New paper: Organisational tensions arising from mandatory data exchange between the private and public sector: The case of financial services

While many aspects of life have come to a standstill, due to Covid19, others continue to play out. Some of those things feel very much out of context, when they arrive in my inbox, for instance – just like the sea shell that I found while emptying the pockets of my son’s school uniform jacket. But they are also reminders that the Earth is still turning, and that time is still ticking, and that one day, hopefully not too long, we will be able to move and to live, again, without being afraid of a creature about 0.125 microns in diameter.

One of those reminders of a life before social distancing was the e-mail that arrived in my inbox, telling me that one of my papers had been published in the journal Technological Forecasting & Social Change. The joy and the pride of those news were very much diluted by the urgency of moving all the teaching and assessment in my department to online, while getting child 1 home from University and helping child 2 adjust to home schooling. However, that paper also represents many years of work, mine and five colleagues’. So, I want to honour that work, by sharing the news with you, just like I would have done pre-Covid19.

The paper investigates the consequences for Financial Services organisations, of having to share customer data with law enforcement agencies, under Anti-Money Laundering/Counter-Terrorist Finance (AML/CTF) regulations. Through 16 in-depth interviews with key informants, analysis of many documents, and case studies in two financial services organisations, we investigated how this mandatory data exchange impacted individual members of staff, organizational departments, and the relationship between the financial services organisations and law enforcement agencies.

We found that the AML/CTF regulations’ requirements position financial services organisations as intermediaries with systems that both enable the transfer of funds and that are used to compile and transmit data that evidences wrongdoing. This dual role creates tensions between the activities required for the delivery of the original (commercial) service to its customers on the one hand, and those required for the performance of the new (AML/CTF) service to law enforcement on the other. That is, we detected a clash between commercial priorities and practices and this security imperative, across all levels of analysis.

At the individual level, this tension was manifested in the way individuals balanced conflicting demands, such as serving versus reporting on the customer; or selling products versus protecting the organisation from being involved in AML/CTF. Though, we also witnessed attempts to start addressing these tensions and to find common ground between the two conflicting goals, as a coping mechanism in the face of changing workloads and shifting professional identities.
At the intra-organisational level, this tension manifested itself in the creation within the larger commercial organisation of a unit with the sole purpose of meeting customer surveillance obligations imposed by AML/CTF regulations. This unit used financial and technical resources that might otherwise have been directed to achieve commercial goals. This unit also used communication in an asymmetrical way to give primacy to the AML/CTF role over the commercial one. We observed that the accumulation of data in this unit resulted in the creation of asymmetries with other units in terms of knowledge and power.

At the inter-organisational level, the tension was felt in the competing demands on time and other resources resulting from the power struggle between institutionalised corporate and state interests. The AML/CTF information flows placed these firms in double jeopardy. On the one hand, meeting the AML/CTF requirements goes against the fiduciary duty of financial services organisations towards their customers, and could limit their ability to meet day-to-day business goals. On the other, a failure to meet AML/CTF compliance requirements could potentially damage the commercial survival of the firms, as well as national security interests.

Here is a summary of our findings:

Our findings are relevant for other organisations because a panoply of newly enacted laws in the UK and worldwide position the private sector as a data source for national security, imbuing these organizations with the surveillance powers of the sovereign state. For instance, the hospitality industry is expected to be alert to people trafficking; social network providers are expected to contain the spreading of extremist content and attempts at radicalisation; higher education institutions are penalized if they are deemed to not do enough to stop visa fraud, and they also need to monitor and report on students that are at risk of being radicalised; and private firms with CCTV systems (e.g. banks and hotels) are required to share images from private security systems with law enforcement to assist with criminal investigations. That is, there is a growing trend towards engaging the private sector in national security efforts, reflecting governments’ attempts to tap into the big data capabilities of corporations, and is part of the ever-growing surveillance economy.

The publisher has made some copies of paper available to download for free, here. If you miss out on that promotion, you can download a free copy of the paper, here.

PS – I am still committed to making your days a little bit better, easier or richer. Let me know how I can help you.