Despite the industry’s efforts, money launderers, human traffickers, drug kingpins, arms smugglers, terrorist financiers and common criminals continue to take advantage of any point of entry into the financial services system.
It has been described for years by many that these bad actors only need to identify, infiltrate and take advantage of the weakest link in the financial services chain to navigate through a global payments model and avoid detection. That weakest link may be a large bank, a smaller regional bank, a money services business or a financial services industry participant operating in an offshore jurisdiction and functioning under a weaker regulatory regime.
To compound the challenge faced by financial services firms, the global payments model continues to rapidly evolve and future compliance vulnerabilities will be introduced through emergent payment innovations, alternative remittance providers and virtual currencies, to name a few. With each innovation in the global payments system, money launderers continue to innovate at an equal or faster pace, finding ways to avoid detection and move money easily through the system.
So, what is the outcome? Financial crimes — those that can be accounted for — continue to occur at an unbelievable scale. Trillions of dollars of illicit funds are in circulation. The cost of the crimes to the global economy and the continued abuse of the world’s financial services industry to hide ill-gotten gains are expanding. We continue to live in a world in which a common criminal can have a systemic impact by taking advantage of the financial services system to hide their ill-gotten gains.
Financial services firms have a significant responsibility as the front line of defense in identifying these bad actors and their behaviors. While knowing your customer is about bringing the best complementary service in a competitive environment, it is also very much about making certain the customer is who you think they are. Financial services firms have access to an enormous trove of information to help identify not only who their customers are, but also what their expected behavior should be.
These responsibilities have led to another outcome. There has been an enormous and continued cost to the industry to build and evolve the controls and sophisticated strategies to identify these bad actors — costs incurred for both technology and people. We also exist in an environment with high penalties for noncompliance. The global regulatory authorities have levied billions of dollars of fines against firms with incomplete or insufficient intervention programs, and compliance costs have substantially increased across all major firms.
The industry, across the spectrum of size and sophistication of financial services firms, has taken a major leap forward in the last five years in the build-out of innovative and impactful technology solutions to identify suspicious activity and reduce the overall costs. Without the use of these powerful tools, it is nearly impossible to identify bad behavior and escalate concerns to law enforcement.
How can one identify a normal transaction vs. a suspicious one without combining multiple sources of information, including customer-specific information, beneficial ownership structures, the understandable purpose of transactions, movements of money to higher-risk jurisdictions and suspicious counterparties? This requires technologies that provide intelligent analysis and machine learning to identify risk activities that would not be obvious to the human eye.
The industry and its related regulatory authorities have recognized this need and are building and leveraging innovative technology solutions at an unprecedented pace. In addition, within the United States and the United Kingdom, for example, regulators have explicitly encouraged and fostered the development of innovative technology solutions and are creating an environment in which there is a willingness to take a chance on unproven solutions.
And, now, a word of caution. Whenever there is a market demand, a commitment to an additional spend or a topic for which there are few mature solutions, numerous vendors will claim to have “solved the challenge” and offer countless tools that claim to employ artificial intelligence, automation, cognitive solutions, machine learning, robotics or whatever buzzword attracts the attention of the buyer. There is no such thing as a “cool tool” to easily make certain that your firm is fully compliant with its compliance responsibilities. As a result, financial services firms need to be cautious in choosing their innovation advisor and related technology.
While the next innovative solution may in fact be developed by a small, nimble startup company, this same solution may lead to overreliance or an error if the inner workings are not fully understood and tested. Just as one would expect with any purchase, if it sounds too good to be true, it likely is. The pace of change can be rapid, but it must also be undertaken with technology that is fit for purpose to a financial services firm’s risk profile, technical architecture and sophistication. Should a firm deploy a “black box” approach to monitoring for suspicious activity, it will likely face regulatory challenges and criticism, or overlook activity that should have been monitored and escalated.
When working with an advisor to successfully implement and manage innovative intervention techniques, it is critically important to quickly move beyond the buzzwords and understand the inner workings, the proven use cases and the regulatory credibility of these solutions. Some leading firms have established “innovation committees” that combine compliance, technology, regulatory and data-related skill sets to critically evaluate the offered solutions or the internal development of tools, such as robotics.
By providing an effective challenge through this oversight model, these firms can better target their efforts to those tools and strategies that offer the highest impact with the least amount of risk. These governance committees also make certain of an early focus and the participation of accountable parties to help avoid future risk areas that could result in regulatory criticism or damage to the brand.
In the end, the responsibility placed upon financial services firms to identify and escalate suspicious activity and individuals or entities is significant, and the only way to be fully successful is to take advantage of the current innovation trends in a thoughtful and measured manner. While the bad actors are taking advantage of the system and deploying new and creative ways to introduce dirty money into the system, all firms that serve as an entry point for this money need to keep pace with the industry.
No firm wants to be recognized as “the weakest link in the chain,” and the stakes are high when it comes to making certain you have a fully functioning and highly effective compliance program. The pace of progression for intelligent solutions will only increase, and today’s common control practice may be a lagging strategy in a very short period of time. If you haven’t already done so, take the leap forward to progress reliable and effective innovation so, together, the industry will be better positioned to make a dent in the continued proliferation of financial crime.
Disclaimer: The views expressed by the presenters are not necessarily those of Ernst & Young LLP or other members of the global EY organization
Tagged under Compliance, Risk Management, Compliance Management, Operational Risk, BSA/AML, Compliance/Regulatory, Cyberfraud/ID Theft, Feature3, Feature, Duties, AML & Fraud, Fintech, Payments, Security,