Over the last few years, we have seen a tremendous evolution in our work here at Symptai Consulting. Living in an era of collusion, fraud, and money laundering has put financial institutions on high alert and forced regulatory institutions to tighten their belts. This, in turn, has shifted the conversations that we are having with Financial Institutions around the region who are looking to strengthen their anti-money laundering (AML) programs in order to maintain their critical international banking relationships, as those intermediaries seek to de-risk.
Financial Institutions in the Caribbean are taking a risk-based approach during the customer on-boarding process or even in the absence of automated on-boarding, new customers are being screened individually at the time of on-boarding. Key AML analytics are moving to a few behavioural anomalies, rather than multiple rules based scenarios. However, compliance departments are still investigating every exception, rather than focusing on critical cases like politically exposed persons (PEPs) and high-risk customers with significant behavioural changes. The mind-set that something is going to be missed pervades.
In a true risk-based approach, institutions acknowledge that they simply cannot address every anomaly, accept some measure of risk and focus their limited resources more deliberately. With this philosophy, compliance programs shift towards focusing on detecting trends and patterns, identifying persons with elevated risk levels, and consistently monitor their activities.
Once a financial institution has made the decision to adopt a risk-based approach and adopt analytics and technology to support its compliance program, the next hurdle is finding the right solution. Many AML solutions in the market today are being provided by vendors who operate in a first world environment. As a result, tailoring the solution for use within the Caribbean context is challenging – especially with regards to data availability. I am aware of large projects that have failed because of the client’s inability to deliver data crucial to meeting the vendor’s requirements.
Here are five things that you should consider before selecting a vendor and solution:
1. Choose local: Select a company that has local or regional experience and can speak to the AML risks that you face every day.
2. Go Beyond the Core Applications: Don’t solely rely on your core banking system to provide AML functionality since these will not cover the additional business areas that are found in your institution. Risk profiling and screening at on-boarding are examples of critical AML functions that can reside solely in your AML solution and not your core applications.
3. Adopt a Culture of Compliance: Aside from detection, look for a solution that offers remediation and visualization capabilities as well as inputs from source users such as branches. AML compliance is an enterprise-wide effort that requires everyone’s involvement so choose a solution that engages every part of your organization.
4. Customize Regulatory Reporting: In Jamaica, suspicious activities now need to be reported through the goAML portal. This is a recent change and exemplifies how a software solution needs to quickly adapt to changing requirements. My experience has been that customizing core applications is an expensive, time-consuming and tedious task. Furthermore, once you start customizing software, it becomes very difficult to upgrade, because you have strayed away from the standard version. Opting for a nimble solution ensures longevity of the initiative.
5. Implement an Independent Monitoring Solution: An independent monitoring solution ensures that risks are identified even if the preventative controls of your core banking systems fail. Without it, you will be under the illusion that you are capturing all possible exceptions, when in fact you have blind spots.
Are you responsible for a compliance program in the Caribbean? If so, we would like to hear your thoughts about challenges and considerations that every financial institution should consider.
Topics: Risk and Compliance
Marlon Cooper is the Managing Director at Symptai Consulting. He has over twenty (20) years’ experience in reviewing and managing business process to ensure adequate levels of controls while optimising business value. Marlon has overall responsibility for business direction and operations at Symptai Consulting Limited. He works closely with the banking sector across the region and made contributions to the direction of AML technology for regional entities. As a Certified Instructor, he has trained hundreds of audit and control professionals across the Caribbean region in data analysis, interrogation and audit techniques.