By Neil Swift, Partner, Peters & Peters
Unexplained Wealth Orders
Since 31st January this year, UK law enforcement agencies have been granted a new power to require individuals to provide information on the sources of their wealth. Agencies including the National Crime Agency (NCA), Her Majesty’s Revenue and Customs (HMRC) and the Serious Fraud Office (SFO) can now apply to the High Court for an Unexplained Wealth Order (UWO). A UWO can be made in relation to property located anywhere in the world, irrespective of where the person who is suspected to be the owner of the property habitually resides.
UWOs are designed to assist law enforcement agencies to recover property when they suspect that it has been obtained using the proceeds of crime or is owned by holders of an overseas public office who appear to have property substantially beyond their means.
To grant a UWO, the High Court will need to be satisfied that:
- the property in question (which could be real estate, a balance in an account or some other investment) is worth at least £50,000;
- the individual in question holds the property or has effective control over the property solely, jointly, or through a trust;
- there are reasonable grounds for suspecting that the individual could not have obtained the property using their known lawful sources of income.
The High Court also needs to be satisfied that the person against whom the order is sought falls into one of two categories:
- Politically exposed persons (PEPs), meaning people who hold (or have held) important public positions in countries outside the UK or European Economic Area, and their family members and close associates.
- Persons suspected of involvement in serious crime and those connected to them. The suspected criminal activity can be in the UK or abroad, and includes money laundering, corruption and tax evasion. It is not necessary that a civil or criminal investigation has been opened. All that is required is that the High Court is satisfied, on the balance of probabilities, that the person has conducted themselves in a way which is likely to have constituted a criminal offence.
Once a UWO has been obtained, the recipient will be given a limited time to comply with its requirements, which are likely to include the provision of an explanation as to the source of wealth used to acquire the property and documents in support of that explanation. The law enforcement agency may also apply for an interim freezing order preventing the person from dealing with the property.
If a person purports to comply with aUWO, then the law enforcement authority is not under any obligation to do anything: it can simply use the information received for intelligence purposes, particularly if it reveals hitherto unknown associations or connections.
However, in the event of a nil response, or a failure without reasonable excuse to comply with any of the requirements of the UWO, then the law enforcement authority can, if it chooses so to do, apply for a Civil Recovery Order (under the Proceeds of Crime Act 2002) to forfeit the property. The effect of non-compliance is that the burden of proof shifts and the property assumed to be recoverable property, unless the person against whom the UWO was obtained can prove otherwise.
UWOs and the banking sector
Financial institutions are most likely to encounter UWOs when one of their clients is subject to a UWO in respect of a business (and its accounts), a personal account or other investment, accompanied by an interim freezing order. To be effective, the interim freezing order will be served on the institution. At that point, no doubt the institution’s systems will prevent the account or investment being accessed or depleted, as well as flagging up the heightened money laundering risk associated with that particular customer.
For UWOs obtained in respect of PEPs, who will already have been subjected to enhanced due diligence and ongoing monitoring, the institution should have sufficient information about the individual’s source of wealth. Whilst the institution will no doubt wish to revisit its due diligence, it is perfectly possible that the enquiries undertaken by law enforcement to ascertain the person’s lawfully obtained income from known sources did not uncover information that the institution has obtained from its client. There is no absolute obligation on the law enforcement agency to find out what the person’s income actually is, and on the face of it, there is no obligation to make enquiries about their previously accumulated or inherited wealth.
UWOs obtained on the basis of suspected involvement in serious crime, or association with such a person or a PEP, are likely to give rise to more immediate concern. The customer may not have appeared to be higher risk when taken on or as the relationship developed. The institution will no doubt wish to immediately revise that particular customer’s risk profile, evaluate whether it has sufficient information about its customer and, if not, undertake additional enquiries to assess whether the risk is acceptable.
Particularly where the recipient of a UWO is a customer of an international institution, holding assets or investments in overseas branches, consideration will also need to be given to the extent to which the UWO raises red flags in other branches as well.
That is not to say that the making of a UWO and interim freezing order should automatically result in an institution ceasing to do business with its customer. They may be satisfied that they have sufficient due diligence and have satisfied themselves that the customer has a legitimate source of wealth. The institution can also take some (but not complete) comfort from discharge of the freezing order – although no doubt the red flags will change the way the relationship is managed in the future.
It remains to be seen how useful law enforcement agencies will find UWOs and how frequently they will be used.So far they have been used to obtain information about the ownership of expensive real estate.However banks and other financial institutions should consider the steps they should take in the event that they are put on notice of a UWO.
Two weak links cyber attackers are exploring to breach banks
By Rui Ribeiro, CEO at Jscrambler
The coronavirus pandemic has brought on a lot of changes into modern society, specifically when it comes to digital transformation. If we were already headed into the digital direction pre-pandemic, these unprecedented circumstances have only further accelerated the process. From education to banking, all sectors are going through this digital transformation, providing much-needed safer alternatives to in-person interactions. But how does this new paradigm impact the cybersecurity posture of organisations? How are financial institutions adapting and what do they need to improve?
When it comes to the banking sector, the digital component has become instrumental in the economy. On this note, it was found in a recent survey that 84% of consumers expect banks to actively transform their processes and offer digital services to keep them safe. We have seen large-scale closure of physical banks, and the use of electronic payments is increasing as people make the shift from cash to digital. Due to the circumstances, there has also been a general increase in e-commerce transactions, for example, there was an 81% increase in Italy according to Mckinsey & Co. All these factors are making traditional banks shift to digital banking faster than ever.
Incumbents are embracing the democratization of financial services and launching customer-centric platforms, for example, Santander launching openBank or RBS launching Bó. Not only are we seeing traditional banks shift their processes, but we are also seeing an increase in neobanks. These banks operate exclusively online without traditional physical branch networks as is the case with Revolut, N26, Nubank, and many more. But what does all this rapid growth mean for banks in terms of security?
The Copay example is only one in many incidents that have happened over the years. These cybersecurity incidents are sadly not uncommon, especially when technology advances as fast as it has in the past few years. With this rapid mutation of digital banking solutions, we see malicious strategies also improving fast to try and keep up with the market. Companies need to be aware of this double-edged sword so that they can also focus on improving their security. Having visibility and control over their products is crucial when it comes to ensuring that their web and mobile applications are not being leveraged by attackers to siphon user data.
In conclusion, although the shift to digital transformation is bringing a lot of needed safety for users when it comes to avoiding in-person interactions, users also need protection in the digital space. Because of this, banks are required to consider the possibility of the various online threats and find solutions to keep their users’ data safe. Developing an application fast enough to keep up with other digital banking applications is not enough to provide a good user experience. The key takeaway here is that banks need to take action now and mature their client-side security to prevent breaches and be compliant with regulations. If they are able to successfully manage their client-side security, they can outpace attackers and keep their users safe.
What banks need to know about observability
By Abdi Essa, Regional Vice President, UK&I, Dynatrace
More aspects of our everyday lives are taking place online – from how we work, to how we socialise and, crucially, how we bank. To keep pace, financial organisations have stepped up their digital transformation efforts, supported by a shift to dynamic multicloud environments and cloud-native architectures. However, traditional monitoring solutions and manual approaches cannot keep up with these vast, highly complex environments. As a result, many banks are turning to new, observability-based approaches to understand what is happening in their digital ecosystems. These approaches, however, bring new challenges to overcome.
Here are six things banks need to know about observability to ensure they can gain true value, combat the complexities of their modern multicloud environments, and drive digital success in 2021 and beyond.
- Most banks have very limited observability
The scale, complexity, and constant change that characterises hybrid, multicloud environments presents a real challenge to banks’ IT teams. Our research found that, on average, banking digital teams have full observability into just 11 percent of their application and infrastructure environments – not nearly enough to understand what is happening, and why, across the digital ecosystem. Additionally, 87 percent said there are barriers preventing them from monitoring a greater proportion of their applications – including limited time and resources. Without improving observability across the entire cloud environment – by drawing in metrics, logs, and traces from every application – banks’ IT teams are limited in the success they can have driving initiatives to deliver the new banking products and quality user experience customers want.
- You can’t bank on manual approaches
With many banks beginning to rely on more dynamic, distributed multicloud architectures to deliver new services, IT teams are stretched further than ever. More than a third of financial services organisations say their IT environment changes at least once per second, and 65 percent say it changes every minute or less. This rate of change creates a volume, velocity, and variety of data that has gone beyond banks’ IT teams’ ability to handle with traditional approaches – there’s no time to manually script, configure, and instrument observability and set up monitoring capabilities. The need for automation is therefore critical. By harnessing continuous automation assisted by AI in place of manual processes, teams can drastically improve observability to automatically discover, instrument, and baseline every component in their bank’s cloud ecosystem as it changes, in real-time.
- Cloud native adoption is obfuscating observability
To remain agile and keep up with the rapid pace of digital transformation, banks are increasingly turning to cloud-native architectures. Our research found 81 percent of them are using cloud-native technologies and platforms such as Kubernetes, microservices and containers. However, the complexity of managing these ecosystems has made it even harder for banks’ IT teams to maintain observability across their environments. Nearly three-quarters of banking CIOs say the rise of Kubernetes has resulted in too many moving parts for IT to manage, and that a radically different approach to IT and cloud operations management is needed. Such an approach should be based on a solution that is purpose-built to auto-discover and scale with cloud-native architectures.
- Data silos result in tunnel vision
To boost observability, many banks have simply thrown more tools at the problem. Our research found that most organisations use an average of 11 monitoring solutions across the technology stack. However, more isn’t always better, and multiple sources of monitoring data can result in fragmented insights. This fragmentation makes it harder to understand the full context of the impact that digital service performance has on user experience and unravel the nearly infinite web of interdependencies between banks’ applications, clouds, and infrastructure. Instead, financial organisations should seek a single platform with a unified data model to unlock a single source of truth. This will be integral to ensuring that all digital teams are on the same page, speaking the same language, and collaborating effectively across silos to achieve business goals.
- Observability alone is not enough
Simply having observability doesn’t help banks achieve tangible benefits or reach their business goals. To get true value, the data processed must be actionable in real-time. As such, observability is most effective when paired with AI and automation. This observability enables teams to instantly eliminate false positives, prioritise problems based on the impact it will have on the wider organisation, and understand the root cause of any problems or anomalies so they can resolve them quickly. The alternative is to manually trawl through dashboards and data to find insights, which is incredibly time-consuming and makes it almost impossible to act in real-time. Our research found that 94 percent of CIOs think AI-assistance will be critical to IT’s ability to cope with increasing workloads and deliver maximum value to the organisation. AI is clearly no longer just a ‘nice to have,’ but a business imperative.
- Observability isn’t just for the back end
Far from just having observability of their multicloud environments, banking IT teams also need to be able to see how the code they push into production impacts the end-user experience, and how that in turn affects outcomes for the business. This is a major goal for many CIOs, with 58 percent citing the ability to be more proactive and continuously optimise user experience as a benefit they hoped to achieve from increased use of automation in cloud and IT operations. By harnessing automatic and intelligent observability, banks’ digital teams can unlock code-level insights and precise answers to their questions about user experience and behaviour, so they can continuously optimise their banking services.
Observability is key for modern financial organisations looking to accelerate their digital transformation. By understanding these six key things about observability, IT teams will be better placed to master dynamic, multicloud ecosystems, and drive better digital banking services for the business and its customers.
Hackers can now empty out ATMs remotely – what can banks do to stop this?
By Elida Policastro, Regional Vice President for Cybersecurity, Auriga
In 2010, the late Barnaby Jack famously exploited an ATM into dispensing dollar bills, without withdrawing it from a bank account using a debit card. Fast forward to the present day, and this technique that is now known as jackpotting, is emerging as a threat and is growing as an attack on financial services. Recently, a hacking group called BeagleBoyz in North Korea have caught the attention of several U.S. agencies, as they have been allegedly stealing money from international banks by using remote hacking methods such as jackpotting.
The reality behind jackpotting
Jackpotting is when cybercriminals will use malware to trick their targeted ATM machine into distributing cash. As this criminal method is relatively easy to commit, it is becoming a popular tool for cybercriminals, and this trend will sure continue in 2021, unless financial organisations implement policies to prevent this and protect consumers.
During this difficult time, when access to cash has never been more important to banking customers, it is imperative that banks give their customers reliable ATMs that work, 24/7, 365 days a year. However, due to the sensitive data that ATMs possess, such as credit card or PIN numbers, they have now become a profitable object for cybercriminals to manipulate. As cybercriminals have been evolving in their efforts of attacking the IP in ATM machines, we will definitely see more jackpotting stories emerge in the coming months, especially with the large return on investment.
How criminals exploit the vulnerabilities found in ATMs
Since ATMs are both physically accessible and found in remote locations with little to no surveillance, this gives an opportunity for criminals to carry out jackpotting, especially with the software vulnerabilities that may exist in many ATMs.
ATM machines have been easily manipulated due to the outdated and unpatched operating systems that they run on. If banks wanted to resolve this issue and update these systems, it would take large amounts of time and money to do so. However, some banks do not have such resource and because of this, cybercriminals take advantage by penetrating the software layers in ATMs and exploiting the hardware to dispense cash.
How can banks tackle this?
As the sector has a complex technical architecture, banking organisations will have to make sure that they have control over the transactions that take place, and this includes the management of security when it comes to communication between various actors. When financial organisations are reviewing their ATM infrastructure, they will also need to protect their most vulnerable capabilities within their cybersecurity. Banks, for example, can encrypt the channels on the message authentication, in the event bad actors try to tamper with their communications.
Because ATM networks need to be available 24/7, banks not only, need to implement greater protection over their systems, but they need to do so with a holistic approach. One action that banks can take is to implement a centralised security solution that protects, monitors and controls their various ATM networks. This way banks can control their entire infrastructure from one location, stopping fraudulent activities or malware attempts on vulnerable ATMs.
Another way for banks to reduce the risk of jackpotting attacks is to update their ATM hardware and software. To do this, they will need to closely monitor and regularly review their machines in order to spot any emerging risks.
What the future holds for the banking industry
As confirmed by the warnings from the U.S. agencies, jackpotting remains a very serious threat for financial organisations. Evidence has also emerged, which shows hackers are becoming more innovative in their tactics. It was reported last year, for example, that hackers stole details of propriety operating systems for ATMs that can be used to form new jackpotting methods.
The emergence of jackpotting highlights the need for banks to actively work to protect their customers’ personal information and critical systems now and for the foreseeable future. In order to stay secure and reduce the risk of attacks, they will need to put in place the aforementioned solutions, which include updating their ATM hardware and software as well as closely monitoring and regularly reviewing their ATMs. As cybercriminals continue to become more innovative in their ways of attacking the machines, the issues mentioned will only continue to rise if they are not addressed. Although the method of jackpotting requires little action from cybercriminals, if financial organisations can implement a layered defence to their ATM security, they can stop themselves from becoming another victim to this type of attack in the future.
GameStop: How events unfolded and the next chapter
By David Morrison, Senior Market Analyst at Trade Nation, GameStop is a bricks and mortar video gaming retailer which launched in...
Does your institution have operational resilience? Testing cyber resilience may be a good way to find out
By Callum Roxan, Head of Threat Intelligence, F-Secure If ever 2020 had a lesson, it was that no organization can...
How the Brexit Agreement Failed the Financial Services Sector
By Steve Taklalsingh, MD UK Business, Amaiz Over the Valentine’s weekend, it was announced that during January, the first month that...
Two weak links cyber attackers are exploring to breach banks
By Rui Ribeiro, CEO at Jscrambler The coronavirus pandemic has brought on a lot of changes into modern society, specifically...
Huawei 2020 revenue ticks up despite U.S. sanctions, chairman says
By Josh Horwitz SHANGHAI (Reuters) – Huawei Technologies saw slight revenue and profit growth in 2020, in line with its...
Employee ownership – resilience in a time of uncertainty
By Stephen Greenwood, Owner of Valloop White House economist Jared Bernstein is a major advocate for employee ownership, in which...
Hyundai Motor to recall Kona EV and other electric vehicles in South Korea
SEOUL (Reuters) – Hyundai Motor Co will recall 26,699 electric vehicles including Kona EVs in South Korea due to potential...
FAA orders immediate inspections of some Boeing 777 engines after United failure
By David Shepardson and Jamie Freed WASHINGTON (Reuters) – The Federal Aviation Administration (FAA) said on Tuesday it was ordering...
Promise of cheap money keeps stocks buoyant
By Tom Westbrook and Echo Wang SINGAPORE/MIAMI (Reuters) – Bond markets steadied, the U.S. dollar fell and stocks edged ahead...
Bonding with equities
By Rupert Thompson, Chief Investment Officer at Kingswood Global equities slipped back last week, retreating 1.5% in sterling terms, and...