The global pandemic has driven a dramatic change in consumer behavior, not least an exponential rise in the use of digital and mobile channels for banking and financial services, increased competition from fintechs, and the rise of open banking. It has also opened new doors for criminals, who have rushed to exploit the uncertainty in a pandemic world and devised new money laundering and terrorist financing schemes by taking advantage of loopholes in the regulations, new ways of working aided by advances in technology, and electronic payment innovations. In the wake of such radical changes, as we look to the year ahead, the challenge for global banks and financial institutions at large has never been greater.
Here is how we predict banks will endeavor to enhance their financial crimes controls in 2021:
1. Machine Learning Will Play a Great Role in Fighting Money Laundering
Improving access to quality data will be prioritized to take advantage of the opportunities presented by artificial intelligence and machine learning. We expect these advanced analytics will play an even greater role this year in the prevention and detection of money laundering, terrorist financing, and other illicit financial crimes. Effective intelligence to analyze the mountain of data and alerts available to organizations will be key, as this explosion of data, business channels, and financial products has escalated the data processed by financial institutions to dizzying levels. Analysts are hard-pressed to produce intelligent reports quickly. Implementing these new and more effective methods of data analysis to better identify various types of financial crimes (including unusual or abnormal behavior) will be a critical journey.
As my colleague in Asia-Pacific Timothy Choon so eloquently stated, “Data everywhere – but where’s the intelligence?” Business intelligence to analyze the morass of data and alerts generated will be a key theme for the region and a global necessity as adoption of AI increases. We predict a continued expansion in the use of AI/machine learning in financial services in such key risk areas as cybersecurity, customer onboarding, sanctions screening, transaction monitoring, etc.
2. Regulators Will Zero in on Closing the Gaps
We predict that regulators will continue to emphasize financial crimes compliance by looking to close the gaps in existing frameworks and regulations. In a post-COVID world there will be a renewed focus on operational resilience, as well as a return to the core areas of focus, such as:
- Enterprise risk management — including proper oversight of significant third-party relationships and partnerships.
- Change management — in particular, significant operational changes including governance over new technology innovation and implementation, such as the use of cloud computing, AI, digitalization in risk management processes, new products and services, and notable changes in strategic plans.
- Better management and oversight of compliance risks — including AML and sanctions risks relative to the complexity and risks associated with business models and products, evaluating technology and modeling solutions to perform or enhance BSA/AML oversight functions, and determining the adequacy of suspicious activity monitoring and reporting systems and processes).
Newly regulated areas such as digital assets and cryptocurrency businesses will likely undergo increased scrutiny (as companies transacting in digital assets are not exempt from AML requirements). So will high-risk products/services such as correspondent banking and trade finance transactions.
One additional area where we expect to see an increased focus is cloud governance, as enhanced controls for security, data privacy, and operational resilience continue to expand. Many financial institutions have adopted cloud technology and embraced the advantages of these solutions; however, one of the biggest challenges to wider cloud adoption continues to be implementing complicated AML regulatory requirements and heightened regulatory expectations.
This focus on increased regulation will be particularly prevalent in North America, as FICO’s Claudia Huesmann points out, “FinCEN is aiming to close the gaps in AML regulations for banks not regulated by a federal functional regulator. This is not to say that the Financial Crimes Enforcement Network has not already been busy issuing a flurry of proposed rulemakings and requests for comment. Reform is often in the eye of the beholder, and all of these proposals will have a practical impact on the financial services industry. The final rule extending AML regulatory requirements to banks lacking a federal functional regulator is just one such example. A number of proposed bills are also with law makers on Capitol Hill.”
3. Banks Will Do More with Less While Keeping Consumers Happy
We anticipate that financial institutions will come to appreciate that operationalization of their AML compliance programs is key to increasing overall performance while achieving greater efficiencies and effectiveness. Organizations have continually struggled with the contradiction of increasing efficiency and effectiveness at the same time - invariably one has to be sacrificed for the benefit of the other.
However, new technologies such as AI, robotic process automation, intelligent routing and flexible workflows can help to drive a paradigm shift. The increasing adoption of these new technologies will mean that financial institutions will be more concerned with how to adopt and integrate/operationalize these new technologies into day-to-day AML processes in a way that enhances overall performance. Leveraging advanced analytics in AML to merge the “old ways” with the “new ways” while finding the right balance, and implementing the most effective organizational framework, will be critical to success.
FICO’s Fabricio Ikeda states, “As in Asia Pacific, Latin America will see local financial institutions concerned with operationalizing AML compliance in a way that enhances existing systems and processes;, however, many remain unsure of how to do it effectively.”
4. Collaboration Will Be Key
Despite the enormous efforts banks put into AML monitoring, the effectiveness of the overall system to combat financial crime is disappointingly low: for example, only 4% of SARs prompt law enforcement inquiry. We predict increased collaboration between the private sector (banks) and the public sector (regulators), a move that will be essential to effectively fighting financial crime. Organizations will reap the benefits of increased data sharing, and the ability to leverage available sources of quality consortium data.
Earlier this year in the U.S., FinCEN Deputy Director Jamal El-Hindi stressed “transparency and information sharing, the value of BSA (Bank Secrecy Act) reporting data, and the need for legislation regarding the collection of beneficial ownership at the corporate formation stage.” In Europe and South Africa, as my FICO financial crimes expert Erik Stretz reports, we see more movement on collective action and public-private partnerships in the area of KYC and transaction monitoring as well.
5. There Will Be More Ransomware Attacks and Potential Sanctions Risk Implications
We predict a rise in ransomware attacks, a method that has become a particularly popular weapon in the hands of criminals with malicious intent in trying to harm governments, businesses, and individuals alike. According to a recent report by the European Union Agency for Cybersecurity, with the number of incidents growing, “it is evident that becoming a victim is not an ‘if’ but rather a ‘when’ hypothesis.”
As organizations are faced with this onslaught of attacks, the U.S. Treasury Department is, at the same time, signaling its intent for more aggressive enforcement of sanctions and anti-money-laundering laws against those paying ransoms to blacklisted cybercriminals. This will inevitably result in a difficult debate for companies about the trade-offs between making such payments (prohibited vs. sanctionable activity) and the loss of business-critical data (preparedness).
As FICO’s Claudia Huesmann points out, “Ransomware represents a complex issue for compliance professionals, as urgent decisions are undertaken while attempting the challenging task of identifying their attackers. Now compliance professionals will also need to concern themselves with mitigating ransomware sanctions risks (i.e., whether a payment constitutes a potential violation of sanctions (OFAC) laws) and self-report.”
As we move into 2021, the global picture for financial crime compliance is one of unprecedented change and a need to be flexible, efficient, more collaborative and smarter with the use and application of data. FICO has solutions to help financial organizations meet these challenges head on.
To learn more about how FICO can help you fight financial crime visit www.fico.com/anti-financial-crimes