Lloyds Banking Group will be required to refund customers due to violation of rules on communicating with PPI customers, the UK’s Competition and Markets Authority (CMA) announced on Wednesday.

A total of £975,000 in refunds has been secured for Lloyds’ payment protection insurance customers in the last year for breaching regulations, with the latest refunds amounting to £17,000. These new refunds come after Lloyds self-reported three breaches affecting “8,800 people who were sent incorrect information in annual reminders to mortgage PPI customers”, according to the CMA.

PPI was conceived as a form of insurance that would help customers maintain loan repayments if their financial circumstances worsened. After aggressive marketing of the insurance by banks in the 1990s and 2000s, a 2011 court case ended the practice and allowed a wave of consumer compensation claims to be issued.

All PPI providers are required under UK law to send annual reminders to customers that set out clearly the cost of their policy, the type of cover they have and remind them of their right to cancel.

In two of Lloyds’ latest breaches of the CMA’s order, the monthly amount PPI policyholders could claim was displayed in the incorrect section of their reminders. In the third, the figure quoted in the reminders was incorrect.

Lloyds has informed the CMA that it broke the order 18 times over an 8-year period.

The FCA said last year that that PPI claims have become “the largest consumer redress exercise in the UK’s history”, with UK banks having paid £38 billion for PPI mis-selling between 2011 and 2020.

[ymal]

“It’s a real concern that PPI providers are still breaking the rules by sending inaccurate PPI reminders despite a clear, well-established Order from the CMA,” said Adam Land, the CMA’s Senior Director of Remedies, Business and Financial Analysis. “These failures can mean people end up paying for insurance they no longer need.”

So, what does Wirecard’s collapse mean for the future of app-based business banking? Is it all bad news? First, let’s look at a bit of the background on app-based business banking to put the collapse of Wirecard into some kind of perspective.

The Background

During the past five years or so, a host of digital banks have entered the market to challenge the traditional high street players. Indeed, companies have never had so much choice when it comes to choosing a business bank account.

Many of these challenger banks do not have a standard banking licence but instead, operate under the terms of an e-money licence. E-money licences for Payment Services and Electronic Money companies are authorised and regulated by the Financial Conduct Authority (FCA) but represent a more straightforward – and significantly cheaper – form of licensing than a full banking licence.

E-money licences are more restricted than full banking licences – the chief limitation being that challenger banks with only an e-money licence may not hold customer deposits on their own balance sheets but must do so in a separate trust account, typically maintained by a fully authorised and licensed bank.

During the past five years or so, a host of digital banks have entered the market to challenge the traditional high street players.

The Wirecard Scandal

Wirecard was founded in 1999 with headquarters in Munich, Germany, and a subsidiary in the UK, running its business as a digital payment services provider. According to an item in the New York Times on 19 June 2020, it grew quickly, attracting hundreds of thousands of leading merchants expanding their contactless payments businesses – global companies such as Visa, Google Pay and Apple Pay, together with fintech start-ups such as Curve, Pockit, Revolut, and Soldo.

As a payment services provider, Wirecard operations are conducted in Europe under the terms of an e-money licence, rather than full banking licence, holding customer deposits in separate trust accounts.

The Wirecard scandal was sparked by news that the German parent – Wirecard AG – was unable to locate €1.9 billion of customer deposits held in those trust accounts. In response to the scandal, a plummeting share price, and no apparent means of tracing and recovering the missing billions, Wirecard AG filed for insolvency.

Reverberations

In the immediate aftermath of the scandal breaking, the FCA temporarily suspended the UK arm of the company’s operations, Wirecard Card Solutions – also known simply as WCS. Straight away, therefore, scores of those fintechs in this country which have relied on Wirecard’s payments services had to suspend the accounts of millions of individuals and small businesses in the UK.

[ymal]

Looking to the longer-term – rather than the immediate aftermath – however, it must be remembered that the German Wirecard AG and the UK’s Wirecard Card Solutions are quite separate and independent companies. As the website Sifted noted in its story on 26 June, the UK arm of the group is sufficiently independent to have its own board, regulatory regime, and accounting standards. Neither is it financially dependent on its German-based namesake – but recorded a pre-tax profit of well over £2 million in 2018.

What Next?

While Wirecard accounts were only frozen for a few days and business deposits were safe, the impact on consumer confidence is likely to be longer-lasting. Deposits at institutions that hold a full banking licence are protected by the Financial Services Compensation Scheme (FSCS) up to an amount of £85,000, so expect to see businesses seek the safety of fully licenced banks that provide FSCS protection. In fact, Barclays has revealed that it's already seen an increase in deposits since news of the Wirecard scandal broke.

A number of app-based digital banks, such as Revolut and Cashplus, had already announced that they were applying for full banking licenses before Wirecard's collapse. As the sector matures, expect more to follow.

Back in July Finance Monthly reported on how much your personal data was worth on the dark web.

Price comparison experts Money Guru conducted research on several dark web marketplaces and uncovered that criminals can buy your details on the dark web for less than a coffee. In fact, email logins could be bought for as little as £2.10, and Facebook logins for £3.

Sadly, data breaches are becoming a common occurrence. In the past few months alone British Airways, Reddit, HMRC and Ticketmaster have all been hit.

New research from Money Guru shows that the cost of personal data on the dark web has reduced significantly following Facebook’s recent data breach.

How Much Is Your Data Worth Now?

Your data, which can include everything from banking details to social media logins, is worth less than you might think to hackers and scammers.

Following the Facebook data breach hacked Facebook account details are now being sold on the dark web for as little as £0.77 ($1). This is £2.23 ($2.90) down from Money Guru’s previous findings earlier in June 2018.

They also found that hacked Instagram credentials are available on the dark web for as little as £1.91 ($2.50), down £2.89 ($3.80) and that hacked Twitter accounts are being sold for as little as £0.61 ($0.80), a reduction £1.89 ($2.50).

However, that wasn’t all that the price comparison expert discovered during their research.

Money Guru discovered tools and guides to help people hack into Facebook accounts available on the dark web for as little as £1.29 ($1.70), and similar tools for Instagram for £0.87 ($1.15) and Twitter for £0.87 ($1.15).

The personal finance experts discovered tools to help hack Gmail, commit phishing attacks and bypass phone verification available on the dark web for as little as £0.87 ($1.15). They are also found a plaintext database of Twitter account details with millions of emails and passwords available for £31.86 ($41.60).

Staying Safe Online

Deborah Vickers, channel director at moneyguru.com said: “Our social media accounts put our lives under a microscope and these details are frequently stolen and sold to unscrupulous companies so they can target you with advertising. By using your data against you, criminals can lock you out and take control of your accounts, which could cause serious reputational and financial worry.

“Rather concerningly all three dark web markets that we researched (Wall Street Market, Dream Market and Burlusconi Market) are currently offering ‘164m LinkedIn user records’ including separate pieces of information such as email addresses, names, passwords for only £7.65 ($9.99).

“However, it seems that as more data breaches occur, the more aware the general public are becoming of the issue which could be causing the significant price drops of personal data on the dark web. Our research into personal data and how much it's actually worth on the black market is shocking to say the least. It just goes to show how vital it is to protect your data where possible to avoid facing costly consequences.”

So What Data Can Criminals Buy on the Dark Web?

The marketplaces Money Guru searched were ‘Dream Market’, ‘Burlusconi Market’ and ‘Wall St Market’ (three of the most popular current markets since the fall of the Silk Road) all of which provide goods including:

• Personal Data
• Fraud Kits & Instructions
• Counterfeiting Supplies & Services
• Illicit Drugs
• Weaponry

With the indictment of two former senior Goldman Sachs bankers, accused by US prosecutors of paying bribes, stealing and laundering money from a Malaysian sovereign-wealth fund, the Wall Street giant finds itself at the center of one of the world's largest-ever financial scandals.

The ongoing TSB IT meltdown has been strong evidence of the risks and challenges financial institutions face daily. It has caused mass uproar from customers and severely tarnished the bank’s overall reputation.

TSB started a long-planned move of 1.3 billion customer records from its former parent company, Lloyds Banking Group, to Proteo4, a platform built by TSB’s Spanish owner, Banco Sabadell. The change-over, which started on Friday 20 April, was supposed to be completed over the weekend by 18:00 on Sunday. But on Monday morning millions of customers were unable to use online or mobile banking or had been given access to other people’s accounts.

Error messages and glitches meant paydays and company salaries were turned upside down across the UK. This has understandably caused a chain of problems across many sectors. TSB’s overall response has not been appreciated by the public and its customer service methods have been hugely questioned.

Below Finance Monthly lists some of Your Thoughts on TSB’s IT failure and its customer service approach.

Mark Hipperson, CTO, Centtrip:

Looking more closely at what happened and how the events evolved, it appears that some key IT best practices might have been omitted, such as:

1. Production system access: it appears developers had access and were making live fixes to production. This is a big no-no in software development even in an ultra-agile DevOps environment.
2. Rollback plan: when it all went wrong, it appeared there was no contingency plan or option to revert back.
3. Incremental proving: it would have been more appropriate to first validate each change to ensure it was successful before moving to the next.
4. Testing: It is pivotal to confirm all changes have been implemented successfully and work well. There are many different types of testing: user, operational, data migration, technical, unit and functional, which would have helped identify any issues before customers did.
5. Early Live Support: it is crucial to make sure sufficient highly skilled staff are available immediately after the release in case things still go wrong.

And last but not least is proof of concepts (PoCs), which would have revealed any tech and planning errors. TSB should have run PoCs on test accounts, or even staff accounts, before the full release.

Alastair Graham, spokesperson, PIF:

Small business customers have reached a nadir in their relationship with traditional banking partners. Branch closures and the move of services online have meant that few now receive any active guidance or support from their bank in helping to grow their business.

At the same time, many feel that even basic banking services aren’t meeting their expectations. Even without issues such as the recent TSB banking crisis, businesses would like improvements to be made.Whether that is quicker account opening processes, simple lending or transparent and fair charges, the demand for alternatives is growing.

Tech innovations, combined with legislative changes such as Open Banking, mean that more products and services are being launched, designed specifically to meet the needs of small business customers. SMEs have already shown they will trust other providers when their banks fail to provide adequate services. This has been particularly evident where prepaid platforms offer more versatility, while still being a safe, secure and flexible method to transfer money.

Yaron Morgenstern, CEO, Glassbox Digital:

In today’s digital age, customer experience is more important than ever. This banking app drama has revealed how important it is to measure your consumer’s experience with complete visibility of any problems. This should really be an ongoing effort, and not just when you plan large scale back office migration. There are three fundamental tenets to an effective customer experience: observation of the customer journey via touchpoints, reshaping customer interactions, and rewiring the company’s services to align with customer expectations.

It is only through advanced digital analytics and AI technology that organisations can understand what is going through their customers’ minds. These are powerful tools for mapping out customers’ digital journeys from the moment they visit a website. This all goes to the heart of improving conversion in the digital customer journey.

Fabian Libeau, EMEA VP. RiskIQ:

The fact that TSB’s IT meltdown dragged on for such a long time, meant that customers were locked out of their accounts for extended periods. It also made them vulnerable to digital fraud in the form of phishing. TSB itself has warned more than five million customers that fraudsters have been attempting to take advantage of its IT breakdown to trick people into handing over information that could enable them to steal their money. Criminals exploiting brands to defraud stakeholders in this way is nothing new, and we know that financial institutions are a much-loved target for hackers, given the highly-sensitive and valuable information they’ve been entrusted with – it is therefore no wonder that cybercriminals are queuing up for an opportunity to impersonate the bank online.

Andy Barratt, UK Managing Director, Coalfire:

In the grand scheme of things, the TSB incident is perhaps not as significant an event as a nation-state hack like last year's WannaCry. But it has still left many, including the ICO, concerned that a major 'data breach' occurred just weeks away from the implementation of the EU’s General Data Protection Regulation.

The power to hand out major fines that GDPR affords the regulator means that the price of poor data protection is about to become far easier to quantify. When the regulation comes into force at the end of the month, a breach like TSB’s would certainly require a Data Protection Impact Assessment and measures put in place to ensure a similar incident doesn’t happen in the future. At the very least, TSB will have put themselves on the ICO’s radar as ‘one to watch’ when GDPR comes into effect.

While the share price of Banco Sabadell, TSB's Spanish parent, wasn’t overly affected by the incident, there could still be a significant financial consequence for the bank. We now know that a large number of customers are affected so the cost of rolling back any mistaken transactions as well as offering support, and potentially refunds, is likely to eat up a lot of operational resource. This event should be a reminder that data protection and the safeguarding of personal information has to be to priority for financial institutions.

Andy Barr, Founder, www.10Yetis.co.uk:

The best thing you can say about the TSB approach to public relations throughout its issues is that it is going to become the modern benchmark for university lecturers on how not to approach crisis communications.

From the very outset, TSB has failed in its approach to handling this ongoing crisis. Its messages have been wrong, even from its highest-level member of staff, the CEO. He has repeatedly issued statements that have been incorrect and that he has had to retract and apologise for.

TSB’s brand reputation is now circling the plughole and its Spanish owners could very well be forced down the route of a re-brand in the mid to longer term in order to try and recover their reputation. I fully expect a classic crisis communications recovery plan 101 to be rolled out, once this all dies down. Step one; apologise (usually full page ads), step two; announce an independent investigation, step three; a member of the C-Suite gets the Spanish Archer (El-bow), and then step four; another apology before trying to move on.

Whatever the final outcome, this has been a public relations disaster for TSB and they are very lucky that at the time that it happened there was so much other “hard news” going on such as Brexit, rail company re-nationalisation and, of course, Big Don, over the pond, constantly feeding the 24-hour news agenda.

Danny Bluestone, Founder & CEO, Cyber-Duck:

The TSB fiasco shows that many organisations vastly underestimate data migrations. Moving data on such a scale from an incumbent system to a different one is an inherently complex task. There are several steps to follow for a successful migration.

First and foremost, it begins with a considered strategy for structural changes that ensures no legacy data is made unusable and new functionality is accounted for. Banks like Monzo test new features within alpha and beta modes, so new pieces of functionality are tried and tested before a mass general public release. TSB would have been wise to utilise test scripts and automated testing to auto-test thousands of permutations from login to usage of the system. Relevant applications that monitor errors could have then detected issues early on.

TSB could have also used a run-book for deployment so all steps of deployment are documented. When an error was detected, TSB could have rolled back without data loss. Problems could also have arisen if TSB failed to use a testing environment that was identical to the production environment. As if there is even a slight difference, the user experience can break.

With regards to the application hosting, TSB should have an active engineering team monitoring performance 24/7. In our experience at Cyber-Duck – from working with numerous institutions including redesigning the Bank of England’s digital website – there really is no excuse for users to suffer. Complex data migrations can be dealt with in a secure and efficient manner if best practice methodology is followed.

Adam Alton, Senior Developer, Potato:

Software is difficult; Microsoft still hasn't finished Windows. Trying to write a new piece of software or create a new system, and then migrate everything over to it in one go is likely to go badly. The chances of it working are incredibly slim. Instead, a migration in several parts would be better. Release small, release often. When Mark Zuckerberg said "move fast and break things", you could interpret that as "you're going to break things, so do frequent and small releases in order that you break as little as possible before you get a chance to fix it". The problems with TSB's migration appear to be multiple and disparate; error messages, slowness and capacity problems, users shown the wrong data. It seems unlikely that these stem from a single cause or single bug, so it would seem that they tried to do too much at once.

Coerced optimism: when under pressure to get something to work, it's easy for a team of developers to wishfully believe that something is finished and working because they can't see any problems, even though their experience tells them that the complexity of the system and the rushed job they've done means that it's extremely unlikely to be free of issues. I wouldn't be surprised if IT workers at TSB fell into this trap, leading to the premature announcements that the problems were resolved.

Denying that you have a problem is always a bad idea. Amazon Web Services (AWS) provide a detailed status dashboard giving a continuous and transparent view of any issues on their systems. They don't deny that they occasionally hit problems but instead have a process in place for actively updating their customers with as much information as possible. This transparency and openness clearly win them a huge amount of customer trust.

Senthil Ravindran, EVP & Global Head, xLabs, Virtusa:

Fortunately for all involved, it seems as if the worst of TSB’s IT debacle is now behind it. But its botched migration led to more than 40,000 customer complaints in what was arguably the most high-profile banking error we’ve seen this year. Worse still, the technology itself isn’t to blame here – both previous owner Lloyd’s and the Proteo4UK system used by new owner Banco Sabadell have a good record in handling data. Instead, the responsibility here rests solely with TSB.

It mostly boils down to a lack of proper preparation on TSB’s part. Banks carry out small data migrations regularly, but a large-scale migration such as this typically calls for months of preparation. Actually moving the data isn’t the tricky bit; drawing the data from the siloes it’s stored in across the business and knowing how it’ll fit within the target system is the real challenge. This is why banks are increasingly looking to ‘sandbox’ the testing process; creating a synthetic environment with the data they hold to gauge how it’s likely to fit within a new system of record. Granted, this approach to testing doesn’t happen overnight, but when applied properly, it reassures banks that the actual migration will run smoothly.

This method would likely have spared TSB the disaster it has faced. Yet in reality, we’ll likely see similar high-profile stories appear over the coming months thanks to the combined pressures of GDPR and open banking. The former is forcing banks to bolster their data handling practices in order to avoid hefty financial penalties, while the latter is forcing banks to expose their data to all manner of third parties. Both initiatives are incredibly difficult for banks reliant on decades-old legacy IT systems to manage (indeed, it’s likely that the GDPR deadline this month may have added pressure on TSB to rush the migration through), and as the reality of this new banking environment begins to set in, expect to see other examples along the same lines as TSB’s.

We would also love to hear more of Your Thoughts on this, so feel free to comment below and tell us what you think!

Global Witness and leading anti-corruption MP Margaret Hodge have recently called on the UK’s Financial Conduct Authority to take action over the role of RBS and Standard Chartered in handling more than US$2 billion of embezzled funds in a major international corruption scandal. The call comes as Global Witness publishes a new analysis of the role of the bankers, auditors and lawyers in enabling Malaysia’s 1MDB corruption scandal that is likely to have robbed the Malaysian people of an estimated US$4.5 billion.

According to the US Department of Justice the billions embezzled from 1Malaysia Development Berhad (1MDB), a government owned-company, by a variety of people were spent on luxury properties, high-end art and lavish lifestyles, as well as payments to the Malaysian Prime Minister Najib Razak. Most famously, money taken from 1MDB allegedly funded the Leonardo DiCaprio film the Wolf of Wall Street.

Global Witness and Margaret Hodge have written to the Financial Conduct Authority (FCA) calling for it to investigate the role of two UK-based banks, RBS and Standard Chartered, for their oversight of their Swiss and Singapore branches’ money laundering controls. Regulators in Singapore and Switzerland have fined the two banks’ foreign branches a total of $12 million for breaches of anti-money laundering regulations in relation to the scandal. Those investigations were completed over a year ago, with Swiss regulators passing their findings to the FCA at that time. However, there has been no sign of any action from the UK authorities.

In response to Global Witness’ findings, prominent Labour MP Margaret Hodge said: “It is time for the FCA to take firm action to hold banks that handle dirty money to account. The FCA must also explain its apparent inaction over this case, when other countries completed their investigations over a year ago.”

The role of the two banks feature in Global Witness’ new analysis of how a range of banks, lawyers and auditors either turned a blind eye, signed off on suspicious transactions or were simply not obliged by the rules to question origin of funding.

“Our analysis shows that the international anti-money laundering system is not working,” said Global Witness Senior Campaigner Murray Worthy. “The 1MDB scandal would simply not have been possible if the system worked; the financial professionals involved would have spotted this dirty cash and prevented the money from being ever being taken.”

The report concludes that for the banks involved in the 1MDB scandal, this was not a problem of inadequate regulations but a failure of bankers to follow those rules. The banks were either simply not conducting the checks that they were required to do, or they were willing to ignore the risks they saw.

Murray Worthy continued: “The UK should not allow banks based here to handle the proceeds of crime or corruption, wherever they operate in the world. The people of Malaysia are now facing a bill greater than the country’s annual healthcare budget as a result of this scandal – and these banks enabled this scandal to happen.”

(Source: Global Witness)

Following the Panama Papers leak of files from last year, earlier this month, the Paradise Papers leak once again threw light on the world elite’s hidden wealth. 3.4 million confidential documents relating to offshore investments were leaked to Suddeutsche Zeitung, the same German newspaper that took hold of the Panama Papers in April, 2016, which then shared them with the International Consortium of Investigative Journalists (ICIJ) and a network of more than 380 journalists. The files reveal that large corporations, heads of state, politicians, celebrities and High-Net-Worth individuals are investing huge amounts of money in offshore tax havens. Surprise, surprise. And whilst about 100 media outlets worldwide are pouring over the findings, that include the Queen’s private estate allegedly being invested in a Cayman Islands fund, as well as offshore dealings by Donald Trump’s cabinet members, advisers and donors, a lot of people have asked the question: “What exactly is the problem considering that tax avoidance is legal?”

Panama Papers vs. Paradise Papers

Of course, as with everything, opinions are divided with many ordinary people finding tax avoidance to be offensive and unfair, while others feel that it is a perfectly fine way to save some of their hard-earned money. However, does the muted response to the Paradise Papers scandal show that we don’t care as much anymore?

Following the leak’s predecessor, the Panama Papers, thousands of people gathered to protest, which immediately resulted in politicians stepping aside and losing their jobs. Iceland’s ex-Prime Minister, Sigmundur Davíð Gunnlaugsson, resigned amid widespread protests and outrage over allegations that his family had sheltered money offshore. In contrast, it seems like this time around, the public anger has been on a much smaller scale. Last year, US President Barack Obama called for international tax reform in the wake of the Panama Papers, whilst admitting that “The problem is that a lot of this stuff is legal, not illegal.” However, whilst some wealthy public figures suffered personally and governments and organizations have put out a handful of fixes in recent years, the system remains perfectly intact.

So, are we all silently waiting for that potential reform, or have we simply come to terms with the fact that tax avoidance is fine and the rich and powerful will continue dodging tax?

The morality of offshore tax havens

It is a fundamental principle of democracy that everyone obeys the law. The law applies to everyone. The law states that we have to pay taxes. Whilst in most cases, putting your money outside of your financial regulations is legal, many argue that dodging taxes is morally wrong. In addition, according to a  letter to world leaders from May 2016, more than 300 economists argue that: “The existence of tax havens does not add to overall global wealth or wellbeing; they serve no useful economic purpose.”

By sheltering trillions of dollars offshore ($10 trillion according to Boston Consulting Group), the world’s top end make their money untaxable, depriving governments of hundreds of billions of dollars of tax revenues each year. Niels Johannesen, an Economics professor at the University of Copenhagen discusses the consequences of this behaviour: “Either a lot of people pay more taxes [to compensate], or there’ll be less public goods - schools, hospitals, and so on.” He also adds: “Given that this offshore wealth is to a large extent owned by the very wealthiest… it is people who should be paying the highest taxes who are evading the most.”

Thus, not only do offshore tax havens not serve any economic purpose, but they’re also immoral and deprive economies of funds that could be used on improving public services. Some politicians are recognising the issue, such as the Leader of UK’s Labour Party Jeremy Corbyn, who promised that if his party wins the next General election, it would clamp down on tax havens and end loopholes. The Paradise Papers have once again highlighted the need for this to happen. Yet, the notion that the majority of those involved are ‘getting away’ with tax avoidance, paired with the seeming apathetic response from the public appear to be rather worrying.

There’s nothing so gratifying about the way democracies are run as when national politics influences public policy because of an outburst of public anger. Here Julian Dixon, CEO of Fortytwo Data, expresses his thoughts on the challenges of confronting issues of clarity in the reporting of events such as the Paradise Papers leak.

So it is a little unnerving to find such a muted response to the Paradise Papers data dump.

When the scandal’s predecessor - the story of the Panama Papers - broke with disgusted headlines around the globe, people actually took to the streets.

There has been no such outpouring of rage this time around. And that’s because people just don’t get it. But, it’s got less to do with the current revelations and more to do with what happened after Panama.

People take their cue from other public mishaps. They remember similar headlines during the MPs’ expenses scandal. And then they remember the (ex) MPs going to jail.

It was a public hanging of Westminster’s dirty washing, the likes of which we had never seen. Then, in the wake of the Panama Papers, the public also expected justice and change.

They didn’t get it, although the similarities are obvious. The amount of information disclosed in the cases of the Panama and Paradise Papers was similarly grand. It touched on many public figures. And in the reporting, the significance of the leaks was billed as equally earth-shattering.

So where are the prosecutions?

Yes, some politicians lost their jobs within days of the Panama Papers story breaking but that was politics. They weren’t departures that resulted from the considered response of prosecutors.

“The difference between illegal tax evasion and legal tax avoidance is as clear as mud”

Having been promised blood and justice for all, it all appeared to fizzle out.

This is how tax avoidance is a story without an ending. People are destined to relive the public-spirited angst that makes each data dump newsworthy, without the satisfaction of seeing real change. And there is one reason for this - bad laws.

To the average person on the street, the difference between illegal tax evasion and legal tax avoidance is as clear as mud. The public feel unable to ask for change because they cannot clearly see what is broken. And this confusion bleeds into the authorities’ response.

Google media reports of ‘Britons being charged with criminal offences in light of the Panama Papers’ and you find nothing.

Misleadingly, many of the reports carrying headlines cite appalling tax avoidance.

Even relatively sophisticated journalists don’t know where ‘avoidance’ ends and ‘evasion’ begins.

If people are to have faith in the system, then they need to see the authorities acting on tip offs and bringing prosecutions that live up to the hype.

My suspicion is that much mean-spirited behaviour is not criminal - but it should be. However, as the law stands now, the difference needs to be explained clearly to those not wealthy enough to need offshore accounts.

It is no small irony that just like fast cars and expensive watches, if you need to ask how much tax avoidance costs, you can’t afford it. It shouldn’t be this way.

While this confusion reigns, the country is doomed to a vicious cycle that results only in growing public disquiet. People know they should be angry about something, they just can’t quite put their finger on it.

Hysterical reporting of offshore banking becomes a distraction. Politicians relax when it turns out what people are doing is legal. Instead, they should be asking the question ‘shouldn’t it be illegal?’

Accusing people of wrongdoing just because they bank offshore is unhelpful. There are many legitimate reasons why people do it and it’s not all about avoiding tax.

But there are just too many ways offshore tax rules can be legally exploited by people who just want to avoid paying their fair share.

You must be wondering by now why a guy like me who helps banks and others hunt down money launderers is that bothered about the tax affairs of a financial elite.

In our business, you can have the smartest computer in the world capable of identifying money laundering in vastly complex webs of transactions. But if you have millions of dollars being moved by thousands of transactions into dozens of offshore locations, that hide behind complex legal frameworks, it’s worthless.

As these transactions happen offshore - and, we as a species, are naturally hostile to the opaque nature of overseas financial centres and tax havens - it would be better if they were reduced and made more transparent.

If most forms of tax avoidance (not evasion) are wrong - as everyone seems to agree they are - I see the criminalisation of much tax avoidance as our best hope of being able to properly enforce the law in sheltered jurisdictions.

Clarity and a proper public, political debate that doesn’t just act as a smokescreen seems to be all that stands in our way.