SlideShare a Scribd company logo

Session 10. Risk Management lekture financial markets

Download as PPTX, PDF
P
parketkril09

Finance

Economy & Finance
1 of 63
Risk and Compliance. Crime, Fraud, and Money Laundering. Corporate Governance and Finance – Lecture 10 Prof Tom Kirchmaier 22 April 2022 1
House Rule Chicago Style “Ask whatever you want, whenever you want!” 2
Definitions Risk vs Uncertainty 3
Definitions Risk - the quantitative assessment of the likelihood of unfavourable events occurring, and the likely loss resulting from it. Uncertainty - the unquantifiable portion Governance - making a strategic decision on how much risk a firm should take on Compliance - enforcement 4
Types of Risk 5
Risks (Incomplete and Random) • Financial Risk & Investment risk • Counterparty Risk • Supply Chain • Execution Risk • Business Model • Climate Change • Regulation • Market Access • IT • …. 6
Investment Risk • Market risk • Liquidity risk • Concentration risk • Credit risk • Reinvestment risk • Inflation risk • Horizon risk • Longevity risk • Foreign exchange risk 7
Risk in Policing From Dr Peter Langmead-Jones (Greater Manchester Police) 8
Basis of choices… Risk Harm Threat Vulnerability Confused: Definition Assessment Use 9
Vulnerability Threat Harm Risk Vulnerability Loss of balance Threat Crocodiles Harm: Death by crocodile (by loosing balance and falling into the crocodiles) Risk : The likelihood that the tightrope walker will loose balance, succumb to the threat and suffer the harm 10
Reduce risk…address vulnerability Vulnerability Loss of balance Threat Crocodiles Harm: Death by crocodile (by loosing balance and falling into the crocodiles) Risk : The likelihood that the tightrope walker will loose balance, succumb to the threat and suffer the harm Improve balance 11
Reduce risk…address threat Threat Crocodiles Harm: Death by crocodile (by loosing balance and falling into the crocodiles) Risk : The likelihood that the tightrope walker will loose balance, succumb to the threat and suffer the harm Vulnerability Loss of balance Remove Crocodiles River Harm: Death by drowning (by loosing balance and falling into the river) 12
Terms are often confused… Risk Vulnerability Harm Threat = anything that can exploit a vulnerability, intentionally or accidentally, and cause damage (i.e. source of harm) = the damage / deleterious effect caused by a threat exploiting a vulnerability = the potential for harm as a result of a threat exploiting a vulnerability = a weakness or gap in protection 13
Remember… • Threat with no vulnerabilities = no risk • Vulnerability with no threat = no risk BUT • We don’t know all the vulnerabilities and threats AND • Is context specific 14
‘Big Data’ 15
The Puzzle • Low Productivity growth, low investment levels • Enormous technological opportunities 16
Big Data What’s new? What is it? Big Data = Data What’s new? Time series of reliable (organisational level) data • helps us robustly answer questions • as we can control for unobserved ‘heterogeneity’ Combining various (open) data sources • allows us to create novel and powerful insights • Spatial dimension of data extremely valuable 17
Big Data What to use it for? Gaining insights Optimising Systems Automation of tasks (but human always makes the last decision) Predicting outcomes (at times) 18
Big Data History Issue: data collected for recording and documentation, not analysis Data ‘internally’ inconsistent, and often incomplete 1985+ Financial data records / ERP accounting systems 1994+ Widespread use of ERP systems in organisations, and Email/Internet 2000+ Widespread digitisation of information 2004+ Systematic collection of (all sorts of) data series, dramatic increase in data quality 19
Big Data Data quality Organisations have good data • On average • GDPR might be used as an excuse • Be very careful about the IT service contracts you write • You need to be able to extract data easily, freely, and frequently (dynamic) • Security is often used as an excuse 20
Big Data The revolution Pull vs. Push Systems 21
Causation vs. Correlation ‘Correlation is not causation’ 22
Spurious Correlations Source: http://www.tylervigen.com/spurious-correlations 23
Understanding Methods • Carefully specified regressions • Ability to predict • Established method Causation • Machine Learning (Lasso, supervised learning, tree models [Random Forest]) • Good for • Ranking of influencing factors • Predictions (ceteris paribus) • Requires very large samples Correlation 24
AI A concept, not reality Only two functioning unsupervised learning / self-learning applications Very clear rules Clearly observable and unambiguous movements Clearly defined space (physical and options) Ideal for permutation ‘game’ 25
Learning Systems We loop, and re-estimate every time we get new data 26
A Force for Good or Evil 27
‘Big Data’ – the not so nice side Enormous economies of scale and scope lead to natural monopolies Private providers will always exploit it to the fullest (Google, Facebook, … ) o trying to lock people into dependencies o have a weak moral compass … to the degree that they are now destroying their own ecosystem in Silicon Valley We are terribly naïve about the intent of some of these firms; regulation and contracts will only provide limited security 28
‘Deep Fake’ • Faces and full bodies can now be generated in every image and movie • What’s real? • People to watch (amongst others): Sarah Atkinson (Kings) or Hao Li (U Southern California) 29
Compliance Chapter 6 30
Risk Regulation Compliance 31
Risk (Remember) 1. Likelihood of an unfavourable event occurring (state contingent) 2. The associated likely loss (distribution) 32
33
Compliance • Compliance with law and regulation ‘continuous’ • Compliance costly • Ultimately responsibility of board • Issue of enforcement (10% error for speed checks) 34
Compliance • Compliance costly • Compliance function can get very big, with little value added • Whistleblowing • Non-compliance also costly • Fines • Reputational damage (naming and shaming) • Trade-off between cost and benefits • Interesting cases • Danske Bank • B737 Max • BP (Deepwater Horizon) 35
Compliance Theory • Compliance adds a layer of complexity to agency problem • Regulator is now the ‘highest principal’, above the board, then management. • Issue of plausible deniability (shareholders care about profits) 36
Comply or Explain • A British way to deal with the ‘rule-taking’ version • Adopted throughout Europe • A very good idea in principle, but in practice most companies just comply • Explanation often meaningless 37
Governance, Risk, and Compliance (GRC) • Compliance one function with governance, risk management, and IT governance (GRC) • Aims to enforce risk limits and accountability within the organisation • IT constitutes major operational risk 38
Three Lines of Defence 1. Operations 2. Compliance and Risk Management 3. Internal and External Auditors • Board of Directors 39
Environmental, Social, and Governance (ESG) • Influence the ethical impact of a company • Part of the investment decision process • Selected ESG Issues: • Human Rights • Carbon Emissions • Diversity • Employee welfare • … 40
Corruption • Petty corruption • Grand corruption • Political corruption (bakshees, or major bribes) • Small favours surprisingly ‘successful’ 41
(Anti-)Money Laundering (AML) 42
Issues with AML Initiatives • Incredibly expensive for society • Cumbersome for banks, their staff, customers, and intermediaries • Very ineffectual • We might just find 1% of ML payments • Strong bias to detect the small, and unsophisticated ‘criminals’ • Very profitable for consultants, TR, etc.
An Example From Europol • A payment processor for drug payments • Collects cash from street dealers throughout Europe; around €1bn annually • Counts it, launders it through European banking sector, and sends it back to the Americas as ‘clean’ • Fee: About 6-7% • Origin: Lebanon, with likely links to Hezbollah
A Reminder Sources of funds, classified as ML 1. Proceeds of (Serious) Criminal Activity Drugs. Human Slavery. Child Sexual Exploitation. Racketeering. Fraud. Cyber. 2. Embezzlement of State Funds, Tax Evasion, and Serious Corruption 3. Avoidance of Currency Controls (China) 4. [Terror Finance]
Organised Crime • ‘Clean’ the proceeds of criminal activity • Form of ML with direct impact on society • it encourages criminal behaviour • once proceeds get re-invested in the society will affect asset prices and drive legitimate business out of the market (simply as the price pressure is not the same). • as we know from Sweden, organised crime and jihadi groups are increasingly intertwined, hence organised crime might finance future terror related activities in our backyards. 46
Embezzlement, Tax Evasion and Serious Corruption • Typically involves large amounts coming from states with weak institutions. • Little incentives for institutions in intermediate countries, like Denmark, to get involved. • Given that the amounts are very large, these activities are highly profitable for the intermediary financial institutions, and so ‘helpful’ to improve the financial stability of that country. 47
Avoidance of Currency Controls • Again highly profitable • Main source countries Russia and China • Saipan in the Pacific 48
Terror Finance • Practically undetectable by looking at the finance stream • Alternative detection mechanism is for banks to track IPs • Classical police intelligence work probably better value for money 49
The Legal & Institutional Framework In need of restructuring 1. FATF (Born out of G7 in 1989): 40 rules Rules written by lawyers for lawyers; very difficult to operationalise Unclear how effective. In urgent need of an update 2. Financial Investigation Units (FIUs) Very under-resourced, as political priorities are with ‘classical policing’ High staff turnover, as Banks poach aggressively Staffed by police men / women, with good investigative skills Very short time window for investigation / decision on STRs 3. Banking Regulators Very limited power Branches vs Subsidiaries (remember AIG Banque – USD 180 billion bailout) In the future, the FIU should become part of the regulator, who will pay for it
On Data The application to (A)ML
Data Infrastructure The Current Issues • Far too much work is done manually, which is expensive and cumbersome, and leads to inconsistent outcomes. • Detection algorithms focus on within account consistency, not across (very easy to circumvent) • Commercial algorithms lack an outcome variable (prosecution/conviction), and hence are trained to detect a small number (about 40-50) of known cases • Substantial body of literature on SOC, but typically ethnographic, documentary, or biographic in nature, often picked up by the Media, and Hollywood. • These leads to a popular conception based on anecdotes rather than empirical work
Data Infrastructure The Current Issues • The data revolution hasn’t arrived at the ML world • Much of the open source datasets do not get exploited adequately • Sanctions lists will be provided as open-source, including much better algorithms • For SOC, the police datasets are very rich, providing a lot of insights • There is value in the payment data
The Way Forward What am I working on?! • We need to ‘mechanise’ much of the manual labour • We need to focus on the ‘big problems’; let’s not throw the baby out with the bathtub (Trust within the Nordic Societies) • The algorithms must be tailored to the issue type (1 vs. 2-5). Terror finance is undetectable with algorithms • On SOC, I have access to the UKs Organised Crime Group Mapping, and will have access to the population of STRs. Sanctions Data will be made available as an open platform, with much improved search algorithms. Company registers will be cross-checked mechanically using OpenCorporates. Plus a big ‘goodie’ …
The Way Forward What am I working on?! • For 2-5, we will need to work much closer with the Financial Regulator to observe large payment flows. • We will need to strengthen the reporting (STRs) of large sums to intermediaries.
The Way Forward Institutions • Responsibility for anti-money laundering investigations should move from the FIUs to the supervisory bodies, in our case the Danish FSA, and combine all activities under ‘one roof’. • The FSA should pay for all activities, including the investigators who will work alongside and in close collaboration with the officers from the FSA. • The financial supervisor understands banks much better than a FIU ever can, has access to their data, should have the empirical skills, and is much better than resourced than the Police Service. • This will require that the FSAs are reorganised along clear responsibilities, and without conflict of interest.
The Way Forward Proposed FSA Structure • Regulatory and Policy (pre-legislative work) • Inspection (inspections into bank’s compliance with regulation) • Investigations (investigations under strengthened legal guarantees and legal controls, handed over from the Inspections Unit) • Enforcement
Danske Case 58
History • Founded 1871 • Rescued first time in … (?) • Rescued second time in 2008/9 (state guarantees & capital injection) • Purchase of Baltic Branches from Finish Sampo Bank in 02/2007 • About 2.8m retail (personal & business) customers (v. small; HSBC 39m) 59
Events in Estonia • Danske Laundromat 2007 – 2015 • 2007: 1,550 ‘suspicious’ non-resident customers • Over the period, around USD 230 billion (based on 6,200 customer reviews, out of about 15,000 in Estonia) suspicious transactions (impossible to proof that it is ML) • Mechanism: (Fictious) shell companies; mirror trades; fake trade invoices • SwedBank: Much bigger share of the Baltic Market (non-resident population unclear) 60
Management and Supervision Issues • Thomas Borgen was Head of International Banking (2009-2013) • Promoted to Danske CEO in 09/2013 due to ‘stellar’ performance of the Baltic business (similar to Brigitte Olsen at Swedbank) • A number of red-flags within the bank (internal auditor reports) • Equally, a number of concerns were brought to the attention to the Supervisory board (via Russian Central Bank, Estonian Supervisor, Whistleblower) • Ernst & Young accused of criminal negligence / cover-up; potential further political ‘liabilities’ • ‘Last’ / fail with regard to supervision (FATF assessment in 2017) 61
Deutsche Bank Russian Laundromat 62
63 https://www.scribd.com/document/406585239/Deutsche- Bank#fullscreen&from_embed

Recommended

Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...SurfWatch Labs
 
4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon BradyStarttech Ventures
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
2015 LOMA Conference - Third party risk management - Session 20
2015 LOMA Conference - Third party risk management - Session 202015 LOMA Conference - Third party risk management - Session 20
2015 LOMA Conference - Third party risk management - Session 20Marc S. Sokol
 
The Future of Advanced Analytics
The Future of Advanced AnalyticsThe Future of Advanced Analytics
The Future of Advanced AnalyticsHaystax Technology
 
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Jay Kesan
 
Core Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MBCore Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MBAlan Greggo
 

Recommended

Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...SurfWatch Labs
 
4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon BradyStarttech Ventures
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
2015 LOMA Conference - Third party risk management - Session 20
2015 LOMA Conference - Third party risk management - Session 202015 LOMA Conference - Third party risk management - Session 20
2015 LOMA Conference - Third party risk management - Session 20Marc S. Sokol
 
The Future of Advanced Analytics
The Future of Advanced AnalyticsThe Future of Advanced Analytics
The Future of Advanced AnalyticsHaystax Technology
 
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...
Challenges in the Business and Law of Cybersecurity, CLEAR Cyber Conference, ...Jay Kesan
 
Core Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MBCore Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MBAlan Greggo
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselCasey Ellis
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counselbugcrowd
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...Casey Ellis
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk MetricsIftach Ian Amit
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItResilient Systems
 
Know Your Adversary: Analyzing the Human Element in Evolving Cyber Threats
Know Your Adversary: Analyzing the Human Element in Evolving Cyber ThreatsKnow Your Adversary: Analyzing the Human Element in Evolving Cyber Threats
Know Your Adversary: Analyzing the Human Element in Evolving Cyber ThreatsSurfWatch Labs
 
The Human Delimma - KnowBe4 & Vectra
The Human Delimma - KnowBe4 & VectraThe Human Delimma - KnowBe4 & Vectra
The Human Delimma - KnowBe4 & VectraAdam Basedow
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingJoe Nathans
 
Brighttalk outage insurance- what you need to know - final
Brighttalk outage insurance- what you need to know - finalBrighttalk outage insurance- what you need to know - final
Brighttalk outage insurance- what you need to know - finalAndrew White
 
Bcu msc cg week 5 rm framework
Bcu msc cg week 5 rm frameworkBcu msc cg week 5 rm framework
Bcu msc cg week 5 rm frameworkStephen Ong
 
NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015Numaan Huq
 
Data Driven Risk Management
Data Driven Risk ManagementData Driven Risk Management
Data Driven Risk ManagementResolver Inc.
 
Insider threats
Insider threatsInsider threats
Insider threatsizoologic
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challengeFERMA
 
Global risk solutions - Looking at the Big Picture
Global risk solutions - Looking at the Big PictureGlobal risk solutions - Looking at the Big Picture
Global risk solutions - Looking at the Big PictureLeonel A. Torrejon, CICP, ICCE, C.C.
 
Hoe gemakkelijk is het om digitaal in te breken?
Hoe gemakkelijk is het om digitaal in te breken?Hoe gemakkelijk is het om digitaal in te breken?
Hoe gemakkelijk is het om digitaal in te breken?Xtandit_Marketing
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItMarc Crudgington, MBA
 
Dark Data: Where the Future Lies
Dark Data: Where the Future LiesDark Data: Where the Future Lies
Dark Data: Where the Future LiesVince Kellen, Ph.D.
 
Information Security Risk Quantification
Information Security Risk QuantificationInformation Security Risk Quantification
Information Security Risk QuantificationJoel Baese
 
The Problem with dots: A critique of the Lessig and Murray models
The Problem with dots: A critique of the Lessig and Murray modelsThe Problem with dots: A critique of the Lessig and Murray models
The Problem with dots: A critique of the Lessig and Murray modelsmrleiser
 
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Chapter 2.ppt of macroeconomics by mankiw 9th edition
Chapter 2.ppt of macroeconomics by mankiw 9th editionChapter 2.ppt of macroeconomics by mankiw 9th edition
Chapter 2.ppt of macroeconomics by mankiw 9th editionMuhammadHusnain82237
 

More Related Content

Similar to Session 10. Risk Management lekture financial markets

Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselCasey Ellis
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counselbugcrowd
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...Casey Ellis
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk MetricsIftach Ian Amit
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItResilient Systems
 
Know Your Adversary: Analyzing the Human Element in Evolving Cyber Threats
Know Your Adversary: Analyzing the Human Element in Evolving Cyber ThreatsKnow Your Adversary: Analyzing the Human Element in Evolving Cyber Threats
Know Your Adversary: Analyzing the Human Element in Evolving Cyber ThreatsSurfWatch Labs
 
The Human Delimma - KnowBe4 & Vectra
The Human Delimma - KnowBe4 & VectraThe Human Delimma - KnowBe4 & Vectra
The Human Delimma - KnowBe4 & VectraAdam Basedow
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingJoe Nathans
 
Brighttalk outage insurance- what you need to know - final
Brighttalk outage insurance- what you need to know - finalBrighttalk outage insurance- what you need to know - final
Brighttalk outage insurance- what you need to know - finalAndrew White
 
Bcu msc cg week 5 rm framework
Bcu msc cg week 5 rm frameworkBcu msc cg week 5 rm framework
Bcu msc cg week 5 rm frameworkStephen Ong
 
NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015Numaan Huq
 
Data Driven Risk Management
Data Driven Risk ManagementData Driven Risk Management
Data Driven Risk ManagementResolver Inc.
 
Insider threats
Insider threatsInsider threats
Insider threatsizoologic
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challengeFERMA
 
Hoe gemakkelijk is het om digitaal in te breken?
Hoe gemakkelijk is het om digitaal in te breken?Hoe gemakkelijk is het om digitaal in te breken?
Hoe gemakkelijk is het om digitaal in te breken?Xtandit_Marketing
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItMarc Crudgington, MBA
 
Dark Data: Where the Future Lies
Dark Data: Where the Future LiesDark Data: Where the Future Lies
Dark Data: Where the Future LiesVince Kellen, Ph.D.
 
Information Security Risk Quantification
Information Security Risk QuantificationInformation Security Risk Quantification
Information Security Risk QuantificationJoel Baese
 
The Problem with dots: A critique of the Lessig and Murray models
The Problem with dots: A critique of the Lessig and Murray modelsThe Problem with dots: A critique of the Lessig and Murray models
The Problem with dots: A critique of the Lessig and Murray modelsmrleiser
 

Similar to Session 10. Risk Management lekture financial markets (20)

Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal CounselBug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
Bug Bounties, Ransomware, and Other Cyber Hype for Legal Counsel
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk Metrics
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About It
 
Know Your Adversary: Analyzing the Human Element in Evolving Cyber Threats
Know Your Adversary: Analyzing the Human Element in Evolving Cyber ThreatsKnow Your Adversary: Analyzing the Human Element in Evolving Cyber Threats
Know Your Adversary: Analyzing the Human Element in Evolving Cyber Threats
 
The Human Delimma - KnowBe4 & Vectra
The Human Delimma - KnowBe4 & VectraThe Human Delimma - KnowBe4 & Vectra
The Human Delimma - KnowBe4 & Vectra
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive Briefing
 
Brighttalk outage insurance- what you need to know - final
Brighttalk outage insurance- what you need to know - finalBrighttalk outage insurance- what you need to know - final
Brighttalk outage insurance- what you need to know - final
 
Bcu msc cg week 5 rm framework
Bcu msc cg week 5 rm frameworkBcu msc cg week 5 rm framework
Bcu msc cg week 5 rm framework
 
NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015
 
Data Driven Risk Management
Data Driven Risk ManagementData Driven Risk Management
Data Driven Risk Management
 
Insider threats
Insider threatsInsider threats
Insider threats
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
 
Global risk solutions - Looking at the Big Picture
Global risk solutions - Looking at the Big PictureGlobal risk solutions - Looking at the Big Picture
Global risk solutions - Looking at the Big Picture
 
Hoe gemakkelijk is het om digitaal in te breken?
Hoe gemakkelijk is het om digitaal in te breken?Hoe gemakkelijk is het om digitaal in te breken?
Hoe gemakkelijk is het om digitaal in te breken?
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify It
 
Dark Data: Where the Future Lies
Dark Data: Where the Future LiesDark Data: Where the Future Lies
Dark Data: Where the Future Lies
 
Information Security Risk Quantification
Information Security Risk QuantificationInformation Security Risk Quantification
Information Security Risk Quantification
 
The Problem with dots: A critique of the Lessig and Murray models
The Problem with dots: A critique of the Lessig and Murray modelsThe Problem with dots: A critique of the Lessig and Murray models
The Problem with dots: A critique of the Lessig and Murray models
 

Recently uploaded

(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Chapter 2.ppt of macroeconomics by mankiw 9th edition
Chapter 2.ppt of macroeconomics by mankiw 9th editionChapter 2.ppt of macroeconomics by mankiw 9th edition
Chapter 2.ppt of macroeconomics by mankiw 9th editionMuhammadHusnain82237
 
New dynamic economic model with a digital footprint | European Business Review
New dynamic economic model with a digital footprint | European Business ReviewNew dynamic economic model with a digital footprint | European Business Review
New dynamic economic model with a digital footprint | European Business ReviewAntonis Zairis
 
Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024Bladex
 
Lundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdfLundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdfAdnet Communications
 
VIP Call Girls Thane Sia 8617697112 Independent Escort Service Thane
VIP Call Girls Thane Sia 8617697112 Independent Escort Service ThaneVIP Call Girls Thane Sia 8617697112 Independent Escort Service Thane
VIP Call Girls Thane Sia 8617697112 Independent Escort Service ThaneCall girls in Ahmedabad High profile
 
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...makika9823
 
VIP Call Girls in Saharanpur Aarohi 8250192130 Independent Escort Service Sah...
VIP Call Girls in Saharanpur Aarohi 8250192130 Independent Escort Service Sah...VIP Call Girls in Saharanpur Aarohi 8250192130 Independent Escort Service Sah...
VIP Call Girls in Saharanpur Aarohi 8250192130 Independent Escort Service Sah...Suhani Kapoor
 
Monthly Market Risk Update: April 2024 [SlideShare]
Monthly Market Risk Update: April 2024 [SlideShare]Monthly Market Risk Update: April 2024 [SlideShare]
Monthly Market Risk Update: April 2024 [SlideShare]Commonwealth
 
20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdfAdnet Communications
 
How Automation is Driving Efficiency Through the Last Mile of Reporting
How Automation is Driving Efficiency Through the Last Mile of ReportingHow Automation is Driving Efficiency Through the Last Mile of Reporting
How Automation is Driving Efficiency Through the Last Mile of ReportingAggregage
 
Log your LOA pain with Pension Lab's brilliant campaign
Log your LOA pain with Pension Lab's brilliant campaignLog your LOA pain with Pension Lab's brilliant campaign
Log your LOA pain with Pension Lab's brilliant campaignHenry Tapper
 
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsHigh Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Call Girls In Yusuf Sarai Women Seeking Men 9654467111
Call Girls In Yusuf Sarai Women Seeking Men 9654467111Call Girls In Yusuf Sarai Women Seeking Men 9654467111
Call Girls In Yusuf Sarai Women Seeking Men 9654467111Sapana Sha
 
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...Call Girls in Nagpur High Profile
 
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779Delhi Call girls
 
Call US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure service
Call US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure serviceCall US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure service
Call US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure servicePooja Nehwal
 
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With RoomVIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Roomdivyansh0kumar0
 

Recently uploaded (20)

(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Chapter 2.ppt of macroeconomics by mankiw 9th edition
Chapter 2.ppt of macroeconomics by mankiw 9th editionChapter 2.ppt of macroeconomics by mankiw 9th edition
Chapter 2.ppt of macroeconomics by mankiw 9th edition
 
Veritas Interim Report 1 January–31 March 2024
Veritas Interim Report 1 January–31 March 2024Veritas Interim Report 1 January–31 March 2024
Veritas Interim Report 1 January–31 March 2024
 
New dynamic economic model with a digital footprint | European Business Review
New dynamic economic model with a digital footprint | European Business ReviewNew dynamic economic model with a digital footprint | European Business Review
New dynamic economic model with a digital footprint | European Business Review
 
Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024
 
Lundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdfLundin Gold April 2024 Corporate Presentation v4.pdf
Lundin Gold April 2024 Corporate Presentation v4.pdf
 
VIP Call Girls Thane Sia 8617697112 Independent Escort Service Thane
VIP Call Girls Thane Sia 8617697112 Independent Escort Service ThaneVIP Call Girls Thane Sia 8617697112 Independent Escort Service Thane
VIP Call Girls Thane Sia 8617697112 Independent Escort Service Thane
 
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...
Independent Lucknow Call Girls 8923113531WhatsApp Lucknow Call Girls make you...
 
VIP Call Girls in Saharanpur Aarohi 8250192130 Independent Escort Service Sah...
VIP Call Girls in Saharanpur Aarohi 8250192130 Independent Escort Service Sah...VIP Call Girls in Saharanpur Aarohi 8250192130 Independent Escort Service Sah...
VIP Call Girls in Saharanpur Aarohi 8250192130 Independent Escort Service Sah...
 
Monthly Market Risk Update: April 2024 [SlideShare]
Monthly Market Risk Update: April 2024 [SlideShare]Monthly Market Risk Update: April 2024 [SlideShare]
Monthly Market Risk Update: April 2024 [SlideShare]
 
20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf20240429 Calibre April 2024 Investor Presentation.pdf
20240429 Calibre April 2024 Investor Presentation.pdf
 
How Automation is Driving Efficiency Through the Last Mile of Reporting
How Automation is Driving Efficiency Through the Last Mile of ReportingHow Automation is Driving Efficiency Through the Last Mile of Reporting
How Automation is Driving Efficiency Through the Last Mile of Reporting
 
Log your LOA pain with Pension Lab's brilliant campaign
Log your LOA pain with Pension Lab's brilliant campaignLog your LOA pain with Pension Lab's brilliant campaign
Log your LOA pain with Pension Lab's brilliant campaign
 
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsHigh Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
Commercial Bank Economic Capsule - April 2024
Commercial Bank Economic Capsule - April 2024Commercial Bank Economic Capsule - April 2024
Commercial Bank Economic Capsule - April 2024
 
Call Girls In Yusuf Sarai Women Seeking Men 9654467111
Call Girls In Yusuf Sarai Women Seeking Men 9654467111Call Girls In Yusuf Sarai Women Seeking Men 9654467111
Call Girls In Yusuf Sarai Women Seeking Men 9654467111
 
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
 
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
Best VIP Call Girls Noida Sector 18 Call Me: 8448380779
 
Call US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure service
Call US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure serviceCall US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure service
Call US 📞 9892124323 ✅ Kurla Call Girls In Kurla ( Mumbai ) secure service
 
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With RoomVIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
VIP Kolkata Call Girl Serampore 👉 8250192130 Available With Room
 

Session 10. Risk Management lekture financial markets

  • 1. Risk and Compliance. Crime, Fraud, and Money Laundering. Corporate Governance and Finance – Lecture 10 Prof Tom Kirchmaier 22 April 2022 1
  • 2. House Rule Chicago Style “Ask whatever you want, whenever you want!” 2
  • 4. Definitions Risk - the quantitative assessment of the likelihood of unfavourable events occurring, and the likely loss resulting from it. Uncertainty - the unquantifiable portion Governance - making a strategic decision on how much risk a firm should take on Compliance - enforcement 4
  • 6. Risks (Incomplete and Random) • Financial Risk & Investment risk • Counterparty Risk • Supply Chain • Execution Risk • Business Model • Climate Change • Regulation • Market Access • IT • …. 6
  • 7. Investment Risk • Market risk • Liquidity risk • Concentration risk • Credit risk • Reinvestment risk • Inflation risk • Horizon risk • Longevity risk • Foreign exchange risk 7
  • 8. Risk in Policing From Dr Peter Langmead-Jones (Greater Manchester Police) 8
  • 10. Vulnerability Threat Harm Risk Vulnerability Loss of balance Threat Crocodiles Harm: Death by crocodile (by loosing balance and falling into the crocodiles) Risk : The likelihood that the tightrope walker will loose balance, succumb to the threat and suffer the harm 10
  • 11. Reduce risk…address vulnerability Vulnerability Loss of balance Threat Crocodiles Harm: Death by crocodile (by loosing balance and falling into the crocodiles) Risk : The likelihood that the tightrope walker will loose balance, succumb to the threat and suffer the harm Improve balance 11
  • 12. Reduce risk…address threat Threat Crocodiles Harm: Death by crocodile (by loosing balance and falling into the crocodiles) Risk : The likelihood that the tightrope walker will loose balance, succumb to the threat and suffer the harm Vulnerability Loss of balance Remove Crocodiles River Harm: Death by drowning (by loosing balance and falling into the river) 12
  • 13. Terms are often confused… Risk Vulnerability Harm Threat = anything that can exploit a vulnerability, intentionally or accidentally, and cause damage (i.e. source of harm) = the damage / deleterious effect caused by a threat exploiting a vulnerability = the potential for harm as a result of a threat exploiting a vulnerability = a weakness or gap in protection 13
  • 14. Remember… • Threat with no vulnerabilities = no risk • Vulnerability with no threat = no risk BUT • We don’t know all the vulnerabilities and threats AND • Is context specific 14
  • 16. The Puzzle • Low Productivity growth, low investment levels • Enormous technological opportunities 16
  • 17. Big Data What’s new? What is it? Big Data = Data What’s new? Time series of reliable (organisational level) data • helps us robustly answer questions • as we can control for unobserved ‘heterogeneity’ Combining various (open) data sources • allows us to create novel and powerful insights • Spatial dimension of data extremely valuable 17
  • 18. Big Data What to use it for? Gaining insights Optimising Systems Automation of tasks (but human always makes the last decision) Predicting outcomes (at times) 18
  • 19. Big Data History Issue: data collected for recording and documentation, not analysis Data ‘internally’ inconsistent, and often incomplete 1985+ Financial data records / ERP accounting systems 1994+ Widespread use of ERP systems in organisations, and Email/Internet 2000+ Widespread digitisation of information 2004+ Systematic collection of (all sorts of) data series, dramatic increase in data quality 19
  • 20. Big Data Data quality Organisations have good data • On average • GDPR might be used as an excuse • Be very careful about the IT service contracts you write • You need to be able to extract data easily, freely, and frequently (dynamic) • Security is often used as an excuse 20
  • 21. Big Data The revolution Pull vs. Push Systems 21
  • 24. Understanding Methods • Carefully specified regressions • Ability to predict • Established method Causation • Machine Learning (Lasso, supervised learning, tree models [Random Forest]) • Good for • Ranking of influencing factors • Predictions (ceteris paribus) • Requires very large samples Correlation 24
  • 25. AI A concept, not reality Only two functioning unsupervised learning / self-learning applications Very clear rules Clearly observable and unambiguous movements Clearly defined space (physical and options) Ideal for permutation ‘game’ 25
  • 26. Learning Systems We loop, and re-estimate every time we get new data 26
  • 27. A Force for Good or Evil 27
  • 28. ‘Big Data’ – the not so nice side Enormous economies of scale and scope lead to natural monopolies Private providers will always exploit it to the fullest (Google, Facebook, … ) o trying to lock people into dependencies o have a weak moral compass … to the degree that they are now destroying their own ecosystem in Silicon Valley We are terribly naïve about the intent of some of these firms; regulation and contracts will only provide limited security 28
  • 29. ‘Deep Fake’ • Faces and full bodies can now be generated in every image and movie • What’s real? • People to watch (amongst others): Sarah Atkinson (Kings) or Hao Li (U Southern California) 29
  • 32. Risk (Remember) 1. Likelihood of an unfavourable event occurring (state contingent) 2. The associated likely loss (distribution) 32
  • 33. 33
  • 34. Compliance • Compliance with law and regulation ‘continuous’ • Compliance costly • Ultimately responsibility of board • Issue of enforcement (10% error for speed checks) 34
  • 35. Compliance • Compliance costly • Compliance function can get very big, with little value added • Whistleblowing • Non-compliance also costly • Fines • Reputational damage (naming and shaming) • Trade-off between cost and benefits • Interesting cases • Danske Bank • B737 Max • BP (Deepwater Horizon) 35
  • 36. Compliance Theory • Compliance adds a layer of complexity to agency problem • Regulator is now the ‘highest principal’, above the board, then management. • Issue of plausible deniability (shareholders care about profits) 36
  • 37. Comply or Explain • A British way to deal with the ‘rule-taking’ version • Adopted throughout Europe • A very good idea in principle, but in practice most companies just comply • Explanation often meaningless 37
  • 38. Governance, Risk, and Compliance (GRC) • Compliance one function with governance, risk management, and IT governance (GRC) • Aims to enforce risk limits and accountability within the organisation • IT constitutes major operational risk 38
  • 39. Three Lines of Defence 1. Operations 2. Compliance and Risk Management 3. Internal and External Auditors • Board of Directors 39
  • 40. Environmental, Social, and Governance (ESG) • Influence the ethical impact of a company • Part of the investment decision process • Selected ESG Issues: • Human Rights • Carbon Emissions • Diversity • Employee welfare • … 40
  • 41. Corruption • Petty corruption • Grand corruption • Political corruption (bakshees, or major bribes) • Small favours surprisingly ‘successful’ 41
  • 43. Issues with AML Initiatives • Incredibly expensive for society • Cumbersome for banks, their staff, customers, and intermediaries • Very ineffectual • We might just find 1% of ML payments • Strong bias to detect the small, and unsophisticated ‘criminals’ • Very profitable for consultants, TR, etc.
  • 44. An Example From Europol • A payment processor for drug payments • Collects cash from street dealers throughout Europe; around €1bn annually • Counts it, launders it through European banking sector, and sends it back to the Americas as ‘clean’ • Fee: About 6-7% • Origin: Lebanon, with likely links to Hezbollah
  • 45. A Reminder Sources of funds, classified as ML 1. Proceeds of (Serious) Criminal Activity Drugs. Human Slavery. Child Sexual Exploitation. Racketeering. Fraud. Cyber. 2. Embezzlement of State Funds, Tax Evasion, and Serious Corruption 3. Avoidance of Currency Controls (China) 4. [Terror Finance]
  • 46. Organised Crime • ‘Clean’ the proceeds of criminal activity • Form of ML with direct impact on society • it encourages criminal behaviour • once proceeds get re-invested in the society will affect asset prices and drive legitimate business out of the market (simply as the price pressure is not the same). • as we know from Sweden, organised crime and jihadi groups are increasingly intertwined, hence organised crime might finance future terror related activities in our backyards. 46
  • 47. Embezzlement, Tax Evasion and Serious Corruption • Typically involves large amounts coming from states with weak institutions. • Little incentives for institutions in intermediate countries, like Denmark, to get involved. • Given that the amounts are very large, these activities are highly profitable for the intermediary financial institutions, and so ‘helpful’ to improve the financial stability of that country. 47
  • 48. Avoidance of Currency Controls • Again highly profitable • Main source countries Russia and China • Saipan in the Pacific 48
  • 49. Terror Finance • Practically undetectable by looking at the finance stream • Alternative detection mechanism is for banks to track IPs • Classical police intelligence work probably better value for money 49
  • 50. The Legal & Institutional Framework In need of restructuring 1. FATF (Born out of G7 in 1989): 40 rules Rules written by lawyers for lawyers; very difficult to operationalise Unclear how effective. In urgent need of an update 2. Financial Investigation Units (FIUs) Very under-resourced, as political priorities are with ‘classical policing’ High staff turnover, as Banks poach aggressively Staffed by police men / women, with good investigative skills Very short time window for investigation / decision on STRs 3. Banking Regulators Very limited power Branches vs Subsidiaries (remember AIG Banque – USD 180 billion bailout) In the future, the FIU should become part of the regulator, who will pay for it
  • 52. Data Infrastructure The Current Issues • Far too much work is done manually, which is expensive and cumbersome, and leads to inconsistent outcomes. • Detection algorithms focus on within account consistency, not across (very easy to circumvent) • Commercial algorithms lack an outcome variable (prosecution/conviction), and hence are trained to detect a small number (about 40-50) of known cases • Substantial body of literature on SOC, but typically ethnographic, documentary, or biographic in nature, often picked up by the Media, and Hollywood. • These leads to a popular conception based on anecdotes rather than empirical work
  • 53. Data Infrastructure The Current Issues • The data revolution hasn’t arrived at the ML world • Much of the open source datasets do not get exploited adequately • Sanctions lists will be provided as open-source, including much better algorithms • For SOC, the police datasets are very rich, providing a lot of insights • There is value in the payment data
  • 54. The Way Forward What am I working on?! • We need to ‘mechanise’ much of the manual labour • We need to focus on the ‘big problems’; let’s not throw the baby out with the bathtub (Trust within the Nordic Societies) • The algorithms must be tailored to the issue type (1 vs. 2-5). Terror finance is undetectable with algorithms • On SOC, I have access to the UKs Organised Crime Group Mapping, and will have access to the population of STRs. Sanctions Data will be made available as an open platform, with much improved search algorithms. Company registers will be cross-checked mechanically using OpenCorporates. Plus a big ‘goodie’ …
  • 55. The Way Forward What am I working on?! • For 2-5, we will need to work much closer with the Financial Regulator to observe large payment flows. • We will need to strengthen the reporting (STRs) of large sums to intermediaries.
  • 56. The Way Forward Institutions • Responsibility for anti-money laundering investigations should move from the FIUs to the supervisory bodies, in our case the Danish FSA, and combine all activities under ‘one roof’. • The FSA should pay for all activities, including the investigators who will work alongside and in close collaboration with the officers from the FSA. • The financial supervisor understands banks much better than a FIU ever can, has access to their data, should have the empirical skills, and is much better than resourced than the Police Service. • This will require that the FSAs are reorganised along clear responsibilities, and without conflict of interest.
  • 57. The Way Forward Proposed FSA Structure • Regulatory and Policy (pre-legislative work) • Inspection (inspections into bank’s compliance with regulation) • Investigations (investigations under strengthened legal guarantees and legal controls, handed over from the Inspections Unit) • Enforcement
  • 59. History • Founded 1871 • Rescued first time in … (?) • Rescued second time in 2008/9 (state guarantees & capital injection) • Purchase of Baltic Branches from Finish Sampo Bank in 02/2007 • About 2.8m retail (personal & business) customers (v. small; HSBC 39m) 59
  • 60. Events in Estonia • Danske Laundromat 2007 – 2015 • 2007: 1,550 ‘suspicious’ non-resident customers • Over the period, around USD 230 billion (based on 6,200 customer reviews, out of about 15,000 in Estonia) suspicious transactions (impossible to proof that it is ML) • Mechanism: (Fictious) shell companies; mirror trades; fake trade invoices • SwedBank: Much bigger share of the Baltic Market (non-resident population unclear) 60
  • 61. Management and Supervision Issues • Thomas Borgen was Head of International Banking (2009-2013) • Promoted to Danske CEO in 09/2013 due to ‘stellar’ performance of the Baltic business (similar to Brigitte Olsen at Swedbank) • A number of red-flags within the bank (internal auditor reports) • Equally, a number of concerns were brought to the attention to the Supervisory board (via Russian Central Bank, Estonian Supervisor, Whistleblower) • Ernst & Young accused of criminal negligence / cover-up; potential further political ‘liabilities’ • ‘Last’ / fail with regard to supervision (FATF assessment in 2017) 61

Editor's Notes

  1. Interested in when where and why public is endangered Fits the interests of both police forces and HMIC GMP’s purpose “Protect society and help to keep people safe” HMIC’s purpose “Promote improvements in policing and make everyone safer”
  2. Interested in when where and why public is endangered Fits the interests of both police forces and HMIC GMP’s purpose “Protect society and help to keep people safe” HMIC’s purpose “Promote improvements in policing and make everyone safer”
  3. Interested in when where and why public is endangered Fits the interests of both police forces and HMIC GMP’s purpose “Protect society and help to keep people safe” HMIC’s purpose “Promote improvements in policing and make everyone safer”
  4. I say risk You say Threat Harm
  5. Risk is a prognosis Context
  6. Risk is a prognosis Context
  7. Risk is a prognosis Context
  8. Interested in when where and why public is endangered Fits the interests of both police forces and HMIC GMP’s purpose “Protect society and help to keep people safe” HMIC’s purpose “Promote improvements in policing and make everyone safer”
  9. Interested in when where and why public is endangered Fits the interests of both police forces and HMIC GMP’s purpose “Protect society and help to keep people safe” HMIC’s purpose “Promote improvements in policing and make everyone safer”
  10. Interested in when where and why public is endangered Fits the interests of both police forces and HMIC GMP’s purpose “Protect society and help to keep people safe” HMIC’s purpose “Promote improvements in policing and make everyone safer”