Proliferation Finance: Still Out of Sight, Out of Mind?
Defence expert with world’s oldest international security think tank weighs in.
by by 
By Angela Yap Siew Peng
As director of the Centre for Financial Crime and Security Studies at the Royal United Services Institute (RUSI), Tom Keatinge is at the forefront of advocating for banking’s greater role in disrupting the flow of money towards the illicit arms trade.
Proliferation finance — funds or financial services used in activities to procure weapons of mass destruction — is a growing global concern. Tools have been designed to disrupt the underlying financial network that enables proliferators and their facilitators to procure, ship, and receive illicit goods, however its effectiveness hinges on close cooperation between the government and private sector.
The road is long. In 2016, Keatinge co-authored RUSI’s first research paper on the subject titled, Out of Sight, Out of Mind? A Review of Efforts to Counter Proliferation Finance. But for the majority of financial sector stakeholders, the light bulbs have yet to come on.
In Kuala Lumpur last November and on panel for the 2019 edition of the AICB’s International Conference on Financial Crime and Terrorism Financing (IFCTF), Keatinge’s insight into proliferation financing was shared with over a thousand delegates in a plenary moderated by Bank Negara Malaysia.
In this exclusive interview, we revisit themes from his talk and research.
Q: First off, are bankers liable if they are found to have inadvertently financed arms to sanctioned countries, i.e. Iran or North Korea?
Yes, you are absolutely liable. You’re never going to have a perfectly secure system, but if your systems and procedures don’t even recognise the risk of North Korean financing, then your systems and procedures are negligent, aren’t they?
If you’re doing regular proliferation finance training, if you are screening and your KYC (Know Your Client) checks reflect proliferation finance risk, you might be unlucky from time to time and there will be mitigating circumstances. But if your compliance team hasn’t even heard about proliferation finance, how can you possibly argue that you are anything other than negligent?
Q: Since joining RUSI in 2014, your work has focused on engaging with governments and corporates on managing proliferation finance risk. In your estimation, how much has the needle moved?
When I started at RUSI, my colleague who focused on nuclear issues said, “Why don’t we team up and have a look at the issue of proliferation finance because it is a requirement of the Financial Action Task Force (FATF)”. Our starting point or our initial thought was that even though it was a requirement of the FATF, countries and their private sectors didn’t really understand what it was they were meant to be doing.
Out of Sight, Out of Mind was a statement of what we found to be the case following about a year of interviews; that for most countries, the issue of proliferation finance and managing proliferation finance risk was an issue that was out of sight and out of mind. In other words, they weren’t doing anything.
So, we were really at that time the only think tank looking at this issue. The result was we got a lot of attention for our work from the private sector who suddenly realised, “We should be doing something about this”; from governments who were starting to feel the heat from the FATF; from lots of other countries who did not get a good review on proliferation finance in its evaluation, including Malaysia.
We suddenly found that we were kind of the smartest guys on the block when it came to understanding proliferation finance. So, that’s how our research and work in that area builds to where it is today.
At the IFCTF conference, I did a poll by a show of hands. Have you heard of the Financial Action Task Force? Yes, everybody puts their hands up. Does your job involve anti-money laundering? Most people put their hands up. Does your job involve terrorist financing? Most people raise their hands. Does your job involve capturing proliferation finance? Nobody. So, awareness in the private sector is very low and that’s the responsibility of governments to fix.
Proliferation finance was added to the FATF’s list of focus areas in 2012. When the evaluation started in 2014, it was therefore the first time that people had actually been assessed for their ability and their commitment to combating proliferation finance. One of the earliest countries to be evaluated in the new round of evaluations, which included evaluating counter-proliferation finance efforts for the first time, was Malaysia.
The FATF Recommendation 7 requires countries to implement targeted financial sanctions related to proliferation finance without delay. Question: Do you have the legal framework that allows you to do that? In many countries, the answer is ‘no’. So, at a very basic level, these countries were failing.
But beyond that – and this is one of the areas we focus on extensively – are governments demonstrating an understanding of proliferation finance risk and how that risk affects the private sector in its country? Not just banks, but also insurance companies, money service businesses, casinos, and other regulated entities. The focus will vary depending on where you are in the world, as North Koreans are very smart at raising money in different ways and exploiting weaknesses.
I think even in countries that do have the right laws in place to implement sanctions on a timely basis, their ability to articulate this to the private sector is quite poor. That’s an area that we’ve really focused on, trying to get countries to be smarter at understanding the proliferation finance risks in their jurisdiction.
Q: How do you shift mindsets and get financial actors to understand the risks and implement controls?
We try to get people to understand what we actually mean by proliferation finance. Some people would say to us, “Well, we make sure that if we are funding trade, we’re not financing the sale of a nuclear weapon”. That’s obvious and you’re never going to see that on a funding contract anyway.
What we get people to think about is: “Okay, you’re sitting in Malaysia or in Namibia. What might be of interest in your country to North Korea?” We emphasise that North Koreans are always trying to raise money. If there’s a North Korean embassy in your country, they’re not issuing visas; they’re trying to do trade, they’re trying to raise funds for the country to support the nuclear weapons programme.
So, it’s trying to get countries and their private sectors to think, if you were in North Korea and facing all the restrictions that you face because of sanctions, how might you use my country or industry as a way of raising money, moving that money, exploiting that money.
Q: Is bribery and corruption a factor in proliferation financing?
One of the mechanisms that facilitate abuse of the financial system is, of course, insider threats. It’s banks that are captured by political patronage, for example, and act as the piggy bank for a political leader or a particular member of society. So, we certainly look at the integrity of the financial system and one of the threats to the integrity of the financial system is bribery and abuse of the financial system for personal gain.
Q: Banks today are moving into cryptocurrency. Does this increase the risk of them also being exposed to financing trade deals that end up financing arms and illegal weapons?
Obviously, as the offline world becomes more restrictive for North Korea, we know that they are developing very good and very strong capabilities to operate in the online world, whether it’s mining cryptocurrencies, hacking an exchange, or conducting cyberattacks and demanding cryptocurrency as ransomware payments. There are lots of ways in which North Korea is trying to raise funds in the crypto world.
The question then is how robust are banks’ controls and checks in dealing with a customer who is also operating in the crypto world because the banks are the interface between the online world and the offline world and therefore, they remain a first line of defence.
Q: Some nations are resistant to the fact that there seems to be an official sanctions list, such as an EU blacklist, that goes beyond blacklisting Iran and North Korea. In your opinion, should this be seen as an added measure or is it a step too far?
This comes up all the time. So, obviously you’ve got the sanctions according to international law, which are the sanctions issued by the United Nations (UN). You then have sanctions issued by individual countries or groups of countries. The obvious one in all of that is United States sanctions issued by the US Treasury Department’s Office of Foreign Assets Control (OFAC) to which the Malaysian government might say, “Here, we require banks in Malaysia to implement international law, i.e. UN sanctions, but sanctions issued by OFAC in the United States, by the EU, or Her Majesty’s Treasury are not legally applicable in Malaysia.”
That is certainly true but if you’re a Malaysian bank operating internationally, you need to pay attention to direct regulations wherever you work in the world and you will definitely care what the Americans say about sanctions; even if the Malaysian government doesn’t think it’s relevant, it is relevant in Malaysia. It’s a challenge for banks to navigate the landscape where their domestic regulator says one thing and other regulators say something different.
Q: Will we see a shift in global priorities given the outbreak of Covid-19?
Despite the pandemic, the fundamentals remain the same. Banks and other regulated entities should know their customers, understand where funds are coming from, and why and where they are being sent. The pandemic does not change these requirements. But it does change the behaviour of clients and it does heighten certain fraud-related risks. For banks, the reality is that the job of securing the integrity of the financial system will just get harder, a job that it is critical governments support via fully engaging in public-private partnerships and collaborating with and supporting the banks. After all, we all have the same objective and that is to secure the financial system in Malaysia and around the world from abuse by criminals, terrorists, and sanctioned entities.
Angela Yap Siew Peng is a multi-award-winning entrepreneur, author, and writer. She is Director and Founder of Akasaa, a boutique content development firm with presence in Malaysia, Singapore, and the UK and holds a BSc (Hons) Economics.