How Can Compliance Teams and Financial Service Providers Improve In the AML Industry?

We sat down with Edo de Vries Robbé, Director of Corporate Development here at AML RightSource to talk about the AML industry on a global level, as well as some of the key factors compliance teams can address to improve their efficiency and scalability. We also delve into the impact of COVID, a longer-term outlook, the need for innovation, and what lies ahead for regulatory bodies if cryptocurrencies become mainstream.

We also look at differences in the AML industry  between the east and the west, and at the steps that both compliance teams and financial service providers should take to deal with the ever-increasing amount of data and transactions they are faced with. We discuss how the industry has changed since COVID, his outlook for the year ahead, and how financial institutions can become more proactive in fighting financial crime.

What are the distinguishing differences between Europe and Asia, and the US in AML Compliance?

Traditionally, compliance teams within US banks have been heavily focused on tackling money laundering risks, and the need to secure AML processes of high quality, whereas, in Europe, the focus has been more on understanding more about their customers. While this difference in focus might sound somewhat counterintuitive, there is an easy explanation, and that’s the availability of data.  

In the US, customer data is widely available, for both companies and individuals. A number of key data providers in the US have been able to unlock vast amounts of data that can be stored and sold – for the right purposes – by those data providers. The wide availability of this data makes  Know Your Customer Compliance, or KYC, relatively straightforward and entity and identity verification can be done instantly; not just on customers but also on counterparties. Having good quality data available for the parties involved in a transaction, makes it much easier to review a suspicious transaction.

In Europe and Asia, however, the data landscape is vastly more complex. Not only is Europe more focused on data protection, making it hard to store and share customer data, but also does data availability, in general, vary significantly from one country to another. There are jurisdictions where registries are only accessible manually or where the data tends to be of poor quality or outdated. In addition, offshore tax havens have made it an objective to shield the names of directors and shareholders, making it difficult to know the ultimate beneficial owners of a company. This makes the availability of digitized customer data is certainly patchy outside of the US. As good data is so hard to get it is difficult to validate customer or counterparty data instantly. This also makes AML harder and hence there is a need to first spend a significant amount of time on doing KYC before being able to do proper AML.

Where data is readily available this changes the process of investigation (validate, verify, review, research) and the more data is available the easier it becomes to leverage advanced analytics to automate both the KYC and the AML process. As European and Asian banks tend to spend hundreds of hours onboarding their corporate customers, however, they tend to employ much larger numbers of people in the KYC department than local and regional US banks. Obviously, this difference is less significant for large global American banks who face the same challenges with their non-US customers.

The total size of the workforce on the AML side, is more comparable in the east and the west. Both US and European banks are using similar advanced transaction monitoring detection engines that are aiming to identify high-risk transactions and bad actors. What we do see is that many of the largest financial institutions in the US and Europe tend to rely on traditional technology providers. This can partly be explained by the role of the regulator. In APAC, regulators tend to be a bit more innovative and more open to banks leveraging new technologies, whereas American and European regulators tend to be a bit more conservative. Another reason why innovation has been driven by Asia over recent years is that many of the Asian banks have seen massive growth in customers. This is a result of  the Asian megacities having seen enormous advances in the wealth of its population which impacts the demand for banking services. As Asian banks had invested less in more traditional financial crime technology, they were able to leapfrog some of their US and European peers in terms of using more advanced AI-powered technology solutions.

Financial service providers which have a reporting obligation, employ hundreds or thousands of analysts to get through their transaction monitoring alerts. With the risk of being fined considerable, institutions tend to err on the safe side and may lean toward over-reporting, even if regulators often do not have the capacity to review all the reported suspicious transactions. As the number of alerts being generated is becoming unmanageable, banks are left with only two options. They can either call on the help of an external managed services provider, like AML RightSource, or they use software like the QuantaVerse Platform for automating the less complex investigations, allowing the the institution’s skilled investigations team to only focus on the high-risk events that are determined to more likely be true positives.  

There are three types of data needed to obtain to achieve perpetual KYC compliance: self-reported customer data, external data, and transactional data. How do financial service providers leverage this data?

Financial service providers have access to their customers' information, the products they buy from the bank, and the transactions they make using the bank’s facilities. This information combined with data that can be obtained externally can give the bank a good picture of their customer’s behavior. For example, when a customer suddenly starts making transactions to high-risk jurisdictions that might tell you something about changes in the customer’s risk profile.

Combining the inputs from customers, external data providers (whether corporate or news data), and transaction information help the bank get an always up-to-date view of their customers and, importantly, allows them to move towards dynamic risk profiling. Traditionally, financial service providers have struggled to detect changes in these different ‘triggers’;  with more and more data becoming available, and with AI becoming more mainstream to detect variations in the data, banks are starting to turn to new solutions that can help them monitor their customers.

And that is the essence of customer intelligence, having a customer-centric view where instead of just doing traditional reactive transaction monitoring, financial institutions can move towards proactive risk profiling, allowing them to detect risk within their customer populations potentially even before a high-risk event happens. With a better handle on their customer’s profile and AML and reputational risk, banks can make better risk-based decisions allowing them to determine whether it is worth continuing to bank certain customers or even customer segments.

How do financial service providers tackle the time and money spent on digital due diligence and do they need to adopt more sophisticated technology like AI?

Absolutely. As the amount of readily available data from news, social media, corporate data sources, and transactions is increasing exponentially, it has become virtually impossible for financial service providers to monitor all this data manually. Financial service providers cannot keep just hiring people as this will make compliance far too costly. To deal with this problem, financial service providers are turning to AI-powered solutions to help with monitoring triggers and automating investigations. AI is not without fault, however; a combination of technology and people is needed, one can never do without the other.

How do you think COVID has impacted the financial crime industry?

Everyone has had to adjust to remote working and be adaptable when it comes to dealing with critical situations like COVID. Financial service providers, however, have been slower to respond and have struggled with maintaining productivity while not having enough people in their offshore centers. Productivity has dropped through people being off sick with COVID, but also not having the tools or even the internet connection to do their work.

Financial service providers have now become more comfortable with outsourcing to managed service providers, who have been growing their businesses exponentially during COVID. This has resulted in companies like AML RightSource being able to achieve significant growth which is expected to continue in years to come.

What is your mid to long-term outlook for the industry and how do you think it is going to evolve?

The power fields are shifting as traditional banks are feeling increased competition from fintechs and challenger banks which are starting to take some market share. Parts of the banks’ business model are becoming less profitable than they once were while at the same time, the cost of compliance is rising.  

On the technology side, there are changes as well. Regtech solution providers have started winning market share from the traditional technology players. Some started with specialized point solutions and are now building end-to-end solutions of their own. This gives financial institutions more options when choosing financial crime technology solutions, but it has also resulted in banks struggling to understand the differences between what is real today and what is vaporware. For this, they typically engage with external consultants.

We can also see the data landscape shifting. With the power of the traditional financial crime technology players diminishing, data providers are becoming increasingly powerful. They are being more restrictive about who can use their data and are starting to do their own acquisitions so they can go to market with their own technology solutions on top of their data, thus providing more end-to-end solutions.

Lastly, we can see more and more financial service providers adopting cloud technology, even for storing their customer and transaction data. The large cloud providers are quickly becoming another powerful player targeting financial crime compliance.

Earlier this year, the Financial Conduct Authority (FCA) said they would address the concerns about the ease and speed with which people can make high-risk investments in crypto assets. How do you think that regulations around cryptocurrency will change financial crime in crypto? 

Crypto will likely become more and more mainstream, but to attract the masses, there will be more and more cryptocurrencies and crypto exchanges which will be looking to promote themselves as being transparent and compliant. They are likely to increasingly become part of the public financial system, but with this, there needs to be better regulation and better technology to make sure that customers can trust that their investments are safe. With increased focus from the regulators, we will see significant investment from crypto exchanges in KYC and AML technology.

What advice would you give to AML and KYC professionals for the year ahead?

Shortage in the supply of labor combined with the ever-increasing availability of data will continue to push financto use more advanced financial crime technology and aim for solutions to combine the best of AI technology and people. Leveraging AI will help improve the way we work and take away some of the work that is the most mundane. It provides an opportunity for those in the field to start doing more interesting and relevant jobs where they are not just sifting through false positives and are instead investigating high-risk events.

Some of the questions and responses have been edited for brevity and clarity.

Explore our solutions for the fight against global financial crime.