10-09-2013, 10:29 AM
AML: A US$2bn Search for the Needle in the Haystack
Julie Conroy, Aite Group - 7 Oct 2013
There is never a final fixed destination for financial institutions (FIs) in their anti-money laundering (AML) compliance - regulation and the environment in which they operate are in a constant state of flux. However, this article outlines best practice in this field to help ensure that companies can keep the regulators happy.
Finding patterns indicative of money laundering and other financial crimes is akin to searching for a needle in a haystack. With the increasing pressure on banks' anti-money laundering (AML) teams, however, many charged with this responsibility increasingly feel like they're searching for those needles while at the same time a combine harvester bears down on them at full speed. These pressures include:
•Regulatory scrutiny: The high-profile - and expensive - enforcement actions that have taken place during the past year, particularly in the US, emphasise the extent to which regulators are scrutinising financial institutions (FIs) and penalising those which don't pass muster. The discussion around so-called ‘too big to fail’ FIs now also includes the concept ‘too big to jail’ in light of the lack of criminal penalties in the HSBC case (although its head of compliance stepped down ), and US regulators are under pressure from legislators to demonstrate that their oversight is strong and effective.
•Payment volume and types increasing: As much of the global economy gradually eases its way into a recovery, payment volumes are growing. Not only is volume rebounding to pre-recession levels, but there have also been a number of new financial products and payment formats introduced in recent years, which further increases the workload for the teams who have to screen these payments for money-laundering, sanctions, and global anti-corruption-related exceptions.
•Illicit activity on the rise: Criminal activity continues to increase at a rapid pace. The array of activity that FIs' AML units are responsible for detecting has also experienced a significant increase in scope over the last decade, with the expansion of the mandate from pure money laundering to also encompass terrorist financing. FIs have had to transition from activity primarily focused on account-level monitoring to item-level monitoring; increasing by orders of magnitude the volume of alerts analysts must work.
•Constrained budgets: All of this is taking place during a time in which top-line revenue growth is constrained and FIs are under pressure to reduce expenses and optimize efficiency.
Regulators: Upping the Ante
2012 saw regulators impose an unprecedented level of fines for failure to comply with AML regulations. The year was capped with the largest AML financial penalty the industry had yet seen, a US$1.92bn fine levied against HSBC as per Table A below:
![[Image: AML1.png]](http://lucky.myftp.org:8181/pics/news/AML1.png)
The fines typically correspond with the magnitude and duration of the offenses. In TCF's case, the offenses were relatively minor; a result of poor quality control over the process of filing suspicious activity reports (SARs). In the case of HSBC, the issue was a more systematic failure of controls that resulted in HSBC enabling the movement of billions of dollars through the financial system for terrorists, sanctioned nation-states, and Mexican drug lords. The UK fines typically focused on inadequate controls around PEPs; the Habib Bank fine, while small, was notable because of the ancillary fine levied directly upon the bank’s money laundering reporting officer.
Judging from the tenor of the rhetoric emanating from Washington, DC, these enforcement actions should serve as a warning to all other FIs operating in the United States. The August 2012 appointment of a former prosecutor from the Department of Justice (DoJ), Jennifer Shasky Calvery, as the new director of the Financial Crimes Enforcement Network (FinCEN) sent a clear message that the focus on enforcement actions would continue.
The Office of the Comptroller of the Currency (OCC) also signaled its intention for more rigorous examination and enforcement activity when the head of that agency, Thomas Curry, sat on the congressional hot seat in March 2013 for the OCC's perceived lax enforcement of money-laundering laws. Comptroller Curry's prepared remarks gave FIs a preview of coming attractions in their annual examinations (i.e. the pain that the OCC was experiencing would be passed downstream to the banks). The OCC is in the process of preparing detailed guidance for FIs concerning sound corporate governance processes for Bank Secrecy Act (BSA) compliance, including business-line accountability for BSA compliance. This last part is particularly concerning to many AML executives, as it has the potential to significantly increase the personal risk associated with the job of overseeing BSA compliance for an FI.
Keeping the Regulators Happy
Table B below provides a snapshot of the current ‘hot buttons’ for examinations by US bank regulators:
![[Image: AML2.png]](http://lucky.myftp.org:8181/pics/news/AML2.png)
Given the regulatory environment, FIs have to continue incrementing what they are doing to keep the regulators happy. Here are a number of best practices in use by FIs to accomplish just that:
•Document, document, document: Regulators want to know that FIs have a thorough understanding of how the models in their AML analytic systems work, and whenever changes are made to those models, the regulator wants to see documentary evidence that substantiates that any improvements to efficiency are not at the expense of detection.
•Maintain open communications with your regulator: It’s important to maintain an ongoing dialogue with regulators. Keep them in the loop as you plan system changes that will impact your AML processes and obtain their feedback early and often. This will eliminate the potential for any unpleasant surprises come exam time.
•Communicate with your peers as well: Open communication with other banks regarding the areas of focus for their exams can help an FI better prepare for its own. Many FIs have formed peer groups which meet on a regular basis to compare notes, not only about areas of regulatory focus, but also to benchmark efficiency ratios, best practices regarding technology solutions, etc.
•Use enforcement actions as lessons for improvement: Learn from those enforcement actions and examine internal processes to ensure that your FI will not be the next in the headlines for the same transgression.
Above all, it’s is important for FIs to be nimble and responsive to changes in their environment. There is never a final fixed destination in AML compliance. Patterns of financing change, areas of regulatory scrutiny evolve, and to best protect the FI AML executives need to be continually examining and evolving their own technological and manual processes in order to achieve compliance as effectively and efficiently as possible
Julie Conroy, Aite Group - 7 Oct 2013
There is never a final fixed destination for financial institutions (FIs) in their anti-money laundering (AML) compliance - regulation and the environment in which they operate are in a constant state of flux. However, this article outlines best practice in this field to help ensure that companies can keep the regulators happy.
Finding patterns indicative of money laundering and other financial crimes is akin to searching for a needle in a haystack. With the increasing pressure on banks' anti-money laundering (AML) teams, however, many charged with this responsibility increasingly feel like they're searching for those needles while at the same time a combine harvester bears down on them at full speed. These pressures include:
•Regulatory scrutiny: The high-profile - and expensive - enforcement actions that have taken place during the past year, particularly in the US, emphasise the extent to which regulators are scrutinising financial institutions (FIs) and penalising those which don't pass muster. The discussion around so-called ‘too big to fail’ FIs now also includes the concept ‘too big to jail’ in light of the lack of criminal penalties in the HSBC case (although its head of compliance stepped down ), and US regulators are under pressure from legislators to demonstrate that their oversight is strong and effective.
•Payment volume and types increasing: As much of the global economy gradually eases its way into a recovery, payment volumes are growing. Not only is volume rebounding to pre-recession levels, but there have also been a number of new financial products and payment formats introduced in recent years, which further increases the workload for the teams who have to screen these payments for money-laundering, sanctions, and global anti-corruption-related exceptions.
•Illicit activity on the rise: Criminal activity continues to increase at a rapid pace. The array of activity that FIs' AML units are responsible for detecting has also experienced a significant increase in scope over the last decade, with the expansion of the mandate from pure money laundering to also encompass terrorist financing. FIs have had to transition from activity primarily focused on account-level monitoring to item-level monitoring; increasing by orders of magnitude the volume of alerts analysts must work.
•Constrained budgets: All of this is taking place during a time in which top-line revenue growth is constrained and FIs are under pressure to reduce expenses and optimize efficiency.
Regulators: Upping the Ante
2012 saw regulators impose an unprecedented level of fines for failure to comply with AML regulations. The year was capped with the largest AML financial penalty the industry had yet seen, a US$1.92bn fine levied against HSBC as per Table A below:
The fines typically correspond with the magnitude and duration of the offenses. In TCF's case, the offenses were relatively minor; a result of poor quality control over the process of filing suspicious activity reports (SARs). In the case of HSBC, the issue was a more systematic failure of controls that resulted in HSBC enabling the movement of billions of dollars through the financial system for terrorists, sanctioned nation-states, and Mexican drug lords. The UK fines typically focused on inadequate controls around PEPs; the Habib Bank fine, while small, was notable because of the ancillary fine levied directly upon the bank’s money laundering reporting officer.
Judging from the tenor of the rhetoric emanating from Washington, DC, these enforcement actions should serve as a warning to all other FIs operating in the United States. The August 2012 appointment of a former prosecutor from the Department of Justice (DoJ), Jennifer Shasky Calvery, as the new director of the Financial Crimes Enforcement Network (FinCEN) sent a clear message that the focus on enforcement actions would continue.
The Office of the Comptroller of the Currency (OCC) also signaled its intention for more rigorous examination and enforcement activity when the head of that agency, Thomas Curry, sat on the congressional hot seat in March 2013 for the OCC's perceived lax enforcement of money-laundering laws. Comptroller Curry's prepared remarks gave FIs a preview of coming attractions in their annual examinations (i.e. the pain that the OCC was experiencing would be passed downstream to the banks). The OCC is in the process of preparing detailed guidance for FIs concerning sound corporate governance processes for Bank Secrecy Act (BSA) compliance, including business-line accountability for BSA compliance. This last part is particularly concerning to many AML executives, as it has the potential to significantly increase the personal risk associated with the job of overseeing BSA compliance for an FI.
Keeping the Regulators Happy
Table B below provides a snapshot of the current ‘hot buttons’ for examinations by US bank regulators:
Given the regulatory environment, FIs have to continue incrementing what they are doing to keep the regulators happy. Here are a number of best practices in use by FIs to accomplish just that:
•Document, document, document: Regulators want to know that FIs have a thorough understanding of how the models in their AML analytic systems work, and whenever changes are made to those models, the regulator wants to see documentary evidence that substantiates that any improvements to efficiency are not at the expense of detection.
•Maintain open communications with your regulator: It’s important to maintain an ongoing dialogue with regulators. Keep them in the loop as you plan system changes that will impact your AML processes and obtain their feedback early and often. This will eliminate the potential for any unpleasant surprises come exam time.
•Communicate with your peers as well: Open communication with other banks regarding the areas of focus for their exams can help an FI better prepare for its own. Many FIs have formed peer groups which meet on a regular basis to compare notes, not only about areas of regulatory focus, but also to benchmark efficiency ratios, best practices regarding technology solutions, etc.
•Use enforcement actions as lessons for improvement: Learn from those enforcement actions and examine internal processes to ensure that your FI will not be the next in the headlines for the same transgression.
Above all, it’s is important for FIs to be nimble and responsive to changes in their environment. There is never a final fixed destination in AML compliance. Patterns of financing change, areas of regulatory scrutiny evolve, and to best protect the FI AML executives need to be continually examining and evolving their own technological and manual processes in order to achieve compliance as effectively and efficiently as possible