I got a shock the other day.
We were discussing transaction processing with one of the banks, when the head of transaction processing turned to me and said: “Chris, you know what? We now have more people checking what we are doing than we have doing what we are doing!”
I think I was supposed to be surprised, but I didn’t quite get it and asked what he meant.
“Well, now we have all these rules and regulations on Know Your Client (KYC), Anti-Money Laundering (AML), tracking and tracing Politically Exposed Persons (PEPs) and identifying and notifying authorities of suspicious transactions with SARs (Suspicious Activity Reports) means that we have more people employed in money laundering, compliance, audit and control than we have employed in the actually business of running the bank.”
This seems ridiculous, I say.
“Automate all this stuff, you say? And how do we do that? Most of this is making disparate connections between fragmented data and much of it involves actually seeing people to ensure they are who they say they are.”
So it’s a matter of document proofs and data analysis, both of which I was dealing with back in the 1990s when AML was just an evolving art and KYC we being introduced.
“It is that but, if you’ve been dealing with this since the 1990s, then it’s obvious that it cannot be computed as, if it could have been, it would have been by now.”
Hmmm … I’m now sure I believe that. After all, there are many elegant AML solutions out there so perhaps the issue is not automation but organisation.
For many banks, payments and operations are dispersed over many organisational functions and locations.
A multinational or global bank will often be the result of mergers and acquisitions, and little will have been integrated on a globalised basis.
Potentially you can put into play overlay systems, data mining tools, aggregating services, but the issues will still be there of organisation and operation.
There is also the question of priority: is catching the odd awkward transaction a priority for the bank’s senior management team?
For example, the UK has some of the toughest AML legislation anywhere in the world where, under the Proceeds of Crime Act 2002, you can get fourteen years in jail if found guilty of laundering.
And yet a 2011 report by the Financial Services Authority (FSA) found that: “three quarters of the banks in our sample failed to take adequate measures to establish the legitimacy of the source of wealth and source of funds to be used in the business relationship.”
So this area of the business is not as relevant to banks as it may at first appear.
Certainly this was the case historically, as I don’t know of many management teams who have cut through the silos, operations and global spaghetti to create an integrated single platform view of the customer.
It’s just not something that justifies the operational pain of change or the cost to warrant it.
Unless you get into deep doo-doos, like Standard Chartered and HSBC did recently.
Then the awakened concerns of bank management around reputational risk arise.
And when you add on to this the prospect of stinging fines of anything from $300 million to over $1 billion, the cost of implementing such change becomes warranted.
So I reckon AML will be a major focus for at least the next year.
Watch this space.