The recent issues surrounding Binance have prompted deep reflection within the financial crimes compliance profession. As professionals, we often assess our own policies, procedures, and technology, convinced that we have implemented best-in-class measures to safeguard against similar incidents. However, the Binance case serves as a stark reminder that a critical component of any internal control structure is often overlooked – the human factor.
For those of us in the United States and those who follow the Financial Crimes Enforcement Network (FinCEN), the warning came as early as August 2014. In Advisory FIN-2014-A007.pdf, FinCEN emphasized, “Shortcomings identified in recent Anti-Money Laundering (AML) enforcement actions confirm that the culture of an organization is critical to its compliance.”
The guidance provided by FinCEN underscored the importance of engaged leadership in financial institutions. The Office of Foreign Assets Control (OFAC) also stressed the necessity for management commitment to compliance. However, in the case of Binance, management exhibited commitment, but unfortunately, it was to a culture of non-compliance.
Reviewing the enforcement orders, it becomes evident that those occupying the position of Chief Compliance Officer should have considered resignation rather than being complicit in the attempts to circumvent regulations.
Key Takeaways and What We Can Learn:
1. Due Diligence Reevaluation: Individuals or entities associated with Binance should reassess their due diligence efforts. Overreliance on unverified statements from the company proved to be a critical flaw. Vigilance is essential, and caution should be exercised when dealing with customers transitioning from Binance to other platforms.
2. Cultivate a Compliance Culture: The primary red flag in the Binance case was the lack of a compliance culture. Compliance professionals should ensure that a culture of compliance permeates not only from the top echelons of the organization but throughout its entirety.
3. Engage Service Providers Effectively: Compliance professionals must ensure that service providers understand the intricacies of their business, the associated compliance risks, and how the provider’s system, when configured correctly, contributes to risk mitigation.
4. Monitor Service Provider Usage: Service providers catering to financial institutions should actively ensure that their systems are used appropriately and not merely as a superficial cover for compliance. Regular evaluations and checks can help maintain the integrity of the compliance framework.
In conclusion, the Binance debacle serves as a poignant lesson in the realm of financial crimes compliance, reminding professionals that a robust compliance culture, supported by engaged leadership and vigilant due diligence, is paramount to preventing regulatory oversights and ensuring the integrity of the financial ecosystem.
