It’s a cold Friday morning and Robert is looking out the window, taking in the light streaming right through his office and trying to appreciate the snowy and peaceful landscape. Sadly, that’s a hard thing for him to do as the atmosphere outside doesn’t match how he feels.
You see, Robert is experiencing an uneasiness that’s keeping him awake at night, turning and tossing in bed, for the last couple of weeks. He’s an experienced senior compliance officer at a renowned management company located in Luxembourg, but he’s overwhelmed with the feeling that he’s hit a wall.
Don’t have time to read the whole blog entry? Then watch our “Blog in 1 minute” video for a quick summary of its main points:
Today, the wealth and asset management industry is under a heightened regulatory spotlight, calling for companies to find more effective ways to protect against Anti-Money Laundering (AML) and financial crime.
Companies also feel the pressure to demonstrate they have in place strong compliance frameworks to meet both local and global regulatory requirements — particularly compliance with AML, Know Your Customer (KYC), and sanctions requirements. Failing to do so may enable laundered money to enter into their financial system as well as penalties and fines for non-compliance, and reputational damage.
Unsurprisingly, Robert feels this pressure. In the Grand Duchy alone, there are more than 20 different AML laws, regulations and circulars that keep changing all the time. The challenge for him is to translate them into an appropriate risk-based approach that will allow them to protect the company and make them compliant.
Moreover, the increased regulatory requirements mean that Robert needs to expand his team, but he is struggling to find people to do the ongoing KYC and screening work, which is still rather manual and, let’s be honest, can be tedious. Yet, he is expected to do something about all this, but what?
In this blog, we will examine in more detail the challenges Robert is facing and explore the opportunities that technology can offer to strengthen his AML and Counter-Terrorist Financing (CTF) efforts. Of course, this also applies to any compliance or senior compliance officer, “responsable du contrôle” or RC, or Money Laundering Reporting Officer (MLRO).
Documents… documents everywhere!
The challenge for financial institutions, regardless of the industry, is gathering information and collecting plenty of supporting documents for new and existing clients or business relationships. For instance, if a client is an individual, that could include the ID card, certificate of residence and salary slip, just to name a few.
Collecting all the necessary data and keeping it up to date is no small feat. Adding to the equation the fact that this exhaustive work is mainly done manually, it’s not surprising that sometimes data ends up missing or even being mixed up.
To err is human after all, and an AML professional, submerged in procedures, requirements and data, might ask the client about his/her source of funds when entering into the relationship —which is mandatory information— but then forget to follow up later with the client on whether any major changes have occurred that could impact his/her risk profile.
In sum, financial institutions are struggling with missing information, but also with information that is good quality, complete, up to date and accurate in order to do the appropriate control and risk scoring.
Thankfully, there is a solution for this: AML digitalisation. Due to digitalisation, AML professionals like Robert would be able to spot any weaknesses much more easily and have time to focus on what’s really risky.
AML digitalisation, what does that mean
The main goal of AML digitalisation is that one day —hopefully soon— Robert will use technologies that will allow him to collect information from different sources, without having to manually reach out to each client or investor, or having to reach out to them to the bare minimum.
To be more concrete, we are talking about big databases where all our relevant documents will be stored. So, instead of providing the documents to, say, our bank, their systems will simply retrieve it.
This sounds very promising, and there are plenty of initiatives looking into it, but progress is quite slow due to limitations related to the General Data Protection Regulation and the risk-based approach applied individually by each professional requiring different information and data, among others.
Most importantly, AML digitalisation will relieve the workload from mandatory controls that already exist —but more on this later.
The digitalisation of AML/CTF tasks can be applied to Know Your Customers (KYC), Know Your Assets (KYA) —the risk scoring of the assets held in the portfolio of investment funds—, business relationship due diligences, as well as everything related to screening against financial sanctions and transaction monitoring.
AML technologies will facilitate the collection and record keeping of the documents obtained from different stakeholders and allow a robust assessment of the AML/CTF risk of the business relationship (or the asset).
The results from this assessment will feed the controls that are performed on a periodical basis on clients, investors or assets. It will also feed the escalation processes within firms as they may need to involve a compliance officer and the board of directors, depending on the risk, or even feed a declaration to the Financial Intelligence Unit (FIU).
An AML system in practice for transaction monitoring
Robert has a new client. Let’s call her Emma. With an anti-money laundering system he can filter her data, classify it according to the level of suspicion and inspect it for anomalies.
By anomalies we mean, for instance, any sudden and considerable increase in funds or a large withdrawal. Smaller transactions that meet certain criteria may also be flagged as suspicious. That’s because a person who wants to avoid detection will sometimes break a large sum into several smaller sums and deposit them within a brief period of time —a practice known as “smurfing”.
Moreover, the AML system can signal if Emma has been blacklisted or made any transactions involving high risk third countries. Once the software has mined data and flagged any suspect transactions, it generates a report.
Now Robert will ask his colleague Pierre to investigate and evaluate the flagged transactions. He will call Emma so she can explain the transaction and, hopefully, the flag will be dismissed.
If we want to dream big, but not too big, perhaps one day technological solutions may also provide information about a specific framework for its proper governance.
AML measures and procedures need to be scrutinised, reassessed and risks mitigated regularly. This process entails many actions to be performed as well as involving different people with different levels of authority. So, in terms of governance, the more you can digitalise, the more efficient you will be.
Obviously, what professionals like Robert would love to have is a solution, or set of solutions, that would tackle all the phases of the AML/CTF workflow. The cherry on top would be to add artificial intelligence to the mix, enabling these tools to pre-analyse exceptions.
The benefits of AML digitalisation
The benefits of AML technologies are manifold. In a nutshell, they could improve the pace, quality and readiness of measures to combat money laundering and terrorist financing. They could help financial institutions and supervisors assess these risks in ways that are more accurate, timely and comprehensive.
Another important benefit is cutting costs. As you may know, AML/CTF screening and monitoring services can make quite a dent in your wallet. And it can be rather frustrating to think that you are dispensing big bucks only for a person, or a group of people, to basically click on a button or use VLOOKUP in Excel.
Additionally, digitalisation could ease, if not solve, the labour shortage. But perhaps more importantly, the automation of certain tedious and simple tasks would free resources to focus on what’s most critical —that is, to look at where the risk actually is.
For example, players such as management companies or investment funds also have to assess risk at the level of the portfolio —the securities, the assets— and that’s a massive amount of work in terms of volume and frequency.
That’s because one is usually screening thousands of names against lists provided by the European Union, the United Nations, among others, to check whether one of these names is sanctioned or blacklisted. And sometimes you can have dozens of hits —that is, alerts— matching.
Thus, digitalisation is a means to be more efficient as there’s a shift from a manual model with Excel to a digital one, which allows professionals to spend more time analysing rather than collecting and doing the look up.
Robert’s wants and needs
As we mentioned, Robert is at a loss. He wants his team to be more efficient by giving them the right tasks and tools. Of course, they already have a solution in place, but he’s wondering if they are making the best use of it. Could there be any improvements? Perhaps there are other tools that could further help them in their efforts?
Still staring out the window, Robert let out an unexpected deep sigh. He then turned to his desktop, and started searching for answers until he found what he was looking for. He picked up the phone and dialled a number.
On the other side of the line was Dorit, an Assurance Manager at PwC Luxembourg. She explained that her team would be happy to assist him in their AML transformation.
“What do you mean by AML transformation?” Robert asked, intrigued.
“It means that before thinking about providing or changing any current tools, we can look at what your firm has today and give you valuable advice on how to be more efficient. We can do a diagnostic test and assess where you could easily improve your AML/CTF internal framework and where you may have regulatory gaps,” replied Dorit.
“In a nutshell, we will assist you, every step of the way, to shift from paper-based work to a digitalised-based work with the right advice,” she added.
“For example, for KYC, screening and transaction monitoring, we provide services from methodology to implementation. By that I mean that we can guide you in choosing the right tools that will best answer your needs. Moreover, we can help you to implement the tool and develop a methodology to set the business requirements in the tools.”
“That sounds good. And how can you help us in terms of KYA?” inquired Robert.
“For KYA, we developed a solution that enables us to collect data from your administrative agent or portfolio manager to run a macro analysis and to provide an assessment on the assets of the portfolio using your risk-based approach. So, tailored to your risk appetite and definition of the risk for your business,” Dorit explained.
“Through our tool, process and expertise, we can support you in identifying whether your system works well and ensure that it didn’t fail to ask you for the right KYC documents, that the risk scoring calculation is accurate and based on relevant AML criteria, and that the proper escalation of approval process is being made.”
“Alright. What happens if there’s an issue?”
“Ah! I’m glad you asked. By looking at the system, we can extract the different control points and, if there’s an issue, pinpoint what it was: could be an exception, maybe the system isn’t well parameterised, or there is poor data equality.”
“I’m definitely intrigued, but a coin always has two sides. What aspects should I look out for in digitalisation?” Robert inquired.
“To be totally transparent, the legal uncertainty can be a hurdle. This is because whatever you will digitalise today will be based on the current set of rules and regulations. So, whenever the regulatory framework changes, you might have to invest in a new solution or further invest in the existing one(s),” Dorit clarified.
She added: “I know this can be demoralising, however AML digitalisation isn’t only about costs and compliance with the laws. Remember, the process of money laundering is a continuous and ongoing activity, and as such digitalising AML methods needs to be an ongoing and continuous process.”
“Last, but not least, you also have to train your people so they are ready for any new solutions. They will definitely have to adapt their mindset as they will shift from more traditional methods to working with modern and innovative technology. Hence, it’s crucial that they understand what’s behind it.”
Conclusion
After this eye-opening conversation with Dorit, Robert felt all the tension that had been accumulating leave his body. He is aware that there will be more research, more questions, and many steps ahead. But the wall he thought he had hit now turned into a path —long and tortuous as it may be, it’s still better than remaining motionless.
Now he knows he has options to make his team’s work even more successful, efficient and, most importantly, compliant and protected. And, as a matter of fact, that same night he finally got the sound sleep he was so looking forward to.
Cécile Moser, Assurance Director at PwC Luxembourg
AML regulation is a must have for all of us. The risk-based approach is the possibility offered by the law to be efficient rather than being busy by all possible controls we could imagine. Digitalisation is one of the means to identify the essential and simplify your processes.
Increasing regulatory pressure and a rise in compliance costs are the driving forces behind the transition to the world of AML digitalisation and automation. This is an exciting journey we walk together with our clients and a long-awaited revolution for many AML professionals.
