Firms must go back to basics and simplify transaction monitoring and know your customer (KYC) processes, according to Katie Jackson, a partner at Deloitte.
“Firms are conducting a huge amount of transaction monitoring, they might be running generic rule sets not tailored [ones]… they are running retail rules over a commercial or an unvestment banking book,” said Jackson on a panel at Sibos in central London this week. “They are wasting a huge amount of effort, huge of resource, and a huge amount of time when they could be much better spent elsewhere.
“[KYC] is a fragmented process, there are too many hand offs, it’s not owned by the business, it’s been run on their behalf by second line because people don’t really understand what they should be doing.
Responding to how data analytics and AI would of helped Deutsche Bank to detect money laundering incidents in 2017 and 2019, Lee Hale, global head of anti-money laundering (AML) and sanctions at Deutsche Bank acknowledged that their had been “multiple failings”.
“I don’t think it is necessarily just about the control environment in our own bank. The correspondent banking framework, obviously there’s two different clients in two different banks. And you have to look at the situtation wholistically,” said Hale.
“We shouldn’t be underestimating that change in the business is dramatic,” he said. “We used to find all the cases from the transaction monitoring or sanction screening. That has changed. The business treat financial crime seriously now, as a result of not only the fines, but also their intrinic motivation to do the right thing. I see far more quiries now from the business through the KYC process and through their monitoring and their relationship with their cleints.”
Late last year, German financial regulator Bafin ordered Deutsche Bank to tighten its AML controls and appointed a “special representative” to report on the progress of the implementation.
On September 25, Reuters reported that German authorities had raided Deutsche Bank’s headquarters in Frankfurt in an investigation into whether the German bank had failed to alert authorities to suspicious payments totalling €200bn from Danske Bank between 2014 and 2018.
“The banks in terms of what is broken… transaction monitoring I think we all know if a highly inefficient process in terms of the levels of suspicious activity reports, or real cases the bank would file. The move now is to more analytics based platforms,” said Hale.
“We are all seeing, and certainly within the big banks in terms of our peers is the use of robotics. Particularly things like data aggregation tools.
“However, in terms of the world of big data, for example a lot of the major financial crime cases involve shell companies,” he said. “Within our bank we now have controls in terms of our transaction monitoring to identify the use of shell companies. So we have various risk triggers to try and mitigate that risk. I think that level of thinking will just evolve over time.
Having an end-to-end view during an update of transaction monitoring systems is crucial, according to Clive Gordon, head of financial crime specialist supervision department at the UK’s financial conduct authority (FCA).
“It is not enough to have compliance people in the room, you have to have operational people, you have to have business people, you have to have the technology people, and they all need to be able to talk to one and other, and understand each other,” said Gordon.
“They need to have an end to end view of their systems. We see firms coming unstuck when they make a change over here to their system, and they are only looking at the impact of that change over here. They haven’t actually accessed the end-to-end impact of that change. What happens is they make a change, and low and behold there is a really serious impact over here that they haven’t worked through.”