ASK MAT – I don’t want to go to jail or be fined, so I have a zero tolerance for financial crime – but I have been told not to be aspirational as it erodes trust.

ASK MAT –

• I don’t want to go to jail or be fined, so I have a zero tolerance for financial crime, but I have been told not to be aspirational as it erodes trust.
• In my business, I have a zero-tolerance policy for financial crime due to the severe penalties, including significant jail sentences and fines.
• However, my regulator says that “Aspirational statements”, such as claiming zero tolerance for financial crime while servicing higher-risk clients, can “undermine credibility”.
• Could you please offer some thoughts on these matters and suggest what should be done?

MAT SAYS –

• Thank you for your question.
• I imagine your regulator’s critique hinges on the perception that a “zero tolerance” stance on financial crime may appear aspirational or unrealistic when servicing higher-risk clients, as the inherent risk profile of such clients increases the probability of issues arising.
• However, you can argue that zero tolerance and probability are distinct concepts and conflating them misrepresents your compliance approach.

Below is a reasoned argument that may support your position (I have assumed that you have a mature and well-run financial crime governance, risk and compliance framework)

1. Zero Tolerance Defines Policy, Not Probability:
1. Zero tolerance reflects a strict policy and cultural stance—any detected financial crime results in immediate action, such as investigation, remediation, or termination of client relationships.
2. It does not imply that financial crime will never occur, as external factors, such as client risk profiles, influence the likelihood of such crimes.
3. Your commitment to zero tolerance means you have robust systems, controls, and consequences in place to deter, detect, and address financial crime, regardless of client type.
2. Higher-Risk Clients Are Managed, Not Ignored:
1. Servicing higher-risk clients does not equate to accepting financial crime.
2. Your business likely implements enhanced due diligence (EDD), ongoing monitoring, and risk-based controls to mitigate the elevated risks these clients present.
3. These measures align with a zero-tolerance policy by proactively reducing the likelihood of financial crime and ensuring swift action if issues arise.
4. The regulator’s concern seems to assume that higher-risk clients inherently undermine zero tolerance, which overlooks your risk management framework.
3. Zero Tolerance Enhances Credibility:
1. Far from undermining credibility, a zero-tolerance stance signals to clients, regulators, and stakeholders that your business prioritises compliance and integrity.
2. It sets a clear expectation that financial crime will not be tolerated, even in higher-risk segments.
3. This can strengthen trust, as clients and regulators see consistent enforcement of policies, backed by tangible actions like client offboarding or reporting suspicious activities.
4. Probability Is Addressed Through Risk Management:
1. The regulator’s argument appears to focus on the probabilistic nature of financial crime in higher-risk client segments.
2. You can counter that your zero-tolerance policy is complemented by a risk-based approach, as recommended by global standards such as the Financial Action Task Force (FATF).
3. By tailoring controls to the risk level of clients—through EDD, transaction monitoring, and staff training—you minimise the probability of financial crime while maintaining a strict no-excuse policy for any violations.
5. Evidence of Effectiveness:
1. Could you provide examples (if available) of how your zero-tolerance policy has been enforced, such as cases where suspicious activities were reported, clients were exited, or internal controls flagged issues?
2. This demonstrates that your stance is not merely aspirational but operational, with measurable outcomes.
3. If you have data showing a low incidence of financial crime or high compliance with regulatory reporting, use it to reinforce that your approach effectively balances risk and enforcement.
6. Regulatory Misalignment:
1. Politely challenge the regulator’s framing by noting that equating zero tolerance with unrealistic expectations risks discouraging firms from adopting stringent anti-financial crime policies.
2. A zero-tolerance policy is a commitment to act decisively, not a claim of eliminating all risk. Their critique may inadvertently penalise firms for being transparent about robust standards.

Proposed Response to Regulator:

• “While we understand the concern that servicing higher-risk clients increases the probability of financial crime, our zero-tolerance policy is distinct from probabilistic outcomes.
• Zero tolerance reflects our unwavering commitment to act decisively against any financial crime, supported by enhanced due diligence, rigorous monitoring, and immediate remediation for violations.
• This approach aligns with risk-based compliance frameworks and strengthens our credibility by demonstrating that we prioritise integrity across all client segments.
• We welcome further discussion on how our controls effectively mitigate risks while upholding this standard.”

This argument clarifies the distinction, defends your policy, and invites constructive dialogue.  

Good luck…..