November 26, 2018 | Written by: Sam Kalyanam
Categorized: FinTech | IBM RegTech Innovations | Security
Share this post:
Financial institutions globally are awakening to the fact that regulatory technology will drive the next wave of innovation in their approaches to understanding and stopping financial crimes. From attempted money laundering, to account takeover, to insider trading, institutions are paying attention. But for some in the financial industry, the idea that these technologies can solve more problems than they create is a novel concept. After all, it is these types of solutions that can create an unmanageable number of false positives that constrain resources and hinder an analyst’s ability to focus on the real threats to his/her institution.
I challenge that notion, and also present three key ways that the new approach to financial crime and compliance management moves away from the current, endless Sisyphean cycles and is a fulfillment of what many of your existing solutions promised: a better approach. Specifically:
- Layered perspectives provide greater understanding in a complex world
Each anti-money laundering (AML) compliance or fraud prevention technology that your institution acquired over the past few decades should have been the best solution at performing a singular task. In the AML space, this could have been about behavioral profiling, peer grouping or expert-driven rules. But as behaviors change and peer groups shift, these systems either needed to be overhauled or they would produce less and less accurate results.However, if you use multiple strategies, you can “average out” your risk indicators, so that an outlier in one area can be exonerated by lower risks in multiple others. Likewise, multiple moderate risks that are not significant on their own will highlight an overall high level of aggravated risk, which would fail to be uncovered through a singular technique or risk perspective. This approach is by no means 100% accurate, however, using analyst feedback and continuous improvement, it maintains better accuracy over time.
- Continuous improvement should be hardwired into your process
The idea of continuous improvement seems obvious. Why wouldn’t your organization and analysts get better at assessing similar types of situations when they see them repeatedly? But, often, this is not the case. For example, we worked with a financial institution in the Asia-Pacific region that was seeing an abundance of false positives in their sanctions screening process for sanctioned countries and entities. Upon further investigation, most of the accounts that were being flagged had some element related to a sanctioned entity in name only, but were obviously not related to that entity. This included the restaurants with “Havana” in their names, though nowhere near Cuba, as well as names that were a partial match to drug kingpins, but in low risk locations where that name could be common. A process built on continuous improvement would have reduced these erroneous alerts over time. However, especially in the sanctions screening process, the same logic is applied over and over, achieving the same sub-par results.
- Identifying risks works better ahead of time
This is, of course, easier said than done and perhaps the hardest part of understanding risk to your financial institution. Whether on-boarding a new customer or reviewing a potentially suspicious transaction, banks are often forced to “start from scratch” in their investigations. In the former case, the lack of transactional and behavioral history makes new customers a gamble, creating friction in the customer experience with predefined limits on transactions and mobile deposits during the initial “probationary” period. In the case of reviewing suspicious transactions, due to a single outlier, as noted in the layered section above, analysts must expend extra effort to disprove risk in order to close the alert as a false positive. Looking at the inherent risks in a customer’s relationship network, whether due to relationships with high-risk entities or a network in a high-risk demographic or industry, provides additional perspective on potential threats. But much like the previous points, there is not one silver bullet strategy; all of these provide greater collective insight that has been lacking in the current, one-dimensional financial crime investigation process.
The whole is greater than the sum
If instead institutions would combine these strategies and view customers and transactions in their full context, firms would generate fewer false positives and higher quality alerts, with the details and connections readily apparent to the investigator. For example, if a customer receives $100,000 per month, then a transaction of $1 million in a given month, this 10% increase may seem initially suspicious. However, if you understand that the customer is in financial services, and this is likely a December bonus, you would be less likely to hold or block this transaction. In looking deeper into this customer’s behavior, this 10% bump at the end of the year could be well established over the past few years as well as within the benchmarks for their peer group. Lastly, if the customer’s network does not pose a risk, this transaction can be passed through and a potentially detrimental customer experience can be avoided.
As regulators grow more stringent about how institutions scrutinize their customers, as we’ve seen from last year’s CDD Rule in the US, the need for a smarter approach to financial crime and AML compliance analysis will go from being optional to essential. And more than just a way to gain efficiency, banks who can better assess customer risk and potential threats will be able to minimize their risk and regulatory exposure as well as disruption to the customer experience.
Webinar: AML Compliance comparison and effectiveness
IBM and Promontory with Risk.net experts will be holding an upcoming webinar to help you better understand how your AML compliance program compares to your peers, while discussing the results of our recent survey on the current state of AML compliance effectiveness.
IBM Anti-Money Laundering benchmarking: How does your approach measure up?
Date: Tuesday, November 27, 2018
Time: 10am EST/3pm GMT
Reserve your place here
For more information about IBM AML solutions and services, visit us at ibm.com/regtech.