Tag: AI

In the initial spotlight segment of this episode, we speak with returning guest and regulatory compliance expert Oonagh van den Berg of Raw Compliance about an article she recently penned on LinkedIn titled “Rethinking AI Regulation: Why Current Approaches Are Falling Short” (check the links below).​

Following that, we chat with anti-money laundering (AML) and financial crime scholars Dr. Mirko Nazzari and Prof. Peter Reuter about their new article in the Journal of Crime & Justice, published by the University of Chicago Press, entitled “How Well Does the Money Laundering Control System Work?”

Oonagh van den Berg is the founder of Raw Compliance, a compliance consultancy and training firm. Having grown up in Northern Ireland during the tumultuous 1980s, she is a compliance veteran.

A lawyer by training and an entrepreneur by vocation, she grew up during the dark chapter of her country – better known as “The Troubles”- and went on to achieve success after success: first as a lawyer, then as a compliance officer, a recruiter, and later, a consultant and educator. Having previously taken up roles in Asian financial hubs such as Singapore and Hong Kong, she is currently based in Braga, Portugal.

Dr. Mirko Nazzari is a postdoctoral research fellow in Political Science at Università degli Studi di Sassari, Italy. He holds a PhD in Criminology from Università Cattolica del Sacro Cuore (Italy), where he also served as a Research Fellow at Transcrime – Joint Research Centre on Innovation and Crime.

His research focuses on assessing and enhancing public policies for crime prevention and control, with particular emphasis on money laundering, cybercrime, and the policy challenges posed by emerging technologies. He has published extensively in these areas and contributed to applied policy research at both national and international levels.

Dr. Peter Reuter is Distinguished University Professor in the School of Public Policy and Department of Criminology at the University of Maryland. In 2019, he was awarded the Stockholm Prize in Criminology, the most prestigious award in the field. He founded the International Society for the Study of Drug Policy and RAND’s Drug Policy Research Center.

Discussion:

The podcast begins with a brief conversation between Oonagh and Regulatory Ramblings host Ajay Shamdasani about her September 8, 2025, article on LinkedIn, entitled “Rethinking AI Regulation: Why Current Approaches Are Falling Short.”

Her key takeaway for listeners and her readers is that: “AI isn’t just a technology—it’s an ecosystem. Regulating it requires cooperation, adaptability, and vision. Anything less will fail.”

Oonagh goes on to say: “Artificial Intelligence is evolving faster than regulators can keep up. Around the world, governments are racing to design frameworks to govern AI use, but the struggle is evident: how do you regulate something so pervasive, adaptive, and borderless without stifling innovation or missing critical risks?”

She assesses Hong Kong’s present dilemma – highlighted in a recent South China Morning Post article – that illustrates such challenges. The city faces obstacles in enforcing rules that would necessitate AI-created content to be labelled. Experts, she says, warn that the city’s market is “too small” for supporting “bespoke legislation, and without robust enforcement mechanisms, rules around watermarking and labelling may simply be ignored.”

“This isn’t just a Hong Kong problem. It’s a global one. And it’s a sign that we need to rethink how AI regulation is designed and enforced,” she writes.

As the former British colony crafts its own AI rules regime, she highlights the challenges the city faces:

1. Fragmented and reactive regulation: Hong Kong currently relies on piecemeal laws—privacy, IP, finance—to govern AI. The lack of a unified statute leaves gaps and inconsistencies. This mirrors the situation in many jurisdictions where regulators patch AI onto existing frameworks rather than building something purpose-built.

2. Enforcement complexity

Even when rules exist, implementation is shaky. For example, China mandates labelling and watermarking of AI content. But technical evasion is easy, watermarking can be stripped, and compliance varies across platforms. Enforcement lags behind innovation.

3. Scale and coordination problems

Small markets like Hong Kong can’t realistically create standalone AI regimes that diverge too far from global standards. With multiple regulators (PCPD, HKMA, SFC) touching AI issues, coordination becomes another hurdle.

4. Ethical and societal risks remain unaddressed

Labelling helps promote transparency, but it doesn’t address deeper concerns, such as misinformation, deepfakes, privacy breaches, biased algorithms, or liability for harm.

Ultimately, Oonagh notes the Special Administrative Region (SAR) needs to learn from other models.

For example, the EU AI Act is a superb piece of legislation. “The European Union has introduced the world’s most ambitious attempt at AI regulation,” she says. “Its risk-based approach divides AI systems into categories:

• Unacceptable risk (e.g., social scoring) – outright bans.

• High risk (e.g., biometrics, healthcare AI, financial services AI) – strict compliance, human oversight, mandatory audits.

• Low/minimal risk – lighter obligations.

“This is a principle-driven and comprehensive framework, but critics warn that its heavy compliance burden may stifle innovation in smaller companies. Enforcement capacity will also be tested—many national regulators are underfunded compared to the scope of responsibility,” she wrote.

Then there is the Singaporean model, which she acknowledges is “a more agile, industry-friendly approach with its Model AI Governance Framework.” Instead of rigid laws, it provides:

• Voluntary best practices (transparency, explainability, fairness).

• Industry sandboxes to experiment safely.

• A strong focus on multi-stakeholder collaboration between regulators, academia, and industry.

“This approach supports innovation while nudging companies toward responsible AI. But without legal force, it risks leaving gaps where bad actors can exploit weaknesses,” she says.

For Hong Kong to have a more workable approach, therefore, she recommends borrowing what works and is relevant to the local context. Namely:

Unified AI Regulation: Move beyond fragmented laws and adopt a dedicated AI framework, grounded in core principles: accountability, transparency, fairness, privacy, and safety.

Risk-Based Oversight: Like the EU Act, differentiate between high-risk and low-risk AI use, applying strict oversight only where harms could be severe.

Practical Enforcement Tools: Invest in watermarking and labelling standards that are technically robust, enforceable, and difficult to evade—while recognizing that labelling alone isn’t a silver bullet.

Dedicated Oversight Body: Create a central AI regulator to coordinate across sectors, avoid duplication, and respond quickly to emerging risks.

Public Engagement & Education: Foster societal trust by educating citizens on the risks, rights, and safeguards associated with AI, ensuring transparency in the decision-making process surrounding AI.

Global Alignment: For small markets like Hong Kong, aligning with global regimes—whether the EU Act’s structure or Singapore’s collaborative model—is key to avoiding regulatory isolation and easing compliance for international companies.

As Oonagh concludes, AI regulation cannot be built on ad hoc legal fixes or unenforceable guidelines. “Hong Kong’s struggles highlight the real-world limitations of trying to bolt rules onto outdated systems. The EU shows the power of principle-based, risk-tiered regulation, while Singapore demonstrates the agility of a collaborative, innovation-friendly approach,” she writes.

“The answer lies in combining these lessons: a unified, principle-driven law; proportionate, risk-based oversight; enforceable standards; and international harmonisation. Regulation must evolve as quickly as AI itself—not to slow it down, but to ensure that innovation happens safely, transparently, and for the benefit of society,” she says.

Moving into the lengthier discussion portion of the episode, Mirko and Peter discuss their article, published earlier this summer, entitled “How Well Does the Money Laundering Control System Work?”

The article takes a critical look at the global AML system and poses a simple yet fundamental question: Has it actually made money laundering more challenging or risky for criminals? The answer is more complicated— and less encouraging—than many might hope. And it’s a question for which there may be different answers at local, national, transnational, and global levels.

Mirko & Peter’s essay offers a critical and data-driven analysis of the global AML regime, highlighting:

▪️ The lack of empirical evidence that ML has become more difficult or less prevalent

▪️ The often symbolic nature of international evaluations, such as the Financial Action Task Force Mutual Evaluations

▪️ The high costs and unintended consequences of AML measures, including derisking, and

▪️ The central role of private entities in detecting suspicious activity, with significant operational implications. Although lengthy, it is highly recommended reading for anyone working in or interested in AML, financial crime, and public policy evaluation.

Simply put, Money laundering remains a significant concern worldwide, with substantial resources dedicated to preventing illicit funds from entering the financial system. Yet, despite decades of legislative and regulatory development, the effectiveness of AML frameworks remains dubious.

Again, the article is a sharp, data-informed critique of the current state of the international AML apparatus. The authors highlight seven key findings that challenge conventional wisdom:

• Major banks regularly face hefty fines, but executives very rarely face criminal convictions
• Money laundering is often no more complex or expensive today than it was in the late 1980s
• Most laundering methods remain surprisingly basic
• The system disproportionately benefits wealthy jurisdictions
• AML measures yield valuable intelligence for law enforcement
• But they also carry risks, including de-risking and data misuse
• The real costs of AML compliance are never part of public debate. Only occasionally is there mention of the costs borne by banks.

The abstract to their piece states: “The continued globalization of finances has generated an ever-larger array of methods for making criminal earnings appear legitimate. The global regime to control money laundering has become more sophisticated and comprehensive (i.e., expensive and intrusive). There is no evidence that money laundering is declining or becoming more difficult or expensive. The system’s failure has many sources. Nations that pushed for its creation and development have been unwilling to implement critical elements. Major banks have repeatedly failed to meet their obligations, suggesting either insufficient commitment or a lack of the necessary skills and systems to comply. Regulatory oversight has been inadequate. There is, however, evidence that the system aids enforcement of laws against criminal enterprises. Despite the consensus that the system works poorly, there is almost no discussion of substantial reforms.”

Their key observations or conclusions are that simple laundering strategies remain pervasive, there has been, relatively speaking, limited adoption of sophisticated methods like crypto, and most launderers tend to launder their own funds rather than avail themselves of the “professional services” of more experienced financial criminals.

The challenges they cite include the limited policy debate over AML and financial crime compliance in general, a tendency for policymakers and regulators to focus on incremental improvements rather than comprehensive reforms, and whether the current system of ever-growing suspicious activity report (SAR) filings is sustainable in the long term.

As Mirko says, “SARs are contributing to investigations,” but it is unclear whether such a system is sustainable over time. He highlights a common practice among money laundering reporting officers (MLROs) of reporting everything to avoid fines, sanctions, or personal reprimands—a phenomenon known as “defensive filing.”

However, the example of the U.S. Treasury Department’s FinCEN shows that four million SARs are filed annually, which cannot be effectively managed. This places a significant strain on Financial Intelligence Units and law enforcement agencies, whose limited resources make it challenging to keep pace with the volume of reports.

Mirko added that not all money launderers are the same: the typologies of how a drug dealer, a kleptocrat, and a cryptocriminal launder funds may be very different.

When asked what policy choices they would advocate for regulators and law enforcement to adopt, both Mirko and Peter stressed the need to set realistic goals, develop alternative effectiveness metrics, and strike a balance between the competing yet compelling goals of AML controls and financial inclusion.

As the conversation concluded, Peter acknowledged that the White House’s statement earlier this year, indicating it would scale back AML enforcement, could lead to selective enforcement of such rules under the current Trump administration.

Regulatory Ramblings podcasts is brought to you by The University of Hong Kong – Reg/Tech Lab, HKU-SCF Fintech Academy, Asia Global Institute, and HKU-edX Professional Certificate in Fintech, with support from the HKU Faculty of Law.

Useful links in this episode:

• Follow Oonagh van den Berg on LinkedIn

• Check out her paper: Rethinking AI Regulation: Why Current Approaches Are Falling Short

• Follow Dr Mirko Nazzari on LinkedIn

• See Prof Peter Reuter‘s background at the University of Maryland and works.

• Check out Reuter & Nazzari’s paper: How Well Does the Money Laundering Control System Work?

You might also be interested in:

• Must have book by Ross Buckley, Douglas Arner & Dirk Zetzsche – FinTech: Finance, Technology & Regulation

• Building Better Financial Systems: FinTech Sustainability – Research

• HKU-SCF Fintech Academy – website

• Asia Global Institute – website

• HKU-edX Professional Certificate in Fintech

• Most sought-after Fintech course on edX – Introduction to Fintech

Connect with RR Podcast at:

LinkedIn: https://hk.linkedin.com/company/hkufintech 
Facebook: https://www.facebook.com/hkufintech.fb/
Instagram: https://www.instagram.com/hkufintech/ 
Twitter: https://twitter.com/HKUFinTech 
Threads: https://www.threads.net/@hkufintech
Website: https://www.hkufintech.com/regulatoryramblings 

Connect with the Compliance Podcast Network at:

LinkedIn: https://www.linkedin.com/company/compliance-podcast-network/
Facebook: https://www.facebook.com/compliancepodcastnetwork/
YouTube: https://www.youtube.com/@CompliancePodcastNetwork
Twitter: https://twitter.com/tfoxlaw
Instagram: https://www.instagram.com/voiceofcompliance/
Website: https://compliancepodcastnetwork.net