The 2020s are disrupting the world as we used to know it. As we observe the global financial pressures, rapid changes in the geopolitical situation; rising environmental, social and governance (ESG) expectations across stakeholders; and Web3 (with non-fungible tokens, decentralized finance, artificial intelligence [AI], the metaverse, crypto and open blockchain) continue to morph and evolve, big shifts and new opportunities are shaping the financial services industry of the future.
Today’s Big Challenges
In this landscape, financial institutions (FIs) are facing multi-faceted challenges in anti-money laundering (AML) and anti-financial crime (AFC), some new and some older. They can be gathered into three main buckets.
The Struggle for Effectiveness
The International Monetary Fund has been estimating for the past years that the money laundered globally in one year is 2-5% of the global gross domestic product (GDP), of which only 1-2% is seized.
Moreover, the 11th public edition of the Basel AML Index 2022 shows that the global money laundering/terrorist financing risk rate remains stagnant at 5.25 out of 10, where 10 is the maximum risk degree.1 The index finds that “even where technical compliance with standards improves, effectiveness indicators often drop. In key weak spots such as beneficial ownership transparency and the quality of financial supervision, the gap is growing between technical compliance with the Recommendations of the Financial Action Task Force (FATF) and assessments of the effectiveness of measures in practice.”2
This highlights how money launderers and financial criminals evolve faster than the AML frameworks and the regulatory environment. Oftentimes, criminals exploit regulatory gaps and blind spots while leveraging the latest technologies.
Financial firms play catch-up with reality and manage risk with “reasonable best effort.”
Burdensome Workload
For decades, banks have reacted to workload peaks due to new regulatory requirements, crises and emergencies, as well as a threat of a fine or remediation pressures, by throwing staff at it.
In recent years, compliance and risk officers have been increasingly under the weight of being asked to do more with less. So, adding staff is still one of the preferred reactive measures to workload peaks.
The challenge is keeping costs low. To do this, institutions avoid hiring highly skilled professionals and opt instead for nonqualified resources that end up being defective and inefficient and ultimately could affect decision-making accuracy.
Instead of adding staff, we should look at technology to augment human capacity and scale knowledge and competence. Technology should take complex tasks off the employees’ shoulders and inject the maximum possible automation (straight through processing [STP]; AI; robotic process automation; etc.) into clerical tasks or high-volume activities while allowing for collaborative and skill-based working patterns suited to subject-matter experts and exception-to-policy cases. In this way, you reduce cycle times, maximize productivity and place focus and high touch where really required.
We frequently heard the comment, “Technology is not quite ready yet.” This is not an accurate statement anymore. Technology made tremendous advancements, and it is mature and available. It is about investing, rethinking procedures and processes and ultimately changing management.
There is a rooted belief (or rather bias) that compliance and risk management are pure costs, not directly contributing to revenue-generating streams. So why invest in those areas if not for the rush of new rules coming into force in a short amount of time?
However, if we scratch the surface just a bit, we will appreciate that the progressive cost of compliance—due to the growing requirements, patchy implementations and workarounds, the disparate, duplicative and disconnected activities, clients’ expectations and long cycle times—is impacting cost-to-income ratio, and eventually directly correlated with a firm’s ability to grow.
Correctly managing risk is a competitive advantage, especially in today’s world.
Racing Against Time
Speed is a twofold challenge for financial businesses. It is both about the speed of regulatory change and the need to speed up AML activities within the FIs.
Although regulators can introduce new rules only as fast as their procedures allow, we all know that over the past eight to 10 years there have been plenty of newly released AML directives and regulations across the globe, which ended up creating a cluttered regulatory environment and fragmented frameworks.
Financial firms must then reflect upon those new requirements across policies, procedures, controls, processes and systems. It can take years from the moment a new risk emerges to when authorities enact the needed rules to address it and when financial firms finally transpose provisions in their operations and actively comply with them. In certain cases, banks must reassess the entire book of clients to prove that they are compliant. It is not an overnight exercise.
Moreover, FIs need to switch gears in their daily operations and function (as best as possible) in real time. Not only do customers demand quicker responses and resolutions, but more and more authorities are requesting faster service-level agreements to be enforced when it comes to alerts dispositioning or filing a suspicious activity report, for example.
Faster investigations equal faster decision-making, which in turn equals an increased ability to produce tangible results. It is simple math.
In reality, this is not as simple to achieve because of inefficiencies in the current workflows, siloed data, systems and teams, huge backlogs and increasing volumes.
For banks, optimizing financial crime operations, removing hiccups and bottlenecks, automating and STP managing as much as possible, and rationalizing and simplifying the financial crime applications landscape will be paramount in the coming two to three years.
What Is the Signature of 2022?
When looking at 2022 in retrospect, the following are some of the key patterns that defined this past year and will have a strong influence in 2023:
- By now, most of the financial firms—especially among tier one and two banks—have launched one or multiple initiatives aiming to enhance the quality of their AML and AFC frameworks, some in a more reactive way, some more strategically. Many started by fixing their detection systems and will soon look at how to connect the various outputs, streamline insights and orchestrate the needed activities in a consolidated and structured way.
- We are still far from establishing a harmonious and uniform approach to AML and AFC practices. Regulators worldwide share the same intent when releasing AML provisions, although there are still many differences across jurisdictions, making it harder for firms with international footprints to comply. Not by chance, the FATF Singapore Presidency (2022-2024) highlights among its priorities the effectiveness of global AML measures, aiming to “strengthen a culture within the FATF community where best practices are quickly identified and shared to help drive effectiveness….”3
- As the Basel AML Index 2022 finds, “Both public and private actors are getting better at applying a risk-based approach to ML/TF [money laundering/terrorist financing]. This is a positive development that enables governments and financial institutions to allocate resources efficiently toward the biggest and most serious risks or cases. But progress is too slow in terms of compliance with standards on international cooperation and other crucial areas of AML/CFT [anti-money laundering/counter-terrorist financing]. Fixing these weak spots in the global financial system is long overdue.”4
- The growing gap between technical compliance with standards and its effectiveness is highlighted by many professionals as worrisome, especially when it comes to key weak areas such as beneficial ownership transparency. There have been industry debates where some compliance professionals began to question the point of ultimate beneficial ownership registries if that information is not leveraged effectively.
What Is Next
Finding ways to increase effectiveness, efficiency and timeliness is undoubtedly the goal over the coming years for the entire AML and AFC community.
While a rapid response to risks is needed, it is paramount to stay ready for the future and think strategically. Leading banks around the globe are looking at the following.
Proactive Risk Management Practices
Financial firms can ensure that the right AFC/AML actions and decisions are taken by implementing business-as-usual risk management and know your customer practices, which are continuous, near real-time and contextual (i.e., event- and data-driven). This means being able to connect tools, actors and data with triggers and alerts being seamlessly ingested through an orchestration layer that injects as much STP as possible, as well as automatically coordinating the needed actions based on the specific context. This combines insights with laser-focused actionability.
Prerequisites to this are strong data quality and accessibility. With that, investigative teams can spend their time investigating and deciding the risk rather than spending time gathering information that is used for their investigations.
The Dynamic Ecosystem of Work
Beyond taking a best-of-breed approach to detection and monitoring, banks need to leverage the detection output from these tools into a unified case management system across AML, AFC, sanction and fraud alerts and cases. Although these may be worked independently by the respective units, a unified case management tool not only allows for a consolidated view of customer risks at the entity level but—most importantly—provides the ability to increase STP where applicable while seamlessly orchestrating the needed actions and competences to address that particular risk matter.
Composability
In its “Top Strategic Technology Trends for 2022,” Gartner predicts that by 2024, watertight compartment approaches to hyper-automation programs will drive up the total cost of ownership 40-fold while the growth of automation marketplaces will push 80% of large enterprises to pivot to principles of composability, to minimize operational independencies and maximize the value of their hyper-automation initiatives.5
The industry needs to pivot toward continuous, integrated and holistic risk management frameworks, based on modular, highly configurable and scalable technologies, with the goal of becoming agnostic to the various detection and monitoring systems while increasing resilience, velocity and effectiveness.
Conclusion
As risks evolve, broaden and deepen, FIs face enormous pressure to stay abreast of new patterns and consistently meet increasingly complex requirements, making it a challenge not only to stay continuously compliant but, more importantly, to manage risk accurately—and smartly.
Going forward, it will be crucial to prioritize a holistic AFC/AML approach that will hold up against emerging threats and sudden volume peaks. Leveraging the right technology and automation to implement a strategic business and tech architecture is foundational to empowering businesses to stay ahead of transformation.
Chiara Gelmini, industry principal director, Customer Risk and Due Diligence, Pegasystems Inc.
- “Basel AML Index 2022: 11th Public Edition, Ranking money laundering and terrorist financing risks around the world,” Basel Institute on Governance, https://index.baselgovernance.org/api/uploads/221004_Basel_AML_Index_2022_72cc668efb.pdf
- Ibid.
- “Objectives for the FATF during the Singapore Presidency (2022-2024),” Financial Action Task Force, https://www.fatf-gafi.org/publications/fatfgeneral/documents/objectives-2022-2024.html
- “Basel AML Index 2022: 11th Public Edition, Ranking money laundering and terrorist financing risks around the world,” Basel Institute on Governance, https://index.baselgovernance.org/api/uploads/221004_Basel_AML_Index_2022_72cc668efb.pdf
- “Top Strategic Technology Trends for 2022,” Gartner, October 18, 2021, https://www.gartner.com/en/documents/4006913