Search
Over the last two years, perpetrators of money laundering have taken advantage of economic upheaval and technological developments to pursue increased opportunities for financial crime. Digital payments and blockchain technology, for example, have helped create avenues for criminals to launder funds at new levels. Meanwhile, the backdrop of the coronavirus (COVID-19) pandemic has played into their hands, allowing criminals to capitalize on sudden, widespread change and disruption. Salvatore LaScala shares trends and insights on the United States in the Anti Money Laundering 2021 In Depth Feature. Click here to download the full report.
A. The Anti-Money Laundering Act of 2020 (AMLA), signed into law on 1 January 2021, is intended to clarify and streamline certain AML and Bank Secrecy Act (BSA) obligations and establish new regulatory requirements to strengthen, modernize and improve compliance programs. The AMLA does not, however, materially change the current compliance obligations of covered financial institutions (FIs), except in limited circumstances – those “engaged in the exchange of value that substitutes for currency or funds” and antiquities dealers. Even businesses “engaged in the exchange of value that substitutes for currency or funds” and antiquities dealers, which are now covered FIs under the BSA, require the Treasury to promulgate implementing regulations before their BSA obligations are enforceable. There has also been legislation proposed in the wake of the Pandora Papers scandal: the Establishing New Authorities for Business Laundering and Enabling Risks to Security Act (ENABLERS Act). The ENABLERS Act could bring additional companies under increased regulatory scrutiny, as it would require the Treasury to promulgate requirements for financial middlemen. This will include, but is not limited to, investment advisers, art dealers, attorneys involved in financial activity, trust or company services providers, certified public accountants, and third-party payment services.
A. US sanctions use and enforcement has undoubtedly increased and has become a remedy more frequently utilized over the past 20 years. The pace of these changes can be challenging to FIs. As FIs expand their global reach, they must prepare for sanctions risks that may not have been as pronounced pursuant to a more US-centric business model. Moreover, US persons must comply with US sanctions laws regardless of where they are located, including in a foreign host country without such sanctions. Specifically, a US person cannot even process a transaction while outside the US that would be prohibited in the US. Therefore, we recommend that global FIs continually engage in an ongoing sanctions risk assessments, including personnel reviews, to mitigate their risk.
A. However simple it may seem, an FIs’ first step toward ensuring adequate AML controls should be establishing a strong tone at the top by making AML and sanctions a corporate policy priority. Detailed policies and desktop procedures documenting sanctions alert dispositions, well documented systems and data lineage, and oversight, accountability and training must be priorities. Moreover, FIs need to undertake robust AML and sanctions risk assessments to identify areas that require the most attention and highlight the strengths and weaknesses of mitigating controls, and call attention to additional resources or technology investment, when needed.
A. The sheer volume of transactional activity that FIs must monitor is simply mind-boggling. The explosion of digital payments, the increased sophistication of money laundering methods and networks, and enhanced regulatory scrutiny has further necessitated the need for advanced, automated solutions to identify illicit behavior. There is a wealth of opportunity for machine learning (ML), artificial intelligence (AI) and robotic process automation (RPA) initiatives, which can be applied in many different areas, including AML and sanctions. This technology is essential for FIs to elevate their transaction and compliance monitoring, and they must prioritize these opportunities.
A. For FIs, FinTechs and less traditional payments, businesses deciding whether to implement ML, AI and RPA should prioritize their needs based on risk and the strength of existing mitigating controls. They should also stay heavily involved in the business requirements process and development and testing of rules such that they remain responsive during the implementation process. This is even more important in the current digitalized payment environment because there are more limited use cases from which technology companies can draw experience. Regardless of your buy vs. build decision, documentation, transparency and strong information technology governance represent smart investments. Additionally, find a true subject matter expert to conduct before, during and after implementation validation services. FIs should be available to represent compliance’s concerns so that compliance resources do not fall behind on ‘business as usual’ tasks, which continue regardless of system implementations.
Be certain that you and your technology providers, especially with respect to AI and ML, are ready to articulate how the technology works in a highly transparent manner. You should be able to explain to regulators, examiners, internal audit and compliance assurance personnel why certain alerts were created and others were not, regardless of how sophisticated the process is. If the technology cannot be explained and is too much of a ‘black box’, explaining why you believe you have identified the most effective and efficient set of alerts could be impossible. Moreover, it may be difficult to explain why alerts that were generated prior to the new system and no longer activating were not compelling, even though you might have filed suspicious activity or suspicious transaction reports on them in the past. Sophisticated compliance-related technology tools will likely be better received if they are transparent and introduced in stages that might include transparent segmentation that makes existing rules more effective and efficient, supervised predictive ML that helps focus teams on the highest-risk activity, statistically valid back testing to assure interested parties that your assumptions are correct, and comprehensive suspicious transaction reports or suspicious activity report filings likely to assist law enforcement.
The good news is that AMLA has convinced regulators to be open to and to encourage ML in AML projects, though nascent ML applications will predictably be met with some apprehension about their effectiveness. From a big-picture perspective, financial institutions should embrace the massive upside potential that supervised models can provide by reducing false positives and highlighting that risk typologies that money launderers might have otherwise evaded have become alerted transactions.
A. While it is difficult to say whether the risks will increase, financial crime schemes are constantly evolving. This makes the anti-financial crime effort a perpetual game of ‘whack-a-mole’. When one means of fraud or money laundering is locked down with good controls, criminals will test other FIs that have not implemented controls and ultimately find another weakness to exploit to take its place. As a result, controls should not remain stagnant, because criminals typically figure out how to get around them. Effective and transparent cutting-edge tools such as AI and ML are a way to stay ahead of the curve.
This article was co-authored by Gregory Schwarz.
Guidehouse is a global consultancy providing advisory, digital, and managed services to the commercial and public sectors. Purpose-built to serve the national security, financial services, healthcare, energy, and infrastructure industries, the firm collaborates with leaders to outwit complexity and achieve transformational changes that meaningfully shape the future.