Brazil and the National Risk Assessment

Recently, decree 10,270 was introduced in Brazil, a significant tool in the fight against corruption. Representatives from the Financial Activities Control Council (COAF), Ministry of Justice and Public Security (MJSP) and from the Central Bank of Brazil, structured the National Money Laundering Risk Assessment, Terrorism Financing, and Proliferation Financing Working Group Weapons and Mass Destruction.

This is one of the requirements to join the Financial Action Task Force (FATF), an intergovernmental organization founded in 1989, with the aim of developing and expanding national and international public policies, preventing and mitigating risks directed at money laundering and confiscation and financing. terrorism and proliferation financing. In other words, its focus is on the financial and other related sectors.

According to the Ministry of Justice and Public Security, a notable benefit of the Risk Assessment is to point out the sectors that expose the greatest imminent risks and which ones present lower risks, in order to contain them with the relevant method. In addition, the results of the evaluations are useful when disclosing relevant information to financial institutions and other sectors, encouraging them to use measures, compliance policies, and risk mitigation on their own.

A new beginning

It is time to shake off the dust, look at what happened, and move on with life in the new normal. At this moment, it is necessary to observe what can be changed, in the strategies that worked. Revisit the strategies that went wrong and try to find some strategy that can still work, even with a different approach.

Above all, now it is time to get back to normal. Even though it is a new normal, in a much more technological world, there is still a market for those who adapt quickly. For those who lead changes and are always up to date, there will always be great opportunities.

Although many people have lost their old jobs, however stable they may seem. Even for those who are still employed, many old tasks are gone and everyone had to adapt to the new reality. The world is different, and the 4.0 revolution is here to stay. What will be the new revolution?

To change is a maxim that nature imposes on us: change or extinction. As Charles Darwin said: whoever survives is not the strongest, nor the most intelligent, but who adapts faster. Therefore, the biggest risk in the world is not adapting to changes.

Time to Change

It’s a great time for big changes. Companies and people are becoming aware that caring for the environment and health are essential. Companies that were consolidated in the market are looking for new market niches, completely rethinking their production chains, their customers, products, services, image. People who were in risk groups are changing their habits and opting for a healthier life.

It’s time to rethink everything! It is time to revise the mission, vision, and values. Reformulate the company’s processes, strategy, and vision. The current moment is opportune for major optimizations towards more rational and more productive operations. Especially rethinking, reducing, and simplifying processes! What can we accelerate and automate today?

Is there any process done outside the company’s formal system? Processes carried out outside the formal management system generate more work to control and analyze, generating the risk of not generating the expected return. Undoubtedly, it is the best time for process automation, reducing unnecessary processes, simplifying activities, and increasing productivity.

With the scarcity of jobs, this is the best time to build multifunctional teams, more focused on profitable activities, and rational processes. The technological environment has never been so prosperous and it is unbelievable that any company still insists on using systems with a technological lag. Business management systems have never been more agile and capable of simplifying processes, reducing risk, and increasing productivity.

The biggest risk for some companies and people is getting stuck in time! There is no nothing to waste, neither time, effort, or resources. The world calls for agile and effective changes. Economic cycles are getting faster and challenging, only the best are going to survive these environmental changes.

USA Elections 2020: Cybersecurity Strategies

Governors and mayors of the United States have received guidance, tools, and technologies from the government, in order to guard against possible cyber threats during the election period.

The Security Agency Cybersecurity & Infrastructure (CISA), the Department of Homeland Security, the Federal Bureau of Investigation (FBI), and the Center for Internet Security (CIS) are some of the American institutions committed to implementing the national strategic plan, through policies cybersecurity and defense mechanisms. CISA’s activities aim to preserve the entire electoral infrastructure. The security and risk containment strategy covers all states and other electoral offices. Consultancies and constant monitoring will be carried out. The FBI’s role is decisive in sharing information, tracking possible cyber attacks, investigations, and operations.

The Department of Homeland Security and the Center for Internet Security (CIS) is responsible for the implementation of software in the electoral offices, and for endpoint security, a protection mechanism for networks and computers, capable of pointing out routine threats and detecting suspicious procedures. In addition, devices that monitor security and flow in electoral networks, known as Albert sensors, will be used. According to CIS, this service is available only to US government entities. Albert is an Intrusion Detection System (IDS) and provides network security alerts for traditional and advanced network threats, helping organizations to identify malicious activity.

According to FireEye manager Michael Atkinson, the threat actors are creating more than a million new malware sequences a day. The damage caused by the lack of cybersecurity experts and the lack of investment in infrastructure and risk containment makes governments and private companies vulnerable to cyber-attacks. The United States, however, has demonstrated a continued investment in security defenses and new technologies since the last presidential election in 2016.

US Presidential Elections 2020: political interest of China, Iran, and Russia in the dispute

Commercial and technological disputes between China and the United States can boost political interest in the American presidential election on November 3. A complex and multifaceted conflict between the two countries increased by 2018. Peaked during the coronavirus pandemic (COVID-19), after economic sanctions, diplomatic crisis, and closure of a Chinese consulate in Houston, due to allegation on suspicious industrial espionage.

According to international relations specialist Fausto Godoy: China can be scaring. Today’s China is not a miserable China, this is a technological war disguised as a commercial war. President Trump has been an opponent of the Chinese expansionist plan and its technological dominance. The American Congress recently questioned possible interventions in the electoral period, promoted by China, Russia, and Iran, motivated by political, economic, commercial, and technological interests. According to the National Counterintelligence and Security Center, Iran’s and China’s conflicts with the current president result in an aversion to his re-election.

Intelligence reports suggest that Iran may try to compromise the election’s infrastructure, interfering in the voting process or questioning its results. According to agency director William Evanina, Tehran’s motivation to conduct these activities is partly driven for a perception that President Trump’s re-election will result in continued U.S. pressure on Iran in an effort to foster regime change.

Russia, however, has shown itself in favor of Trump’s re-election, using political artifices, to disparage the public image of Democrat’s Joe Biden how is Trump’s main opponent. The White House has taken a strong stand against possible future cyberattacks, political interference, or manipulation of data, which would undermine the election and its legitimate outcome.

Are crypto assets risky investments?

According to The Financial Action Task Force, although virtual assets potential benefits, “without proper regulation, they risk becoming a virtual safe haven for the financial transactions of criminals and terrorists.” In fact, crypto assets are been used to ask ransom, to money laundering, and to undercover criminal activity. According to CipherTrace, only in 2019, “losses from fraud, misappropriation of funds, exchange hacks and thefts add up to US$4.5 billion. Of these US$370 million were lost to thefts and hacks.”

According to CipherTrace, from 2018 to 2019, crypto-assets losses “due to fraud and misappropriation increased by 533%”. The FATF outlines that only the ‘Wannacry’ ransomware attack in 2017 cost at least “USD 8 billion in damages to hospitals, banks, and businesses across the world,” this damage is far beyond the USD 100 million asked in bitcoin ransom.

Crypto assets are laundered to hide rising ransomware attacks and other criminal activity. Chainalysis report that USD 2.8 billion was laundered in 2019 only with crypto assets. Not only viruses are infecting thousands of computer systems that are kept hostage until the victims paid hackers a ransom in crypto assets. Blockchain currencies are vulnerable to Sybil attack that in one single case 25,000 bitcoins were stolen in 2011.

Some countries are taxing those assets as regular high-risk investments, requesting investment banks, and stock-brokers to verify the identity of clients. Adding to already mentioned issues Institute for Research on the Internet and Society alert that “representations of value operated on the crypto platforms are not currencies neither from an economic standpoint nor from a legal one.” Therefore, investments in this type of asset cannot be considered a safe investment.

Authorities enforcements to track crypto transactions are legitimate and necessary to avoid its use to undercover criminal activities. Fighting against money laundering, and terrorism financing, making the world a safer place.

Cybersecurity in a Pandemic world

Hackers are using ransomware to digitally hold hospitals and medical services hostage, preventing them from accessing vital files and systems until a ransom is paid. The alert issued by INTERPOL (International Police Intelligence) in early 2020, to its 194 member countries, indicates the period of vulnerability and risk that the world faces during the coronavirus pandemic (COVID-19). The spheres most likely to suffer cyber-attacks are multinationals, technology companies, and the financial system. During the pandemic, however, attempts at ransomware attacks against hospital infrastructure and organizations have been exponential. Only in Brazil, in the first quarter of 2020, attempts at ransomware scam exceeded the 350% mark.

A study by the American University Maryland revealed that hackers attack every 39 seconds, an average of 2,244 times a day. The first cyber attacks appeared in the 1980s in the United States, causing millionaire damage to institutions, universities, military bases, and laboratories, such as the Lawrence Berkeley National Laboratory (1986), Griffiss Air Force Base (1994) and the Air Force in San Antonio (1998).

In December 1998, the United States Department of Defense created the Joint Computer Network Defense Task Force to protect the department’s networks and systems from future attackers. With the increasing level of cyber attacks, originated by hackers and criminal organizations, several countries have been concerned with prioritizing national security and defense rules, policies, through the use of cybersecurity, in order to protect government strategies, confidential information, such as commercial, banking and financial data, in addition to safeguarding personal data of its citizens. Thus, in 2001, the Budapest Convention or Convention on Cybercrime was created, an international criminal law treaty, with the objective of defining accordingly on cyber crimes and protection policies.

According to the ITU (International Communications Union – UN), cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, insurance, and technologies that can be used. used to protect the cyber environment, organization, and user properties.

For the past fifty years, the internet has provided the world with an unlimited environment of possibilities and information. A tool until then, directly connected to the academic and professional world, has become accessible and handled in countless spheres. This progress enabled a new professional, political, economic, and cultural dynamic. The social demand and the growing connection of man to the internet have become essential to the elaboration of public policies, norms, and instruments that guarantee greater protection of data of civilians, companies, and governments.

According to ANBIMA (Brazilian Association of Entities in the Financial and Capital Markets), technology brings countless benefits to society, simplifying procedures and services effectively, through flexibility, speed, and expansion of the means of communication. However, the continued use of new tools amplifies the risks of cyber attacks and the efficiency of its three pillars: confidentiality, integrity, and availability.

Cybersecurity is designed as a protection mechanism against the enemy. It can be called individuals, groups, or organizations, formed with the intention of violating, exposing, and manipulating data, information, strategies, or technologies of third parties, aiming at financial gains, influence, sabotage, or competitive advantages.

In their article Cybersecurity and cyberwar: what everyone needs to know, Friedman and Singer defend the relevance of confidentiality to keep information restricted and protected, which are of great value, especially in the virtual world. Security rules and measures are necessary to ensure the privacy of the content, regardless of the recipient and its purpose. Integrity indicates whether the system is secure and is not subject to fraud and changes by third parties. This pillar is essential to ensure that there is no data breach and to ensure the transmission of truthful information.

The availability in cybersecurity matches the functionality of the system. It is necessary to detect if there was a violation of any program or criminal intervention, during the operation process. Qualified as a branch of information security, cybersecurity aims to apply various tools, methods, and technologies, with the aim of protecting systems, data, and information, from cyber attacks, which cover different levels of complexity, damage, and depth.

Brazil’s Open Banking

As some Brazilian financial institutions are charging up to 790% per year on credit card loans, Brazilian Central Bank (BCB) is opening Brazil’s market to Fintech’s. This opening movement that includes simplified legislation and lighter requirements for Fintechs has now gained new momentum with open banking. It is expected that with this new policy of sharing information between large banks with fintechs, interest rates will be more attractive to the population.

Absence of consumer credit leads Brazilians to use debit cards instead of credit cards. There are 2.3 cards per person while there are only 0.7 credit cards. E-commerce payments represents USD 1.4 billion, Brazil is the largest e-commerce market in latin America and the fourth-largest internet market in the world. A very concentrated credit market in five major banks and a huge online market creates a lot of opportunity for fintechs.

  • The 5 largest banks together hold over 80% of the Brazilian market
  • Credit cards 0.7 per capita
  • Payments of e-commerce are 59% with card
  • E-commerce market value over USD 20 billion

Open banking to BCB is “the sharing of data, products and services by financial institutions and other licensed institutions, at the customers’ discretion as far as their own data is concerned, through the opening and integration of platforms and infrastructures of information systems, in a safe, agile and convenient manner.” One of the principles is that bank details belong to customers and not to institutions.

BCB report that “participating institutions are responsible for ensuring the reliability, integrity, availability, security and confidentiality of data and services they share, as well as for meeting customer demands and supporting other participants.” API developers will be able to provide external integration services between banking platforms for data sharing upon the client’s authorization.


Electronic wallet, the evolution of gift cards, offers a possibility to transfer money to other accounts whether banking or non-banking, promising to eliminate the need for an old fashion wallet with cash and cards. In general, mobile payment solutions can take advantage of radiofrequency, wireless & Bluetooth technology to interact with websites and other apps, as well as point-of-sale devices.

E-wallet is struggling in a leadership battle of an incipient market divided by other three strong competitors: Blockchain, Digital, and Mobile wallets making it difficult for users to choose from. While B-wallets grab currency fan’s attention as they can gather and exchange crypto coins using blockchain as a security device. D-wallets, in its turn, hold debit and credit card codes allowing radiofrequency bank account identification with a fancy bracelet, or a watch instead of the old card.

On the other hand, M-wallets promise to store multiple card numbers in a mobile encrypted environment giving a secure & unique code to each transaction, meaning that actual numbers are never stored or shown. According to WEF “during the coronavirus crisis, digital payments have been keeping economies running and helping people reduce contact with viruses.” In 2019 China and India were the world-leading users on the Internet and smartphones.

China had (2019, in millions):

  • 854 Internet users
  • 851 Smartphone users

India had (2019, in millions):

  • 560 Internet users
  • 346 Smartphone users

The Chinese government has supported a technological revolution and given a go-ahead for the implementation of new forms of money transfer since 1993. The most remarkable events of this evolution of non-bank digital transactions in China according to WEF:

  • Chinese’s foundation for online payments started in 1993
  • In 2003 when SARS spread only 5.2% of Chinese had access to the internet
  • China processed USD 35 trillion non-bank online payment in 2019

In 2016, the Indian government imposed a law to boost electronic payment taking off 86% of its currency in circulation. This government policy was called demonetization and forced it’s citizens to use online payments. India also chose an open-platform that would drive fintech to embrace digital payments. This Unified Payments Interface (UPI) uses multiple banking accounts to stimulate interbank competition.

In December of 2019 1.3 billion transactions were made by India’s UPI, approximately 10 times more transactions than the two years before. According to WEF “as the global economy rapidly digitalizes, an estimated 70% of new value created over the next decade will be based on digitally enabled platform business models.” “Digitization has the potential to generate, financially, about USD 100 trillion over the next decade for industry and society generally.