Transaction monitoring for money laundering, fraud, and other financial crimes can be automated to a certain extent, but there's still a critical human element involved in the process. At the annual Sibos banking conference, held this year in Osaka, Japan, a panel of compliance experts explored the implications of the growing need for analytics applications in financial crime.
Automated tools can detect suspicious transactions, but it takes active hands-on activity to follow up on leads, eliminate false positives, and discover ways people game the system. To be a compliance officer, you have to be able to think like a criminal, and you need the moral fiber to avoid becoming one yourself. You also have to be an effective team player within complex organizations. Compliance roles are not always easy to fill, yet the industry will have to find large numbers of compliance officers just to keep up with the high volume of transactions coming into the global banking system.
It's basic math with exponents. The overall number of transactions is increasing exponentially. Globalization has increased the number of potential trading partners. Mobility has made it easier to initiate transactions, and better core banking systems have enabled real-time processing. These factors have combined to spur a large jump in the number of transactions being processed through the banking system 24/7, across time zones and international borders.
Yet the people capable of monitoring the higher flow of transactions cannot possibly increase at the same blistering pace as the number of transactions. As a result, financial institutions are increasingly relying upon highly automated systems that minimize human-computer interaction. The open question is whether this increased automation has come at the price of being less responsive to new forms of financial crime.
The good news is that the expense of compliance technology can be shared across multiple areas of compliance. David Howes, global head of financial crime risk for wholesale banking at Standard Chartered Bank, said at the conference that, instead of having separate compliance teams for fraud, money laundering, and market abuse, you can establish a single compliance function that covers all those areas. However, you should ensure that the people within that team retain their specialized skill sets, even if the technology solutions work across disciplines. Cohesion in compliance should happen at the technology level, not the individual level. From an HR perspective, the need to retain multiple compliance teams accentuates the hiring challenge.
Even the best compliance software has to be managed with a hands-on process. Michael Cho, global head of anti-money laundering compliance at Northern Trust Company, said it's "not enough" simply to purchase software and turn it on. These products have to be tuned to the needs of your institution and the evolving profile of customers and their activities, Cho said. As such, there are both startup costs and ongoing maintenance costs in terms of human resources when deploying compliance software.
In addition, the compliance people have to be comfortable working within a complex organizational structure, having sensitivity to reporting relationships and oversight responsibility. For example, Howes cautioned banks to make business units responsible for integrating compliance into customer-facing parts of the business to avoid, say, having the compliance function designing your client on-boarding processes. Thus, compliance officers have to stand back and give the lead to the business units when it comes to designing the interfaces, but they should have the fortitude to step up and insist on strong compliance oversight when potentially suspicious transactions are involved.
Cho described how the business units and the compliance function might speak the same language in terms of the dollar value of compliance. One common measure of the value of compliance is "fine avoidance" -- the extent to which a bank can avoid getting in trouble with regulators. A better approach might be to assess how much work compliance is doing for the bank to support an individual trader, banker, or end client. For example, if a client generates an outsized number of suspicious activity reports, or if those reports generate a high number of inquiries or investigations, perhaps it's worth having a conversation about whether the client is worth retaining, even if the investigations turn up empty. With this approach, you may discover areas where it would help the business to ask the right questions in advance, so compliance doesn't have to get involved later at a higher cost.
The banking industry has to hire compliance officers with expertise in specialty areas, knowledge of the leading analytic tools and approaches, the ability to function in a multidimensional organizational structure, and an eye toward the economic impact of compliance efforts. Finding compliance officers with experience in these areas is hard enough. Now the industry has to attract a pipeline of qualified candidates to be the compliance experts for the immediate future of global, real-time, and mobile transactions.
In the comments, let's hear your ideas for building a compliance army.