On June 12, 2020 I enjoyed an hour with AML360 talk show host Stephen Platt. For an hour – live! – we talked about a broad range of issues facing the financial crimes community today:
- The scourge of misaligned incentives, where regulators are looking at how banks run their programs, and not on how well those banks are getting timely, actionable intelligence to law enforcement. I argued that the Exam Manual needs to be changed from “a sound BSA/AML compliance program is critical in deterring and preventing money laundering and terrorist financing” (page 7, 2014 edition) to “providing actionable, timely intelligence to law enforcement is critical in deterring and preventing money laundering and terrorist financing, and a sound BSA/AML compliance program provides the foundation for being able to do so.”
- Artificial intelligence and machine learning are critical tools, but we need to be wary of the results when those tools are used on SARs filed with law enforcement, rather than SARs used by law enforcement. I used the analogy of a car manufacturer: it’s not relevant how many cars it builds, what is relevant is how many cars are bought, and the quality of those cars. Same for SARs: it’s not relevant how many SARs a bank files, what is relevant is how many SARs are used by law enforcement, and the effectiveness of those SARs.
- False positives, and whether high false positives rates are caused, in large part, by banks’ fear of regulatory sanctions for missing a possible actionable alert rather than by poor technology.
- The importance of clean, consistent data. I argued that AML is 80% customer due diligence and 50% clean data (paraphrasing Yogi Berra), and that most legacy, large financial institutions still struggle to have and maintain an Enterprise Customer Risk Rating.
- Whether and why financial institutions are falling further behind criminals and criminal organizations. They are, in large part because financial institutions need to be mindful of running their programs, testing their systems, model validation, audit requirements, regulatory exams, etc., while criminals and criminal organizations don’t need to deal with any of those things.
- The impacts of COVID-19 on financial institutions’ fraud and AML programs. I argued that we’re able to adapt our systems to detect and prevent fraud, which is an objective event lending itself well to systemic monitoring and surveillance, but it’s too early to tell whether our AML systems will be as effective. For AML, both the numerator (alerts) and denominator (the volumes, velocities, and types of transactions) are changing so quickly, our AML models may not be as effective as they were.
- Transaction Monitoring – I made the statement that account-based, traditional transaction monitoring is not only dead, it’s never worked effectively. Instead, relationship-based interaction surveillance is what is required.
- The value of Deferred Prosecution Agreements, or DPAs.
- The importance of understanding internal bad actors’ roles in identifying and reporting fraud and money laundering.