Over the past few years, financial crime has not only grown in its extent and scope, it has also become increasingly specialised with the use of technology. Today, ATM malware attacks, hacking of online accounts, trade-based money laundering and terrorist financing are just some of the many crime trends that financial institutions have to reckon with. Very recently in 2015, a bank based in India suffered huge losses in a cyber security attack. One of the employees colluded with external parties to use information of 100 customers and siphon off funds from their accounts using online banking application and duplicate SIM cards. Approximately Rs 25,00,000 was siphoned off from these accounts.
New-age Risks
We are currently in an extremely competitive stage in the global economy where the customer is the focal point for any business. While we are continuously launching innovative products and services for customers’ ease, these services need to be matched by thorough risk assessment and controls.
In 2011-12, a UK bank created a product to hold £1.88 billion for its high net-worth clients. To maintain the confidentiality of such clients the bank kept documents related to them in a special safe that only few employees knew about, with no supporting computer records. Post-audit, the UK Financial Conduct Authority (FCA) found that the bank did not take adequate measures to assess the risks involved with such clients and the service provided. As a result, their due diligence and other monitoring activity were found deficient.
Innovation Is Key
In today’s global financial crime scenario, compliance professionals are being forced to think beyond the mundane and flag the ‘unknown’. It’s time to mimic the fraudsters in order to stay on top of the game. Tools like social media mining could be very helpful in gathering complete KYC records or the social standing of a person for reviewing financial credibility. Technology service providers have been gaining momentum on this ever since the Reserve Bank of India supported the idea in 2014.
Financial Crime Compliance Programme
From time to time, regulators have established laws and regulations in response to the evolving dynamics of financial crime. They have been focusing on assessing and educating institutions to deal with threats associated with cyber crime, terrorist financing, fraud and money laundering. But it is for organisations to step up and go beyond the visible horizon of regulations to establish a framework that will keep up with such evolving crime trends. A critical element to this framework is to integrate compliance and operational risk management so as to develop a holistic view on risks across products, services and delivery. This provides a collaborative environment to proactively detect and deter vulnerable scenarios within processes and systems.
While such integration is recommended, it should be noted that it requires strategic readiness. Some of the areas to focus on are:
Data management: This is the ‘key’ and requires real time updated records in a standardised format across various business applications. To be successful in the integration process, it is essential that data which is produced in one part can be re-used in another. This requires strongly aligned data definitions and alignment of timing and workflow, as well as sufficient data access.
Change management: Sensitising employees is another element that needs work. System integration or automation could lead to lesser manual interventions, thereby reducing the head count or man hours. Stakeholders and key personnel enabling such a change, should focus on the ‘people’ aspect in order to facilitate seamless transition.
Communication and collaboration: Between these two functions it’s critical to drive control in line with business goals and policies. For this, business units should share their views and reservations on the integration in order to effect a practical and smooth integration.
Tone at the top: It is the policies and principles of senior management that are ingrained in the processes of an organisation. The management should drive the message of integration along so it becomes a part of the organisational structure with laid out visibility and norms.
Tapping On Technology
Another critical element is to engage the right technological tools. Technology is the most effective pillar in the entire ecosystem of compliance and monitoring. In the volatile and dynamic environment that financial services firms operate today, data analytics is a much-needed tool to consistently hit a ‘home run’.
Data analytics enables a firm to establish preventative controls and leverage huge volumes of data. The objective of analytics is to combine various sources of information or data and develop predictive and detective analysis platforms. It facilitates monitoring, storing and retrieving data as well as relevant communication from all the disparate systems, both internally and externally. Organisations should measure and model sources of compliance risk for each business process across channels.
Not only does such a solution supplement the efforts of compliance personnel, it also provides sophisticated automation to overcome limitations of human intervention.
How Data Analytics Can Help
Data analytics enables monitoring of scenarios related to cyber attacks, trade based money laundering and fraud, to name a few. Here’s how it can help:
•Assists in reducing false alerts in existing monitoring systems by providing contextual data on customer and previous transactional pattern to highlight deviations
•Identifies patterns of misconduct, fraud or structuring on the monitoring applications of the organisation
•Provides flexibility via faster tuning of rules and models tested against data streaming in near real time
•Uses text analytics to extract data from text files in an automated manner to unlock a massive amount of data that can be used for transaction monitoring
•Analyses unit price to match against publicly available data and algorithms to detect if unit prices are not in line with global and regional thresholds
Last Words
Being a part of the financial services industry, we gain insights in the functional challenges and develop visibility and the knowledge to design a compliance framework. In response, we adopt best practices and the latest applications to be at par and to compete, but what we now need to know is how to integrate each of these elements and resources to design a holistic framework to combat global financial crime as well as terrorist financing.
Chawla is partner and Neha Joshi is associate director at PwC India
(This story was published in BW | Businessworld Issue Dated 08-02-2016)
_20241107191544_original_image_38.webp)
