Home Finance The Costs of Compliance – When Will Investment in Risk Technology Start Paying Off for Banks?

The Costs of Compliance – When Will Investment in Risk Technology Start Paying Off for Banks?

by internationalbanker

By Nina Kerkez, Senior Market Planning Director, LexisNexis Risk Solutions





Latest research from Oxford Economics and LexisNexis Risk Solutions shows that UK banks are spending hundreds of millions of pounds each year on Financial Crime Compliance (FCC). Around half of this annual expense is being invested in implementing risk technology into compliance processes – with spend split across hardware, people, and training.

Automating and digitalising processes is typically done to improve efficiency and performance. Yet, compliance costs continue to rise, raising the question: when will banks start to see a return on their investments?

The rising costs of FCC

The True Cost of Compliance research shows that FCC costs have risen by 19% since 2020. Total costs for UK financial services now stand at £34.2bn per annum, or around £194m per bank, and the expectations are that costs will rise by a further 8% over the next three years.

Regulation, according to the 300 financial services firms that contributed to the research, is the number one external factor driving FCC expenditure. However, since Oxford Economics’ first cost of compliance study in 2020, there have been few significant updates to Anti-Money Laundering (AML) regulations and certainly none that would justify the double-digit growth rate in costs that we’ve seen.

It is more likely that increases in costs are being driven by a combination of a rise in criminal activity and a growing prioritisation amongst banks to address it. Over 80% of respondents from UK financial services firms perceive an evolving criminal threat as the second highest-ranking external factor influencing FCC costs. Their concerns are validated by the latest Fraudscape report from Cifas, published in April 2023. This reveals that last year saw 409,000 cases of fraudulent conduct logged to the National Fraud Database, the highest volume on record.

Levels of fraud and financial crime could escalate in the coming years. Rising living costs are squeezing household budgets, potentially leaving people more vulnerable to criminal attack. Those in financial difficulty are far more susceptible to scams, making too-good-to-be-true offers seem plausible, while money worries may turn otherwise law-abiding citizens into fraudsters themselves. Natwest Bank’s recent ‘Honest Job’ advertising campaign attempted to dissuade young people from becoming money mules, with their research showing growing numbers being targeted by criminals who are keen to exploit their financial hardship.

Countering this growing and evolving criminal threat could make an 8% rise in FCC costs (predicted in the next three years) look optimistic.


The FCC spend conundrum

If we drill down further into the average annual FCC spend (£194.6m) per financial services organisation, the research shows the largest portion is being consumed by Know Your Customer (KYC) and Identity Verification (IDV) checks. More than a fifth (22.1%) of budget is spent in this area, equating to around £43m each year.

Significant investment in customer due diligence is a logical move by firms. Criminals realise that banks are focusing huge amounts of capital, time, and resource on building robust systems to stop fraud and financial crime, and view customers as a pervious point of exploitation. Therefore, it’s critical that firms concentrate on protecting genuine customers, and weeding-out the malicious intent during onboarding and every day transactions.

It’s for this reason that, after KYC and IDV, the next five largest areas of FCC spend are also customer due diligence processes. Tens of millions of pounds each year are being invested in activities including AML screening (10.1%), fraud checks during onboarding (9.4%), ongoing monitoring of customers (9.3%), transaction monitoring (8.1%) and alert remediation (8%).

Multiple and continuous stages of customer due diligence need to be quick and seamless. Customers can be easily frustrated by slow and laborious interactions with banks, which compromises their satisfaction, loyalty, and retention. Balancing this against the need to protect customers – and themselves – against fraud and financial crime, organisations are prioritising automation and digitalisation.

9 in 10 firms saw an increase in FCC costs during the past three years, with all these organisations reporting automation and data as the number one driver of costs. In many ways, this is a positive indication that banks are progressing their digital transformation agendas to keep pace with (or ahead of) the growing customer demand for online and mobile services, and slicker, lower-friction experiences. Investment in these areas can also enable organisations to create modern infrastructure better equipped to meet the reporting and traceability requirements of regulation that’s placing greater onus on digitalisation.   

These circumstances all imply that banks are getting their priorities right in terms of FCC expenditure. The conundrum is, why they are continuing to see such high and repeated rises in costs, when technology, software and data all form a major part of their investments?

Solving the conundrum

Technology costs as a share of the total amount spent on FCC, increased from 25% in 2020 to 30.2% in 2022. Combined with technology-related employment and training costs, total technology spend now represents half of all FCC costs (50.9%).

This investment is targeted at reducing manual activities during customer due diligence, with around 75% – 80% of processes including transaction monitoring, IDV, KYC and fraud checks now being automated. Banks should be benefitting from major efficiencies and performance improvements in these areas, and seeing total spend on FCC slowing or declining. The reason they aren’t is because of how technology, software and data are being deployed.

Banks rightly take a multi-layered approach to preventing fraud and financial crime. Deployment for onboarding, ongoing monitoring and transaction monitoring typically involves six to eight separate systems for the average firm, with each operating independently, because of how they are structured to manage risk.

Furthermore, criminal attacks and activities vary, and are constantly adapting. Specialist knowledge and experience is required to continually comprehend the different risks of fraud and financial crime facing organisations and their customers. In response, dedicated teams and systems often exist within banks, each characterised by expertise and practices that tackle the nuances of a specific type of threat, whether fraud, money laundering, or others.  

Specific crime typologies tend to require specific risk management strategies to tackle them, inevitably leading to fragmented prevention efforts across an organisation. Systems and countermeasures may not necessarily align, and opportunities for collaboration missed. As a result, technology, software, and systems are often under-utilised, and there will be a duplication of effort and activity.

Administration of data and technology vendors can also represent an operational challenge.  Brokering, implementing, and managing separate vendor agreements, as well as the ongoing maintenance of multiple systems including API integration, and building and updating internal decisioning logic, can be costly, especially where compliance teams must manually connect the dots between systems.

Maximising the return on investment in risk technology and software requires a customer-led approach to fraud and financial crime. Undoubtedly, specialist knowledge and experience of criminal threat typologies must remain within organisations. However, creating a comprehensive, single view of each customer will help optimise the spend on customer due diligence and streamline the processes involved.

Banks are increasingly adopting this customer-led approach. We see it in the convergence of fraud and anti-money laundering (FRAML) operations, as well in the shift from risk management to risk orchestration. The latter helps to create an end-to-end solution for customer onboarding and ongoing monitoring, which harmonises the many different systems and data sources that banks invest in to prevent fraud and financial crime. These steps will help financial services organisations to better reap the rewards of their FCC spend, with investments in technology and software paying off to better manage and reduce the costs of compliance.

To download the full True Cost of Compliance report, visit HERE


Related Articles

Leave a Comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.