The annual turnover of laundered money in the Asia-Pacific region is thought to be enormous. The Asia-Pacific Group on Money Laundering, which comprises representatives from 25 Asian countries, estimates the annual figure at $200 billion arising from drugs, tax evasion and other serious crimes. For instance, south Asia is the largest producer of opium in the world (80%), while the terrorist bombings in Bali and the Philippines have highlighted the Asia-Pacific region as a key target zone for fundamental- ist terrorist activities.
Leading financial centres such as Singapore and Hong Kong are perceived to be high-risk for money laundering, in spite of high ratings on both regulatory and enforcement criteria, owing to their attractiveness in the final integration stage of money laundering where dirty money seeks to be invested. They also have placement risks associated with cross-border smuggling of currency and monetary instruments. These dirty monies can then be placed through cash-intensive businesses.
Not only are the monies involved large, but the risks of being involved are also very costly. The most important money laundering risks for financial institutions are that of severe reputational damage and significant fines.
With the allegedly large amounts of dirty money in Asia, costly damages and the growing complexity of money laundering and terrorist financing schemes, fighting money laundering and terrorist financing is increasingly dependent on the assistance of cutting-edge technology for transaction monitoring, training and compliance. This dependence on technology requires a readiness to spend money as well as the correct attitude to adopt it.
Each of these technologies address the risk from different angles – transaction monitoring software directly through identification of suspicious transactions; e-learning software through the en- hancement of money laundering and terrorist financing detection and enquiry skills of employees; and regulatory software through the creation of highly effective controls and monitoring mechanisms.
Transaction monitoring software Global trends
The US Patriot Act has had a key impact on commercial banks, private banks, broker-dealers, insurance companies, mutual funds and other financial institutions, with the government declaring it intends to work closely with financial institutions for anti-money laundering (AML) and anti-terrorist funding (ATF). The definition of a financial institution has also been changed – even the US Postal Service is a designated financial institution. US-based consultant the Tower Group has predicted $120 million in spending by US banks on AML software and related expenditure in 2002 – twice that in 2001.
In Europe, the UK has come out with a new set of regulations to deal with money laundering and terrorist financing that includes a new ‘name and shame’ policy underscoring the need for proper monitoring. There is also the second European money laundering directive, which focuses on non-financial businesses and highlights these as a key risk area.
The Financial Action Task Force on Money Laundering (FATF), an intergovernmental body comprising 31 members around the globe, is also revising its 40 principles, which will create new monitoring responsibilities for high-risk categories, AML requirements for non- financial businesses and a new standard in corporate transparency. These will all affect the monitoring required by financial institutions.
Issues and solutions
Combating identity fraud used for account opening is a key issue for ATF and also in AML. In line with global developments, private banks need to go beyond the depositor to determine the beneficial owner and the source of funds under management. In many instances, it is going to be difficult to ascertain sources of funds. Transaction monitoring software (TMS) uses a combination of artificial intelligence and human oversight to help detect unusual activity that deviates from ex- pectations of normal account behaviour.
Financial institutions such as commercial banks, private banks, broker-dealers, asset management companies, life insurance companies and, to a smaller extent, even venture capital firms and merchant banks, can benefit from using TMS to meet their AML and ATF needs.TMS can do the following:
- Support the account opening customer due diligence process. The due diligence process requires verification of the identity and address details and source of funds of a prospective customer. From a technology perspective, it is quite a simple approach to ensure that the required documents are present (if electronic document storage is implemented) and to verify that the account due diligence process has been performed. However, only select vendors offer this feature.
- Auto-check transactions in real time. Some TMS packages can perform hot-list checks and even stop transactions in real time. The US Office of Financial Assets Control Check alone is against a hot-list of more than 5,000 items.
- Transaction profiling. Account and customer level checks against transactions of that customer and his/her peers.
- Auto-alerts. These can be generated on a priority basis, with alert and background details (for example, alert triggers, access to transaction data and previous alerts, and related accounts), providing an automated workflow to the relevant person.
- Adaptive learning. Most TMS systems are capable, in varying degrees, of incorporating new information or performing additional interrogations based on new ways of recognising suspicious transactions.
- Auto-track. Many applications can track the clearance of flagged transactions and automatically highlight outstanding action-items or issues and generate e-mail reminders. This is a critical feature for money laundering reporting officers.
- Suspicious transaction reports (STRs). These can be automatically generated inclusive of all key customer information for reporting purposes.
- Complete audit trails. These are automatically maintained for regulators’ inspections. Typically, the audit trail captures details regarding the cases opened, cleared, closed, any STRs generated, and so on.
- Management and compliance reports. These provide aggregated information and statistics that highlight high-risk customers and the overall efficiency of the ‘know your customer’ process – a critical feature for monitoring your overall risk exposure and identifying training needs.
- Customer relationship management (CRM). The same system can serve as the basis for a CRM package. Marketing and compliance departments both fundamentally require the same information.
Even the best technology will not completely stop all money laundering or terrorist financing activities. However, adopting TMS demonstrates a financial institution’s commitment to be a good corporate citizen, a willingness to improve governance and best practices, and a concern for customers.
Technologies and vendors
Three major anti-money laundering technologies are used in top-tier TMS packages – rules engines and transaction filters; neural networks; and statistical and profiling engines. These are used individually and in various combinations to create hybrid technical solutions. Regulators in Asia are unlikely to require all institutions to obtain the most sophisticated systems, and financial institutions will probably be allowed to install rules-based systems. Rules engines allow enterprises to create a set of rules for identifying suspicious activity and most also include some form of transaction filtering, for instance checking against hot-lists. An example of a rule is that alerts be generated for cash transactions of $50,000 or more.
Some of the global software vendors that are referred to in key white papers on TMS include Searchspace, Mantas, NetEconomy, Americas Software, HNC, ACI, Logica, STB. Their products are of different levels of sophistication and not all vendors are equally focused on ATF versus conventional AML.
Despite the need for TMS and the reliability of the technology, making the purchase decision is often difficult. Unlike, say, credit card fraud software, the benefits are not easily quantifiable as they are based on ‘potential’ fines or reputational damage instead of a direct comparison between costs and benefits.
There is also an additional hurdle in Asia. Unlike in the US, banks and other financial institutions may not have either the budget or the impetus for such software. Clearly, the risks associated with money laundering have not been fully accepted in Asia. However, regulators in Asia are keeping a close watch on global trends and have made several hard-hitting comments, including the recent ones by the Hong Kong Monetary Authority, in which it announced it would review its anti-money laundering guidelines.
Asian regulators also place value in regional co-operation against terrorist financing, judging from the joint statements issued recently on this issue. Similarly, the Egmont Group of Financial Intelligence Units (FIU) – a collection of specialised government agencies set up to monitor money laundering – has found more interest and support, admitting key new members including Singapore. Other members from Asia include Hong Kong, China, Japan, South Korea and Thailand.
The key success factor for the FIU model of international co-operation is the technology that the FIU uses, backed by its databases, which depend to a large extent on the suspicious transaction reports that are filed.
STR filing is linked to the software that the financial institution has – upper-end transaction monitoring software naturally helps in better reporting. A leading US software vendor says that of all the transactions that are identified by such software on alerts, 15% tend to be genuinely suspicious, as against 2% by manual sampling. The overall efficiency of the process can only be ensured by completing the loop – FIUs in Asia have not started giving guidance to financial institutions based on the STRs filed by them. Part of emphasising the importance of such filing (and therefore of the software) is actually the reverse flow of information, as the current review of the FATF’s 40 principles underscores.
However, Asian financial institutions in general tend to be conservative and would rather avoid filing a STR on a customer if they have a choice. Hence, tax evasion cases, where the laws may be ambiguous, may not get reported under a STR. This could be partially solved by installing appropriate software, as it will systematically throw up some of these cases that will have an audit trail throughout. Therefore, this would leave financial institutions hard pressed to suppress cases that they would rather avoid, unless they can identify very good reasons not to report. From a regulator’s perspective, it makes immense sense in Asia to push financial institutions to adopt transactions monitoring software.
E-learning is increasingly a preferred methodology to train employees, for various reasons. From an overall AML compliance viewpoint, e-learning leads to quicker, more accurate and consistent training. It is also a more managed approach that allows for continuous learning, which is reflected in an improved ability by staff to monitor and report suspicious transactions. From a regulatory perspective, the audit trails of assessments prove to the regulator that effective training is being conducted. The most compelling reason is from a cost perspective. Given the rising cost of training, to achieve the AML focus that regulators want, e-learning is a key long-term solution for cost control.
At a more detailed level, e-learning has the following advantages for both the learner and the organisation. For the learner, retention rates are 25-60% higher in an interactive online environment, especially for content such as combating money laundering, which has an abundance of compliance issues. Meanwhile, for the organisation, e-learning is cost-effective, with training dollars primarily invested in education, not logistics. This investment is then leveraged over the years to a large number of learners, which stands true in the case of AML compliance-related training where the training could be an organisation-wide mandate. In addition, content is easily updated, and disseminated, therefore keeping up with new laws and regulations more efficiently on a continuous basis.
There is an increasing trend for blended solutions, combining e-learning and classroom training, that global bank Barclays highlights in an interview. “We will definitely be cutting back on classroom training over the next couple of years. In fact, at the moment we have a split of 90% classroom and 10% e-learning. In a lot less than five years, that number will be 40% classroom and 60% e-learning. Budgetary pressure will force us down the route.”1
The trend in Asia on e-learning is one of selective acceptance. Organisations have yet to realise the power of e-learning or its rationale in terms of costs. Organisations still talk of high upfront costs as a reason to reject e-learning, whereas in the recent past these have come down significantly. The costs of installing a learning management system (LMS) on the financial institution’s internal server or the use of an LMS on an application service provider basis have also lowered significantly, although the popular perception is that these are still sky high. There is still a bias to classroom training, perhaps due to lack of exposure to e-learning. A number of organisations in Asia have small shops of 50-70 people, and it is simply not viable for a producer to build a customised in-house solution for them. In the US or the UK, e-learning costs per user are as high as $1,000 for a product off-the-shelf. In comparison, local financial institutions often deliberate about a product even if the price is as low as $240 a user.
Regulatory software is the panacea for the problems facing compliance departments today, including multiple regulations, controls, and internal and external reporting requirements. It provides a single, consistent, integrated and secure management framework that can manage compliance issues, provide reports and enable learning for users. It seeks to address the following issues:
- How can I effectively manage compliance related issues?
- How can I demonstrate active compliance management?
- How can I monitor compliance performance?
- How can I use my compliance resources efficiently and share com-pliance knowledge among key personnel?
It effectively maps the firm’s regulatory requirements on to its business processes, helping to integrate compliance accountability with operational procedures. It is a comprehensive and current repository of risks, responsibilities, policies and procedures, designed to provide an organisation with reasonable assurance that identified risks are monitored and controlled. Such software normally supports centralised documentation of policies and procedures for controlling business operations. It can act as an audit tool, and tracks the progress and results of verification processes.
It is easier to maintain and disseminate, unlike paper-based systems. It is capable of being easily integrated with the firm’s e-mail systems to facilitate quick and responsive communication throughout the organisation. It allows easy distribution of timely information to appropriate individuals. Some solutions are offered online and provide a secure hosting environment and access to client data via a standard web browser. A web-enabled solution enables easy access in a technologically diverse environment. For large clients, this also means easy expansion of the service to include global operations.
The acceptance of such regulatory software in larger financial centres in Asia is high. One possible reason for this is that such software actually takes work off the desks of compliance officers, the benefits of which are too great to ignore. Also, while regulatory software can be used specifically for AML, it is meant for wider use.
The Asian market has yet to appreciate the benefits of transaction monitoring software and e-learning, although regulatory software has been fairly well received. Regulators can play a key role in educating financial institutions on these software products, as well as to push them to consider these on a priority basis. Joint seminars with key vendors will go a long way in disseminating such information. Financial markets in Asia need to keep up with those in the West and technology adoption is a critical dimension to this.
The dangers of not considering such software is that financial institutions will have weak AML/ATF systems, which increases the risk of reputational damage to both these financial institutions and their local regulatory bodies.
Economies that are severely reputationally damaged will cease to attract foreign investment, as the health of the financial system is a critical factor in attracting such investment. With a higher perceived country risk, they will also face difficulties in getting credit from foreign financial institutions and such borrowings will become more expensive. From a regulator’s perspective, these are the main reasons to encourage adoption of cutting-edge technology.
On the other hand, adoption of such technology in stronger financial centres, such as Singapore and Hong Kong, will demonstrate an ability to keep up with global trends and a commitment to fighting the global war on terrorism and dirty money. This can lead to obvious political and economic advantages.
Dominic Nixon is partner and head of advisory services, banking and capital markets industry group at PricewaterhouseCoopers in Singapore. Rohan Bedi is head of anti-money laundering services at PricewaterhouseCoopers in Singapore. e-mail: [email protected], [email protected]