CHAPTER 26
MONEY-LAUNDERING-DETERRENCE SOFTWARE

26.1 WHAT IS MONEY-LAUNDERING-DETERRENCE SOFTWARE?

As part of a firm's obligations to combat money laundering, they often decide to invest in the use of anti-money-laundering software. Anti-money-laundering software is essentially a computer program designed to analyse and record customer data, and detect suspicious transactions. Some of the main providers of anti-money-laundering software (highlighting their owners, where relevant) include Actimize (NICE), Ambit (Sungard), Mantas (Oracle), Fiserv (formerly NetEconomy), Fortent (formerly Searchspace, also NICE), Norkom and SAS.

There is no single approach to the way in which such software operates, although the products do fall into two broad categories. The first is the scenario-modelling approach and the second the inference-based approach.

Of course, there is no specific requirement for a firm to implement money-laundering-deterrence software; the regulations are not that specific. If a firm has a limited number of clients and already knows its clients well, then there may be little requirement leading to such investment. However, the problem with the due diligence conducted by an individual is that it could either be biased or poorly documented. Money-laundering-deterrence software serves to provide the firm with an audit trail that can demonstrate that it has taken the actions expected of it. So, while it is not a requirement, it is clearly in the interests of a firm to consider how it meets these increasingly onerous requirements.

26.2 THE SCENARIO APPROACH

In the scenario-modelling approach, the software house will have considered the attributes that might identify money laundering or terrorist financing. It will then have designed a series of scenarios which it considers may represent identifiers of potential cases of money laundering. The firm then uses the software to run against a file of transactions and balances, with the software then reporting all transactions that fit the set criteria. Clearly, if the criteria do not seek to review a particular attribute, then no such transactions will be identified.

The following are the types of things that might be identified:

  • Accounts where there has been a level of deposit which exceeds previous average deposits by 30%;
  • Accounts where the level of activity has increased by 50%;
  • Accounts where the level of overseas payments has increased by 40%;
  • Accounts where there has been a new pattern of activity;
  • Accounts with cash receipts which represent a change from previous activity;
  • Accounts connected with persons appearing on a sanctions list.

Of course, this is just a subset of the types of analysis that such software conducts and the percentages shown are purely illustrative. In practice, such software will normally include 50+ scenarios which a firm could choose to implement. It also normally checks against lists of known money launderers and terrorist financers as well as the sanctions regime in addition to other specific reviews. We will discuss this in more detail later. The problem, of course, is that the more analysis a firm conducts, the more accounts requiring additional investigation the firm will identify. This takes up a significant amount of time and effort and leads to work being conducted on what might be referred to as false positives – transactions that appear unusual but, in fact, are legitimate.

There is always a balance to be struck between conducting additional, potentially expensive and onerous systems-led investigation and relying on the due diligence conducted by staff. This balance has now shifted in favour of software due to the current climate of concern.

26.3 THE INFERENCE APPROACH

The alternative solution is inference-based products, which seek to identify what might be considered potentially high-risk transactions through viewing the likelihood of them representing money laundering or terrorist financing based on historic data sets. These products seek to parameterise the customer and transaction profiles such that transactions and relationships which appear to diverge from normality are identified.

26.4 THE CHOICE IS YOURS!

Both solutions have their place and both have advantages and disadvantages. While the scenario modeller will identify specific transactions to review, it is difficult in such products to pick up unusual transactions related to the nature of the customer.

On the other hand, the inference modellers will require a much higher level of data to enable the inference system to work effectively. When such products fail to deliver, it is usually due either to the inability of the firm to efficiently and cost-effectively access the information it requires, or to the problem of false positives. The inference modeller effectively reports every transaction that the firm undertakes, ranking each in terms of its likelihood of being money laundering. This can result in the reporting of false positives, requiring investigation to be conducted into legitimate transactions. Accordingly, even if a firm has an inference-based system, it may well also need a scenario modeller to deal with the level of false reporting.

Firms will need to decide for themselves which type of solution is best suited to their purpose and business practice. Generally, it is the larger firms that would choose to implement inference software, although we are seeing increasingly smaller institutions starting to implement increasingly sophisticated solutions.

26.5 THE EFFECTIVENESS OF MONEY-LAUNDERING-DETERRENCE SOFTWARE

The effectiveness of anti-money-laundering software is often debated. All money-laundering-deterrence software is based on programs that are dependent on data input. They then classify transactions or accounts according to the perceived level of suspicion and inspect the data for anomalies, whether based on statistical inference or scenario. The type of anomalies picked up will include any sudden and substantial increase in funds or a large withdrawal. Clearly, the effectiveness of such a system is dependent on the level of knowledge with which the system is programmed and the data availability within the firm's systems. Any other variables, of which the program is unaware, will go undetected. However, the clear benefit of money-laundering-deterrence software is its ability to analyse large volumes of data continuously.

If you consider the position that would exist without the use of software you will see the problem. If a bank has a large number of accounts in a number of different locations, even trying to make sure that financial sanctions legislation is complied with will become time-consuming. While a manual process can easily focus on the customer acquisition process, if an error is made in this work, there will be little in terms of control procedures to identify that the customer is inappropriate. Further, changes to the list will need a reassessment of the customer base on a regular basis. Remember, financial sanctions must be complied with, while a firm always wishes to avoid doing business with a money launderer or terrorist financer. The use of software consequently serves two purposes:

  1. It provides a back-up control to ensure that cases of inappropriate activity are identified and reviewed.
  2. It also provides a defence for the firm against the claim that it should have undertaken more review procedures.

In the presence of large volumes of data and multiple locations it would be difficult for the MLRO to operate effectively in the absence of such monitoring procedures, and the resulting personal risks can be significant.

26.6 TRANSACTION MONITORING

In Chapter 22 we discussed the ongoing responsibility to monitor transactions. Clearly, to enable a firm to effectively monitor customer behaviour, it is important for it to maintain adequate and up-to-date transactions documentation and customer information. This is the time when firms most benefit from the use of transaction-monitoring systems, although we are not aware of any jurisdiction that explicitly requires such software to be acquired.

To have an effective transaction-monitoring system, generally a firm should:

  • Analyse system performance at a sufficiently detailed level, for example on a rule-by-rule basis, to understand the real underlying drivers of the performance results.
  • Set systems so they do not generate fewer alerts simply to improve performance statistics. There is a risk of “artificially” increasing the proportion of alerts that are ultimately reported as suspicious activity reports without generating an improvement in the quality and quantity of the alerts being generated.
  • Deploy analytical tools to identify suspicious activity that is currently not being flagged by existing rules or profile-based monitoring.
  • Allocate adequate resources to analysing and assessing system performance, in particular how to define how success is measured, and produce robust objective data to analyse performance against these measures.
  • Consistently monitor from one period to another, rather than an intermittent basis, to ensure that performance data are not distorted by, for example, ad hoc decisions to run particular rules at different times.
  • Measure performance as far as possible against like-for-like comparators, e.g. peers operating in similar markets and using similar profiling and rules.

26.7 WHAT TYPES OF ACTIONS WILL BE MONITORED BY THE SOFTWARE?

The software will monitor different things, and in some cases the firm is able to add specific additional matters which it wishes to have reported in addition to those routinely provided by the software. The types of things that are likely to be reviewed include the following:

  • Transaction monitoring by products, customer, value or whatever a firm decides to use as a factor;
  • Dormant accounts that become active;
  • Customer transaction volumes that change by more than a set percentage;
  • Know Your Customer information which is inconsistent with customer activity using some form of statistical technique;
  • The accounts that need to be subject to enhanced due diligence and the nature of such work;
  • Customers where there is a gap in identification verification;
  • Country, or business risk ratings based on external information;
  • Politically exposed persons (PEPs) based usually on some form of external database being input into the system;
  • Financial sanctions monitoring, again using some form of external database;
  • Identification of disqualified directors or individuals where the regulator has taken action, using external information sources;
  • Customer activity that changes by nature or appears to follow the structure of known historic money-laundering cases.

This is only a subset of the types of issue that will be monitored in practice, with each software product including a variety of different approaches within the single modelling approach.

26.8 THE PERCEIVED BENEFITS OF ANTI-MONEY-LAUNDERING SOFTWARE

  1. AML software enables firms to easily document that they meet some of the regulatory requirements which they are obliged to do under various anti-money-laundering legislation. Programs can assist firms with ongoing monitoring, record-keeping and detecting unusual transactions.
  2. The use of software can provide a defence against fines and reputational damage in cases where a firm is identified as being involved with a money launderer.
  3. There should be an increase in the number of cases referred to the investigation authorities, as more focussed investigations enable information to be analysed thoroughly, accurately and quickly. This increases the chances that suspicious activity reports will be promptly submitted.
  4. Operational costs are reduced, as computer software programs streamline the investigation process with less human input being required. This potentially releases resources and employees to invest in other areas of a firm's business.
  5. The use of software can improve efficiency and business control, as relevant employees are given a complete view of risks which affect the business.

26.9 WHAT TYPE OF SOFTWARE IS CURRENTLY ON THE MARKET?

26.9.1 Transaction-monitoring Software

Transaction-monitoring software essentially concentrates on monitoring individual transactions for the prevention and detection of money laundering. It is particularly useful for handling large volumes of complex data within financial institutions, including retail and correspondent banks. Software currently on the market generally uses comprehensive analytical techniques to scrutinise all accounts and all transactions to produce alerts most likely to result in legitimate money-laundering cases. The software does this by:

  • Analysing the risk ratings of customer type, product, service and geographical area;
  • Detecting matches against published watchlists such as PEP lists and OFAC;
  • Detecting hidden relationships between family members, beneficiaries and counterparties;
  • Matching account activity against known money-laundering scenarios;
  • Analysing transaction data based on type, combinations with other transactions and dollar amounts, to identify potentially suspicious activity.

Such software really falls into two main types – the scenario approach products (e.g. Oracle, Actimize) and the inference products (e.g. SAS and Fortent).

26.9.2 Electronic Identification Software

Anti-money-laundering software which verifies electronic ID is valuable, as it enables firms to verify key documents, which clients may have physically presented but which may be forged. Such software will use sophisticated software to find numerous ways of electronically authenticating the identity of customers. This may also involve using independent data sources to verify sources of information. Certain software on the market, such as Experian, can provide a score or index value to indicate the degree of confidence that an individual's identity and address are correct. Other similar identification software on the market includes both Complinet and Norkom.

26.9.3 Sanctions and PEP-screening Software

As part of a firm's Know Your Customer obligations, the firm must be aware if it is dealing with known fraudsters, terrorists or money launderers. The effect of not having sufficient systems in place is not just the threat of penalties from regulatory authorities, or the threat to national security, but also reputational damage to the firm. Sanctions and PEP-screening software frequently and closely screen the firm's customer list for individuals identified on national and international sanctions lists, to ensure that the firm is not unknowingly assisting the financing of terrorist activities.

Most sanctions and PEP-screening solutions will minimise “false positives” (potential matches requiring additional manual assessment) which can usually result from automated screening solutions. Most systems will also provide a full audit trail of sanctions and PEP-screening activity for compliance reporting.

26.10 SELECTING YOUR SOFTWARE

In many cases, failed software implementations are due to a lack of appreciation of the differences between types of software. These differences are not always obvious from the company websites, so meetings with the different vendors and discussions with successful users will be required.

One of the key stages in the selection process is the construction of the long list – that is, the list of firms that will be considered for selection, regardless of the method chosen for the ultimate selection. In many cases, failed selection processes result from an incomplete long list of potential suppliers that omits key product vendors.

Some of the capabilities firms may consider are as follows:

  • Transaction monitoring: Detects and profiles customer and transaction activity across all products and channels.
  • Automated risk assessment: Evaluates geography, product and business type, coupled with an evaluation of transactions, behaviour and static information.
  • Know Your Customer (KYC)/Customer due diligence (CDD): Manages the customer onboarding process through a defined sequence of steps in a due diligence workflow.
  • Link analysis: Discovers hidden relationships among transactions, customers, accounts, alerts, cases, products and channels.
  • Integration with legacy systems and databases: Built-in connectors accelerate integration with disparate existing systems and data sources.
  • AML investigative management: Automatically triages AML alerts and provides investigative tools to manage alerts through predefined workflows.
  • Sanctions and PEP screening: Matches names and addresses to a range of internal and external lists using Norkom's Watch List Management technology.
  • Payment and transaction filtering: Identifies financial transactions throughout an organisation involving persons or entities contained on watch lists.
  • e-Filing of regulatory reports: Automates the creation, population and filing of reports in many national and international regulatory formats.

26.11 WHAT ABOUT THE SMALLER FIRM?

For smaller firms it is unrealistic to acquire money-laundering-deterrence software – it is likely to be too expensive and also the firm is unlikely to maintain sufficient data to enable the software to operate effectively. Such firms will need to implement a manual form of monitoring process and procedure to ensure that the requirements within the local jurisdiction are complied with. This would normally include a review of customer databases to ensure that sanctions and watch lists are complied with, combined with employee training to ensure that all staff are aware of their responsibilities.

By making staff aware of all of the requirements and obligations, together with the intention for such regulation, a higher level of monitoring is achievable. This, however, needs to be clearly documented and sufficient to enable the management of the firm to have assurance that the firm will not be a target for money launderers and terrorist financers.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset