Banks and credit institutions are particularly attractive to organized crime, because they enable loans and credit that facilitate fraud and money laundering. This shows how deeply organized crime has taken root in the business community. At the same time, another report from the Swedish Agency for Public Management shows an alarming gap between the advanced criminal schemes infiltrating our systems and our control methods for detecting them. This applies not only to welfare crime and money laundering, but also to other forms of economic crime that risk undermining the structure of society.
Economic crime has become an increasingly sophisticated operation, in which criminals exploit system weaknesses and complex corporate structures to conceal their activities. At the same time, many companies, especially banks and other reporting entities, are struggling to protect themselves – often with tools adapted to a simpler reality. To meet today’s threats, more is required than approved routines. A comprehensive approach is needed in which technology and employee competence work together.
The problem is that traditional methods of risk management rely to a great extent on financial key figures and credit ratings. This creates an illusion of control, but rarely captures the hidden risks lurking in business relationships. The greatest risk today is that we rely too heavily on old methods of risk classification. That is not where the threats are hiding.
This is where modern technology can make a difference. By automating the analysis of large volumes of data – including the histories of company executives, board appointments, previous bankruptcies, and other risk behaviors – companies can quickly gain a deeper and more accurate picture of risk. What would manually take hours or days to investigate happens in seconds. It is not just an efficiency gain, it is a new way of thinking.
Such automated risk analysis does not only capture the obvious, but also reveals patterns and connections that are otherwise easily missed. But the technology itself is not enough. An organization is needed with people who actually understand what the data shows – and who have the knowledge to act on it.
This is where the compliance culture comes in. In many organizations, compliance is still handled by a single function, often with a focus on meeting formal requirements. But for risk management to work in practice, a culture is required in which these issues are integrated into business decisions, customer onboarding, procurement, and internal governance. This presupposes that employees have the right competence.
Many companies do not scrutinize their own weaknesses closely enough. It is not enough for routines to look good on paper; it is the understanding behind them that determines whether risks are detected in time or not. Poor risk assessments can have serious consequences, both financially and legally. So it is not a matter of technology or human beings, but of the combination. The technology delivers the insights. Human beings must have the knowledge, the will, and the mandate to act. Otherwise, there is a major risk that even advanced tools will be reduced to an alibi.
Banks and companies that do not take this comprehensive approach risk not only violating regulations, they also risk being exploited as tools in organized crime. To stay one step ahead, risk assessment must be concrete, adapted to the needs of the business, and regarded as a strategic investment – not an administrative cost.
The real risk today is not only what exists outside the organization. It is what we do not see because we do not know what to look for.
Pontus Holmberg, CPO at Roaring.
Erling Grimstad is one of Norway’s leading experts on economic crime and has a background as a police officer and prosecutor at Økokrim. Erling is behind the training solution amlapp.com and the Compliance Dashboard from Compliance Support AS.
Read the article in Aftonbladet.
