‘Cosmic’ platform mooted for financial institutions to share details on suspicious customers

SINGAPORE – To thwart financial criminals who avoid detection by making illicit transactions across an ever-shifting web of accounts, the Monetary Authority of Singapore (MAS) has mooted a secure digital platform for financial institutions (FIs) to share information on suspicious customers.

A Bill proposing amendments to the Financial Services and Markets Act to set up the platform and set out rules governing its initial phase was put up for its first reading in Parliament by Minister of State for Trade and Industry Alvin Tan on Monday.

Dubbed Cosmic, which is short for Collaborative Sharing of Money Laundering/Terrorism Financing Information and Cases, the information-sharing framework will be jointly developed by MAS and six major commercial banks in Singapore – DBS, OCBC, UOB, Standard Chartered Bank, Citibank and HSBC.

In a brief sent to The Straits Times, MAS said Cosmic will initially focus on three key financial crime risks in commercial banking: abuse of shell companies; misuse of trade finance for illicit purposes; and financing that supports the proliferation of weapons of mass destruction.

The six banks will be permitted to voluntarily share with one another information on customers that exhibit multiple red flags indicative of potential illicit activities through Cosmic during this initial phase.

However, the authority said it plans to make some aspects of sharing mandatory and progressively extend Cosmic’s coverage to more focus areas and FIs in subsequent phases.

Despite closely supervising and working with financial institutions to strengthen Singapore’s defences against the three key risks, MAS said a remaining weakness in the effective detection of illicit financial flows lies in the inability of FIs to alert one another to unusual activity in their customers’ accounts.

“Financial criminals exploit these ‘information silos’ by making illicit transactions through a web of accounts in different FIs and moving from one FI to another to avoid detection.”

Cosmic will enable FIs to “conduct sharper analysis of customer behaviours and activities to detect potential illicit activities more promptly and warn each other of such activities”, said MAS.

“By eliminating the information gaps between FIs, it will be easier to detect criminals. A legislative framework will need to be introduced to enable and govern Cosmic.”

The authority conducted a public consultation on the proposed Bill

in October 2021.

It said respondents were generally supportive of the proposals and their feedback has been incorporated in the proposed Bill where appropriate.

The Straits Times has contacted MAS for details on the incorporated feedback, the reason information-sharing is voluntary in the initial phase, and examples of cases where Cosmic could help.

Outlining the key features of the Bill in its brief, MAS said information-sharing will be permitted only if the customer’s behaviour or transaction activities exhibit pre-determined red flags that cross stipulated thresholds, suggesting that potential financial crime could be taking place.

“The sharing of customer information amongst FIs must be conducted within a robust legal framework that safeguards the interests and privacy of legitimate customers.”

The Bill will, therefore, permit the sharing of information solely for the purposes of mitigating money laundering, terrorism financing and proliferation financing risks.

Moreover, the sharing on Cosmic supersedes any restrictions on the disclosure of customer information that any written law or contract may impose, said MAS.

It added: “For the vast majority of individuals and companies that are legitimate and do not exhibit risky behaviours, FIs will neither have a reason to share their customers’ information nor will they be permitted to.”

The Bill also provides for tight controls on the disclosure of information obtained from Cosmic by participating FIs, both internally and to others.

The FIs will be required to establish systems and implement processes to keep this information confidential, guarding against unauthorised use and disclosure of information.

“This includes implementing cyber-security measures and limiting access to any risk information obtained from Cosmic to relevant staff on a need-to-know basis.”

A third aspect of the Bill is the statutory immunity from civil suits it provides to FIs that disclose risk information on Cosmic.

However, this is subject to the disclosure being made with reasonable care and in good faith, and in accordance with the disclosure thresholds, MAS said.

“This will provide FIs confidence that legitimate information-sharing to highlight higher-risk customers and their related activities will not expose them to civil suits.”

Furthermore, the Bill will allow MAS access to information on Cosmic for supervisory purposes, including to monitor if FIs are using the platform appropriately and to identify necessary adjustments to improve effectiveness.

“Cosmic information, including material networks of suspicious actors that are escalated to MAS, will be integrated into MAS’ overall surveillance framework to target higher-risk activities in the financial system for supervisory intervention.

“The STRO (Suspicious Transaction Reporting Office), Singapore’s financial intelligence unit, will have direct access and be able to use Cosmic information as an additional data source for its own analysis.”