RiskFinancial CrimeAML: A US$2bn Search for the Needle in the Haystack

AML: A US$2bn Search for the Needle in the Haystack

Finding patterns indicative of money laundering and other
financial crimes is akin to searching for a needle in a haystack. With the
increasing pressure on banks’ anti-money laundering (AML) teams, however, many
charged with this responsibility increasingly feel like they’re searching for
those needles while at the same time a combine harvester bears down on them at
full speed. These pressures include:

  • Regulatory
    The high-profile – and expensive – enforcement actions that
    have taken place during the past year, particularly in the US, emphasise the
    extent to which regulators are scrutinising financial institutions (FIs) and
    penalising those which don’t pass muster. The discussion around so-called ‘too
    big to fail’ FIs now also includes the concept ‘too big to jail’ in light of
    the lack of criminal penalties in the HSBC case (although its head
    of compliance stepped down
    ), and US regulators are under pressure from
    legislators to demonstrate that their oversight is strong and effective.
  • Payment volume and types increasing: As much of the global
    economy gradually eases its way into a recovery, payment volumes are growing.
    Not only is volume rebounding to pre-recession levels, but there have also been
    a number of new financial products and payment formats introduced in recent
    years, which further increases the workload for the teams who have to screen
    these payments for money-laundering, sanctions, and global
    anti-corruption-related exceptions.
  • Illicit activity on the
    Criminal activity continues to increase at a rapid pace. The
    array of activity that FIs’ AML units are responsible for detecting has also
    experienced a significant increase in scope over the last decade, with the
    expansion of the mandate from pure money laundering to also encompass terrorist
    financing. FIs have had to transition from activity primarily focused on
    account-level monitoring to item-level monitoring; increasing by orders of
    magnitude the volume of alerts analysts must work.
  • Constrained
    All of this is taking place during a time in which top-line
    revenue growth is constrained and FIs are under pressure to reduce expenses and
    optimize efficiency.

Regulators: Upping the

2012 saw regulators impose an unprecedented level of
fines for failure to comply with AML regulations. The year was capped with the
largest AML financial penalty the industry had yet seen, a US$1.92bn fine
levied against HSBC as per Table A below:

Aite Group AML Table 1

The fines typically correspond
with the magnitude and duration of the offenses. In TCF’s case, the offenses
were relatively minor; a result of poor quality control over the process of
filing suspicious activity reports (SARs). In the case of HSBC, the issue was a
more systematic failure of controls that resulted in HSBC enabling the movement
of billions of dollars through the financial system for terrorists, sanctioned
nation-states, and Mexican drug lords. The UK fines typically focused on
inadequate controls around PEPs; the Habib Bank fine, while small, was notable
because of the ancillary fine levied directly upon the bank’s money laundering
reporting officer.

Judging from the tenor of the rhetoric emanating from
Washington, DC, these enforcement actions should serve as a warning to all
other FIs operating in the United States. The August 2012 appointment of a
former prosecutor from the Department of Justice (DoJ), Jennifer Shasky
Calvery, as the new director of the Financial Crimes Enforcement Network
(FinCEN) sent a clear message that the focus on enforcement actions would

The Office of the Comptroller of the Currency (OCC) also
signaled its intention for more rigorous examination and enforcement activity
when the head of that agency, Thomas Curry, sat on the congressional hot seat
in March 2013 for the OCC’s perceived lax enforcement of money-laundering laws.
Comptroller Curry’s prepared remarks gave FIs a preview of coming attractions
in their annual examinations (i.e. the pain that the OCC was experiencing would
be passed downstream to the banks). The OCC is in the process of preparing
detailed guidance for FIs concerning sound corporate governance processes for
Bank Secrecy Act (BSA) compliance, including business-line accountability for
BSA compliance. This last part is particularly concerning to many AML
executives, as it has the potential to significantly increase the personal risk
associated with the job of overseeing BSA compliance for an FI.

Keeping the Regulators Happy

Table B below provides
a snapshot of the current ‘hot buttons’ for examinations by US bank

Aite Group AML Table 2

Given the regulatory environment, FIs have to continue incrementing
what they are doing to keep the regulators happy.  Here are a number of best
practices in use by FIs to accomplish just that:

  • Document,
    document, document:
    Regulators want to know that FIs have a thorough
    understanding of how the models in their AML analytic systems work, and
    whenever changes are made to those models, the regulator wants to see
    documentary evidence that substantiates that any improvements to efficiency are
    not at the expense of detection.
  • Maintain open communications
    with your regulator:
    It’s important to maintain an ongoing dialogue
    with regulators. Keep them in the loop as you plan system changes that will
    impact your AML processes and obtain their feedback early and often. This will
    eliminate the potential for any unpleasant surprises come exam time.
  • Communicate with your peers as well: Open communication
    with other banks regarding the areas of focus for their exams can help an FI
    better prepare for its own. Many FIs have formed peer groups which meet on a
    regular basis to compare notes, not only about areas of regulatory focus, but
    also to benchmark efficiency ratios, best practices regarding technology
    solutions, etc.
  • Use enforcement actions as lessons for
    Learn from those enforcement actions and examine internal
    processes to ensure that your FI will not be the next in the headlines for the
    same transgression. 

Above all, it’s is important for FIs to be
nimble and responsive to changes in their environment. There is never a final
fixed destination in AML compliance. Patterns of financing change, areas of
regulatory scrutiny evolve, and to best protect the FI AML executives need to
be continually examining and evolving their own technological and manual
processes in order to achieve compliance as effectively and efficiently as

Related Articles

Why working in silos is a killer when battling financial crimes

Cyber Security & Fraud Why working in silos is a killer when battling financial crimes

4m Andrew Simpson
PSD2: dull name, but seismic effect

Clearing & Settlement PSD2: dull name, but seismic effect

6m Alex Kwiatkowski
Staying one step ahead: PSD2 and the future of fraud

Financial Crime Staying one step ahead: PSD2 and the future of fraud

6m Seth Ruden
8 predictions for treasury in 2018

Financial Crime 8 predictions for treasury in 2018

7m Bob Stark
FDIC sues 9 European banks over Libor

Banking FDIC sues 9 European banks over Libor

11m Victoria Beckett
Appreciating supply chain cyber risk

Cyber Security & Fraud Appreciating supply chain cyber risk

11m Peregrine Storrs-Fox
The death of the password: biometric banking

Automation The death of the password: biometric banking

11m Paul Sheldon Foote
The insecurity of fraud victims in the fight against cyber-assailants

Bank Relationships The insecurity of fraud victims in the fight against cyber-assailants

11m Keiron Dalton