Ask the Expert: Q&A with Mark Nuttall, Country Manager for Hill & Associates in Singapore
(Part 2)


What about sanctions that are implemented to enforce a foreign policy agenda? For example, how do U.S. sanctions affect countries in the APAC region?

Sanctions do have some effect in terms of creating an administrative threat, but in practical terms, there is still a long way to go. Sanctions are often expected to have the effect of a long-range missile; however the reality is often that of a carpet bombing campaign, which often has a detrimental effect on everything apart from the true target.

In Asia it’s a completely different playing field. Is a sanction from a Western power really going to affect an Eastern country, with all its neighbourhood friends, its massive mineral wealth, natural resources, environmental wealth, seabed wealth and so on? Not to the degree expected.

APAC is a big family. If you built a fence between West and East, would the East suffer? No, it definitely wouldn’t. Countries and jurisdictions work to their own playbooks and rules – they are not too concerned about what’s happening in the international community unless they really need to get involved, and most of the APAC nations don’t need to involve themselves, as the markets available to them in terms of size and demographic are huge.

How has the pandemic impacted the regulatory environment?

The major change is that lockdowns reduced the scale of physical human interaction and commodity transportation between some countries and internally. At base level, this makes it much easier to spot if people are engaged in physical activities, such as moving money around in bags or hiding physical assets.

If anything, there has been more innovation in the illicit market community as a result of the pandemic. Criminals are always looking for new ways to obfuscate, and at serious and organised crime level there is vast wealth to make any innovative idea possible.

As a basic example, some crime, such as drug dealing, exploited the digital space during the pandemic, and widened its consumer base. Illegitimate actors were already using cryptocurrency and digital transfer before the pandemic, and the use of both avenues has spiked over the past few months for legitimate reasons, which is why it’s important to do more complex due diligence to detect illegitimate activity.

Regulatory bodies can only do so much in this regard, especially as digital platforms allow for transnational activity instantly and often in an unrestricted and partially anonymous manner. As a result, institutions have again turned to a digital panacea, where link analysis, case management and machine learning can be deployed in a more established setting, as an integrated addition to transaction monitoring systems.

How can financial institutions get better at detecting and managing risks?

It’s all about resourcing. There are a lot of ‘machine learning’ and ‘artificial intelligence’ solutions appearing, but that still requires a huge amount of input from humans, both to build a good risk identification and methodology / typology process, but also to understand the output and the red-flags in it.

When we look at the scandal around Malaysia’s state investment fund 1MDB, for example, red flags were set off by screening systems, but the overall story was missed. As it turned out, money laundering was eventually uncovered as a result of investigations by a reputable journalist, Clare Rewcastle-Brown of the Sarawak Report, who was looking at the decimation of forests and political malfeasance.

It is so important to have expertise and experienced eyes within your regulatory and policy unit, although at present this area is greatly under resourced, as it is seen as a cost to financial institutions, not a profit engine. This could be changed by engaging an ‘enterprise risk management’ review and approach and using external outsourcing to review how compliance can be cost saving, and how it can identify positive risks. Many compliance departments are understaffed, or do not have sufficient experience to investigate the complex cases due to the budget allocated to it, and so matters such as the 1MDB scandal appear on their books.

Can Public Private Partnerships (PPP) help regulators and financial institutions to fight financial and environmental crime?

I think PPP is the way forward but there are some hurdles to overcome. The problem is that relevant organisations don’t communicate with each other (or even internally), often because of data protection, self-protection or other legal issues, or even because of concerns about the potential impact on customer service and client relations.

There are expectations and concerns on both sides that are often hard to reconcile. On the private side, firms are worried about data privacy and falling foul of privacy laws or losing high net worth individuals (HNWI) / profitable corporates, whereas on the public side they see a wealth of data that’s critical to their investigation, no matter the cost.

A lot of PPP work is about making sure that all parties have access to the relevant data. It can only work if open and robust discussions are held, with the best of intentions, at the right level including practitioners, management, leadership, and most importantly, legal counsel and IT technicians present.

A further point would be to use an external mediator (with the correct experience) to ensure an unbiased discussion, and the right stakeholders were present. If these partnerships were sponsored as a correctly funded project (instead of as an initiative), with PMI-PMBOK standards and methodology in place, then I expect that we would see greater results with satisfactory deliverables.

About Mark Nuttall, Singapore Country Manager at Hill & Associates

Mark Nuttall has over 20 years of international experience as a risk management and security specialist, with a background in security, law enforcement, geopolitics, international organisations, project management and bespoke risk consultancy. He is a former senior detective at New Scotland Yard and was contracted to the Organised and Emerging Crime Directorate within Interpol. He currently works for Hill & Associates, where he oversees the firm’s operations in Singapore.