Lesson for startups: Don’t try to fake compliance

Within financial services, a combination of factors, including the global financial crisis and advances in technology, have given rise to challenger banks, FinTech, and RegTech firms, but have these new regulated firms adhered to the regulated rule book?

In the United Kingdom a number of regulated startup firms, including challenger banks, are playing catchup with financial crime, anti-money laundering, and know your customer (KYC) requirements, because they have been running fast, grabbing clients, expanding business, and perhaps faking compliance.

As though to prove a point, a frustrated practitioner is alleged to have opened two separate accounts at the same challenger bank. One account was in the name of “Jabba the Hutt,” and the other was in the name of “Chewbacca.” Once successfully opened, the practitioner transferred money between the two accounts, before reporting this set of facts to the U.K. Financial Conduct Authority. The bank is currently undertaking an expensive KYC remediation project for the entire client portfolio.

So why do these firms perceive they can operate fast and furious, securing new customer relationships without adequate controls (perhaps believing they are too onerous or thinking they will apply them later)? Do governments and regulators cut them some slack? Are good compliance professionals and the rules they seek to apply too expensive for startups?

There are a lot of questions here, and one can only hypothesize as to the answers, but it is necessary to ponder how established businesses might confront the challenges presented by these startups and their attitudes toward compliance. As firms spend substantial sums of money complying with regulations, it is both logical and necessary for a regulatory body to act against those firms determined to operate with inadequate or no compliance controls. Otherwise, there is no longer an incentive or logic for any regulated firms to comply.

This is what has happened in the automotive industry, and as a result, Daimler AG and Mercedes-Benz USA last week agreed to pay a proposed $1.5 billion penalty to the U.S. Department of Justice related to the systemic cheating of emissions from diesel engines installed in the company’s cars and vans. In addition, within the next two years, the company must fix the defects in 85 percent of vehicles previously sold.

Some determine cheating is not the failure—getting caught is. How does compliance influence decisions when deceit is the chosen order of management? Bizarrely, the whistleblowing laws in the U.S. automotive industry are limited to matters that present an immediate threat and risk to life. So killing us slowly is OK?

Then there is Boeing, a major operator in an industry that places safety at the core of its business and products. Boeing operates where data related to danger, failures, and errors is constantly sought and shared by both regulators and operators. Black boxes (actually colored orange, so they are easier to find) are always sought when a passenger airline crashes.

In other words, if you manufacture passenger airplanes and you cheat, you are going to get caught.

The Congressional report into the faults with the 737 Max was published last week, and the blame for the avoidable deaths of 346 people was placed at the feet of Boeing and the Federal Aviation Administration, which did not adequately regulate the manufacture and design of the plane. Employees were placed under pressure to compete with other manufacturers, and concerns were discouraged, ignored, or concealed.

This case, as well as those of Daimler and Volkswagen, should be used to remind all compliance officers and regulators why we undertake our roles. What we do matters; the lives of 346 passengers and crew matter; the lives of all citizens breathing polluted air matter. As do the lives of young people poisoned by illegal drugs sold for profits that are all too often laundered through regulated firms and banks.

You can’t fake an airplane until you make it; likewise, you cannot fake a regulated bank. Dirty money and launderers are constantly looking for weaknesses in compliance regimes. If Jabba the Hutt and Chewbacca found them, we should assume the launderers also will.