For several years, the financial services industry has debated the merits of converging anti-fraud and anti-money laundering processes under “financial crimes.”
In December 2010, the Association of Certified Anti-Money Laundering Specialists (ACAMS) and Ernst & Young published a joint survey of 250 global respondents from financial services, law enforcement and regulatory agencies. The survey topic was “Linking anti-fraud and anti-money laundering programs – unrealized opportunity or unnecessary complexity" It noted that 52 percent of financial services firms had integrated some aspects of their anti-money laundering and anti-fraud functions.
During last year’s SAS Terrorism Financing and Money Laundering Forum, I watched with dismay as Chief Compliance Officers representing two leading institutions stated they didn’t believe in convergence. However a series of events has tipped the scales toward convergence of a financial crimes approach:
- The U.S. Financial Crimes Enforcement Network (FinCEN) published several reports highlighting the spike in mortgage fraud between 2006 and 2009. Historically, FinCEN had been associated with supporting money laundering investigations. However, the SAR data revealed the correlation between money laundering and fraud trends in Mortgage Loan Fraud Connections with Other Financial Crime.
- In May 2009, eleven of the world’s leading banks authored the Wolfsberg Group guidance on synergies between credit card fraud risks and money laundering in a report titled, Wolfsberg AML Guidance.
- In September 2010, I sat with the financial crimes officer of a large Asian bank to review the results of a pilot to identify organized crime rings. Using fraud network analysis, we detected a bust-out ring that used a combination of synthetic identities, application fraud, wire fraud, ATM micro-structuring and ordinary cash structuring to steal a considerable sum from the bank. Their fraud department was already investigating three of the subjects. By combining cross-channel data irrespective of a fraud or compliance bias, we identified six additional ring members with open credit lines with the bank. I’m confident that none of the perpetrators cared what type of crime they were committing.
- The tipping point for me occurred a few weeks ago when the BSA/AML officer of one of America’s largest banks, a staunch supporter of keeping AML separate, suggested we needed to add fraud to SAS’ Terrorism Financing agenda for 2011.
- Perhaps it’s also worth noting the ACAMS survey found that 64 percent of government agencies have recommended a financial crimes approach to financial institutions. Many of our customers have received specific recommendations from their bank examiners to integrate investigative processes.
I’m not suggesting that institutions must re-organize their departments to gain improvements in efficiency and effectiveness. SAS is investing significant research and development resources to reduce replication of data, improve detection rates, support enterprise investigations, and use network analysis to connect the dots. Every aspect of SAS’ financial crimes execution is to provide technologies that make integrating processes easier, and to provide options for how an institution deploys the strategy over time.
Convergence is defined as “coordinated movement of the two eyes" and “the merging of distinct technologies…into a unified whole". A pragmatic approach is to start first with a “two eyes" model that deploys enterprise case management technology to show investigators the subjects’ behavior across the enterprise.
Some of our more innovative customers have taken the next step…to merge distinct detection and alert management capabilities while consuming cross-channel information at the point of detection and prevention. There is considerably more lift in the reduction of false-positive rates and improved fraud prevention. More importantly, we can detect previously hidden relationships that represent significant reputation risk to financial institutions.
It would be interesting to know more about the 48 percent of survey respondents who had no plans to integrate functions, or had integrated some aspects with no future plans to integrate further. Clearly mid-sized institutions may find the task of integrating fraud and compliance functions daunting. Combining investigations into a case management system is definitely part of a phased approach, but has limited impact on detecting more illicit behaviors.
The perfect storm of heightened regulatory pressures and increasingly sophisticated fraud attacks has created an opportunity for fraud and compliance departments to pool budgets and resources to reduce a shared exposure…reputation risk. Be sure to select a vendor that can help you mitigate your most pressing risks now, while having a proven track record of vision and execution.