The Anti-Money Laundering Challenge: How to Improve Transaction Monitoring
Plagued by inefficient data management, inadequate alerts about suspicious behavior and outdated technology, financial institutions are still facing an uphill battle in the fight against money laundering. But there are steps firms can take to upgrade transaction monitoring and to better detect and report suspicious activity.
Friday, June 5, 2020
By Sven Stumbauer
Money-laundering scandals have been the bane of financial institutions for two decades, and 2020 is proving no different. Faced with ever-increasing regulatory-enforcement actions, many firms continue to struggle with anti-money laundering (AML) compliance issues. While there is no panacea for AML compliance, there are steps firms can take to more effectively monitor transactions.
One predominantly cited shortcoming of financial institutions is the failure to detect and subsequently report suspicious activity, despite financial institutions' significant investments in automated transaction monitoring systems. Work in this space suggests that the risk lies not only in the areas of system implementation and maintenance but also in the analysis and utility of the output of those systems.
Financial institutions are becoming increasingly dissatisfied with their current automated monitoring efforts, and are therefore seeking solutions that may lighten the workload of many AML compliance departments.
One of the industry's largest “dissatisfactions,” with respect to automated AML monitoring systems, is the low yield of high-quality alerts. Indeed, the vast majority of alerts never make it past the initial investigative stage. Furthermore, only a small fraction of alerts generated result in actual suspicious activity report (SAR) filings.
Robust information-technology (IT) systems have always been critical parts of AML compliance. However, as recent enforcement actions have shown, legacy IT systems and siloed processes appear to be ongoing struggles for financial institutions - a trend that will likely continue unless these firms improve the robustness of their IT systems.
Many financial institutions around the world are plagued by outdated IT systems that exhibit the following drawbacks: (1) inadequate customer data (historical or current) that is not easily accessible and available in digital formats; (2) legacy systems that are siloed and/or cannot handle the increased demands of compliance due to their inherent limitations; (3) in-house systems that are not equipped with a common interface to exchange information, often leading to siloed solutions in certain geographies and lines of business; and (4) data repositories that lack the level of sophistication required to create dynamic, agile AML transaction monitoring models.
The saying “garbage in/garbage out” continues to apply. While monitoring solutions have significantly evolved, the “input” seems to be lacking. This has led to a new reality of firms not fully utilizing the technical capabilities of available solutions, thereby exposing themselves to further criticism by money-laundering regulators.
10 Steps for Enhancing Transaction Monitoring
There is no silver bullet for a robust transaction monitoring system, and that is why financial institutions can - and should - tailor automated systems to their businesses' AML and risk profiles. To ensure that AML systems will work to meet expectations and regulatory requirements, there are certain basic areas financial institutions should consider when developing their automated transaction monitoring solutions.
Firms that want to improve transaction monitoring should take the following steps:
Conduct an analysis that identifies the universe of all “at risks” involving AML and sanctions transaction types used by the institution.
Employ comprehensive customer risk assessment and segmentation.
Complete a thorough product assessment to determine the money-laundering risks posed by certain products and product groups.
Incorporate information that covers “know your customer,” customer due diligence and enhanced due diligence.
Use network analysis of related accounts, via ownership and/or transactional activity.
Monitor customers across various lines of business and jurisdictions by conducting a cross-business analysis and geographic analysis of your customer base.
Assess the scalability of the automated transaction monitoring system with regard to product and geographic expansion.
Develop and tailor risk-based and intelligent detection scenarios for the identification of unusual and potentially suspicious activity.
Develop an ongoing tuning process that establishes baseline thresholds,
Continuously adjust scenarios to meet business realities and, if required, modify detection tools.
Ideally, a financial institution should be able to see the full picture by monitoring and sharing its customers' transactions across businesses and, potentially, jurisdictions. This will help facilitate the identification of any unusual transactions and behaviors, as well as potential sanctions violations.
Many financial institutions continue investing in systems or people to manage the output; however, those institutions should consider what will be sustainable for the long term, instead of aiming only to meet today's minimum regulatory standards.
Today, financial institutions still focus too much on regulatory compliance, and this approach is reflected in recent headlines relating to AML enforcement actions. But there is hope for the future.
Overall, the financial services industry is in the early stages of a journey to move beyond strict regulatory compliance, emphasizing - instead - the effectiveness of compliance and risk management processes. The industry recognizes that investments in monitoring solutions with limited yield cannot be sustained long term. Rather than simply seeking to meet today's regulatory compliance standards, firms are beginning to realize the importance of proper data management and of implementing effective technology solutions.
Organizations must learn to take full advantage of the data already collected, further building out capabilities with currently unused or underutilized systems. This will unlock a significant opportunity to improve AML transaction monitoring efforts, increasing firms' abilities to detect, and ultimately report, suspicious activities.
Sven Stumbauer is a senior advisor at Norton Rose Fulbright and a globally-recognized financial crimes and forensic investigations professional with more than 20 years of experience. Prior to joining Norton Rose Fulbright, he was a managing director and global anti-money laundering and sanctions practice leader at AlixPartners.