Why Global Risk Intelligence Sharing Matters

As we enter 2025, a fundamental transformation is taking shape in the world of financial crime compliance: private-to-private (P2P) intelligence sharing is no longer a theoretical ideal—it’s becoming institutionalized. The Future of Financial Intelligence Sharing (FFIS) paper, developed under the RUSI Centre for Finance and Security, outlines how global jurisdictions are evolving legal frameworks to empower financial institutions to share risk intelligence to counter #moneylaundering, fraud, terrorist financing, and #sanctions evasion—without always needing public-sector intermediaries. Key Takeaways 1. Legislative Momentum Across Jurisdictions Between 2023–2024, the UK, EU, Singapore, Canada, and Australia adopted or updated laws enabling voluntary P2P information sharing, while Mexico and the U.S. enhanced pre-existing frameworks. This convergence marks a policy shift that recognizes the role of financial institutions as not just gatekeepers—but as intelligence contributors. 2. Typology Development Many jurisdictions now allow more than just bilateral data exchange: • In the U.S., 314(b) associations enable multi-party analytics, helping identify risks invisible to single institutions. • In 🇸🇬, the COSMIC platform enforces a three-tiered risk alert system driven by MAS-defined red flags. • In the EU, the AMLR Article 75 enables verified risk partnerships across sectors and borders—with supervisory vetting and explicit use of privacy-enhancing technologies (PETs). 3. P2P collaboration is yielding tangible results: • In the U.S., collaborative reviews of 82,000 cases via Nasdaq Verafin showed a 62% false-positive reduction, indicating more accurate SAR filings and less noise in regulatory data streams. • In 🇲🇽, the Veradat platform pilot enables risk alert exchanges in near-real-time while maintaining data control per entity. 4. The Next Frontier Despite domestic advancements, cross-border P2P collaboration remains in its infancy—particularly in fraud and scam-related money laundering. FFIS outlines ten policy options for scaling secure, privacy-compliant, international information sharing—from G20 payment reform engines to FATF alignment on scam typologies. What Comes Next? • Update internal frameworks to align with jurisdiction-specific laws like the UK ECCTA, EU AMLR Article 75, or Singapore’s COSMIC obligations. • Train your teams on multi-party sharing dynamics, platform governance, and thresholds for risk flagging. • Participate in cross-sector consortia—whether via national hubs or emerging private platforms that can legally enable collaboration. • Balance operational efficiency with client fairness. As we strengthen collective defenses, we must also protect individuals #compliance #cooperation #aml #regulatory

🚨 The US Shutdown: A Global Cyber Threat A U.S. government shutdown is a systemic vulnerability that compromises global digital security. When the U.S. curtails its cyber operations, it signals a green light to sophisticated adversaries worldwide. 🌐 Global Impact A shutdown instantly degrades intelligence and amplifies global risk: Intelligence Blackout: The flow of critical threat intelligence from U.S. agencies (like CISA) to international partners is drastically reduced. Nations and organizations are left slower to patch and less prepared for new attack campaigns. Amplified Infrastructure Risk: Global financial and supply chain systems rely on U.S. stability. An attack exploiting a weakened U.S. network during a shutdown can trigger cascading international failures and economic instability. Adversary Opportunity: Adversaries recognize this as a "target-rich, defender-poor" window, leading to more aggressive operations globally. 🚀 Strategies for Resilience The solution requires global focus on Cyber Sovereignty and Resilience, reducing single-point-of-failure reliance on U.S. political stability. Short-Term Mitigation (During Crisis) Global Organizations: Elevate Internal Vigilance. Ramp up threat hunting; strictly enforce Zero-Trust Architecture. Allied Nations: Activate Bilateral Channels. Rely on pre-established direct government-to-government relationships for urgent data exchange, bypassing frozen formal channels. Private Sector: Boost Commercial Intelligence. Increase reliance on private Information Sharing and Analysis Centers (ISACs). Long-Term Strategy (Reducing Dependency) 1. Build Independent CTI Hubs: Nations must invest in autonomous, non-U.S.-reliant Cyber Threat Intelligence fusion centers for resilient threat sharing. 2. Codify Cooperation: International bodies should establish shutdown-proof frameworks for incident response, ensuring continuity during a partner nation's political crisis. 3. Strengthen Global Standards: Promote contribution to security standards housed by multi-stakeholder international organizations (like ISO), reducing dependence on U.S.-based frameworks (NIST). The U.S. shutdown is a loud wake-up call. Global leaders must act decisively to fortify our collective digital defenses. What steps is your organization taking today to build a shutdown-proof cybersecurity posture? #global #cybersecurity https://lnkd.in/gbWbptXT

The protections that let companies share cyber threat intelligence with the government without legal fear are staying in place. That framework helps defenders exchange indicators and insights through #CISA with confidence and speed. Leaders say this continuation supports collective defense, giving firms clearer legal cover when indicators could help the broader cyber community. With state-level threats and tech like AI expanding the scale of risk, legal alignment around sharing is a must. Ultimately, sharing threat intelligence under a safe legal roof boosts resilience for everyone.

Global uncertainty rarely announces itself politely. It unfolds in distant regions — yet its consequences are felt immediately in boardrooms thousands of kilometres away. Over recent weeks, escalating geopolitical tensions involving Iran, the United States, and Israel have once again demonstrated how quickly global events reshape economic confidence, trade dynamics, energy markets, and investment sentiment. For organisations across Southern Africa, these developments are not abstract international affairs. They translate directly into volatility — shifting costs, constrained capital flows, disrupted planning assumptions, and increased strategic uncertainty. Against this backdrop, one reflection has surfaced consistently in my engagements with professionals and leadership teams across the region. Southern Africa may not necessarily have a risk problem. It increasingly appears to have a strategy alignment challenge. Across many organisations, risk frameworks are present and functioning. There are: • Risk registers • Audit and risk committees • Compliance reporting structures • Performance dashboards Yet when pressure emerges — economic, geopolitical, operational, or strategic — execution begins to strain. The gap is rarely the absence of controls. More often, it sits in the alignment between: • Governance structures • Executive behaviour • Strategic decision-making • Risk intelligence flowing to leadership Risk loses much of its value when confined to operational reporting. It becomes powerful when embedded within strategy itself — particularly in an environment where global shocks increasingly influence local outcomes. A recurring observation across conversations in the region is this: The organisations that navigate uncertainty most effectively are not necessarily the most compliant. They are the most aligned in how leadership interprets uncertainty as well as how governance supports decision-making. Aligned in how strategy adapts before pressure forces reaction. Over the coming months, I’ll be sharing insights on enterprise risk and governance maturity across Southern Africa — exploring how Boards and Executive Committees can anticipate pressure, strengthen alignment, and make better decisions in increasingly volatile conditions. Because organisational resilience is rarely built during crisis. It is engineered long before crisis becomes visible. #EnterpriseRisk #Governance #SouthernAfrica #StrategyExecution #BoardLeadership #GeopoliticalRisk

First United Nations Global Risk Report: we're failing at the risks that matter most. The UN just released their inaugural Global Risk Report after surveying over 1,100 stakeholders across 136 countries. The findings should worry every crisis communicator. Last week I wrote about the OECD - OCDE's research on emerging critical risks. Now the UN has delivered a follow-up that's even more sobering. Key findings: 🔴 Mis- and disinformation ranks as extremely important, but we're woefully unprepared 🔴 The biggest barriers to managing global risks are communication failures, not funding or technology 🔴 Geopolitical tensions are the most interconnected risk, cascading into every other major threat 🔴 "Joint action" between governments, private sector, and civil society is the only effective response The report identifies four "Global Vulnerabilities" where we're most exposed: 1️⃣ Information warfare (we're losing badly) 2️⃣ Technology risks (institutions can't keep up) 3️⃣ Societal pressure (interconnected crises amplifying each other) 4️⃣ Environmental reality (slow-moving risks that suddenly accelerate) The uncomfortable truth: we're planning for single crises when everything's connected. One risk triggers another, which triggers another. Our traditional crisis plans simply aren't built for this reality. Having worked within the UN system during COVID-19, I heard "whole of society" mentioned constantly, yet witnessed how the system often struggles to effectively communicate with and engage the private sector. This gap between aspiration and practice undermines the collective action the report calls for. I'm publishing my full analysis in today's Wag The Dog newsletter this afternoon, breaking down what this means for crisis communicators and the five changes you need to make right now. The question isn't whether global risks will impact your organisation; it's whether you'll be ready to communicate your way through them. 📧 Subscribe to the Wag The Dog newsletter for the full breakdown via the link in the comment section below. What interconnected risks are you seeing that traditional crisis plans can't handle?