Welcome to GRIP, Global Relay’s new digital information service on practical compliance and regulatory change.

Please enjoy this free trial of our subscription content service, for a limited time only.

  

Rules

Playing catch up on compliance in Asia’s emerging economies

A view of Hong Kong skyline from Victoria Peak.
Photo: Marcio Rodrigo Machado/Getty Images

Zhenda Nghiem

 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

The rapid expansion of Asia’s economies, including financial services sectors, has highlighted cracks and gaps in the region’s compliance practices.

The US is well known for its stringent regulations and associated fines. From Binance’s recent $4.3 billion AML fine to JP Morgan’s $200m fine for off-channel communications, there is no doubt that US regulators are active. The size of the fines is such that they cannot simply be written off as another cost of doing business. As shown by the swift downfall of Sam Bankman-Fried, there are also serious personal consequences for wrong-doers as well including, potentially, significant jail time.

If we look beyond the US and to the East, the Asia-Pacific region (APAC) has seen an exponential growth in fines from regulators, with APAC accounting for $5.2 billion of anti-money-laundering, data privacy, KYC, and EU fines compared to the $10.6 billion globally in 2020.

APAC is not one place

But that very designation, APAC, is an extremely unhelpful one because it encompasses such different places as Australia and Cambodia and even includes complete outliers such as North Korea. In this article we want to focus more specifically on the emerging and developing economies of East and South East Asia – but not including more mature economies such as Japan and South Korea.

Critics have pointed out that compliance in jurisdictions in East and South East Asia has a long way to go before reaching the standards of Western counterparts, citing weak regulatory regimes, their inconsistent application and the value of the fines being levied as “a drop in the ocean” with consequences too insignificant to create any change or to deter misbehaviour.

It is true that despite more activism by regulators, the possibility of being caught and successfully prosecuted for, say, insider trading in many of these countries remains remote and the fines levied are often seen as simply a cost of doing business – in contrast to the situation elsewhere.

Regulatory “crackdowns”

Some have also pointed out that many of these regulatory “crackdowns” are mere political tools that coincide with power struggles between officials and political factions. For instance, enforcement actions in some countries have targeted individuals who are seen as a threat to the ruling regime rather than focusing on organizations, such as financial institutions, that turn a blind eye to or even enable malfeasance.

However, as these economies and ecosystems supporting them continue to mature, a stronger culture of regulation and compliance is beginning to emerge. And this has led to curiosity as well as more conversations about the regulatory landscape.

So where exactly is that landscape at this stage and where might it be heading towards next?

“The Global RegTech market is forecasted to grow from $6.3 billion in 2020 to $16 billion by 2025.”

The Irish Advantage report

The regional regulatory landscape differs from the regulatory landscape of the US and the EU by being far more fragmented and less cohesive.

There is no equivalent of the SEC or ESMA for the region and the independent member states are not at all subject to the same rules. In effect the situation resembles that of Europe predating the EEC, with each country having its own unique set of rules and approaches to regulation and enforcement.

Regulations vary in both scope and complexity. The fact that the individual countries of the region have differing internal political organization and are at different stages of economic maturity (compare Thailand and Laos for example) contributes to this diversity. Many of these countries view each other as economic or political rivals, which can also lead to an accentuating of differences and reduce the desire for collaboration on common rules or standards.

This all makes compliance in the entire region very much a country-by-country affair, which can be viewed as an opportunity or risk depending on one’s perspective.

Strengthen regulation and encourage compliance

Interestingly, there may be a cultural aspect to the difficulties in efforts to strengthen regulation and encourage compliance too. In many Asian cultures, speaking up and individualism is still frowned upon. Instead, individuals are expected to listen and follow the need of the collective group, which is a stark contrast to general attitudes in many Western countries.

Cultural norms emphasizing the community over the individual trickle down to corporate culture and compliance. Whistleblowing is rare and Western compliance officers who have worked in Asia have frequently mentioned there is a reluctance to speak up and share information outside the company or country. As a result, employees may hesitate to report non-compliant behavior. Deference to seniority and authority, again a common cultural norm in many Asian societies, serves only to accentuate this.

Despite these challenges there have been some attempts to streamline regulations in the region to foster trade and try to level the playing field for businesses operating in the region. A good example is the Association of South-Eastern Asian Nations (ASEAN) Interoperable Data Framework. This is a set of guidelines in South East Asia intended to enhance data security and the protection of privacy between member states.

“[T]his disconnect causes massive disparities for criminals to take advantage of”.

Robin Lee, Head of The Global Coalition to Fight Financial Crime

While these are positive developments, it is important to recognize that regional organizational guidelines, such as this Interoperable Data Framework, are guidelines and nothing more than that. They merely establish structure for common understanding and the establishment of best practices rather than instituting any requirements that are mandatory or can be policed. Nevertheless, they do constitute a starting point for, at the least, regional regulatory dialogue and, perhaps eventually, some degree of convergence.

But even with the recently heightened geopolitical tensions, the impact of globalization means that it is not uncommon to see organizations whose homes are countries in East and South East Asia operating at least a branch within jurisdictions such as the EU and processing the data of EU citizens. This forces the region’s businesses to come face to face with complex and well-enforced regulations.

Home bred organizations having to comply with such external regulatory regimes as well as the desire to enable cross-border activity puts some pressure on countries to align themselves with specific laws such as GDPR and MAR in the EU. Alignment cuts both ways – enabling local businesses to better prepare for competing in lucrative markets, but also encouraging local investment by providing a more secure market and a level playing field for foreign companies trying to do business in the countries themselves.

Financial crime

Governance in the region has also improved in tandem with economic growth. And there is an increased level of understanding that the absence of regulation and non-compliance with rules can erode public and investor trust and have a detrimental impact on a country’s institutions, damaging its integrity and legitimacy.

An unregulated financial system can be very innovative and dynamic, but it can also be a dysfunctional one, where crime runs rampant and significant advantages accrue to those willing to break the rules.

This is relevant because, according to the IMF, financial crime has widespread impacts from the country itself all the way to the individual. Direct costs can include fall in stock prices, lower revenues, higher expenditures whereas indirect costs can involve political instability, higher poverty, and higher inequality.

Myanmar, Laos and Cambodia have been consistently ranked as high risk for money laundering and terrorist financing.

Given the integration of these countries in the world economy the consequences can be far-reaching. Myanmar, Laos and Cambodia have been consistently ranked as high risk for money laundering and terrorist financing. According to Robin Lee, Head of The Global Coalition to Fight Financial Crime: “[t]his disconnect causes massive disparities for criminals to take advantage of”. It also makes these countries far less attractive a destination for investors and international businesses.

Their loss is the gain of their regional counterparts with more stable politics and more robust rules in place.

Regulation key to growth and innovation

Moving back to the West, regulation seems to be a key to both producing growth and encouraging innovation while also reducing the risk of systemic instability and consumer harm. And the regulatory landscape itself has recently been dynamic because it needs to evolve in response to rapid technological change.

The EU, for example, is rolling out the Digital Operational Resilience Act (DORA), Markets in Crypto-Assets Regulation (MiCA) and the AI Act. As these regulations come into force, regional regulators will likely look at revamping their own regulations to follow suit. Recent precedent that comes to mind in the APAC are the amendments to national data protection rules in Japan and Singapore, with even China deeply suspicious of the West swiftly implementing its own GDPR equivalent.

Making rules and successfully enforcing them are two very different things, however. And while there is no doubt that there is a gradual move towards a more mature regulatory landscape and one that may, eventually, include some more robust regional alignment, the transition is unlikely to be a swift one.

Having said this, there is one industry that stands to benefit from what is a very clear trend toward expanding and strengthening regulation and may even act as an enabler to a swifter move to a more vigorous regulatory eco-system. This is technology, more generally and regulatory technology (RegTech) specifically.

$16 billion Regtech market

The embrace and swift adoption of new technologies (whether social media or payment) in these economies is well attested and can act as an agent for change. One could say that as regulation matures demand for more sophisticated RegTech may grow as well. But it is also possible that the very availability of RegTech to regulators and to businesses may encourage a swifter move to a more mature regulatory eco-system. The technology acts as an enabler of better enforcement and supervision and also accelerates the ability of companies to comply.

Certainly those forecasting the prospects for this sector are optimistic. According to a report by The Irish Advantage: “The Global RegTech market is forecasted to grow from $6.3 billion in 2020 to $16 billion by 2025” with a significant amount of that growth stemming from countries in Asia.

It will be interesting to observe whether technology can indeed help countries in this region build momentum toward better regulation and compliance. The signs point to regulators in the region taking compliance more seriously and being willing to pay the necessary price to fight financial crime and improve on the rule of law in their countries. The strength of will to recognize that change is necessary and to begin to act is the first, and perhaps the most difficult, barrier to confront.

As Regtech is adopted more widely … we’re likely to see more fines and sanctions because non-compliance, up until now invisible to regulators, becomes easier to uncover.

It is a barrier that some in the region seem to have broken past. I can only see things improving from here. This may, perhaps, be because regional populations are becoming increasingly affluent with correspondingly higher expectations of the services available to them as well as of those who govern.

Knowing well the Asian love affair with technology and innovation, it’s not surprising also to see the emergence of Regtech. This development seems almost like a natural progression. As Regtech is adopted more widely and its role in improving compliance and supervision in the region grows, we’re likely to see more fines and sanctions because non-compliance, up until now invisible to regulators, becomes easier to uncover.

There is no doubt that this shift is positive, but it will also be important to understand the reason and motives behind the actions of these regulatory bodies. Are they implementing these measures to genuinely uphold the rule of law and contribute to the development of their economies? Or are they simply reacting to global development, feeling compelled to follow regulatory trends for the sake of it? If the latter is true, regulation and compliance will continue to lag behind.

Perhaps following and playing catch-up is not the way forward at all. Perhaps the way forward is taking a step back and making decisions based on local and regional needs and building something that is genuinely aligned with the needs of the people it is intended to protect.

Zhenda Nghiem is an Analyst on Global Relay’s future leaders graduate program.

, , , , , ,

You may also like