As AML/CTF regulatory expectations evolve, so should the corporate response

Key take-aways

  • Leveraging technology is fundamental in the task of proactively identifying AML/CTF issues
  • AML/CTF regulations consistently rank as one of the most pressing operational risk concerns for banks
  • Big data can help to provide a best-in-class financial crime risk mitigation function

Mitigating the twin risks posed by money laundering and terrorist financing consistently ranks as one of the most pressing operational concerns for financial crime compliance teams. Organised criminals and terrorist groups remain intent on gaining access to the global financial system, and governments – as evidenced by the ever-shifting AML/CTF regulatory landscape – remain just as resolute about preventing that from occurring.

As banks respond to increased regulatory scrutiny of their AML/CTF risk management frameworks, so too does the spotlight fall on their ability to leverage available internal and external intelligence to pull together a single view of the degree of risk a customer may pose. Central to achieving this task is the provision of timely, incisive and benchmarkable country-level financial crime risk data. Harnessing big data can undoubtedly help banks better identify and adapt to emerging risk trends; however, are financial institutions adopting a proactive enough stance to mitigate financial crime risks?

Ratcheting up the regulatory pressure

Anticipated tighter AML/CTF controls over the short- to medium term is far from a bold prediction. Regulators have advanced numerous legislative initiatives designed to raise ethical standards inside banks and challenge decision-making in relation to new customer onboarding.

A handful of key contributing factors will continue to keep AML and CTF firmly on risk and compliance professionals’ agendas over the near-term outlook:

  1. Terrorism Risk: Pre- 9/11, CTF was not formally recognised as a core responsibility of financial crime compliance units; however, threats posed by militant groups such as the Islamic State underscore the ongoing challenge of cutting off funding sources to terrorist organisations globally.
  2. Tax Transparency: Legislative responses at both the national and supra-national level are expected in response to recent high profile (and potential future?) document leaks detailing tax-avoidance in jurisdictions such as Panama, the Bahamas, Luxembourg and Switzerland.
  3. Blockchain and Cryptocurrencies: The buzzwords du jour for many financial institutions, regulators will need to ensure that AML/CTF controls are updated to keep pace with the evolving capabilities and purposes of these new technologies.
  4. Sanctions Risk: Uncertainty over the sanctions landscape – notably in regard to the future make-up of the Iran nuclear deal – presents significant operational and oversight challenges to global financial institutions.

So, what’s at stake?

The ability of financial institutions to confidently measure country-level financial crime risks is essential in today’s complex operating environment. Lapses in AML/CTF controls hold the potential to not only have a disastrous impact on corporate bottom lines, but also erode hard earned reputational capital.

The penalties issued to banks for non-compliance has escalated significantly since 2007-2008, with research published by the Boston Consulting Group (BCG) indicating that approximately US$321 billion of conduct related fines have been meted out over the last decade alone.

What is becoming increasingly apparent is that not only are control failures no longer tolerated by regulators, but shareholders and the general public remain sceptical about the behaviour of banks a decade on from the global financial crisis.

Balancing risk and reward

While the AML/CTF compliance burden may lead to some banks ‘de-risking’ and moving away from certain businesses or client segments, for others the prospect of losing out on correspondent banking relationships is not a viable option. Yet, as the AML/CTF compliance bar continues to be raised, and levels of enforcement are ratcheted up, banks must proactively demonstrate – both internally and externally – precisely how they are managing such evolving regulatory expectations. As part of this process, big data can help to provide a best-in-class financial crime risk mitigation function.

Doing nothing is clearly not an option, so banks must continue to seek both faster and leaner ways to ensure compliance with today’s – and tomorrow’s – expanding AML/CTF rules. Timely, incisive and benchmarkable country-level financial crime risk data is central to this task, and should form the bedrock of any bank’s compliance strategy. It can help to:

  1. Establish baselines, define best practices and identify opportunities for improvement in financial crime risk management practices
  2. Gain an independent and holistic perspective about how well a country compares to others in terms of its financial crime legislative and enforcement climate
  3. Encourage internal discussions about how financial services companies can help to prevent crimes such as breaching sanctions, fraud, money laundering and terrorist financing

Setting the tone from the top

A fragmented or indeed reactive approach to financial crime risk management in today’s operational environment is not enough. To effectively detect, assess, prevent and respond to financial crime, banks should consider a more strategic and holistic risk management approach.

With regulatory agencies demanding more accountability, chief compliance and chief legal officers need to emphatically set the tone from the top down about what is acceptable and unacceptable behaviour when it comes to customer onboarding.

With the emphasis today being increasingly on prevention and/or early detection, leveraging technology, including advanced analytics, is fundamental towards the task of proactively identifying AML/CTF issues before they develop into front page news.