Moving to a single, client-centric view of risk
The Future of Financial Crime
Convergence of monitoring across client behaviour and risk domains
The following article explores the changes to financial crime (FC) client monitoring that are needed to move beyond traditional transaction monitoring (TM) to a more effective, single client-centric risk approach. Traditional TM is fragmented, creates a large volume of false positives, and often fails to connect the risks when it really matters. To address this, financial institutions need to combine a range of risk indicators for expected and actual client activity, including FC indicators such as fraud, cyber (for example the location of activity, devices used, etc.) and sanctions.
Key factors driving the need for change
1. Market and regulatory changes, including highlighting the failure to link risks to controls in detection, increased regulator knowledge and increasing expectations of system and control effectiveness;
2. Industry factors, including new, faster, cross-border payment channels and new payment providers;
3. High levels of duplication and inefficiency, with alerts relating to customers reviewed multiple times; and
4. Advances in technology, including emerging ways to consolidate data and using machine learning (ML) and artificial intelligence (AI) to detect complex patterns of behaviour.
Together, these factors are increasing the risks, complexity, and pressure on traditional monitoring approaches, and also creating opportunities to change the way technology is utilised. To keep up with new and evolving FC threats, financial institutions need to integrate internal and external intelligence sources, consolidate monitoring, and ensure the control environment is able to respond rapidly to changes in risk.
Challenges of existing TM solutions
On top of the above change factors, there are well-known and documented challenges with the ability of existing TM solutions to identify suspicious and potentially criminal activity. These include:
· Large number of false positive alerts (often 90%+) that typically lead to a low conversion ratio of investigations to suspicion and actionable intelligence for the financial institution(s) and/or law enforcement partners;
· Solutions are expensive to implement (including data integration costs), test / tune, operate and upgrade;
· Majority of client monitoring is still conducted at the transaction or account level. The inherent complexity of some relationships, which have multiple touch points with the financial institution (e.g., larger SMEs, corporates, markets customers, trade finance, etc.), means risks cannot be easily drawn together with existing solutions;
· Large operations teams, using manual processes, have an inherently high risk of human error, due to the large volume of alerts and repetitive nature of tasks; and,
· Difficulty linking the expected behaviour of the client - from client due diligence (DD) - to the client’s actual behaviour, due to the siloed nature of risk domains (see Figure 1 below), difficulties bringing data points together, coupled with poor quality and outdated client DD data.
