Quentin Downes

Quentin Downes

Greening the Financial System

What it means, why it's necessary, and how regulation is enabling the transformation

When we think of the risks from climate change, we often think of the longer-term consequences on global temperatures, the effects of melting ice and rising sea levels on certain animal habitats or low-lying island nations, or, as we've been forced to confront with increasing frequency, extreme weather events such as heat waves and hurricanes, and their destructive impacts in the form of forest fires and flooding. And, as regulators and central banks are now acutely aware, these "physical risks" represent only one component of the overall risk posed by climate change to the world's economies and on the global financial system.

There is now global consensus on the impact of human activities on the climate and also conversely of the impact of climate change on human activities. Governments and multinational bodies consider the steps needed to introduce targets to limit global warming (such as the Paris Agreement) and to reach net-zero emissions (such as the UK's 2050 Net Zero Target). Financial regulators consider the "greening of the financial system" as a necessary step to developing a more sustainable and resilient financial system, which is robust in the face of climate change and also supports better allocation of capital to sustainable activities.

The global financial crisis of 2007-2008 highlighted the fragility of the financial system in the face of systemic shocks. Climate change is one of these shocks. Climate risk – whether physical (as described above), "transition risk" arising from the impact of policy and regulatory changes on businesses and operations, or "liability risk" arising from individuals or businesses seeking compensation for losses suffered as a result of physical or transition risks – is now recognised as a massive source of systemic risk, and therefore must be understood and managed by financial institutions and their supervisory bodies. Physical risk can impact factories, supply chains and workforces. Transition risk has the potential to disrupt entire business models, as certain high-emissions activities are severely curtailed or banned outright.

Greening financial industry

Central banks and regulators are increasingly concerned about the potential for this climate risk to crystallise, the impact on firms' business models, share prices and creditworthiness, and the knock-on impact to the asset managers, banks and other financial institutions that are exposed to them. As a result of the financial crisis, they now have an established toolbox at their disposal with which to manage this risk at a systemic level, via the financial institutions under their direct supervision. This includes prudential measures such as requiring financial institutions to incorporate climate risk into their ongoing risk management, liquidity and capital adequacy requirements, and running stress tests at both the individual institution and industry level through initiatives such as the Bank of England's 2021 Biennial Exploratory Scenario on Financial Risks from Climate Change. Following its publication in 2019 of Supervisory Statement 3/19 on "Enhancing banks' and insurers' approaches to managing the financial risks from climate change", there is now a clear expectation from the Bank that firms under its supervision should have "fully embedded their approaches to managing climate-related financial risks by the end of 2021".

There is a clear need to incorporate climate risk into pricing and risk management processes. At present, however, the climate risk posed to most firms remains poorly understood. It is not incorporated into share price valuations or factored into the cost of financing by lenders and other buyers of debt. It does not form a component of counterparty risk, and therefore is not priced into longer term derivative contracts. This lack of understanding at the individual firm level makes it difficult for financial institutions to assess their exposure to climate risk via their investments. It also makes it difficult for them to understand how to better allocate capital in order to meet their own internal, or externally imposed, targets for financing of sustainable activities. For some, such as pension fund and asset managers, understanding their climate risk exposure is seen as a way of enabling them to better start managing climate risk in their portfolio now, and divesting themselves of potentially high-risk investments. For others, such as executing brokers, there is a desire to remain in line with the pack, and to price consistently with the rest of the market.

Data, obtained via mandatory reporting requirements, plays a significant role here. For all firms across the economy, the incorporation of climate risk into their annual disclosures is the starting point for understanding climate risk at a systemic level. To be useable and useful, such disclosures must also be consistent in granularity, format and approach. Initiatives such as the Task Force on Climate-Related Financial Disclosures (TCFD) are working with global standards bodies to develop improved climate disclosure standards. In November 2020, the UK became the first country in the world to announce a roadmap towards mandatory TCFD-aligned disclosures across all sectors of the economy by 2025. Such data, when available, can then be incorporated into pricing and risk management. Elsewhere, the EU's guidance on its Non-Financial Reporting Directive encourages firms to make their climate-related disclosures in line with TCFD recommendations.

Some regulators are also starting to look at proactive measures to improve capital allocation for sustainable activities and businesses. Banks, for example, may have internal targets on how they will transition their client portfolio towards "green" or sustainable companies and projects. In the absence of clear definitions around such activities, there is a risk of "greenwashing", whereby firms divert financing towards projects that have only superficial green credentials. The EU's Taxonomy Regulation aims to provide "a common language and a clear definition of what is "sustainable"". This will enable the development of financial products and services that direct capital towards sustainable investments in a way that is clear and transparent to investors.

It will take a huge amount of work to transform the financial system into one that can better support sustainable objectives and remain resilient in the face of climate change. Fortunately, we have the tools to measure and to understand such systemic risks. The question has long been, instead, whether governments and regulators had the will to deploy these tools. Climate risk is now so high on the regulatory agenda that 95 central banks and supervisory regulators have now come together under the banner of the Network for Greening the Financial System (NGFS), whose purpose is to share best practices and to contribute towards the development of a more sustainable economy and financial system. And this may just be the start of a wider transformation towards more purpose-led finance. Whilst most focus to date has been on the "E" in ESG, due in no small part to its urgency, the same principles of regulation that are being applied now to the problem of climate risk could in the future be transferred to the "S", and the integration of measurable social impact into the financial system.

 This blog was written by Jannah Patchay.

Jannah Patchay

Jannah specialises in financial markets innovation. Across two decades' experience in the Financial Services sector, she has provided advisory, consulting and delivery services to a wide cross-section of market participants including exchanges, tier-1 investment banks, brokers, funds and start-up businesses.

This includes a range of engagements for clients, including assisting in the launch of new trading venues, businesses, products and services, interpreting and implementing new regulations, and advising on regulatory, business and operational strategy. Her regulatory subject matter expertise lies in financial market structures and applicable regulations, such as Dodd-Frank, EMIR and MiFID / MiFIR, with a particular emphasis on cross-border and extraterritorial issues.

She is a Director and Regulatory Advocacy Ambassador of the London Blockchain Foundation, driving the regulatory agenda and leading regulatory consultation responses and advocacy with respect to the emerging digital assets sector. As a member of the Whitechapel Think Tank's Future of Payments WG (with representatives from industry, government and academia, and supported by Innovate Finance and the City of London Corporation) she is also involved developing policy recommendations and advocacy around digital money and its potential for advancing financial inclusion and payments innovation. Jannah covers financial innovation topics as a freelance journalist.


A Primer on Stablecoins

What are they, what are they used for, are they safe, and what are the regulatory considerations around them?

If you or your firm are active in cryptocurrency or digital asset markets, then chances are high that you've used stablecoins, even if you may not be familiar with the term. While stablecoins are integral to the smooth functioning of these markets, their uses and applications extend far beyond them and increasingly into the world of traditional financial markets and payments infrastructure as well. In this primer, we'll take a look at stablecoins, their structures, uses, key considerations and challenges for users, and the way in which they are regulated.

What is a stablecoin?

A stablecoin is a digital token with a value that stays close to specific reference, normally a fiat currency or a basket of fiat currencies. There are several methods to achieve the stability of value of the stablecoins that range from backing the tokens with an equal amount of fiat money or assets, to sophisticated algorithms run by computers and smart contracts. Facebook's original proposal for its Libra stablecoin, for example, envisaged it as being backed by a basket of currencies and short-term assets.

Stablecoins do not necessarily need to be backed by the physical assets whose performance they wish to track. Like exchange-traded funds (ETFs), they can be synthetically backed as well. These are known as algorithmic stablecoins. Some algorithmic stablecoins aim to maintain a value that is pegged to another asset through holding a basket of reserve assets that overall mimic the performance of the pegged asset. However, algorithmic stablecoins do not need to be pegged to any asset; an algorithm (which is a mathematical formula) executed by a computer or a smart contract can be the source of stability behind the stablecoin, operating by adding or subtracting tokens into the market to maintain a stable value.

At this point, you might be wondering what the difference is between a stablecoin and any other digital asset that aims to provide exposure to an underlying asset for investment purposes. The primary use of a stablecoin is as a means of payment or a means of settlement, and it's this behaviour that drives their treatment from a regulatory perspective as well.

What are stablecoins used for?

The first stablecoins were introduced for use in settling cryptocurrency transactions on-chain. For investors and traders who don't want to fully cash out their positions in fiat currency after each crypto transaction, stablecoins such as Tether's USDT offer a convenient mechanism for effecting both on-chain settlement, and holding USD value, ready to trade crypto again, without converting back and forth between fiat USD.

Stablecoins can also be used as a means of developing more efficient payment systems, especially for cross-border payments. By converting fiat to stablecoins, value can be rapidly moved around blockchain-based payments systems, bypassing traditional payments and banking infrastructure and layers of intermediaries, and enabling faster and cheaper domestic and cross-border payments to be made. This is the premise of Facebook's Diem (formerly Libra).

From a more institutional perspective, the benefits of issuing and trading digital-native financial instruments such as stocks and bonds (also known as security tokens), are becoming more apparent. These digital securities can be settled instantaneously on the blockchain, without the layers of inefficiency and time delays that exist for traditional paper-based securities. However, without a means of instantaneously delivering and settling the payments leg of the transaction, these benefits cannot be fully realised. Enter stablecoins: to solve this problem, many digital issuance and trading platforms have had to introduce their own stablecoin to effect instantaneous DvP (delivery vs. payment). Fnality's payments system seeks to address these gaps in the wholesale market, as well as providing a mechanism for more efficient wholesale payments.

Are stablecoins safe?

The answer is, sometimes, but definitely not always... At present, a stablecoin user is largely reliant on the guarantee of the stablecoin issuer that the value of their stablecoin will be maintained. In some cases, such as that of Tether, it may later be discovered that the issuer has not been managing the stablecoin in the way expected by or communicated to its users. There is also the question of what happens when the issuer of a stablecoin defaults. What recourse do holders of the stablecoin have? Are they left holding worthless coins? What happens to in-flight transactions for which the stablecoin is being used as a means of payment or settlement? Unless the issuer has put in place legal and other operational arrangements in anticipation of these scenarios, then the stablecoin user faces a degree of counterparty risk from the issuer.

This is an area of growing regulatory focus, with many regulators now identifying certain classes of "systemically important stablecoins" for which the issuer will be subject to a higher degree of oversight, and requirements to hold segregated asset reserves backing the coin. Central banks are also increasingly looking at introducing central bank digital currencies (CBDCs) – digital-native forms of fiat currency that could be used in many of the scenarios occupied by stablecoins today, without the same risks attached.

How are stablecoins regulated?

The way in which stablecoins are regulated in different jurisdictions varies depending on how they are structured and operated, and / or how they are used in the markets. Regulators and central banks are now starting to take closer notice of the potential for some stablecoins to become widely used, and potentially systemically important, and developing rules to address the potential for systemic risk to arise as a result. This is driven in no small part by the looming spectre of Facebook's Diem and its potential to be used on a truly global scale.

Depending on the jurisdiction in which they are issued and used, and on their structures, some stablecoins may be already covered by existing regulation, or by new DLT and virtual asset regulations. In the UK and EU, some stablecoins are already caught by the rules associated with the E-Money and Payment Services Directives. The EU is introducing new rules specifically aimed at stablecoin issuers (and particularly, those issuers deemed to be of systemic importance) as part of MiCA – the Markets in Cryptoassets Regulation – however this won't enter into force for a couple of years. In the UK, the Treasury has recently consulted on further regulation of stablecoins, and looks set to introduce prudential and conduct requirements for systemically important issuers as well.

What does the future hold for stablecoins?

With CBDCs emerging as a major contender, do stablecoins have a future? The answer is, most likely, yes. It will be years before CBDCs are widely available in all desired currencies, and able to be used at scale and for the use cases currently filled by stablecoins. And by that time, the place of stablecoins may well be entrenched in certain sectors of the market, particularly for users of currencies such as USD which are likely to be reliant on private stablecoin issuers for some time yet.

Our prediction is that stablecoins are here to stay, and will continue to fill as yet new and undiscovered niches in both crypto and traditional financial markets.

This blog was written by Jannah Patchay and published jointly with BCB Group.

Jannah Patchay

Jannah specialises in financial markets innovation. Across two decades' experience in the Financial Services sector, she has provided advisory, consulting and delivery services to a wide cross-section of market participants including exchanges, tier-1 investment banks, brokers, funds and start-up businesses.

This includes a range of engagements for clients, including assisting in the launch of new trading venues, businesses, products and services, interpreting and implementing new regulations, and advising on regulatory, business and operational strategy. Her regulatory subject matter expertise lies in financial market structures and applicable regulations, such as Dodd-Frank, EMIR and MiFID / MiFIR, with a particular emphasis on cross-border and extraterritorial issues.

She is a Director and Regulatory Advocacy Ambassador of the London Blockchain Foundation, driving the regulatory agenda and leading regulatory consultation responses and advocacy with respect to the emerging digital assets sector. As a member of the Whitechapel Think Tank's Future of Payments WG (with representatives from industry, government and academia, and supported by Innovate Finance and the City of London Corporation) she is also involved developing policy recommendations and advocacy around digital money and its potential for advancing financial inclusion and payments innovation. Jannah covers financial innovation topics as a freelance journalist.


BCB Group is Europe's leading provider of business accounts and trading services for the digital asset economy, regulated in the UK and Switzerland.

BCB Group provides accounts and payments processing for the pillars of the industry including Bitstamp, Coinbase, Kraken, Gemini, Galaxy, BitPay, Circle in dozens of fiat and cryptocurrencies.



Anti-Crypto Crime: We all have the permission to learn!

With the passage of the EUs 5th 'MLD' (Money laundering Directive) to include VASPs (Virtual Asset Service Providers) / Crypto firms to ID&V and monitor transactions in line with recording and reporting obligations. There has been a rapid need for fellow Anti Financial Crime practitioners and operating model change agents within 'FS' (Financial Service) to upskill and expand their knowledge. That goes way beyond KYC and alert handling. The evolution of NextGen Tech 'DLT' (Distributed Ledger Technology) has generated a flourish 'DeFi' (Decentralised Finance) ecosystem of Crypto / 'VA's (Virtual Assets) that has paved the way for start-up tech firms to facilitate and offer exchange and safe custody of VA's. These VASPs as a start-up industry, is gaining the traction of transaction trust from a user community, as well as many established FS's (like VISA) and many jurisdictional regulators, that now embeds Crypto within the formal financial system.

A community of knowledge sharers


Considering current and historical wrongdoing. The inherit risks of borderless Blockchain that in many use-cases, abuses pseudonymisation to disguise identity to circumvent AML controls when storing or transferring dirty value, that facilitates illicit harm to people the environment. The good news is 'Anti Crypto Crime' communities, organisations and technologies are now GLOBALLY popping up, responding, and flourishing by offering brilliant FREE webinars, training sessions that in-turn are Masterclasses of refined and continued academic debate. All that have incredibly esteemed panellists and participants, via forum-chat, as a rich knowledge source.

It goes without saying, money laundering does not respect boarders, so I for one am grateful for such a global and borderless response from a group of diverse and talented thought leaders. Highlighting the ongoing challenges of the ramp up and adoption of VAs / NFTs (Non-Fungible Tokens) as a credible asset-class. As well as the technologies AKA Crypto RegTechs, that brings the much-needed confidence and integrity to the DeFi and smart contract marketplace, that again is a borderless ecosystem. That presents a new wave of jurisdictional enforcement problems, as well as operational pain points and accountability tensions that need to be ironed out and ratified , as the ecosystem evolves and compliance frameworks mature to meet sound governance expectation.

Further, these new learnings provide opportunity to be ahead of the curve, with the understanding and application of FATF guidance and the much awaited 'Travel Rule' that is generally cascaded and put into force by sovereign states. As stipulated regulation and legislation, thus deter governmental ignorance, and prevent member states going to grey list during the 'FATF country mutual evaluation' process.

Sanctions and ramifications of non-compliance

As we are all too aware Crypto / VAs can sadly be misused for nefarious activities predominantly with the rise of ransomware. COVID has created a work at home culture, that has expanded the cybercriminals attack surface to exploit certain vulnerabilities. Bad actors who have held many firms siege with ransomware for a ransom. Demands of a ransom always being requested via payment of Crypto. It must be noted that the U.S authorities have taken some lead to tackle this problem. OFAC has designated numerous malicious cyber actors under its cyber-related sanctions program. With over 800 VASPs in 80 countries, it is imperative to screen against OFAC watchlist irrespective of jurisdiction.

If there is any suspicion or evidence that bad 'cyber actors' are extorting ransomware payment may be sanctioned or otherwise have a sanctions nexus. OFAC has designated numerous nefarious cyber actors under its cyber-related sanctions program and other sanctions programs, including cyber criminals and those who facilitate ransomware transactions as a VASP. OFAC has provided clear details for contacting relevant U.S. government agencies -including DEA, FBI, FinCEN and OFAC and has highlighted sanctions risks in on the (US) treasury.gov website. VASP or any entity that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations, therefore putting themselves and the key principles at risk of being placed on the OFAC sanctions list. Which no law-abiding citizen would wish for.

Plausible justification for Crypto

Equally, legitimate rationales such as data privacy and humanitarian, like unbanked refugees who have worked hard and need to store value against oppressive regimes or those who got on the Crypto bandwagon early. As traditional and 'CeFi' (centralised finance) and DeFi converge as a trusted and traceable conduit to transfer value globally. Irrespective, if you are currently working for a FS firm that has an all-out ban on VASPs / Crypto firm onboarding. You simply cannot steer away from the complexities and nuanced affiliation that many AML practitioners will have to consider then opine, when met with a segment of Crypto when investigating both source of funds, wealth, and transaction. I very much doubt any bank will offboard Tesla or Elon Musk's interests, who publicly advocates and invests in virtual assets and coins.

Crypto's SOW

As this emerging breed of Crypto millionaires become HNWI (High Net Worth Individual) type, they will unequivocally have to demonstrate a credible narrative of how they derived their wealth, as they seek to diversify investment and spender (who would not!), that is SO reliant on traditional finance payment networks to procure luxury and high lifestyle living.

As this trend accelerates, there is an imperative discipline for rigorous, verified and validated 'SOW' (source of wealth) memo's that can sufficiently prove Crypto wealth, that is not placed or integrated from cyber-criminality or any other predicated offences, as prescribed within EUs 6th MLD. But, from the good investment of the surge of Crypto value, that will need a forensic and plausible audit trail to appease competent authorities and regulators.


illicit finance, be it proceeds of crime or good value funding wrongdoing like terrorism, unfortunately fuels adverse life changing ramifications, at worst costs lives, as well as conservation and environmental impact. As we all strive to continually improve to be vigilant and be better versions of ourselves. I could not encourage more a wider community of experts or Financial Crime experts to broaden their AML scope within VAs / Crypto. Again, these webinars are FREE and inclusive to all! That affords every AML practitioner, the permission to learn, by getting involved and participating into this evolving, comprehensive and fascinating conversation.

My view is Crypto is not going away, and compliance is a collective zeal, therefore, should be collaborative, never competitive.

This is a guest blog written by James Emin in association with Twenty84 and Raw Compliance.

James Emin is a qualified AML and GDPR compliance Business Analysis and Project Manager. 15 years of experience within Financial Crime, starting as a KYC analyst through to becoming an SME, as a career contractor. Whilst supporting and running change management projects at many leading regulated institutions, was then that he realised technology would be adopting much of the human effort that drove him to be a BA, tech change agent and thought leader. Therefore, he is passionate about nuancing the complexities of illicit value, from storage to borderless transfer and how Fincrime operating models need to be resilient to meet ongoing threats and typologies by using both agile and Value Engineering methodologies to optimise resources. Ranging from Proliferation Finance, FinTech and Regtech which led him to scribe other thesis's.

He holds an International Diploma in Business Analysis (BCS) and is AgilePM, Prince2, GDPR certified at practitioner level.

Raw Compliance provides ​a global platform for compliance professionals, and those interested in compliance, to build a global community to develop new skills, learn from experts, collaborate, network and try new initiatives.

Raw Compliance

Guest Blog: Cryptocurrencies, Money Laundering and Terrorist Financing

Cryptoassets and cryptocurrencies have been gaining in recognition and awareness in recent times. There are now more than 4,000 cryptocurrencies on the planet, of which Bitcoin is the most well known. Here is a chart of the bitcoin price over the last 12 months (source Coindesk), which shows an increase greater than the factor of six:

Crypto graph

Despite this increasing popularity, is there a danger that cryptocurrencies can be used for illegal activities such as fraud, money laundering and terrorist financing?

At one end of the scale is the view that as all transactions occur on a blockchain platform and are visible to all, there is no chance of misuse. At the other end of the scale is the view that just as "where there's muck there's brass", the corollary applies, and someone will always find a way into a system, or to abuse a system. The answer lies somewhere in between.

Cryptocurrencies and Money Laundering

It is possible to obfuscate the ownership of cryptocurrencies, some of which have more privacy features than others. The market has not just seen the rise of cryptocurrency exchanges, but also of mixing and tumbling facilities by which cryptocurrencies are bundled, divided and redistributed amongst different accounts. This makes tracing harder to conduct, but not impossible, as displayed in a Canadian case in 2019 involving seizure of CAD 1.4m of bitcoin, and the seizure by US authorities in 2020 of a USD 1 billion Bitcoin wallet associated with the notorious Silk Road dark web criminal supermarket.

The Financial Action Task Force (FATF) released guidance on VASPs "Virtual Asset Service Providers" (known as Digital Assets in certain countries) in 2019.* Countries are now required to assess and mitigate their risks associated with virtual asset financial activities and providers; license or register providers and subject them to supervision or monitoring by their national authorities. VASPs are subject to the same relevant FATF measures as those that apply to financial institutions. The guidance addresses:

  • How do virtual asset activities and VASPs fall within scope?
  • How should countries apply the Recommendations in the context of virtual assets or VASPs?
  • How do the Recommendations apply to VASPs and financial institutions?

The guidance also includes examples of national approaches to regulating and supervising VA activities and VASPs to prevent their misuse for ML and TF. Cryptoassets are developing rapidly and the FATF guidance was revised a year later.**

The report reviews implementation and sets out:

  • how ML and TF risks and the virtual asset market have changed since June 2019;
  • progress in implementing the revised Standards;
  • the private sector's progress in implementing the revised Standards, including the development of technical solutions for the implementation of the "travel rule";
  • issues with the revised Standards and Guidance; and
  • next steps regarding virtual assets.

The report finds that both public and private sectors have made progress in implementing the revised Standards. 35 of 54 jurisdictions advised they have now implemented the revised Standards, with 32 of these regulating VASPs and three prohibiting their operation. The other 19 jurisdictions have not yet implemented the revised Standards. While supervision of VASPs and implementation of AML/CFT obligations by VASPs is generally nascent, there is progress. In particular, there has been development of technological solutions to enable the implementation of the "travel rule" for VASPs, even though there remain issues to be addressed by public and private sectors.

The VA sector is fast-moving which means continued engagement between public and private sectors is necessary. FATF has agreed to continue its focus on virtual assets:

  • continue enhanced monitoring of VAs and VASPs and undertake a second review of implementation of the revised FATF Standards by June 2021;
  • release updated Guidance on VAs and VASPs, addressing stablecoins, anonymous P2P transactions and travel rule implementation;
  • promote understanding of ML and TF risks involved in VA transactions and potential misuse of VAs for ML and TF purposes;
  • enhance its engagement with the private sector, including VASPs, technology providers, technical experts and academics, through its Virtual Assets Contact Group; and
  • continue its program of work to enhance international cooperation.

Cryptocurrencies and Terrorist Financing

Terrorist financing is a different issue to money laundering. It does not cost much to create a significant terrorist incident. The Bali bombing of 2002 killed just over 200 people. The cost for the terrorists to mount the operation was estimated at AUD 25,000 (about GBP 14,000). The attacks in the US in September 2001 killed nearly 3,000 and caused insurance losses of around USD 40 billion. The cost to mount the operation was estimated at USD 400-500,000. The costs of the "War on Terror" since are put at USD 6 trillion. This is just the cost to the US economy.

There is evidence that terrorists are now using cryptocurrencies to finance their operations. Last September French police arrested 29 suspected members of a Syrian related terrorist gang and charged eight of them with terrorist financing. French counter terrorism police alleged widespread anonymous purchase of cryptocurrency coupons from tobacconists across France, which were then credited to accounts opened from abroad by jihadists, who were then responsible for converting them into cryptocurrency on bitcoin purchasing platforms. France as a result has announced compulsory KYC requirements for all crypto companies operating in France, including companies not based in the country. Crypto-to-crypto exchanges will also have to be registered.

Red Flags

So how can you try and spot the misuse of cryptocurrencies? There are a number of red flags to look out for on transactions, which, depending on the circumstances, may lead you to develop a suspicion as to the true provenance of the value involved in a transaction, or the true activities of those involved. Here are the indicators developed by FINTRAC, the Canadian FIU, as an example (taken in isolation, these may be innocent of course, or there may be another legitimate explanation involved):

It is important to note that depending on your business activities, some of these ML/TF indicators may not apply.

  • Client portfolio only consists of privacy coins or has a high value in privacy coins (For example, Monero, Dash, Zcash)
  • Client transfers Bitcoin in large volumes in exchange for privacy coins (For example Monero, Dash, Zcash, etc)
  • Client is unwilling or unable to provide information about the source of privacy coins they once held or currently have
  • Virtual currency addresses match addresses on recognized watch lists such as the list of the Office of Foreign Assets Control (OFAC) or law enforcement information
  • Many individuals register with the exchange within a short period using a shared address, mobile device, phone number, IP addresses and other common identity indicators
  • The client's virtual currency wallet or address is linked to fraudulent activity in media reports and/or cyber security bulletins
  • A platform receives unusual or persistent requests from other exchanges/vendors/service providers in respect of a client's deposited funds
  • A broker charges abnormally high commission fees compared to the industry standard
  • The white paper is of poor quality, incomplete, misleading, and has limited information
  • Publicity is created around the initial coin offering (ICO) (advertisements, celebrity endorsements, social media ads), also known as pump and dump ICOs
  • The developers are anonymous or information provided about the ICO cannot be verified
  • There is no access to the smart contract, to the code or to technical information about the token's creation
  • There is no possibility to sell the investment or to exit the project to recover the invested funds
  • A series of complicated transfers of funds to multiple addresses or wallets that seems to be an attempt to hide the source and intended use of the funds
  • Transactions take place at the same time of day. Transfers from fiat to virtual currency and virtual currency to fiat
  • High volume and frequency of transfers between different types of virtual currencies
  • Client provides an anonymous email address obtained through an encrypted email service
  • Funds are deposited or withdrawn from a virtual currency address or wallet with direct and indirect exposure links to known suspicious sources, including darknet marketplaces, mixing/tumbling services, questionable gambling sites, illegal activities (for example, ransomware) and/or theft reports
  • Funds flow through a large number of intermediate addresses in a very short period of time prior to being deposited in a client's wallet, or just after being withdrawn
  • Virtual currency passes through mixers/tumblers and is transferred to multiple wallets, where the funds are cashed out
  • The virtual currency's funds originated from an over the counter trade broker that advertises its services as privacy-oriented/anonymous
  • Virtual currency address has links or hops from a wallet address that has appeared on online platforms indicating support for violent extremism or radicalization (including social media, ads on fundraising sites, sites on TOR or messaging sites)
  • The source of funds used for the purchase of large amounts of virtual currencies is unknown
  • The email address used in the transaction is linked to advertisements for the sale of virtual currencies on peer to peer exchange platforms. These advertisements may suggest that the client is buying and selling virtual currency on a commercial scale through a business as a non-registered money services business
  • The client frequently receives funds from multiple payment processors
  • The client makes frequent payments or transfers to companies, post office mailing services or uses money orders from agents of the Crown for the purchase of computer software or hardware

Cryptoassets are here to stay, but just as with non cryptoassets there are good ones and ones which are not so good. Thus you need to assess how to differentiate between them, how each particular cryptoasset ecosystem works, how it can be abused, as well as how to select the ones which work best for you, and avoid getting caught up in cryptocrime.

* FATF Guidance on VASPs
** FATF Guidance on VASPs revised

 IMG 1497

 This is a guest blog post by Richard Parlour. Richard is a co-rapporteur for the EU Task Force on Increasing AML Effectiveness Across Europe. His focus is on all aspects of AML from policy to due diligence, investigations and training.
Guest Blog: The current and future state of EU UK AML post-Brexit


AML World Map

AML is not without its accomplishments. The UK has been instrumental in establishing the Financial Action Task Force. Money laundering has been criminalised and covers the proceeds of all crimes. Europol has established itself in the fight against money laundering. The Egmont Group of financial intelligence units has been set up. The UK and 14 EU member states (plus the European Commission) are full FATF members and the remaining 13 are members of Moneyval. Governments evaluate each others' AML performance every so often. The term "money laundering" is now in common parlance.

However, the amount of proceeds of crime recovered as a result of successful money laundering prosecutions, as against the amount thought to be available to be laundered, is around 0.1-1.1 percent at best. Commission of the underlying predicate offences remains rife, and increasing, particularly in relation to emerging and disturbing criminality, such as the exponential growth of green crime and cybercrime.


Brexit has thrown in more challenges:

• Title X of the Brexit Withdrawal Agreement advocates supporting international AML/CFT efforts, the need to cooperate and to share information, but this is much looser than previous arrangements. That part of the agreement relating to AML is a mere 2 ½ pages, of which 2 pages are focused on Ultimate Beneficial Ownership
• The UK no longer has access to the Schengen Information System and related crime fighting databases. There is liaison through British embassies locally, but it is very much a "dialled down" relationship
• Although the UK has implemented EU MLD 5, "implementation" of MLD 6 and copycat steps of future EU regulation remain to be seen. In many areas new UK regulation is being prepared which will diverge from the EU, making decisions of equivalence, and thus cross border trade and action against international organised crime, far more difficult
• At a practical level, UK firms will have to follow local rules when dealing with EU based clients, and vice versa. This impacts cost, speed, effectiveness and profit
• Criminal organisations will exploit areas of confusion uncertainty and bureaucracy around Brexit, and new scams are expected

Increasing AML Effectiveness: Three focal points

At the same time, the EU Task Force on Improving AML Effectiveness around Europe has just released its report (https://www.fmli.co.uk/aml-in-europe-time-to-get-serious/). In it, the major AML issues in Europe are divided into three pillars: governance, risk management and capability. Some feel improving effectiveness is a simple question of reforming the European AML supervisory architecture with a new EU AML supervisor, but the answer is much more complex and nuanced than that. Such a step needs to be matched with action, commitment and improvements in capability to fight money laundering.

Pillar One: Governance

There are many fault lines across Europe in relation to AML governance. Brexit only adds to them:

• Both Europe and the UK lack a clear objective for what the AML regime is meant to accomplish. Without clarity of vision, mission and modus operandi, it is difficult to see how progress can be achieved. Most governments seem to focus on fining gatekeepers rather than convicting the perpetrators of predicate offences. AML compliance has become an end in itself. This is ineffective in reducing the scourge of drug, people, wildlife and firearms trafficking across Europe, etc.
• Only 15 EU nations are FATF members of FATF. 19 of the 28 EU member-states are members of the Eurozone. These fault lines cause dislocations across Europe.
• There is no EU coordinating body for AML policy except for the European Commission, with certain monitoring and supervisory functions carried out by the European Central Bank and European Banking Authority, and some loose information-sharing arrangements between national authorities. The report recommends creation of a new EU AML body, but with caveats
• The enforcement of criminal laws is reserved for individual member-states. True, there is some coordination of investigations through Europol, and instruments such as the European Arrest Warrant have been created, but usage of such tools varies wildly across the bloc.
• There is a real bottleneck in the FIUs. However, care must be taken that removing this does not just shift the problem to law enforcement and judiciary

Governance is not just about architecture, however. It's also about "battle rhythm":

• The gestation periods of legal and policy measures are far too long. For MLD 4, "flash to bang" time (from FATF policy development to implementation of law) was well over a decade. This is far too long. Such lag times undercut efforts to respond to the explosive growth of green crime, cybercrime and other issues.
• The mutual evaluation cycle is also around a decade long. Businesses are subject to annual reports, examinations and monitoring. Why should this concept not also apply to AML deterrence at governmental level? There is currently no annual assessment of country performance against FATF recommendations.

Pillar Two: Risk Management

No key performance indicators (KPIs) have been set by FATF, and countries are not even collecting data on underlying offences in a scientific manner, yet this is vital for effective policy development. How can policies be effective if you don't know the numbers? FATF has developed some indicators ("Immediate Outcomes"), but these are not the same as KPIs directly tied to predicate offences. An assessment of what really needs to be measured is urgently required to develop the correct tools, fund the most effective action and reduce the ever-growing scourge of underlying crimes. Greater government commitment is necessary. The report recommends better use of OKRs and KPIs at national and institution level.

Risk-based deterrence has been introduced to reduce compliance burdens and increase effectiveness. Although highly attractive conceptually, it has stumbled in practice, largely because the regulator decides what the risk is, rather than allowing firms to carry out their own risk function, with regulators verifying that the risk process works and firms honing their risk-assessment skills.

In assessing how deterrence should work, many have latched on to the three-lines-of-defence principle. This follows the old concept of castle building—the outer wall is the first line of defence, the inner wall the second, and the keep the final line. While fine for mediaeval strongholds, the only organisation building castles these days is Walt Disney.

For financial institutions this concept has customer-facing staff as front line, compliance as second line and audit in the castle keep. As a fortification against money laundering, the principle is outmoded and ineffective. It encourages the wrong mentality. Better a system of integrated active defence, where all AML assets are designed to work together in a manner similar to Integrated Air Defence Systems or Carrier Battle Groups.

Pillar Three: Capability

Training of law enforcement in how financial markets work is generally below what it could be. Virtually all law enforcement officers are given financial investigation training, but this is not the same as instruction in the operation of financial markets. Specialist financial police are needed, properly trained and supported. Commitment currently ranges from FIUs of just one officer, to specialist police like the Guardia di Finanza with around 70,000 persons.

Huge fines are levied on banks, yet governments appear unwilling to fund even small law enforcement projects to upgrade creaking IT systems. They even talk of special levies. Transparency over fines money is needed.

AML compliance has become an end in itself, with the real objectives lost in organisational data kleptomania. Digitisation of business has given rise to a search for an automated AML nirvana, reducing human input to a bare minimum. Yet AML is a human issue and programming errors can increase costs dramatically, as battles to reduce false positives have shown. Certain banks employ more staff on false positives than their national police force has in fighting money laundering. This needs rethinking.

Compliance is often seen as all cost with little or no benefit. Do some CEOs prefer to run the risk of fines to ensuring their business models and compliance functions are properly aligned, effective and efficient?

The Way Forward

So where does the solution lie? The following steps and options are recommended:


• Develop clarity of vision and mission. Processes need to impact the underlying crimes, or there is no point introducing them.
• Develop a new AML body within Europe but be careful on governance. Sort out FIU.net.
• Ensure coordination between EU member states, and third countries, at all levels.
• Improve cross border cooperation at all levels, including data collection, intelligence generation, policymaking, investigation, information exchange, prosecution, etc.

Risk Management:

• Adopt OKRs and KPIs that relate to AML objective and underlying crimes. Measure what matters. Use the right metrics. Improve databases.
• Allow firms to develop and use risk-based systems properly.
• Carry out effective benefit-cost analysis of new laws and procedures.
• Adopt aggressive, coordinated defences.


• Encourage training and spending on specialised financial police.
• Increase funding and support of law enforcement, enabling following the money trail.
• Improve training standards, including the courts process, policy makers, investigators and intelligence analysts.

The Future

We cannot go on as we are. Money laundering, like climate change and the threats to the natural world, is a truly international issue and needs a truly international response. We need a new agenda aligned to climate change and biodiversity steps the world needs to take urgently for its own survival. We must not be found wanting.

IMG 1497This is a guest blog post by Richard Parlour. Richard is a co-rapporteur for the EU Task Force on Increasing AML Effectiveness Across Europe. His focus is on all aspects of AML from policy to due diligence, investigations and training.

Crypto and Proposals for New European Regulation

EU Flag

Following the EU's publication of its proposed Regulation on Markets in Crypto Assets (MiCA) on 24th September, we are delighted to have had the opportunity to write a guest blog for BCB Group on what these new regulations entail, and how Brexit will impact this.

The Build Up

It is now more than a decade since bitcoin was created and some are asking whether the cryptocurrency world will attract some form of specialised regulatory coverage. If so, will it be treated like FX, which in many countries is unregulated as regards trading on a spot basis, but often regulated in terms of derivatives and funds? Will it be bespoke or will some other regime apply?

Legal and regulatory development has lagged far behind technological development in this area. Development of appropriate law and regulation has been sporadic and uncoordinated internationally. Commercially, bitcoin is very much the market leader, but there are now hundreds of cryptocurrencies in issue. Commercial use has started developing and you can now pay school fees, or professional bills in cryptocurrency. There are now ATM machines. Central Banks are debating about introducing their own digital currencies and the Chinese have started their first trial use.

Regulation usually follows the emergence of a new asset class, and cryptocurrency looks like it will be no exception... Click here to read the full blog on BCB Group's website.

BCB Group is Europe's leading provider of business accounts and trading services for the digital asset economy. BCB Group provides accounts and payments processing for the world's largest crypto-engaged financial institutions including Bitstamp, Coinbase, Galaxy, Gemini and Kraken, in most major fiat and cryptocurrencies.


Why the last barrier to crypto’s mass adoption is good regulation


It's no secret that blockchain-based systems are rapidly becoming a part of our everyday lives, not just in a peer-to-stealthy-peer, underground-darkwebs way, but also on a systemic level.

This list by Forbes titled "Blockchain 50: Billion Dollar Babies" illustrates the world's biggest companies like Google, Facebook, JP Morgan Chase, Amazon, and others all working on their own blockchain projects today.

Thanks to the genius of an unnamed coder(s?) known as Satoshi Nakamoto, who created the Bitcoin code, parts of this system were used to fuel thousands of cryptocurrencies, companies, and projects today, none of which would have happened without Bitcoin. Talk about creating your own business!

In fact, very recently was Bitcoin's 12th birthday, a round date that brought about equally round figures for its "CEO" (currently missing in action for over a decade) and early pioneers: bitcoin the token rose in price from tenth of a penny to $15400 apiece, in 12 years it has never been hacked, and now its creator's code is getting implemented all over the world. Not bad for a 12-year-old. But if these are just baby steps, what happens next?

Why are companies becoming more and more interested in blockchain?

This example of HSBC completing the world's first paperwork-free deal using Corda R3 blockchain is one no-nonsense illustration of what IBM.com calls "significant business benefits, including greater transparency, enhanced security, improved traceability, increased efficiency and speed of transactions, and reduced costs".

Transactions that take minutes, not days, fees smaller by several orders of magnitude, ability to provide complete proofs and auditable logs for anyone to see, are just a small snapshot of what blockchain can offer the world's companies today. And this is why in this rapidly developing sphere, the demand for people is desperate.

With over 140 000 000 users in Bitcoin alone according to Bitcoin expert Andreas Antonopoulos, this industry is increasing its sphere of influence at a staggering pace. But for that it needs people – and for people to take crypto seriously, and to trust this industry, there needs to be safety and security in the niche.

In response, more countries across the globe are beginning to introduce crypto regulations. But what does this mean exactly, and how is it likely to affect FinCrime and Compliance recruitment?

Are there regulations already in place?

Governments all over the world are already putting in dramatic efforts to make crypto safe everywhere. This industry is a lot safer than in the early days thanks to law and order (for instance, putting a stop to Silk Road made this sector a lot more secure; improving security mechanisms around Initial Coin Offerings and introducing Initial Exchange Offerings allowed for greater safety of public funds).

In the UK, just a few days ago (at time of publishing), Chancellor Rishi Sunak announced that the government is researching CBDCs as an alternative to cash, and that the Treasury is drafting proposals to regulate private stablecoins. This is a strong indication that the government believes digital currencies can transform financial services, and follows on from three other recent notable moves by the UK regulators in terms of crypto regulation:

  • From 10th January 2020 any UK businesses carrying on cryptocurrency activity will have to register with the FCA and have until 10th January 2021 to do so, otherwise they must cease trading.
  • The government are currently analysing responses to their consultation around bringing certain crypto assets into the scope of financial promotions regulations, with the purpose of "enhancing consumer protection while continuing to promote responsible innovation."
  • Last Month, the FCA announced that the sales, marketing and distribution of crypto derivatives to retail consumers will be banned in the UK, arguing that the ban provides an appropriate level of protection to retail consumers, who are at a high risk of suffering losses from trading crypto-derivatives

Across the world, not only is crypto being affected by the classical banking structures, classical banking structures are employing crypto. Just one example of this happened very recently, when the Reserve Bank of Australia announced that it is planning a proof of concept (PoC) for a wholesale central bank digital currency (CBDC) based on distributed ledger technology (DLT), or more specifically, Ethereum blockchain technology.

"We are aiming to explore the implications of CBDC for efficiency, risk management and innovation in wholesale financial market transactions."

Michelle Bullock, Reserve Bank Assistant Governor

As government interest in CBDCs is increasing, crypto exchanges are also undergoing structural updates in accordance with emerging regulation requirements both from the outside and the inside:

  • In many countries around the world crypto exchanges are required to have a license to operate.
  • In terms of internal regulation, here's one illustration of having good controls in place: compare a crypto exchange today that makes sure it has a reserve fund to compensate users in case of a hack, and an exchange in the early days of Bitcoin like MT Gox, who didn't have any regulatory framework at all.

A certain balance has to be reached, of course, between users having security and privacy (this example of Coinbase users' indignation about exposure of their private data illustrates the importance of maintaining data integrity). But surely a way out could be put together that would protect users from fraud as much as possible and at the same time allowed them to keep their data their own?

With technologies like zero-knowledge proofs that enable users to confirm authenticity without giving up private data, there seems little doubt that enhanced regulations will be implemented soon.

 Crypto blog re size

If blockchain is such a tempting prospect why hasn't the government already fully regulated Crypto?

As many more global companies around the world use Bitcoin and blockchain to vastly improve their businesses, millions more users are joining the network. Since the beginning of the emergence of blockchain technology, governments have introduced regulation to try to minimize the risk of crimes, which were rampant pretty much from the beginning, giving Bitcoin a bad name from the get-go.

Just as dollars can be and are used to sponsor crimes, so can crypto, thanks to the fact that many, if not all, of its features are much more advanced than those of the fiat financial systems. Meanwhile, no-one is banning the USD on those grounds, and it logically follows that crypto shouldn't be seen only as the tools of drug lords and terrorists in just the same way.

Instead, introducing clear and meaningful regulation will put an end to lawlessness and fear associated with crypto for many users (take, for example, 80%+ of ICOs turning out to be scams) and could very well mean the beginning of rapid global adoption for crypto.

Governments are becoming much more accepting of crypto. This is evident when comparing in how many countries crypto was legal 5 years ago and now. In fact, all developed and affluent countries are now allowing crypto in one form or another, and comparatively there aren't many left who don't.

What's left to do?

As more and more governments study and understand Blockchain and its benefits, the crypto eco-system and its main players, it's becoming obvious that the only thing standing behind crypto's indescribable potential for good and a much more fair, simple, and noble world are clear regulations.

Ultimately, it is very likely that cryptocurrencies will become increasingly mainstream in the near future, and this increases both the potential for crime, and the need for regulations across the globe; so it follows that FinCrime and Compliance professionals will see openings for more crypto regulation-specific careers in the future.

Chancellor Rishi Sunak said on Monday:

"We are starting a new chapter in the history of financial services and renewing the UK's position as the world's pre-eminent financial center. [...] Our plans will ensure the UK moves forward as an open, attractive and well-regulated market."

At Twenty84, we are already starting to see an increase in regulatory roles in the Crypto and Digital Assets space. An example of some of the roles that we have seen so far include:

  • Head of Risk and Compliance (Crypto)
  • Crypto AML Officer
  • Crypto Compliance Analyst
  • Regulatory Crypto Markets Expert

Twenty84 recently partnered with CryptoUK

CryptoUK is the UK's self-regulatory trade association representing the crypto asset sector. Since their launch in 2018, they have been raising awareness of the need for a supportive regulatory framework for crypto assets in the UK.

At Twenty84 we are increasing our focus on Crypto/Digital Assets regulatory hiring and growing our experience in the sector, so this partnership helps us to understand the skill gaps and requirements in this fast-moving industry, which means we can offer a knowledgeable service to our Crypto and Blockchain clients.

We are excited about the potential to offer plenty of interesting new careers and opportunities to our Financial Crime and Compliance network!

Is this something you would be interested in?

Get in touch to find out about the digital assets / crypto regulation roles we have available, or to discuss the regulatory skills requirements in your Crypto / Blockchain business.

 Twenty84 CTA

The future of FinCrime and compliance technology - should officers be upskilling now?

The world is now in the full swing of the Information Age.

Over the last few decades, technology has worked its way into almost every business sector and evolved from a luxury into a necessity for success.

The Financial Crime and Compliance sectors are far from exempt. The introduction of FinTech and RegTech alone is thought to have shaken up the industry significantly.

As a result, FinCrime and Compliance officers have already seen some major changes in how they carry out their roles, and it is predicted that these developments will continue well into the future.

The question that therefore arises is: Should officers be upskilling on FinCrime and Compliance technology now in order to prepare for these developments?

Let’s have a look at this in more detail:

compliance technology

How has technology affected FinCrime and Compliance officer roles already?

 As the world transitions into an increasingly cashless society, the opportunities for financial crime to take place physically have decreased but have subsequently increased digitally. Therefore, the need for technological preventions and interventions have also amplified.

Only last year, there was a significant focus on how advanced FinCrime features like intelligent automation and advanced analytics could assist in monitoring and detecting unusual behaviour.

Plus, just this year, there has been a call to favour contextualised and real-time monitoring of transactions over monitoring in isolation and in batch, alongside a whole host of other considerations.

At the same time, compliance technology has evolved from simple documentation data storage to encompass digital advancements such as automation, big data, AI/machine learning and more in order to help Compliance officers stay up to date with and manage regulatory requirements.

RegTech in particular, as noted above, has caused quite the stir by “providing technologically advanced solutions to the ever-increasing demands of compliance within the financial industry.” In fact, it has been said that “Systems, not people, are now the compliance guardians.”

Subsequently, FinCrime and Compliance experts are looking to digital solutions to combat financial crime and harness regulatory change more than ever before.

From big data-processing analytics to cybersecurity and other technologies such as blockchain and machine learning - plus much more - FinCrime and Compliance officers have seen a large shift from the more traditionally-known aspects of the role to a greater focus on technical skills and IT knowledge.

And how is it predicted that tech will continue to affect these roles in the future?

As technology becomes more advanced, financial criminals will adapt to discover new opportunities for crime and override the controls designed to prevent it. As a result, new regulations will continue being implemented, and new technologies created to align to them.

Some experts have questioned whether AI will take over the role of FinTech and Compliance officers altogether; indeed, it has been predicted that 50% of financial jobs could be lost in the future due to AI as more departments shift towards deploying technology rather than people to fulfil its goals.

However, it has been noted that the use of AI and other technologies in FinCrime and compliance are still very much a work in progress. Ultimately, human decision making, skills and abilities will remain the most vital component of success in the field, with AI simply complementing - as opposed to replacing - human judgement.

compliance technology

So, should FinCrime and Compliance officers start upskilling now?

When we consider what FinCrime and Compliance officer roles currently entail and how these roles are predicted to change further in the future due to technological advancements, then yes - upskilling on FinCrime and compliance technology is an important step to take.

In fact, in a Compliance Risk Study conducted by Accenture in 2018, 59% of employers stated that finding compliance professionals with the right technical skills was their biggest recruitment hurdle last year, and 76% feel that there is a significant gap between the current and required skills for effectively implementing compliance tools.

Strong technical knowledge will be needed by FinCrime officers in order to better investigate and understand any suspicious activity and subsequently prevent financial crime, while compliance officers with the right technology skills in-house will be called upon to support the development of RegTech to harness regulatory change.


This may all seem quite daunting, but as mentioned above, technology and the skills it requires aren’t the be-all and end-all. Many FinCrime and compliance technologies are still in development, and even at their most advanced, will never be able to replace the human skills, experience and abilities of FinTech and Compliance officers.

As stated by Andrew Davies, vice-president for global market strategy, financial crime and risk management at Fiserv:

“Having a balance between people, process and technology is critical to maximising the return on technology investment and delivering heightened security in an ever-changing world.”

And similarly, the ICA states that:

“[Tech] may not replace the entire compliance function, but as with all industries, its impact at the manual level could be significant. It’s important that we understand this change so that as professionals we are best equipped to deal with the future, whatever it may bring.”

What next?

The future of FinCrime and Compliance officer roles is truly exciting. With so many new technologies currently in the works and on the horizon, the scope for officers to expand on their tech skills as well as hone more traditional ones offers a whole new level of diversity to a FinCrime or compliance career.

In fact, here at Twenty84, we have a number of different roles available that incorporate new and developing technology, and will give conscientious FinCrime and Compliance officers the chance to up-skill and truly advance in their career.

You can take a look at these roles here, or feel free to get in touch with our team today for more information:

Twenty84 CTA

The risk/compliance job hunter’s survival toolkit (in the era of COVID-19)


Job hunting can be tricky at the best of times...

But while the world has been in the wake of the ongoing COVID-19 pandemic, finding the perfect role has become an even greater challenge.

However, it isn't impossible.

In fact, whether you’re looking for a role in regulatory compliance, financial crime, risk management or another regulatory role, this handy toolkit has all the tips you need to help you get started on your career-finding journey. You can also take a look at the roles we have available here!

Specifically, you will learn how to:

  1. Find amazing risk/compliance risk roles
  2. Optimise your LinkedIn profile for powerful networking opportunities
  3. Get yourself noticed by hiring managers
  4. Tailor your CV to ensure the greatest chances for success
  5. Prepare confidently for your interview

An important note before we begin:

When it comes to finding a new role, it’s important to use a multi-channel approach in order to stand out from the crowd.

In today’s climate, simply applying for roles just won’t cut it, as competition for regulatory compliance, financial crime, risk management and other similar roles is rapidly increasing. Specifically, only around 1-3% of applicants get an interview through a job application!

For the best chances of success, you should spend around 40% of your time on applications, and the rest of that time on building your own personal “branding,” as well as building relationships with recruiters and potential hiring managers. Making the most of any current connections you may have who could potentially “put in a good word” for you can also be helpful, too.

So with that in mind, let’s get started!

The job hunter’s survival toolkit

Step 1: Setting up job alerts

Job hunting takes a significant amount of time, but one of the ways you can streamline your search in order to use that time more effectively and efficiently on developing your CV or taking part in training opportunities is through setting up job alerts.

Websites including LinkedIn, efinancialcareers, reed, CityJobs, indeed, Adzuna and others will allow you to sign up for new regulatory-centred job alerts based on criteria such as job type, salary, location and more.

You can set these alerts to arrive in your inbox as regularly as you like, whether that’s as soon as they’re posted or on a weekly basis. We would recommend setting these alerts to “instant” so that you can get ahead of the competition.

We’d also recommend registering to our automatic jobs-by-email list here so that you can be the first to know about the opportunities we have available!

LinkedIn job search

Step 2: Setting up your LinkedIn profile

LinkedIn job searches are just one benefit of the website. An astounding 77% of recruiters rely on LinkedIn to find new employees, so it’s an extremely powerful tool to have in your job-hunting arsenal.

The trick here is to optimise your page to make it as easy as possible for financial crime, compliance, risk and other recruiters to find you, as well as making your profile stand out using your previous experience.

Optimising your profile

When optimising your profile, be sure to:

  • Complete every section in the profile, including your industry, where you are based, your current employment position if you have one, at least two past roles, education and qualifications, and at least three skills
  • Check that your current job title reflects the type of role that you want to be found for, as Recruiters often search on ‘current’ job titles. If you have finished your last role and are now immediately available, then be sure to add a new role which has a ‘To Present’ date on it, as well as the job titles that you wish to be found for. This will ensure that you still come up in Recruiters searches for ‘current’ job titles
  • Use relevant and honest keywords within these sections that you want to be found for, such as “Financial crime expert,” “compliance consultant”
  • Add any relevant links in the Features section – for example, any projects you have previously worked on and any relevant certificates or articles
  • Move the sections of your profile around so that the most relevant parts that employers want to see will be visible above the fold – in this case, your previous roles and certifications.
  • Create a vanity URL. When you first create a LinkedIn account, your page URL will be a mix of numbers and letters. Be sure to change this to your name.
  • Set your profile to “open to opportunities” mode, and be sure to share it with “all LinkedIn users”

Making your profile stand out

  • Ensure your profile headshot looks professional and relevant
  • Feature any written recommendations from current and/or previous roles in the financial sector in the “written recommendations” section
  • Showcase any awards or achievements you have accomplished in your current and/or previous roles
  • Find and share – or even write – posts and relevant updates relating to the financial and compliance industry. If you’re busy, you can use a tool like Hootsuite to automate these posts for you! Remember to put any links to articles in the comments section so that your post gets more reach, too
  • Encourage your friends, family and colleagues to like, comment on and share your post within the first hour that you share it – this will boost its visibility as it will enable algorithms to send it around
  • Try and time these posts in line with the most popular times of day that employers browse through LinkedIn (currently mornings and mid-late afternoons on a Tuesday, Wednesday and Thursday)

Now that your LinkedIn profile is set up and optimised, it’s time to start networking!

Step 3: Get yourself noticed by hiring managers

According to TopResume, 60% of jobs are found through networking, rather than online. What’s more, platforms like LinkedIn actually have recruiter application, meaning that recruiters use them regularly to find potential employees.

Some of the ways you can take advantage of this include:

  • Joining LinkedIn groups and webinars related to the financial crime, risk and compliance industry
  • Sending connection requests on LinkedIn to current and previous colleagues relevant to your industry
  • Connecting with people you haven’t worked with before and may hire you - just be sure that you give context to your invitation, such as noting that you have read their work or seen them speaking at an event, or noticed that they have a relevant role open that you could be suitable for. Once you’re connected, feel free to comment meaningfully on/share their posts to get yourself noticed, and aim to add value to them in some way
  • During your LinkedIn job search and applications, also be sure to try and find hiring managers on the platform to let them know you have applied. This is a two-pronged approach that will ensure you have contacted both the HR and Talent Acquisition team through your application, as well as the hiring manager

By connecting with a network of professionals like yourself and using LinkedIn regularly to comment on, share and like posts, you’ll become easier to find as the LinkedIn algorithm likes active profiles. This way you’ll also become attractive to prospective managers, and be open to roles on the hidden jobs market.

This term is used to describe roles that haven’t been publically advertised, usually because businesses are looking to save money on advertising their positions on job sites or because they want to find candidates through employee referrals and networks.

LinkedIn job search 2

Step 4: Tailor your CV to ensure the greatest chance for success

Typically, an employer will only read a CV for about ten seconds before deciding if its creator is worthy of the role they’re hiring for, so it’s essential that yours is tailored for the specific financial crime/compliance role you’re applying for and packs a punch! Here’s how:

  • Read the job advert - whether that’s from your LinkedIn job search or the company website – plus any attached documents carefully, making note of any essential or desired skills or experience highlighted, and edit your CV to include these where possible
  • Make note of the kinds of language they use, and alter your CV to match this
  • Place your most relevant experience at the top of your CV, including training, qualifications and both soft and hard skills so they’re quick and easy for the employer to find
  • Cut out any irrelevant information
  • Explore the website of the company advertising the role to learn about their culture and values, and include anything you have done that links to these - for example, if they have a sociable culture and you have previously been in charge of a workplace social committee, mention that!

There’s plenty more information about CV-writing on our website, which you can access here.

Step 5: Preparing confidently for your interview

We recently wrote a helpful blog which goes into detail about preparing for financial crime and compliance job interviews, which you can read here.

However, as a result of the COVID-19 pandemic, it is highly likely that any interviews you have for the foreseeable future will take place via video call. In which case, be sure to follow these tips:

  • Ensure that the room you will be in for your interview is free from noises and distractions (be sure your phone is on silent), and has stable internet access to avoid any connectivity drop-outs
  • If you are sharing your living space with other people, be sure to remind them that you have an interview so that they know not to disturb you
  • Test your webcam and microphone in the lead-up and on the day of the interview to ensure they are working
  • If you are using a laptop or tablet, be sure it is connected to a reliable power supply
  • Wear smart clothes as you would for a face-to-face interview, in line with the type of company culture that you are interviewing for. For example, a shirt and tie would be appropriate for an interview with a big bank, or an open-necked shirt and jacket for FinTech companies
  • Use open body language and show that you are engaged and listening to the interviewer(s) by smiling and nodding. Also, look into the webcam and not at the screen to maintain eye contact
  • Make your answers shorter and more succinct than they would be in a normal interview situation, as attention can be lost more quickly on a video call
  • Ensure you have a pen and paper handy so you can make notes, as well as your CV/completed application form to refer back to. You could even attach post-it notes around your screen for any basic reminders and prompts
  • Practice with a trusted friend or family member!

Bonus step: Keep track of company funding rounds

Back in June, £600 million of funding was released in the previous 90 days for UK FinTech companies – and funding often leads to hiring! You can see a full list of the companies that have benefited here (one-third of which have live compliance and risk management roles).

It is, therefore, worth keeping an eye on websites of similar companies to see whether they’ve received funding and are likely to have new roles in the pipeline.

Google Chrome’s Page Monitor extension is a handy tool for this, as it will let you know automatically when any of these websites make updates, so if any new opportunities arise, you’ll be among the first to hear about them! Alternatively, you could use a tool like Crunchbase, which tracks company funding rounds.

Twenty84 can help you further...

Here at Twenty84, we have helped financial crime, risk, compliance, regulatory and other relevant candidates succeed in finding and securing roles during the COVID-19 pandemic – without meeting the employer face-to-face!

If you are currently looking to find your ideal role, take a look at the opportunities currently available via our website, register your CV with us, or contact us to speak with one of our recruitment experts today!

Twenty84 CTA


Our approach to recruiting in the compliance and risk world

As we mentioned in our recent blog about financial crime and compliance interview tips, getting a role in compliance or risk can be highly competitive.

As a risk and compliance recruitment agency, at Twenty84 we are proud to offer a versatile, proactive, and forward-thinking approach to recruitment that enables us to place candidates in their dream role.

One way in which we do this is by doing our bit in the compliance, financial crime, risk and regulatory community. In fact, a pillar stone of our ethos is that we are genuinely interested in helping and advising our community as much as we can.

The Covid19 crisis has brought this home more than ever, and we have found ourselves in a position where we can use our knowledge, network and technology to help get our risk and compliance community back to work and improve their careers, even if there is no monetary gain for us.

Doing our bit to help

How do we do it? For starters, by sharing jobs that we are not working on so that people can apply directly and collaborating with Heads of Compliance and Risk to provide interview advice based on actual questions they use. We are also giving practical advice and sharing useful data on the hidden jobs markets, as well as sharing video interview tips and information on how to apply to roles effectively. We have even often shared our networks with candidates to help them get in touch with potential hiring managers themselves.

‘Doing our bit to help’ has always been part of our ethos, which is why we make regular charitable donations to MyBnk. And now more than ever, it is important to us that this ethos underlies our recruitment practices and everything we do. Read on to find out how our approach to recruitment helps us to play our part.

Being agile and experienced

At Twenty84, we are extremely agile in our approach to recruitment, having gained years of intensive experience working with both small and midsize companies. As a result of this experience, we often deal directly with line managers or with direct recruiters in larger companies, and are known to adapt our approach to fit the culture and policy of each of our clients to make sure we find the right people for the job.

Offering a highly niche service

Many recruitment agencies will recruit for a large variety of roles across a multitude of sectors, but at Twenty84 we focus solely on compliance, financial crime, risk and regulatory roles – and we believe that our specialist knowledge of these sectors means we are best placed to prepare our candidates to succeed.

Our expertise in the sector has proven to be very effective in terms of ours and our candidates’ success rates; we're not a jack-of-all-trades and we have a lot of knowledge about the positions we recruit for and what they entail - which means we are able to give candidates the dedicated support they need to achieve their ideal role.

Keeping our finger on the pulse of regulatory updates

At Twenty84, we are also highly invested in the topics of compliance and financial crime and how they continue to develop. Updates, news and events in the sector take place almost daily, and by keeping our finger firmly on the pulse, we are able to gain a deeper understanding of the roles we are recruiting for whilst also advising our candidates in the most informed way possible. This knowledge also gives our candidates the confidence they need to succeed in their interviews and careers.

Providing our candidates with the best chance of securing a role

As we said above, roles in compliance and risk are especially competitive, so it's essential that compliance recruitment agencies provide their candidates with the best chance of securing a role. In order to do this, we offer preparation calls, emails and virtual meetings at every stage of our recruitment process, and - unlike many recruitment agencies - we treat each of our candidates as individuals as opposed to numbers that need to fill spaces.

And that’s not all. We also provide active feedback at each stage of the compliance recruitment process, including CV submission, where we will let candidates know if their CV is not selected and explain why. Additionally, we give all of our candidates interview feedback if they are unsuccessful too, to ensure that they are sufficiently prepared for the next opportunity. Finally, if our candidates do have any skills gaps, our knowledge of training opportunities within the sector means that we can point them in the right direction so they can enhance their skill set.

If a candidate isn’t successful at interview stage, that’s not the end of our relationship; we will keep working as hard as we can to help our candidates secure a position and keep them updated on the market, tips and advice. As a result, some of our candidates have been in touch with us for many years and enlist our expert help each time they are ready to make a change or further climb the career ladder.

compliance recruitment agencies

Being honest, reliable and efficient

Honesty truly is the best policy when it comes to compliance, financial crime and risk and regulatory roles - so it is imperative to us at Twenty84 that we are equally as honest. We always “wear both hats” when it comes to our network because we often encounter situations where clients become candidates, or candidates become clients.

What’s more, we are also sensitive to the individual situations of each of our candidates and clients, and we have also proven ourselves to be especially reliable and efficient over the years due to our agile structure and approach. This means that we have the ability to act very quickly if required.

Utilising only the most advanced recruitment technology

Technology is fast evolving, so when it comes to the work completed by compliance recruitment agencies, it’s absolutely essential to keep up with the latest developments. At Twenty84, we have made sure that we utilise only the best and most advanced recruitment technology in the business, which has enabled us to improve our ability to source for roles and deliver the best candidate experiences, as well as stay on top of data protection.

How we can help you

These practices only just scratch the surface of the recruitment processes we implement here at Twenty84, and it is our mission to ensure that we continue to improve our services well into the future. If you are looking to progress your career in risk or compliance and would like to explore our services and processes further, please do get in touch; we’d be delighted to speak with you.

Equally, if you are a business in need of risk, compliance, or financial crime candidates, feel free to contact our team today and we’ll help you find your ideal candidate right away.

Twenty84 CTA

Page 1 of 2

Facebook Feed


Registered Address:
International House,
24 Holborn Viaduct,
City of London,

Social network

We use cookies to provide you with the best possible browsing experience on our website. You can find out more below.
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
ResolutionUsed to ensure the correct version of the site is displayed to your device.
SessionUsed to track your user session on our website.
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Google AnalyticsGoogle Analytics is an analytics tool to measure website, app, digital and offline data to gain user insights.

More Details