As businesses undergo digital transformations in their front and back office operations, similarly cybercriminals are advancing the sophistication of their methods.

How has the Covid-19 impacted the Compliance Function of banks?

This global health crisis has disrupted business norms and the compliance function is no exception. With more employees working in less secure home-based environments and client relationships shifting entirely online and non-face-to-face, banks are confronted with mounting pressure for strengthening their control mechanisms and risk management. With the whole system under stress, regulators across the globe have significantly increased their oversight over the banking and other financial institutions, ensuring that anti-money laundering compliance stays robust. Customer due diligence (CDD) measures and anti-money laundering procedures (AML) will come under reassessment as adoption of work from home policies is likely to become prevalent post-lockdown. Similarly, added controls need to be put in place in cases where the bank is unable to meet clients face to face. While new ways of working take shape, banks will continue to operate their existing business processes, including surveillance, monitoring, and clients’ reviews, within the boundaries of regulations. As warned by the Financial Action Task Force (FATF), criminals and terrorists may seek to exploit gaps and weaknesses in national AML and financing of terrorism controls, under the assumption that resources are focused elsewhere.

How do these frauds usually happen?

The frauds in banking are predominantly in the sphere of identity theft and breaching the electronic security of bank accounts. As businesses undergo digital transformations in their front and back-office operations, similarly cybercriminals are advancing the sophistication of their methods. In pandemic times, common frauds include advertising and trafficking in counterfeit medicines and offering fraudulent investment opportunities. With surgical masks, sanitisers, personal protection products, and other medical supplies in high demand, several fake shops, websites, social media accounts, and email addresses claiming to sell these items have sprung up online. But instead of receiving the promised goods, unsuspecting victims have seen their money disappear into the hands of the criminals involved. With new technologies nowadays, there are also other frauds that may be linked to malicious or fraudulent cybercrimes and fundraising for fake charities. These types of frauds are on the rise globally, with criminals attempting to profit from the pandemic by exploiting people in urgent need of care.

What can banks improve their internal controls to preventing fraud?

Assessing the culture, attitude, and awareness amongst employees about their knowledge of fraud is vital. Banks must continue to sensitize both staff and clients about the critical role they play in preventing, detecting, and deterring fraud. In many cases, it is the client who is facilitating the payment. Therefore, today’s clients need to be skilled to avoid falling victim of fraud by either disclosing their bank details on unsecured platforms or by opening emails or phishing links that are unknown to them. It is also important to be cautious when doing online shopping and purchases. They may independently verify the company/individual offering the items before making any online purchases. Moreover, in case the bank identifies such cases, there are relevant reporting obligations.

Why was Mauritius recently included in the European Commission’s list of high-risk jurisdictions?

The European Union has recently adopted a new list of third countries with strategic deficiencies in their anti-money laundering and counter-terrorist financing frameworks, as part of its action plan to improve EU’s anti-money laundering / countering the financing of terrorism framework and Mauritius is included in this list. The EU listing is a direct consequence of the listing of Mauritius by the Financial Action Task Force (FATF) on its list of “jurisdictions under increased monitoring”.  

The FATF recognises that currently Mauritius does not have technical compliance issues and has taken measures to improve on the deficiencies identified and various actions were taken. The relevant legal frameworks and guidelines were reviewed accordingly and Mauritius also conducted a National Risk Assessment on anti-money laundering and terrorist financing in 2019. Further to these remedial actions, there were follow up reports sent to the Eastern and Southern Africa Anti-Money Laundering Group (ESAAMLG) and Mauritius is now deemed by ESAAMLG to be compliant with 35 out of 40 FATF Recommendations. The remaining 5 FATF recommendations, on which Mauritius has taken a high-level commitment to implement the Action Plan, are now under scrutiny. All relevant stakeholders, including the banking sector will have to work together to ensure that we address these issues with the highest priority to ensure compliance with the FATF recommendations. I believe that once we work on these, we must request for a reassessment from ESAAMLG, to display the improvements made. Mauritius will have to demonstrate, as it has done several times in the past that, it is continuing to operate by the highest standards of international good governance and regulatory framework.

What will be the effects of Mauritius being added to this list for the banking sector?

This is another impending crisis that could have far more harmful effects than the COVID-19 crisis. We can expect to receive some queries from our correspondent banks, custody counterparts, and even clients. External counterparties dealing with Mauritius will conduct enhanced due diligence on banks and there may be several other restrictions. Some banks or countries may restrict the payments or investment being done through Mauritian banks and request for further documents and information, before processing payments. There is the possibility that some of our correspondent banks and counterparts may start de-risking, further to the inclusion of Mauritius in the EU list of high-risk jurisdictions. This is likely to impact the banking and financial services sector of Mauritius, which is an important national asset.