Despite the United States’ prominence in the world of finance, its efforts to attack the root causes of money laundering are sorely lacking.
Suspicious activity reports, for example, are widely considered to be little more than very expensive busy work that, in a vacuum, rarely uncovers criminal activity.
In an age of political impasse, the need to update the Bank Secrecy Act and Anti-Money Laundering regulatory regimes has become a bipartisan cause. Among the ideas: resolving the privacy roadblocks to data sharing and using modern technology, including artificial intelligence and machine earning, to do the detective/grunt work.
To that end, Rep. Ed Royce (R-Calif.) introduced the Anti-Money Laundering Modernization Act of 2017 last September.
“Our nation’s anti-money laundering and countering terrorism financing regime has been a 40-year work in progress, and there is increasing recognition that it needs to be modernized,” Royce said of the bill’s introduction. “Our regulatory infrastructure must keep pace with the times. Criminal syndicates, rogue nations and terrorist networks are not sitting idly by, and neither can we.”
The bill would also expand the ability of financial institutions to share suspicious activity reports within their organization to improve enterprise-wide risk management and require Treasury to improve qualitative feedback for financial institutions and Federal financial regulators on their AML/CTF efforts.
Importantly, the legislation would also require Treasury to explore the potential for artificial intelligence, machine learning, and other technologies to help detect and prevent money laundering and terrorist financing.
“Improving information sharing is not limited to the exchange of information between the public and private sectors. We welcome efforts by financial institutions to share information with each other.”
Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence
The prospect of applying AI and other technological advances to AML programs was also a recurring theme at a Jan. 9 hearing of the Senate Banking Committee.
At the hearing, Greg Baer, president of the Clearing House Association, laid out the many problems currently facing the nations AML regime.
“Our AML/CFT system is broken,” he said. “A core problem is that today’s regime is geared toward compliance expectations that bear little relationship to the actual goal of preventing or detecting financial crime … Fundamental change is required to make this system an effective law enforcement and national security tool, and reduce its collateral damage.
The regulatory regime, he said, “is a system in which banks have been deputized to act as quasi law-enforcement agencies and where the largest firms collectively spend billions of dollars each year, amounting to an annual budget somewhere between that of the ATF and the FBI.”
Large banks, Baer said, have been pushed away from risk-based approaches, because their performance is not graded by law enforcement or national security officials, but rather by bank examiners.
“Those examiners focus on what they know and control: policies, procedures, and quantifiable metrics—for example, the number of computer alerts generated, the number of SARs filed, and the number of compliance employees hired,” he added. “This means that a firm can have a program that is technically compliant, but is not effective at identifying suspicious activity, or is producing adverse collateral consequences.”
As a result, he said, banks are filing SARs that are in less than 10 percent of cases followed up on in any way. For certain categories of SARs, the yield is close to 0 percent percent.
To put some numbers to the issue, Baer said that one AML director recently testified that his firm employs 800 individuals worldwide fully dedicated to AML/CFT compliance, detection and investigation work, as well as economic sanctions compliance. Today, a little over half of these people are dedicated to finding customers or activity that is suspicious. The remainder—and the vast majority of employees dedicated to these efforts in the business and operations teams that support the firm’s AML program—are devoted to perfecting policies and procedures; conducting quality assurance over data and processes; documenting, explaining, and governing decisions taken relating to their compliance program; and managing the testing, auditing, and examinations of their program and systems.
By point of reference, the more than 800 is greater than the combined authorized full-time employees in Treasury’s Office of Terrorism and Financial Intelligence and FinCEN.
War on AML imperative
Another imperative in the fight against money laundering is ensuring that boards of directors also make the crime more of a priority.
Even though financial institutions are aware of risks related to money-laundering and sanctions-related investigations, many of them may be “de-risking”—disassociating themselves, perhaps needlessly, from otherwise-profitable businesses and relationships,
That’s according to a survey of financial services executives and boards of 361 financial institutions around the world recently released by AlixPartners, a global business advisory firm. At the same time, a significant number lack both adequate AML and sanctions compliance budgets and training for their boards.
According to the survey, nearly two-thirds of respondents have experienced de-risking in one form or another—a trend that could actually increase institutions’ AML and sanctions risks, as customers seek other avenues for conducting their business with the institution, such as creating “nested” relationships in the case of correspondent banks. This could be even more difficult to detect and subsequently report potentially suspicious activity and/or sanctions violations.
Meanwhile, 32 percent of respondents say they consider the AML and sanctions-compliance budgets at their firms to be “inadequate” or “severely inadequate.”
And, in what the survey’s authors say may be a sign that an understanding of AML and sanctions risks hasn’t fully permeated the upper reaches of many financial institutions, 20 percent of respondents say their board is not receiving AML and sanctions training and regular briefings, despite many new compliance standards having recently been implemented around the world.
“As with all matters important to a financial institution, success in AML and sanctions preparation hinges on having clear support from senior management and the board,” says Sven Stumbauer, a managing director in the financial advisory services practice at AlixPartners. “If you want to create a culture of compliance, the tone and expectations need to be set at the top and supported by ongoing education and training.”
According to the survey, one way that institutions are continuing to step up their compliance efforts is through technology; with a majority of respondents (54 percent) saying AML and sanctions compliance monitoring systems are their top investment areas for the next 12 to 24 months.
“Robust IT systems and the relevant input information are a critical component of AML and sanctions compliance,” added Stumbauer. “Institutions feel having the right kind of tools is imperative to detecting and reporting on suspicious activity or potential sanctions breaches, which is showing no signs of slowing. However, not all institutions believe their current systems are adequate or sufficiently fine-tuned.”
The survey also found that 92 percent of respondents saying their firms have a formal AML and sanctions-compliance program in place. However, 35 percent say their firms don’t perform independent annual reviews or benchmarking reviews of these programs.
Baer urged officials and financial institutions to consider the potential for the use of AI and machine learning to improve AML systems.
“AI does not search for typologies but rather mines data to detect anomalies,” he explained. “It gets progressively smarter; it would not be easily evaded; and different banks with different profiles would end up producing different outcomes. The current system is not progressing from typology to anomaly, however, because there has been no signal whatsoever from the regulatory agencies that dollars can be shifted from the existing, rules-based system to a better one.”
But there are obstacles, Baer said. AI strategies require feedback loops, which do not exist in the current system. In addition, there are barriers to cross-border information sharing of suspicious activity for global financial institutions.
Baer also encouraged the exchange of AML/CFT information between the government and the private sector as well as between and among financial institutions. He applauded the FinCEN Exchange program, launched on December 4, in which FinCEN will meet with law enforcement and financial institutions every six to eight weeks to exchange information on priority illicit finance threats, including targeted information and broader typologies. This is intended to enable financial institutions to better identify risks and focus on high-priority issues.
“Such sharing not only makes financial institutions’ programs more effective and efficient, it assists in focusing their resources on important matters,” he said.
“Strong public-private partnerships and two-way information sharing is a crucial component of our efforts to combat the sophisticated money laundering methods and evolving threats we face today,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.
Private-sector participation in FinCEN Exchange is strictly voluntary, and the program does not introduce any new regulatory requirements.
“Improving information sharing is not limited to the exchange of information between the public and private sectors. We welcome efforts by financial institutions to share information with each other,” Mandelker said.
“We know that some banks have started forming consortia to share information more dynamically under Section 314(b) of the USA PATRIOT Act,” he added. “By working together, these groups of financial institutions have provided substantial insight into illicit finance threats that otherwise may be invisible to a single institution. We are highly encouraged by the private sector’s willingness to engage in this type of exchange, and we appreciate the amount of time and effort that is going into these projects.”
Heather Lowe is legal counsel and director of government affairs at Global Financial Integrity, an organization dedicated to curtail illicit financial flows. She supports greater information sharing among banks and with the government, but injects a note of caution.
“While we generally support greater sharing of information in the AML area, it must be done with appropriate privacy safeguards,” she says. “Where it may result in a person being denied banking services at all, there must be a system for redress for people to be able to restore that access if they can demonstrate that they are involved in legitimate activity.”
“Transferring raw banking data from banks to FinCEN to analyze (with appropriate privacy safeguards) is not a bad idea,” Lowe added. “However, it is essential that we do not absolve banks of the responsibility to carry out their own analysis as well, which they have the ability to review within the context of the additional client information that they have, because they are the gatekeepers to the financial system. The federal government cannot do this alone.”