The fight continues

Anti-money laundering and anti-fraud technology implementation continues to evolve as financial services firms seek to move beyond pure compliance by business line, with its siloed approach, and move on to develop a strategic approach to these two disciplines.

This is according to some of the results from the second annual OR&C Intelligence survey on the subject, sponsored by financial crime software firm Norkom.

The adoption of technology to manage financial crime and compliance continues. Last year's research showed that 34% of respondents had yet to put software solutions in place to manage AML detection and investigation. A number, 31%, were without solutions to manage fraud. This year's research shows there is increasing adoption of technology to defend against financial crime, with only 19.2% and 22.9% respectively not having a solution in place.

However, technology proliferation continues to be an issue in the fraud arena in particular, where 58.5% of respondents (up from 38% last year) say they have multiple solutions to manage detection and investigation across their organisations.

"The proliferation of technology presents a challenge for many organisations as the threat of organised crime and international terrorism increases," says Hilary Duffy, manager at Norkom. "Fraudsters and terrorists operate without respect to geographical or enterprise boundaries, so the ability to identify links between incidents of suspicious activity on a company-wide basis is now an imperative. Companies are hampered in their ability to do so by two things; their organisational structure (decentralised and siloed) and their technology strategy (piecemeal and ad hoc). As their businesses have grown, many companies have invested heavily in technology, but frequently without a central governing strategy. They're now faced with a proliferation of technologies that reinforce their divisional structures and are unable to communicate or share information - a weakness today's savvy criminals look out for and exploit."

Some early adopters are already overcoming the technology proliferation challenge by implementing overarching technology solutions that consolidate information from their existing detection systems so investigation intelligence can be centralised and connections between apparently unrelated suspicious events can be made. This is happening most quickly in AML, where 26.8% of respondents have a consolidating solution in place (more than doubling from 13% last year). No doubt, here, increased regulatory pressure is providing a considerable spur to action.

The uptake of consolidating technologies should continue to increase, however. More than three quarters (79.3%) of those who don't yet have a solution in place agree it would help to improve investigatory performance and lower operating costs. However, of that total, 20.7% believe the technology integration challenge to be "insurmountable" - expressing some of the doubts that linger in the industry, particularly at firms that have experienced rapid M&A growth in the past few years.

It's logical that technological consolidation will go hand-in-hand with organisational consolidation - breaking down the decentralised or siloed management structures that characterise so many firms. Almost 80% of respondents say their AML activities are consolidated under a single reporting line across their entire organisation. This is slightly lower for fraud at 65.7%. A substantial number, 52.8%, of respondents have taken a step further by combining their AML and fraud activities. Some 40% have achieved this over their entire organisations, while 12.5% are progressing towards it, having achieved consolidation in at least some geographic regions.

Among those yet to consolidate compliance and financial crime management, there is a clear appreciation of the benefits. Some 68.8% believe it would improve their ability to detect crime, while 57% agree it would also reduce operating costs.

Compliance cost reduction is a growing theme in financial services firms. According to industry analysts the Tower Group, the financial services industry will spend $370 billion on compliance alone this year - up from $320 billion in 2005. Some 84% of that cost will be attributable to administration. This scenario - of high costs on a continuously upward spiral - is now presenting a major challenge to the industry and the hunt is on for new ways to curb them.

For example, false positives on AML and fraud accounts for a considerable amount of wasted time and money. For AML, 27.4% of respondents say between 1% and 25% of the alerts their systems generated were false positives. A shocking 9.6% of respondents say more than 50% of the alerts their AML systems generated were false positives. The picture for fraud is little better - 31.7% say their false positives ran between 1% and 25%, while 8.3% say they were 50% or higher.

Firms are taking steps to help improve their false positive rate, because this helps decrease the amount of human intervention required to review the false positives, so there is an immediate 'bang for the buck'. Structured manual review systems are used by 33.3% to refine detection scenarios to improve accuracy, while 28.3% occasionally take action to refine their detection scenarios, but this is not a structured process. Another 28.3% use software solutions that have analytics to recommend changes to their detection scenarios to improve accuracy. Just 10% take no action to improve their scenarios.

Says Norkom's Duffy: "These findings are startling, but when translated into monetary terms, their impact becomes tangible. If we assume the average international bank employs 100 investigators at an average salary of $125,500 each, the loss of 25% of their time represents an annual cost of $3.1 million. If the time lost reaches 50%, this doubles to $6.2 million."

Another area of high human resources cost is watch-list monitoring. Around 36% of respondents say they spend 20% of their investigators' time, or more, monitoring watch lists, while 28% say their investigators spend 11% to 20% of their time doing this. Ten percent of respondents say the amount of time spent monitoring watch lists has risen between 5% and 10% over the past year, while 18% say they've seen an 11-20% increase. Another 10% say they've seen monitoring time increase 20% or more. More disturbingly, 45.5% of respondents said they could not conduct a name search across their entire organisation from the respondent's location. Another 30.9% said they could conduct such an investigation, but it involves liaison with investigators in other regions or locations.

Says Duffy: "After a foiled terrorist attack on Heathrow airport last August, the UK government asked financial institutions to search for any business connection with 17 named suspects. For most the process took over three weeks. One, thanks to the sophistication of its counter-terrorist financing operation's watch-list management programme, completed the task in only two hours. This story illustrates well that watch-list management, though viewed by many as mundane and unglamorous, is a vital element of the war against terrorist financing and that, in most organisations, its performance is inadequate."

Overall, firms are struggling to keep costs under control while meeting increasing regulatory demands. Some 14.5% have seen their AML compliance costs rise between 5% and 10%, while 23.5% have seen their anti-fraud costs rise by the same amount. Some 32.7% have seen their AML costs rise by at least 10%, and some 10.9% have seen costs rise 50% or more. Anti-fraud costs are rising at a slightly lower clip, but on the other hand those costs don't have the same level of regulatory momentum behind them. Over time, however, anti-fraud costs can expect to rise as regulators focus increasingly on combating fraud at financial services firms.