㣨Leyu

Insights

Fresh thinking and actionable insights that address critical issues your organization faces.

Learn more

Resources

Services

㣨Leyu's multi-disciplinary approach and deep, practical industry knowledge help clients meet challenges and respond to opportunities.

Services to meet your business goals

Technology Alliances

㣨Leyu has market-leading alliances with many of the world's leading software and services vendors.

View all Alliances

Industries

Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why 㣨Leyu LLP established its industry-driven structure. In fact, 㣨Leyu LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more
Relevant Results
Sorry, there are no results matching your search.
Autocomplete suggestions are available. Use up and down arrows to review and enter to select.
See more results

'Threat Actors'

Expanding regulatory expectations around the detection, mitigation, tracking and remediation of ‘threat actors�

Financial crime

Technological developments, geopolitical events, and evolving interconnections and interdependencies in financial networks can increase financial crime risks, exposures, and complexities. Regulators will continue to be vigilant in supervising and examining firms’� defenses against financial crimes, such as terrorist financing, money laundering, beneficial ownership, sanctions or tax evasion, trafficking (e.g., drug, human), cybercrime, and potential compliance violations.

As part of these efforts in 2024, regulators will scrutinize:

  • Data Traceability: Abilities to demonstrate, and report on, the traceability of data at both the customer and transaction level, as well as across business processes, systems of record, and systems of origin.
  • Transaction Monitoring: The quality of transaction monitoring and surveillance systems, processes, and controls, with expectations for increased accuracy and consistency, as well as better and more efficient outcomes via automation. Regulatory focus in areas such as BSA/ AML/CFT, trading activity, and KYC/CDD and beneficial ownership monitoring will continue along with attention to preparations for implementing risk-based compliance programs in these priority areas.
  • Expanded Threats: The adequacy and continual improvement of threat detection, monitoring, and response capabilities, including the reliability of processes (e.g., due diligence, access, safeguards) and coverage of novel and emerging threats and vulnerabilities (e.g., virtual currencies, sanctions evasion, malware/ransomware, human rights/forced labor, organized crime).

Fraud

Regulators report that the costs to consumers and firms from fraud, identity theft, and other “scams� are increasing. Similar to financial crime, technological advancements (e.g., automated systems, crypto and digital assets, digitalization) and developing interconnections and interdependencies will drive regulators to continue to evaluate safeguards against fraud and other scams and consumer protections.

Expect regulators to focus on:

  • Safeguards: Risk and fraud model management and controls related to existing and new products, services, customers, and geographic operations, including consumer protections from fraud, identity theft, and other scams.
  • Consumer Treatment: Fair processing and treatment of consumer complaints, claims, and disputes within the fraud and investigation processes, as well as the clarity of consumer communications. Areas of focus will include data sharing (e.g., large data models, data sharing with third parties and affiliates, customer permissioned sharing), payments authentication procedures (e.g., P2P), model development and validation, account holds and freezes, and ongoing oversight and monitoring of synthetic identity fraud.
  • Crypto & Digital Assets: Continued investigations and enforcement of non-compliance with existing regulations (e.g., unregistered offerings or sales of crypto asset securities or derivatives products, false statements, market manipulation, red flag indicators).

Misconduct

Regulators are similarly giving heightened attention to conduct risk and ethical business practices; regulators view conduct risk as connected to risk culture and to the integrity and reliability of reporting, marketing/advertising, and customer interactions, which are essential to building trust.

As part of their role to safeguard public trust and confidence in the financial services industry, expect regulators to focus on:

  • Threat Detection and Monitoring: The presence of:
    • Continual process improvement to identify, adapt, monitor, and respond to changing tactics from threat actors, as well as to timely remediate issues, as necessary.
    • Mature insider risk programs, inclusive of behavioral models and scenario analysis, to reduce the likelihood of insider corruption and financial crime risk (e.g., authentication/access management, synthetic identity fraud).
    • Surveillance programs to monitor use of digital devices, third-party messaging platforms, and e-communication social tools.
  • Compliance Culture: A culture of compliance and “individual accountability,� including incentives for ethical behavior and culture commitment (e.g., cooperation with supervisors, proactive identification of misconduct, self-disclosure, timely remediation), disincentives for misconduct (e.g., compensation “clawbacks�), and business practices that place the interest of customers first (e.g., avoidance/disclosure of conflicts of interest).

What to Watch

Key regulatory actions to watch related to fraud, financial crime, and misconduct, include:

  • : Regulators identify BSA/AML/CFT compliance, CDD, and beneficial ownership as key areas of examination focus; the importance of AML program examinations is elevated due to the geopolitical environment and sanctions activity. Intensifying supervision and enforcement may include data traceability, transaction monitoring, suspicious activity reporting, independent reviews, and employee training.
  • : Forthcoming FinCEN rules requiring financial institutions to carry out risk-based programs for government-wide AML and CFT priorities. Pending Corporate Transparency Act regulations (including the beneficial ownership information reporting rule, related safeguards and access rule, and anticipated revisions to CDD Rule requirements).
  • : SEC proposal “to eliminate conflicts of interest associated with interactions with investors [e.g., correspondence, online, advertising] through the use of technologies [e.g., predictive analytics, AI, ML] that optimize for, predict, guide, forecast, or direct, investment-related behaviors or dzܳٳdz.”�
  • Regulatory “Trust�: Growing expectation for ongoing collaboration, adaptability, and communication among financial industry participants and regulators to strengthen public “trust� in the financial services industry.

Call to Action�

  • Enhance technology and analytics: Assess/pilot/adopt innovative approaches (e.g., AI/ GenAI, enhanced data analytics) to enhance fraud and financial crime risk management and augment or potentially replace legacy systems. Establish associated parallel testing processes and robust governance structures.
  • Strengthen client onboarding: Implement analytics and automation in client onboarding processes and strengthen processes to gather, store, report, and monitor KYC information, including beneficial ownership, as appropriate.
  • Develop a mature insider risk program: Promote a culture of compliance through ongoing communication, consistent enforcement of consequences for violations, and clear behavioral expectations. Implement tailored training and awareness programs for all personnel. Leverage technical tools and advanced analytics to monitor behavior and human input to identify anomalous insider behavior.
  • Mitigate synthetic identity fraud (SIF): Deploy a multilayered approach, including manual and technological data analysis, for SIF risk assessment. Utilize additional data sources beyond basic personally identifiable information (PII). Implement robust link analysis processes to monitor transactions, entities.
  • Strengthen security: Establish robust authentication and access protocols for real-time and faster payments to minimize account takeover and social engineering risks. Enhance controls around regulatory focus areas, such as malware, phishing, credential stuffing, and identify theft.

Dive into our thinking:

Ten Key Regulatory Challenges of 2024

Download PDF

Explore more

Regulatory Insights

A source for updates and perspectives on regulatory activity and issues

Read more

Meet our team

Image of Amy S. Matsuo
Amy S. Matsuo
Principal, U.S. Regulatory Insights & Compliance Transformation Lead, 㣨Leyu LLP
Read bio
Image of John Caruso
John Caruso
Principal, Forensic, 㣨Leyu US
Read bio
Image of Chad Polen
Chad Polen
Partner, Advisory, Financial Services Risk, Regulatory & Compliance, 㣨Leyu US
Read bio
Image of Amy S. Matsuo
Amy S. Matsuo
Principal, U.S. Regulatory Insights & Compliance Transformation Lead, 㣨Leyu LLP
Read bio
Image of John Caruso
John Caruso
Principal, Forensic, 㣨Leyu US
Read bio
Image of Chad Polen
Chad Polen
Partner, Advisory, Financial Services Risk, Regulatory & Compliance, 㣨Leyu US
Read bio

Explore other services tailored to your business

Service
Financial crimes
Read more
Service
㣨Leyu Forensic
Read more
Service
Financial Services Risk, Regulatory and Compliance
Read more

㣨Leyu. Make the Difference.


Some or all of the services described herein may not be permissible for 㣨Leyu audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. 㣨Leyu LLP does not provide legal services.

The information contained herein is not intended to be “written advice concerning one or more Federal tax matters� subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

©2025 㣨Leyu LLP, a Delaware limited liability partnership and a member firm of the 㣨Leyu global organization of independent member firms affiliated with 㣨Leyu International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the 㣨Leyu global organization please visit.

Thank you!

Thank you for contacting 㣨Leyu.We will respond to you as soon as possible.

Contact 㣨Leyu

Use this form to submit general inquiries to 㣨Leyu. We will respond to you as soon as possible.

By submitting, you agree that 㣨Leyu LLP may process any personal information you provide pursuant to 㣨Leyu LLP\'s .

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Submit RFP

Use the RFP submission form to detail the services 㣨Leyu can help assist you with.

Office locations

View locations

International hotline

You can confidentially report concerns to the 㣨Leyu International hotline

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Headline