It's been a good 12 months for prosecutions of big banks. Credit Suisse pleaded guilty in May 2014 to helping thousands of its wealthy clients evade taxes, paying $2.6 billion in penalties. Roughly a month later, BNP Paribas pleaded guilty to mammoth violations of American economic sanctions that targeted rogue nations. That bank agreed to pay $8.9 billion in fines and penalties. And in coming months, several more U.S. and foreign global banks are expected to plead guilty to manipulating the multitrillion-dollar foreign exchange markets. Clearly prosecutors are on a roll. But these cases all too often deal with misconduct that started many years ago and went on at length undetected.
There is a way to fix much of the underlying problem. The global banking industry needs better standards for governing the form and content of transaction data.
Consider the ongoing parade of major banks that have either violated international sanctions laws or have laundered money for weapons dealers and drug cartels. Criminal and regulatory enforcement actions against these banks took years to complete and in some circumstances the illegal conduct actually continued during the investigation. Those investigations dragged on so long in large part because it took many months, if not longer, for armies of consultants to extract years of relevant transaction information from diverse recordkeeping systems. At huge expense to the banks, the process often required those consultants to homogenize information into new, workable formats.
The problem is that at present, every bank is free to maintain its own data storage formats, which may differ significantly from the systems used by customers, counterparties, and competitors. Institutions that have grown by mergers and acquisitions commonly operate several legacy platforms rather than expending resources to fully integrate multiple data storage systems, thereby further complicating access to important supervisory information.
Although the Society for Worldwide Interbank Financial Telecommunication has established a global network for sending standardized payment messages between banks, the Swift network does not dictate either the format of a transaction or the way in which institutions maintain information contained in payment messages. Moreover, some unscrupulous institutions have manipulated Swift messages in order to omit or obfuscate data that would trigger regulatory scrutiny. From a bank regulator's perspective, the present state of affairs can be confounding.
At its core, effective supervision requires a close, ongoing examination of the industry's most basic plumbing: how transactional data is recorded, transmitted and stored both within and among financial institutions. The schemes underlying many recent bank scandals exploited the cracks in that plumbing, and regulators had no ready or effective way to spot the problems at their inception.
With the aid of rapidly developing technology, however, standardized data could help avoid extensive, after-the-fact investigations by making real-time supervision a reality. Imagine storing standardized data in a manner that would allow banks to perform regular, quickly verifiable checks on their control systems. When readily at hand, regulators could also use such information to identify suspicious transaction patterns both at a single institution and across the broader industry.
Absent standardized recordkeeping, which makes information promptly accessible to regulators for periodic analysis, a bank's problematic or even illegal conduct can be difficult to detect until it is too late. By then, supervisors are usually in a punitive rather than a corrective posture. The cleanup is more acrimonious, complicated and costly. And even after bank supervisors are appeased, there is usually an expensive raft of private securities claims for the institution to resolve.
Thus, fostering a more standardized regulatory environment should benefit the banks in at least two important ways. First, it could certainly help lower their compliance costs by identifying serious problems before they get out of hand. Second, it could substantially repair the financial industry's battered reputation with both government regulators and the public at large.
To be sure, any standardization effort would be a challenging feat. It would almost certainly involve complex coordination among foreign and domestic regulators and significant expenses for the banks. However, when you consider the serial threats to global financial markets over the past decade, and the resulting billions of dollars in bank fines levied by international regulatory and law enforcement agencies, the effort seems like a good idea for everyone involved.
Daniel S. Alter previously served as general counsel with New York State Department of Financial Services. He is an adjunct professor and senior fellow at New York University Law School's corporate compliance and enforcement program.