Imagine you work at a convenience store, and you’re required, by law, not to sell alcohol to minors; but you’re not told what the definition of “minors” is, nor are you informed of how one proves they’re adult. Ridiculous? Hard to believe? Well, when it comes to some aspects of financial data, it’s often not very far from the truth.
FATF Recommends: Outsource, Because Your Country Failed
The Financial Action Task Force (FATF) recommendation no. 24 (R.24) states: “Countries should ensure that there is adequate, accurate and up-to-date information on the beneficial ownership and control of legal persons…” This recommendation raises two separate but related questions: who is considered a controller/UBO; and what data is required to ascertain that?
As for the first matter, in its April 2022 “Report on the State of Effectiveness and Compliance with the FATF Standards”, FATF found that only 52% of countries have “the necessary laws and regulations to understand, assess the risks of, and verify the beneficial owners or controllers.” Meaning, only 52% of countries have a sufficient framework to determine something on which financial institutions are required to focus to avoid getting fined.
In fact, the situation is so dire in this respect, that FATF itself finds that a “multi-pronged approach should be considered an important… element of a country’s legal framework.” This recommendation also appears in FATF’s 2019 “Best Practices on Beneficial Ownership for Legal Persons” document, which specifies what data-sources can be used for this purpose: “Other types of registries (such as, land, motor vehicle and moveable property registries)… other authorities (such as supervisors or tax authorities; information held by stock exchanges), and commercial databases.”
In other words, FATF admitted that: most countries have failed to “ensure that there is adequate, accurate and up-to-date information on the beneficial ownership and control.” In fact, according to FATF’s report, “only 9% of countries are meeting the effectiveness requirements” in respect of R.24, hence, there is no other choice but to effectively outsource.
The FATF Plenary concluded on Friday where delegates agreed to release, for public consultation, draft guidance on R. 24. Its aim is to help countries and the private sector implement #FATF’s strengthened requirements on #beneficialownership. https://t.co/ZAnU3OlGdr pic.twitter.com/smHwZwX0Un
— UBO Service (@UBOService) October 24, 2022
A New Approach Is Required
Outsourcing corporate data retrieval to the private sector has its challenges, especially as not ascertaining controllers and UBOs can be considered a criminal offence (it is less than ideal to indict someone for an offence whose avoidance relies on data even one’s government cannot provide), and as stated in R.24, countries are required to make the said data available (at least to their own competent authorities).
Some countries are taking proactive steps to better their registers. The UK, for example, announced amendments to the law in October to give the company registrar more power, but these measures are not consistent across all countries.
. @MikeBelshe thinks FATF’s travel rule could "expose" people’s financial history because regulators are applying rules built for an old financial system. Should blockchains, though they are public, be subject to the same reporting requirements as tradfi?https://t.co/0JqlPcjVT3 pic.twitter.com/jjylniHp16
— Laura Shin (@laurashin) August 24, 2021
Role of the Proposed Financial Data Task Force
As FATF’s “Best Practices” document stated, countries face numerous challenges in implementing R.24, including the accuracy of information, lack of co-ordination, and insufficient resources. These are exactly the type of challenges that led to the formation of FATF and I suggest a similar solution is needed here, a Financial Data Task Force, which can perform the following simple 3 steps:
- Step 1: Map, define and set clear minimum standards for registries. R.24 has gone some way in this respect, specifying some items that need to be included in company registries and some other requirements; but there are many other factors that need to be set, such as format; data refreshment rate, and unified terminology. There is no need to “re-invent the wheel” here, existing databases, such as the reformed UK registry, can act as a blueprint.
- Step 2: Include a unified, mandatory data transfer protocol as part of the requirements. Meaning, make it easier for data vendors and financial institutions to connect to the registries, assuring transparency and availability (the task force can even offer a model database, as well as assistance in transferring data onto it. Here too, there is no need to “re-invent the wheel”, there are already excellent databases out there which can be used as a model or even purchased).
- Step 3: Include adherence to steps 1 and 2 in R.24.
These simple 3 steps towards standardization will benefit everyone, from regulators to financial institutions to data vendors, who now are struggling to obtain good, timely and accurate corporate data.
Trade is global. There is no reason for data to be local. The time for data standardization is here.