Effective information sharing between public and private partnerships

Effective information sharing between public and private partnerships

By Jonathan Groom, Head of Engagement, Financial Crime Threat Mitigation, Europe, HSBC. 

Jonathan, can you please tell the Risk Insights readers a little bit about yourself, your experiences and what your current professional focus is

Thanks, I’m a professional intelligencer, having spent many years in public service before I joined the private sector seven years ago. After initially managing the London 2012 Olympic assurance and intelligence programme, I subsequently moved to HSBC and have fulfilled numerous roles within our intelligence and financial crime teams. My current role is as Head of Europe Engagement for Financial Crime Threat Mitigation where I am the senior manager responsible for JMLIT, Europe PPP and all manner of financial crime risk focused internal and external relationships.

We are looking forward to your presentation on effective information sharing at the upcoming Fraud and Financial Crime Summit. How important is it to effectively share information between partnerships and why?

I believe that we have a regulatory responsibility, a social responsibility and business responsibility to support the identification of fraud and financial crime risk and help to understand and mitigate it. In the UK we are fortunate to have the necessary enabling legislation to support this. As the largest bank in UK and Europe, we have significant data and expertise that can help to develop a better regulatory reporting process that can help law enforcement and partners to better identify and mitigate financial crime risk.

Why have financial institutions traditionally been reluctant to share information?

Financial institutions have changed significantly in how they view and manage financial crime risk over the time I have been involved. An influx of ex public service and law enforcement professionals has grown understanding, confidence and trust between public and private sector to enable us to better tackle the same thing – fraud and financial crime. Linked to this, there has been a significant push to realize the power of data and use this to greater effect. If, by sharing information, we can help to make the financial system more secure, support law enforcement and shape the communities we serve, whilst protecting the bank, why wouldn’t we?

Is this traditional reluctance to share data and information beginning to change, and if so what benefits is the industry starting to see?

Very definitely. Our UK experiences with JMLIT and initiatives such as the European Bankers Alliance, Joint Fraud Taskforce as well as wider industry and public sector uptake of PPP and ISA demonstrates that we all acknowledge that there is an absolute requirement to be collaborative to tackle this. As far as benefits go, the knowledge we are obtaining and better understanding of typologies is shared widely and we have seen numerous law enforcement interventions and improvements in bank processes as a result of this collaboration.

What barriers does competition law pose in terms of information sharing between public and private partnerships and financial institutions?

JMLIT manages this by being specific on Competition Law requirements within its Information Sharing Agreement, having independent oversight from the Management Board and also by its openness to all UK Finance members on the collaboration, sharing and visibility of alerts and material. Fraud and Financial crime shouldn’t be a competitive space but one that encourages mutual support and collaboration, within the confines of the existing country legislation.

Finally, what challenges do you foresee within the Fraud and Financial Crime landscape over the coming years?

Fraud and Financial crime will remain a significant threat. When one door closes to the criminal they will knock down the wall to create a new opening. The convergence of threat areas, development of crime as a service, growth of redirection fraud, malware fraud and crypto currencies all provide challenging spaces. I also think that internally, we need to grow our cross typology expertise and understand both threat actors methodology as well as become specialists in the products and services our organizations deal in, as these are the vehicles that are being abused.