September 21, 2018

Know your client (KYC) and know your client’s business – connecting the dots

The United Nations Office on Drugs and Crime (UNODC) estimates that each year the amount of money laundered is between 2 and 5% of the global GDP ($800 billion-$2 trillion). Banks, like all financial institutions, have a legal obligation to guard against the risks associated with financial crime, such as forced prostitution, terrorism, and drug trafficking. The consequences for funneling “dirty money” are far-reaching and disastrous, often undermining economic and political stabilities.

In 2005, on the heels of a breach of policy (a $3.2 billion oversight resulting in an $80 million fine) ABN-AMRO initiated a 2-year KYC project—an effort that transitioned into a business as usual anti-money laundering (AML) program. Processes were put in place to identify, prevent and report any fraudulent activity by clients, counterparties or employees.

Thirteen years later, the fight against money laundering and terrorist funding continues to challenge not only ABN-AMRO but the banking sector worldwide as they race to defend from reputational damage, billion-dollar fines, criminal charges, and suspension/loss of operation.

Why are banks still vulnerable to financial crime?

AML/KYC: always one step behind

Most AML/KYC processes are developed and adapted reactively to meet regulatory mandates and audit findings. By the time policies are implemented into practical application, organized criminals have found new ways to infiltrate financial systems.

Perhaps the biggest problem of tackling infractions with band-aid methods is that AML/KYC tools are hopelessly outdated and repurposed—a patchwork of legacy systems struggling to cope with the complexity of incompatible or fractional data.

There is an enormous volume of data, but only a thin slice of it is utilized for AML/KYC analysis. A lack of visibility/access across data sources coupled with a somewhat rigid silo mentality leaves masses of potentially incriminating data unchecked.

The human factor: AML sweatshops

Looking for patterns of financial crime with tools that lack analytical agility leads to huge numbers of false positives (transaction monitoring more than 99%) that, when investigated, are found to be unsuspicious. Massive over-reporting inundates experienced analysts with cases they are legally obliged to solve. As a result, alerts are reviewed by junior staff in low-cost countries following a basic ‘tick-box’ approach. With no clear understanding of AML risks, they may be blind to warning signals when something is seriously wrong.

A primary driver of AML/CFT efficiency is the experience of the analyst. Without it, criminal elements will continue to probe for weaknesses in systems that they can exploit.

Social media intelligence (SOCMINT): a new approach

To combat financial crime banks have invested millions in resources and enhanced due diligence (EDD) projects. Rather than throwing more people and money at the problem, many are turning to new technologies as a different type of solution.

Social media is an inescapable fact of modern life. Much of what we do will leave behind a digital footprint. Our data can be searched, shared, and harvested by a vast, invisible audience. While HR managers use networking sites such as LinkedIn or Facebook to screen candidates before hiring, police embrace SOCMINT as a prominent weapon in the fight against criminality, including financial crime.

There are plenty of services available that scan hundreds of thousands of sources to identify high-risk clients and businesses, but as soon as blacklists are generated, they are already out of date.

The fact is, social media is an important platform for criminals and monitoring social networks to spot warning signals might prevent the crime from happening in the first place. The reliability of publicly available data is, of course, open to debate. Is a client’s Facebook site truly a reflection of their character or lifestyle, or the absence of a social media profile evidence of suspicious activity?

Detecting and preventing financial crime poses a gargantuan challenge, but without proactive measures, banks will continue to struggle.

Claudia McDonald