As more banks make headlines through failing to effectively monitor and report on money-laundering activity, we need to rethink the AML problem and the roadblocks to solving it.
To restate the problem, we have $2T laundered through the banking system every year. About $25B is intercepted by law enforcement and $70B is spent by banks on AML. And yet, some of the most prominent banks in the industry are facing enforcement actions, fines and shareholder lawsuits, with executive management held responsible for financial crimes facilitated through their systems.
Banks are typically very diligent about following regulatory requirements and use some variation of the five pillars approach to safety and soundness. These are (1) written policies and procedures; (2) a designated AML compliance officer; (3) independent testing of the institution’s AML program; and (4) implementation of an adequate employee training program (5) ongoing customer due diligence.
The implementation of these five pillars is based on best practices associated with governance, process, and systems. While governance and process are well-intentioned and often thoughtfully designed, technology systems are woefully inadequate to implement a risk-based approach to BSA/AML compliance that can be both effective and efficient.
The Case for Agile Compliance
In our recent posting Should AML Technology Drive Business Process or Vice Versa? we outlined why technology needs to follow the business requirements. Agile Compliance is a better approach to mitigating the operational risks of AML/BSA/CTF for banks. One of the key benefits of Agile Compliance is the ability to combine machine intelligence with human intelligence to create a risk-based business process for AML.
Agile Compliance is derived from best practices originally implemented by software developers over the last two decades for managing projects. This approach values human communication and feedback, close collaboration with customers, adapting to changes, and producing working results. The Agile Compliance approach favors Intuitive software over extensive training and documentation.
The fundamental challenge for banks in managing regulatory expectations is an abundance of information and a dearth of insights. Banks have legacy technology investment in systems of record, systems of automation and systems of engagement. These are the basis for the creation of a Regulatory System of Insight.
A Regulatory System of Insight (RSOI) is the foundation for building Agile Compliance. Key technologies used for Agile Compliance include Artificial Intelligence, Machine Learning, Data Analytics and DataOps.
Agile Compliance - The Key to a Risk-based AML
Agile Compliance is closely aligned with regulatory guidelines which require that financial institutions identify risks related to the specific products, services, customers, entities, and geographic locations unique to the institution. Agile Compliance enables banks to harness innovation while adopting best practices related to Safety & Soundness.
The promise of Agile Compliance is twofold, firstly to free the bank from being driven by archaic software technology and secondly to alleviate compliance staff from tedious and mundane work screening hundreds or thousands of alerts where false-positive often exceed 90%. Agile Compliance enables banks to have business processes to drive the implementation of the process and gives the bank the ability to implement governance aligned with regulatory guidelines.
Banking executives now realize that governance, process, and systems need to be closely intertwined to create a robust risk-based approach to AML. Banks that do not take a holistic view of managing operational risk are the most vulnerable to financial crimes. In an environment where compliance is a high-stakes requirement for banks, Agile Compliance can make the difference between success and failure.