Complying with anti-money laundering regulations poses a growing threat to financial institutions and their executives. Last November, the chief executive officer (CEO) of Australia’s Westpac Banking Corp. became the latest bank chief to resign after regulator allegations of non-compliance with anti-money-laundering (AML) regulations. He followed the exits of the CEO and chairman of Swedbank (Sweden’s largest mortgage bank) in 2019 and the departure of Danske Bank’s CEO in 2018 following revelations of €200 billion in suspicious transactions.
It’s likely that more banks will be added to this list given the enormous challenges they face in discerning which of their clients engage in criminal activities. Regulatory expectations are intensifying, and the financial industry’s exposure to money laundering is vast. An estimated 2 to 5 percent of global gross domestic product is laundered, according to the United Nations. That’s a stunning US$800 billion to $2 trillion.
From their 35 years of helping more than 750 financial institutions worldwide use technology to detect and guard against money laundering, our employees have seen big differences in management awareness between banks that stay in compliance with anti-money-laundering regulations and banks that don’t. Specifically, they have found that when a bank’s top management team can effectively answer five questions, the risk of their being unaware of money-laundering activities in their midst can drop considerably:
- Is the foundation of our anti-money-laundering program sound and broadly implemented?
Safe cities are created by conscientious citizens and strong police forces. Likewise, a robust anti-money-laundering banking culture demands institution-wide awareness and responsibility. The senior-management team must make sure that every employee understands that combating money laundering is his or her job—not a task relegated to the corporate compliance department. If an employee suspects that something is going on, he must be encouraged to report it to the top management of the company, with no penalty or retribution. This requires regular training and diligent risk auditing. It requires internal education on how to know customers more deeply and to heighten attention to accounts, locations and activities that pose elevated risks.
- How thorough, effective and current are our investigative capabilities?
While creating a culture of rooting out money laundering is vital, enforcing it is not at all easy. Given every bank’s exposure to criminals who want to launder money, financial institutions must develop irreproachable investigative programs staffed by qualified professionals continuously trained in the latest effective technologies. (Continuous training is crucial given that artificial intelligence (AI), machine learning (ML) and other technologies have been evolving continuously to give banks new tools to detect money laundering.)
Executives need to review internal investigative procedures, asking compliance, information technology (IT) and other bank officers to explain what new techniques they have adopted and also considered but not adopted. If the answer is essentially, “We’re using the same techniques we’ve used for years,” that’s a very bad sign. Technologies and their associated techniques for detecting money laundering have advanced significantly over the last decade, even in the last year. Your compliance, IT and other managers who are crucial to detecting criminal financial transactions should be able to tell you what new tools they’re using, how they work, why they’re better and how they’ve helped. And the explanations should not require a translator to be understood—even with the complexities of AI and other technologies.
Bank managers must also familiarize themselves with the types of suspicious activities that internal investigators are uncovering. And, of course, they must make sure that all appropriate cases are being reported to the authorities.
- Are we working hard, or smart, to identify money laundering?
To fulfill regulatory demands, many financial institutions build a veritable internal law-enforcement department, staffed by hundreds of compliance officers. But relying on a large workforce to manually investigate money laundering is expensive and vulnerable to error. The sheer volume of transactions and data that institutions screen enables criminals to hide among the petabytes.
For instance, investigators manually reviewing anomalous transactions are frequently overwhelmed by false positives during bonus time. In the compliance battle, the odds are arguably stacked in favor of the regulator: While financial institutions must detect all money-laundering activities in their midst, enforcement officials only need to find compliance lapses to bring charges.
Instead, to contend with the data blizzard, investigators must deploy digital solutions that enhance efficiency and boost effectiveness.
- How are we dealing with the growing sophistication of criminal money laundering?
Money now moves around the world with greater speed and convenience, and untraceable cryptocurrencies have become a haven for dirty cash. Bank executives need to ensure that their solutions effectively screen the relatively new wave of payment mechanisms such as SEPA (Single Euro Payments Area), Xoom, TransferWise, Zelle, Venmo and the like. They also need to confirm their banks’ adherence to emerging industry standards, notably those on cryptocurrencies from such organizations as the Capital Markets and Technology Association (CMTA).
Despite the enormous fears around cryptocurrencies—including banks’ existential fear that their customers will no longer need banks to transact business—executives need to deeply understand these technologies and how they work from a functional and regulatory viewpoint.
Innovations in payment systems are unstoppable. Faster, more accurate, more convenient and less expensive ways to transfer money abounded in the 2010s, and they’ll continue advancing in the new decade. But, of course, they will also be under the watch of criminals who will try to exploit their vulnerabilities—including a bank’s lack of sophistication in detecting fraudulent activities with these new payment systems.
A financial institution’s top management must have at least a rudimentary understanding of how criminals can be expected to turn the new payment mechanisms into new money-laundering tools. Without that underlying knowledge, bank executives will be hard-pressed to ask the right questions of the people they put in charge of preventing money laundering. And they’ll also be hard-pressed to know whether they have the right people in charge.
- Is our anti-money-laundering technology adequate?
The ability to monitor and stop money laundering is less an issue of how much a bank can spend and more an issue of how it is spending its money. Your money needs to be going toward the right technologies and training the right people on the right practices in using those technologies.
To answer the question of whether you have the right technologies, you employ risk, compliance and IT executives to provide a reliable opinion on that. But even their jobs of evaluating the adequacy of your AML systems are becoming more difficult. This is because AML technology is evolving quickly, and not all software is equally effective.
Bank executives should ask the managers in charge of combating money laundering to periodically (even perhaps quarterly) present a compliance report to the board of directors. The board’s compliance committee should hear what technologies and practices the bank has in place and their adequacy in detecting money-laundering activities.
To be sure, certain technologies need to be on management’s radar screen today. One is link-analysis tools that help investigators identify criminal networks based on the financial behavior of individual customers and the trading partners with which they deal. A second is trade-compliance solutions that can be integrated with vessel-tracking software to examine transactions with a precision not possible 10 years ago. And a third key technology today is AI, which can boost the efficiency of investigators and detect previously unknown money-laundering patterns.
By asking these questions and getting incisive answers to them, bank executives can go a long way toward protecting themselves and their institutions from the growing risks associated with money launderers. With good people, practices and technologies in place, bank managers can also dramatically reduce the risk of being caught in the crosshairs of bank regulators. That’s a growing risk, too, for many senior banking executives, one likely to continue ending some otherwise illustrious banking careers in an industry with systems that will always be the target of criminal enterprises.