Following much criticism from federal examiners in 2010–2011, financial institutions have had to develop more effective Bank Secrecy Act and anti-money laundering (AML) compliance programs to address heightened regulation and enforcement. Meeting this challenge involves implementing business process improvements, recruiting additional staff and adopting enterprise-wide technology solutions for managing risk in a dynamic environment. Analysts agree that despite tight budgets and deferred capital investment, financial institutions have a need to update their technology. Celent predicts global spending on AML software will grow by 10.4 percent annually and reach $5.8 billion by 2013. One of the factors contributing to this growth are AML vendors' delivery innovations.
SaaS—A Leap Forward
A closer look at recent trends in software delivery points to web-based, outsourced products and services that remove the responsibility for installation, maintenance and upgrades from over-burdened information technology (IT) staff. Organizations looking to reduce their IT capital expenditure and install software applications more quickly and efficiently are moving to Soft- ware as a Service (SaaS).
In a SaaS model, the application or service is deployed from a centralized data center over an Internet protocol (IP) network. The software and/or services, which are owned, delivered and managed by the provider, offer companies a flexible, cost-effective alter- native to running software in-house. Enterprise markets are now embracing SaaS since the model has matured and initial concerns with security, response time and service availability have diminished. Although the market is still in its early high-growth phase, SaaS models are becoming part of the mainstream as they move beyond customer relationship management (CRM), human resources and procurement into business intelligence, eCommerce and IT infrastructure. A 2011 Gartner survey of 525 organizations and 12 vertical industries in nine countries indicated nearly 70 percent of organizations have used SaaS for less than three years. While previous surveys reported the use of SaaS as an extension to existing on-premises applications, in 2011 the leading uses were either replacements for on-premises applications or new SaaS solutions. Current trends forecast the expansion of the SaaS model to "everything as a service." But the question remains: Are financial institutions ready to buck tradition and consider a SaaS alternative for enterprise-wide AML and compliance?
The Internet has fueled an outbreak of financial crime. Cybercrime and identity theft cost the global economy approximately $114 billion in 2011. As organizations with budget and resource constraints struggle to keep pace amid the barrage of money laundering, fraud and other criminal activity, robust and affordable systems with surveillance functionality are needed to mitigate increased risk. Automating compliance requirements in a dynamic regulatory environment continues to be problematic. The solution lies in technology that is scalable, cost effective and offers a shorter time to production. This has prompted an often lively debate within the financial community over SaaS versus the traditional and still more prevalent on-site platforms.
Eliminating the Roadblocks
Business and compliance users are often frustrated by the long deployment cycles, skyrocketing costs, demanding upgrade processes and complicated IT infrastructure of on-premises solutions. Analyst surveys indicate that business users drive SaaS decisions while their IT counterparts remain skeptical. Key concerns include data and systems integration, security and governance. SaaS providers have made significant efforts to address these issues particularly as they relate to data privacy, protection and security. Industry standard audit controls and SAS 70/SSAE 16 certifications have increased confidence in SaaS for more mission-critical applications including those supporting AML and compliance functions.
Building an enterprise-wide platform is a daunting, costly, and labor-intensive task. While most institutions prefer to have third-party applications installed in-house, changes in the regulatory environment are happening so fast that business and IT leaders must collaborate in real time. SaaS relieves IT staff of many tasks throughout the software lifecycle and creates greater opportunities to strategize with business and compliance colleagues on shortand long-term requirements. Grappling with poor data quality and inconsistent information from disparate systems could put an institution at risk. This should motivate decision-makers to pursue the most cost-efficient, state-of-the-art, integrated platforms from which to monitor enterprise risk. Those seeking innovative strategies to streamline processes and control costs must give serious consideration to SaaS as a viable option for AML and compliance operations.
While the SaaS adoption rate for AML and compliance is growing, it is not without challenges. There is still hesitation about sending customer data off-site. Vendors have responded by strengthening data leakage controls and implementing other security measures in order to satisfy the strict requirements imposed by risk management and security oversight groups. The argument for on-site solutions is weakening as hosted benefits are significant enough to persuade the skeptics.
SaaS for AML and compliance adds value from a strategic as well as a practical standpoint. The degree of automation and scalability can provide an enormous advantage for managing risk across the enterprise. Lower cost of ownership and shorter time to production enables IT, business and compliance groups to become more agile partners in managing the intersection of compliance and technology. The mobility of applications delivered via the Internet can greatly improve efficiency and resource utilization especially for global operations. An effective SaaS platform has the potential to be a game changer in protecting the reputation and assets of an institution.
Getting on the SaaS Bandwagon
A KPMG survey reports that unfavorable economic conditions and regulatory reform are casting new light on traditional business models. Respondents in the banking sector identified regulatory and legislative pressures as the most significant barrier to growth in the near term. Industry experts seem to agree that few, if any, applications are too big or too critical for SaaS. They encourage organizations to be forward thinking and adopt innovative strategies that include SaaS. No doubt, SaaS is here to stay. As the cost of combating financial crime continues to climb and penalties for non-compliance increase, institutions focused on the core value of enterprise-wide risk management will include Software as a Service for AML and compliance in their strategic plans.