience

In times such as these, your business continuity plan should be a live document that is regularly updated according to what is going on. It’s about managing the immediate resilience challenges faced by the firm so that you can continue to maintain operational resilience. Key things to think about and plan for include:

• How long your firm can operate under significant stress before becoming vulnerable
• Which important business services could expose your business to risk or cause harm if disrupted
• Setting impact tolerances for each important business service
• Mapping the people, processes, technology, facilities and information that support important services
• Testing your firm’s ability to remain within its impact tolerances through a range of disruption scenarios
• Ensuring you have the necessary technology and culture to enable a remote workforce
• Conducting lessons and exercises to identify, prioritise and invest in your employees’ ability to respond and to recover as quickly as possible
• Developing internal and external communication plans for when services are disrupted
• Creating a self-assessment document for ongoing improvement

Planning for the future

Your business continuity plan should also address the step-by-step process of recovering and reinstating business operations to a pre-disaster state. This includes assessing the damage, estimating recovery costs, working with insurers and monitoring the progress of the recovery process. Even when firefighting and navigating challenging times, by keeping a record of where stresses have emerged and what has helped or hindered the maintenance of key services, companies can improve their business models. This way, lessons can be learnt from any disruptions to ensure improved resilience in the future.

Why you should hire a business continuity specialist

There are a number of skills and specific experience needed to competently and efficiently set up a business continuity plan, especially in the face of a pandemic, so it makes sense to use specialist financial recruitment services to find an expert. From risk assessment to crisis management experience, project management and interpersonal skills to flexibility and adaptability, a business continuity specialist will have honed their skills over the years, and they will also have a deep understanding of the relevant regulatory requirements too.

When it comes to business continuity, if you want to ensure your programme doesn’t have any gaps that could lead to losses in the event of a disruption, it’s a good idea to hire an expert to meet your business continuity needs. As a result of the current pandemic, many businesses are turning to business continuity specialists to help them with their operational resilience and risk management. So if you are looking for business continuity specialists on a permanent or contract basis, contact Twenty84 to find out more about our financial recruitment services today.

At the time of writing, the UK is currently experiencing restrictions with the way we live and work in attempts to manage the impact of the COVID-19 pandemic.

This has seen the temporary (and unfortunately in some cases, permanent) closure of many businesses and organisations across the nation. And when it comes to compliance, financial crime and risk hiring, candidates looking to secure a role in these sectors are likely to have had their application processes postponed or even rescinded. 

This is an uncertain time for both recruiters and candidates; but what it does give us is a moment of pause to consider what we can do to become even more successful once we emerge from this pandemic. At Twenty84, we are taking this as an opportunity to think about what we can change or improve; and in order to continue helping risk and compliance specialists throughout this crisis, we have come up with the following 7 things that risk, financial crime and compliance candidates should do while they now have the time, and before the pandemic is over:

7 things compliance, financial crime and risk candidates should do during the COVID-19 pandemic

1. Stay up to date with sector news and risk and regulation updates

Despite the current restrictions, risk, compliance, and financial crime issues, challenges and regulatory demands remain. In fact, there have been reports of increased financial crime since the outbreak of the virus. New and updated compliance regulations are also coming into play constantly, so be sure to keep an eye on these, particularly when you have a few minutes to spare. By keeping on top of current news and regulations, you’ll not only be in the right frame of mind to work on applications, but you’ll also impress interviewers with your up-to-date and relevant knowledge. Be sure to keep an eye on industries where there maybe an uptick: for example FinTech finance apps, digital banking, contactless payments and so on.

2. Stay in touch with other professionals

With everyone at home and with more flexibility now is a great time to stay in touch with other professionals and re-establish contact with old colleagues. Although you will not be able to see them face to face during the pandemic, this does mean that you will have more time to get in touch via phone call or for a virtual coffee and discuss the latest updates in the sector, bounce different ideas around, and subsequently keep a strong and alert risk, financial crime/compliance mindset. You may even find that new opportunities begin to present themselves! 

3. Make yourself available for contract/interim work

Now that changes to IR35 regulations have been postponed until 2021, this time of quiet offers a great opportunity to make yourself available for any contract or interim work that might be available to complete remotely. If you decide to do this, be sure to change your availability on any online profiles to available for “contract”, as well as on your favourite job sites. You should also let your recruitment agency know of this update, and change your LinkedIn settings to show your interest in contract roles, as well as updating your LinkedIn profile headline to show that you are open for permanent and contract/interim positions. Any experience you can gain between now and the end of the current pandemic could be transformative to your application processes in the future!

4. Complete online training courses

Being a risk and compliance professional, it’s likely that, although you will have completed your necessary training, you’re unlikely to have the time to further this. Now is therefore the perfect opportunity to do so. While all in-person training and learning opportunities in financial crime, risk and compliance are suspended for the time being, there are a multitude of risk and compliance training courses and webinars that can be accessed online. While you are at home during these restrictions, be sure to explore these opportunities to brush up on your current skills and learn some new ones. You can usually print out certificates at the end of these online courses, which will look great in your portfolio! Which leads us on to:

5. Update your CV/portfolio of experience

Due to your busy schedule, you may not often find the opportunity to update your CV. While you are working on online training courses, be sure that you also take a look at your CV and make sure all the essential information is present and correct. If you don’t currently have a portfolio, this period has provided the perfect opportunity to go back through your archives and put one together. The more accurate, professional and up-to-date your CV and portfolio is, the more likely you will impress employers in your applications!

6. Practice interview techniques

Now is also a good time to research the latest interview structures and techniques, as often, risk and compliance candidates do not have the opportunity to do so due to time constraints. During this period, be sure to take this opportunity of extra time to do your research into the organisations you are applying to work for so that you can answer any questions they may have for you in the interview effectively. Be sure to make note of any questions you may have for them, too. If you are fortunate enough to be in isolation with friends or family, ask them to help you by taking on the role of the interviewer, getting them to ask you questions so that you can practice answering them with confidence. 

7. Take care of your physical and mental wellbeing

Although it’s important to use your new-found time as an opportunity to prepare for compliance and risk recruitment opportunities, also be sure that you take the time to look after your mental and physical health. At the time of writing this blog, UK residents are permitted to leave their homes for one form of exercise per day, and by doing so, you’ll not only be able to keep up your physical fitness, but this will also give you a necessary break from your candidate preparations and come back to them later with a fresh mind. Keeping in touch with friends and family over phone, text or video calls, and engaging in hobbies and interests outside of your professional life are also important for your mental health, and will help to ensure you feel refreshed and prepared for the next steps in your financial crime, risk or compliance career once the pandemic is over. Having a daily routine is also important for your mental wellbeing, so be sure to create a timetable or schedule of tasks and activities (including all the above ones) for each day. Ticking off each task as you go is a great motivational technique, too!

Conclusion

Much compliance, financial crime and risk recruitment is on hold during the COVID-19 pandemic, but competition for roles in these sectors is still high - and will likely be much higher once the current restrictions have been lifted. However, by using the time you have been given back due to the current restrictions to complete the above suggested tasks, candidates should see their chances of securing a role in the risk, financial crime and compliance sectors significantly increase.

In the meantime, be sure to look at the risk and compliance roles we have listed currently on our website, and feel free to get in touch with our team should you like any further hints, tips and advice for improving your chances of securing a role.