Enhancing the AML capabilities
We asked FCG partner Henrik Nilsson what trends can be observed in the frameworks to counteract Money Laundering and Terrorist Financing, and how the AML-process relates to other risks that the institutions are exposed to:
Q: What is the curret status with regards to AML from a steering and risk management perspective?
Anti Money Laundering (AML) and Combating Financing of Terrorism (CFT) has been, and certainly should be, on the Board- and Senior Management agenda. Not least due to the media coverage lately which has brought attention to possible consequences for stake- and shareholders. The importance for the Board and Senior Management to continuously review and evaluate the revenue streams is a critical feature in a functioning AML-management system, but it is also a relatively passive measure. Meanwhile, additional supporting actions can be implemented at earlier stages in the process.
From a risk management perspective, if we compare the institutional set-up relating to the Asset and Liability Management, as an example, it is obvious that further implementation initiatives remain. While it is true that maturity transformation is at the core in banking, it is equally true that the subjects for transformation may stem from illegal activities and where the worst-case scenario is that the funds are used for actions with horrific consequences. Therefore, some re-organizations may be expected, and it is likely that AML/CFT will be managed like many other risks that the institutions are exposed to.
Q: What type of process or system initiatives are currently being discussed?
FCG has been in talks with several clients, where a common theme has been the challenges in the various systems that have been deployed to support the AML framework. Many institutions recognize that the architectural design of these systems is too fragmented, and where the possibility for communication and leverage between the individual components are lacking. In general, the system for transaction monitoring and risk classification of customers does have very limited capability for cross functionality, limiting the efficiency in detecting money laundering and terrorist financing.
In addition, another hot topic are the underlying models that have been deployed for risk classification purpose, and how well they are functioning. From what we have seen, there is a high degree of conservatism built in into the models, which causes higher workloads in the monitoring sequence than what may be called for. We are certain that by revisiting this area, and allowing the models to generate distributions with more “low risk”-customers, the AML/CFT process efficiency will increase and more resources can be deployed focusing on the “high risk”-segment.
Q: What does this require in terms of tech initiatives?
The technology has been available for long time, albeit the computational cost has declined. One of many reasons that the risk classification dimension will be re-visited is that the awareness of what can be achieved by “data crunching” has strengthened and where business cases are identified where there previously were none. If it is possible to be more efficient in the AML/CFT-process, while at the same time maintain or even reduce costs, that constitutes an opportunity that should be evaluated together with all other activities.
Furthermore, what we expect is more collaboration between risk control functions and the business functions, and where the experiences from modeling and model risk management is shared in new forums in the organizations, i.e. AML/CFT will be treated like any other risk along the way, being subject to quantitatively set risk tolerance and appetite, model deployment, reviews and validation. For institutions, where this may not be feasible unless unjustified costs arise, another option may be to set the ambition for a less fragmented system support. Stay tuned as FCG will shortly release some interesting news in this matter.