As we enter a recession against the backdrop of ongoing geopolitical instability, we expect to see significant financial crime enforcement and investigations in 2023, including a focus on emerging areas such as ESG, cryptocurrencies, and significant developments in financial sanctions. We predict that developments in 2023 will include:
- a renewed focus on fraud, including further steps towards the introduction of a new offence of failure to prevent fraud and more broadly moves towards an effective outsourcing to the private sector of fraud prevention and reimbursement;
- increased information sharing between regulated firms, and with the NCA and SFO;
- greater enforcement in relation to money laundering systems and controls;
- greater regulatory scrutiny in relation to ESG, regarding both greenwashing and risks such as modern slavery in the supply chain;
- further cooperation between OFAC and OFSI in relation to the coordination of sanctions.
We expect to see continued political pressure to tackle fraud translating into concrete steps in terms of additional “failure to prevent” fraud legislation, stricter requirements on payment processors to reimburse consumer victims of fraud, and the SFO and other authorities taking action to tackle fraud, including in growing areas such as greenwashing, crypto-currencies and NFTs.
Failure to prevent offence
Earlier this year, the Law Commission published its long awaited proposals on reforming corporate criminal liability in England and Wales. Whilst the options paper rejected the much discussed "failure to prevent economic crime" offence, it outlined ten "options" for strengthening corporate liability, which notably includes the expansion of the failure to prevent model to fraud, with a company’s liability extending to third parties such as agents but with a defence of reasonable procedures. We can expect 2023 to bring further developments in relation to the introduction of such an offence, with the government being urged to take steps to protect consumers from fraud, in particular in relation to the growth of online scams.
Reimbursement by payment services providers
The Payment Services Regulator’s (the PSR) recent Consultation Paper (CP22/4) proposed mandatory reimbursement for consumer and charity victims of authorised push payment (APP) fraud in all but ‘exceptional’ cases. The proposal would require reimbursement for all cases above a minimum threshold of £100 and would provide a 48-hour window for the payment service provider (PSP) to reimburse the victim, unless further investigation is required. A small number of PSPs have already signed up to the voluntary contingent reimbursement model code. Making reimbursement compulsory will likely have a significant impact on smaller PSPs and new market players and may have a negative impact on competition in this area. The PSR has recognised this risk but sees the increased incentive to allocate resources to fraud prevention as a benefit to the market as a whole. We may see similar codes and regulations, requiring businesses to take on the burden of reimbursing consumers who are victim to fraud, expanding into other areas, such as telecoms and online service providers in the coming years.
Increased resources are needed to tackle fraud but there are real challenges in the context of broader government cost-cutting as the recession continues to bite. A new Public Sector Fraud Authority aimed at protecting public funds was established in August 2022 but with only £25 million of funding compared to estimated fraud arising out of Covid relief schemes of £16bn. We anticipate that we will continue to see some of the costs of tackling fraud effectively outsourced to the private sector.
We predict increased information-sharing between regulated entities and to the UK National Crime Agency (NCA) and SFO as well as between different jurisdictions (for example as a result of the Data Access Agreement (the DAA) between the UK and the US which came into force in October 2022.
Economic Crime and Corporate Transparency Bill
The Economic Crime and Corporate Transparency Bill (the Bill) entered the first stage of committee review in late November and we expect to see it move to the House of Lords next year following the final reading in the House of Commons. There are three key proposals:
- Information sharing between regulated firms: the Bill proposes to allow regulated firms to voluntarily share information more easily for the purpose of preventing, investigating or detecting economic crime. The Bill proposes that one firm (X) in the regulated sector will be able to share customer information with another firm (Y) in the regulated sector where Y has requested customer information and X has taken safeguarding action in relation to that customer as a result of economic crime concerns. Any such disclosure will not be a breach of customer confidentiality provided the disclosure will assist Y with customer due diligence / identity verification or deciding whether to take its own safeguarding action.Information sharing via this route will remain subject to the firm’s obligations under the FCA’s Principles for Businesses.
- NCA information requests: Currently, the NCA is only able to use Information Orders (IOs) to request information once a regulated firm has submitted a suspicious activity report (SAR). The Bill will allow the NCA to request information via an IO before a SAR has been submitted. Firms can therefore expect to see an increase in the number of IOs they are required to respond to and an increase in proactive intelligence gathering, and sharing, by the NCA.
- SFO’s pre-investigation powers: The Bill proposes to allowing the SFO to compel disclosure before an investigation has formally begun in all cases of fraud, bribery and corruption rather than, as present only in international bribery and corruption cases (see our article here and recent blog post here). This would significantly improve the SFO’s information-gathering abilities in cases not involving international bribery and expedite the early stages of investigations. The use of any new powers would likely result in an increase in information requests to companies, as well as an increase in fraud or domestic bribery and corruption related investigations.
Data access agreement
Information sharing is also set to increase as a result of the DAA, which allows UK law enforcement authorities to directly request data production from US based telecoms providers (and vice versa) rather than requiring routing a request through government authorities under the relatively slow MLAT process (see here and here for more). We expect this new procedure, which will allow information requests to be dealt with on a much quicker basis, to result in telecoms providers (which includes social media platforms and instant messaging services) being met with a large increase in the number of requests they are required to deal with.
3. Money laundering developments
We expect to see continued active enforcement by the FCA in relation to money laundering, following major enforcement action in 2021 and 2022. In particular, we expect to see the FCA focus on reporting lines and resourcing of compliance teams, on effective ongoing monitoring of customer activity compared to their stated business purpose , and increasingly on digital assets such as crypto-currencies and NFTs.
Legalisation of cannabis
As more countries move to legalise cannabis, we also expect to see continued money-laundering challenges for firms and corporates investing in or transacting with cannabis companies operating legally overseas. Germany is the latest country to announce a plan to legalise recreational cannabis among adults.
Despite the legalisation of cannabis in Canada, the Netherlands and various states in the US, there is still little guidance for UK businesses with regard to cannabis-related activity (see our previous overview here. UK companies and individuals could risk committing offences under the Proceeds of Crime Act 2002 (POCA) by entering into commercial transactions with cannabis businesses or, in the case of regulated entities, failing to report suspicions of money laundering related to dealings with cannabis-related businesses (see our more detailed article here).
The Bill (see above) also proposes reforms to the POCA regime for regulated firms. Of particular interest is the proposal to allow firms to pay away money or property from a customer’s account where they know or suspect that part of the funds or property is criminal, if the amount in the account exceeds the amount to which the knowledge or suspicion is held (i.e. ringfencing). This would allow regulated firms to allow customers to continue to transact where money laundering is suspected, as long as the amount over which there is suspicion is effectively retained. Whilst we expect such a change to be largely welcomed by firms who often find themselves in a position of conflict between their POCA and their contractual obligations, as well as the requirement not to tip off customers that have been reported for potential money laundering, there are likely to be practical difficulties for firms in implementing these changes.
We expect to see continued attention on greenwashing, both from government authorities and civil litigants. Many companies have been keen to emphasize their green credentials (and certain companies are now required to make disclosures) and the regulatory requirements and risks in this area are ever-increasing. We expect to see:
- CMA investigations in relation to consumer-facing greenwashing concerns beyond the current focus on the fashion sector;
- a rise in SFO investigations on fraudulent schemes based on green investment opportunities;
- continued focus from the FCA (and in due course enforcement action) on greenwashing following their consultation paper on Sustainability Disclosure Requirements and investment labelling;
- section 90A class actions brought on behalf of institutional and other investors, in the same vein as claims which have been brought in relation to non-disclosure of financial crime issues.
In terms of business and human rights (BHR) issues, the Modern Slavery Act 2015 (MSA) is set to be amended. The amendments were included in last year’s Queen’s Speech, and whilst there has been a great deal of political change in the intervening months, it appears the current government plans to continue with the legislative agenda of the Johnson government. The amendments to the MSA will include changes to the requirement to publish a slavery and human trafficking statement, including the introduction of mandatory reporting criteria and fines for compliance. Amongst other things, businesses will be required to disclose key modern slavery risks in their operations and supply chains.
This strengthening of the MSA’s reporting requirements comes at a time of significant change globally. Key legislative developments in 2023 will include the German Supply Chains Act coming into force on 1 January 2023, and the introduction of modern slavery legislation in Canada, likely in early 2023. Next year will also see key negotiations progress in the EU legislature around the proposed EU Corporate Sustainability Due Diligence Directive, which is likely to impact many UK companies.
5. Sanctions: increased cooperation between OFAC and OFSI
On 17 October 2022 OFSI and OFAC announced their commitment to enhancing a close working relationship. In particular, OFAC and OFSI are looking to develop shared approaches to address priorities like cyber threats and the misuse of virtual assets, improving information sharing, and ensuring that sanctions do not hinder humanitarian trade and assistance efforts. The cooperation will include designing, communicating and implementing new sanctions in close coordination with each other as well as with other key allies and partners.
A consequence of the increased cooperation may be a more coordinated approach between the US and UK in alignment of financial sanctions, which could ease the burden of compliance on financial institutions and corporates.
With thanks to Stephanie Allen for her assistance in preparing this post.