10 Dec 2012, BAE Systems Detica , Operational Risk & Regulation
The Financial Crime Survey 2012 shows that, despite wider and continuing economic weakness, investment in managing financial crime and compliance is still a high priority, with a significant uptick in planned expenditure (see figure 1). For anti-money laundering (AML), 84% of respondents forecast budget growth in 2013 (compared to 34% in 2012 and 38% in 2011) and, for fraud management, 86% forecast budget growth in 2013 (compared to 45% in 2012 and 47% in 2011). This survey shows a continuing trend in the recovery in compliance and anti-fraud investment, with a significant vote of confidence and refocus on expenditure going back to levels not seen since 2010.
The results indicate a solid increase of budgets across all areas of financial crime prevention, despite a climate of continuing economic uncertainty, which seems to indicate that the budgetary constraints related to the financial crisis are finally behind us. It might not be a coincidence that financial institutions are also reacting to new regulations such as the Foreign Account Tax Compliance Act (Fatca) and recent regulatory enforcements, which registered record fines for Tier 1 financial institutions in 2012.
The outlook for continued investment in financial crime detection and prevention remains positive for 2013, with anticipated annual growth well ahead of the previous year – on average, 83% of respondents expect an increase in their financial crime and compliance budgets (compared to 42% in both 2011 and 2010), of which a staggering 56% predict an increase of more than 20% (compared to 14% in both 2011and 2010).
According to the survey, financial institutions’ compliance operations still grapple with the effectiveness of automated detection systems. Interestingly, within AML automated detection systems, the industry is divided between good and acceptable detection rates – 47% find one good alert in every 10 or more, and 53% find one good alert in every 100 or more). This situation is similar for sanctions screening systems – 45% find one good alert in every 10 or more, and 55% find one good alert in every 100 or more. It is similar again for transaction filtering systems – 52% find one good alert in every 10 or more, while 48% find one good alert in every 100 or more.
In order to improve the rates of detection for sanctions and pre-employment programme screening, the survey respondents say external reviews with vendor experts or independent third parties are becoming more commonplace (see figure 2). A minority (17%) are not yet undertaking any periodic review.
Fatca is now firmly on the horizon, with an initial compliance date set for 2014. This legislation has a direct bearing on financial institutions outside the US that do business with persons and entities with possible tax obligations to the Internal Revenue Service (IRS). The survey shows some consistency with the 2011 results, such as the continuing stark differences between financial institutions on their levels of preparedness (see figure 3). Many respondents (44%) are still evaluating the impact of the legislation (similar to the 44% and 43% in 2011 and 2010, respectively). A sizeable minority have already put plans in place to enhance the customer onboarding process and deal with some of the aspects of Fatca (37%). Interestingly, 8% of respondents believe that Fatca is not relevant to their business. This figure is significantly smaller than the 2011 result, which indicated that 26% of respondents believed Fatca requirements were not relevant to their business at the time. This could be explained through the better definition, documentation and analysis of the requirements issued by the IRS over the course of 2012.
As in the past, respondents provided insight into where the attention of senior management was focused from a fraud management perspective. A trend that began in 2009 continues this year, with respondents highlighting the application process, payments, the online channel and the threat posed by insider fraud as priority areas.
In tackling these and other forms of fraud, cross-industry data sharing is becoming more commonplace, with just less than 50% of respondents operating some form of data-sharing scheme (see figure 4). However, 51% have yet to take any steps in this direction, with data protection and privacy regulations often cited as a barrier to data sharing.
Since 2006, this survey has tracked industry opinion on the fight against financial crime, but also asks where technology plays a role in managing other important residual operational risks. In the current climate of advanced persistent threats, data breaches and malware-infected end-points, it is not surprising that information security stands out as a serious concern that warrants more attention (see figure 5).
The overall outlook for financial crime technology investments for 2013 remains positive due to a combination of regulatory pressure and fraud risk. As the financial services industry stabilises, there is strong evidence of an investment catch-up, with the vast majority of respondents planning increased spending in risk management compared to recent years. As credit markets recover, placing more controls on the credit application process is a management priority. The online channel and the integrity of payment infrastructure also continue to be areas of focus. From a compliance perspective, survey respondents are concerned about improving effectiveness and efficiency, often using external resources to improve quality metrics. While tasked with managing the cost of existing regulations, respondents are also getting to grips with new challenges, in particular, the wave of activity initiated by Fatca.