The Financial Intelligence Unit (FIU) of a Financial Institution (FI) is critical in enhancing the overall efficiency and effectiveness of the organisation’s response to financial crime (FC).
An FIU that is intelligence-led, tech-enabled and proactive has the power to identify, evaluate, and respond to threats faster and more effectively by putting actionable intelligence in the hands of those that can do something about it. It also has the potential to help the FI keep pace with evolving regulatory expectations around the effective application of the risk-based approach.
Within many FIs, the assessment of FC risk is still undertaken in silos. Data from different business areas and across domains is not brought together effectively for collective analysis and is not routinely enriched by external sources of intelligence. This inherently undermines the quality of analysis that can be conducted, and the outcomes delivered.
In addition, FIUs themselves are often ‘underpowered’, comprising only a small team of investigation analysts who are too often engaged in providing reactive support to law enforcement requests, over proactive intelligence and analysis. As a result, an FI’s ability to identify threats and respond to them proactively is undermined – as is the effectiveness and the efficiency of their response to FC.
In our view, the FIU needs to be multi-disciplined across fraud and FC risk domains with the following key responsibilities:
For this model to be successfully deployed, the FIU must have access to:
In addition, it will be critical that the FIU has effective engagement with policymakers to secure permissions to embrace reformed ways of working.
Intra-bank sharing of information is critical, across its various entities, cross border, and via appropriate gateways. Information should also be available for analysis across risk domains, in particular, bringing together FC, fraud and cyber security data, which is still often addressed within silos in FIs. Other than the connection of fraudulent activity producing illicit funds that need to be laundered, it is often the same criminal actors perpetrating these crimes and they do not stick to one type, meaning collaboration amongst specialists in these areas would be valuable in an attempt to outsmart criminals. Often within global organisations, regulations restrict such sharing of information across jurisdictions, therefore this model will require internal and external governance arrangements to ensure data privacy regulatory and legal requirements are met.
Similarly, inter-bank and public-private partnerships, such as the Joint Money Laundering Intelligence Taskforce (JMLIT) are critical for enriching intelligence and harmonising the ecosystem of actors who are fighting FC. With a number of information sharing initiatives already in flight, such as: the UK’s National Economic Crime Centre (NECC) led Fusion Pilot1; Transaction Monitoring Netherlands (TMNL); Collaborative Sharing of Money Laundering/Terrorism Financing Information & Cases (COSMIC) in Singapore; and, Article 75 of the new European Union Anti-Money Laundering Regulations2 bringing in new powers for information sharing; the FIU of the future is likely to have access to a much more diverse intelligence.
We recognise that what we describe represents a significant change from the model that currently exists in many banks and bank FIUs, and would require, in some cases, substantial re-structuring. However, we think these changes are valuable and suggest prioritising:
Alongside this, governance processes will need to be adapted both within the FIU and across the first and second lines of defence FC teams. Similarly, FC teams will need to put in place the required data and technology, processes, and procedures to harness and effectively exploit the outputs from the FIU across the organisation.
The outcome of these changes will have potential benefits across the entire organisation. FIs will be able to make better assessments of customer risk through holistic analysis. Targeted intelligence will help more effective detection of illicit activities, as well as driving efficiencies in the control framework. These improvements in efficiency and effectiveness will in turn lead to:
Criminals are often ahead of law enforcement and the controls that FIs put in place; they are aware of loopholes within the system and are opportunistic in exploiting them. Banks have a role to play, both in terms of meeting regulatory requirements, and being active in helping the system as a whole to better tackle FC. The existing system has a number of inadequacies that FIUs are well-placed to help address by taking a leading role in utilising technology, leveraging all accessible data in an analytical manner and actively participating in information sharing initiatives.
Please get in touch if you would like to discuss this topic further. Also look out for further articles in our Future of Financial Crime series – up next, our penultimate article, in which we discuss the importance of establishing a holistic FC technology and data architecture and strategy, to underpin and make possible the key changes we've set out throughout the whole series. Financial Crime Operations - but not as we know it.
1 Economic Crime Plan 2 2023-26 (publishing.service.gov.uk
2Texts adopted - Anti-Money Laundering Regulation - Wednesday, 24 April 2024 (europa.eu)