NICE Actimize: The automated answer to AML – Micah Willbrand
The clampdown by regulators on money laundering and other types of financial crime has exposed just how much the demands on the banking industry have changed over the past 20 years. Future Banking speaks to Micah Willbrand, director of global AML product marketing at financial crime, risk and compliance software developer NICE Actimize, about how culture and technology in banks needs to change to address today's challenges.
Banks have to get to know their customers better. This is not only the insight that comes from the growing competitive pressure from new-player financial services but also the message regulators are trying to drive home. 'Know your customer' (KYC) regulations are affecting the vast majority of the industry as it tries to improve its anti-money-laundering (AML) processes and combat fraud more effectively.
In its 'Customer Due Diligence Market Survey' in the summer of 2015, NICE Actimize - the largest provider of financial crime, risk and compliance solutions for regional and global financial institutions - found that 61% of financial institutions are affected by changes in customer due diligence (CDD) or KYC regulations, as they pose challenges in terms of the quality and availability of data, a reliance on manual processes and maintaining existing IT infrastructure.
In a regulatory environment that is likely to become increasingly strict in its enforcement of AML rules, banks need to look closely at how their compliance functions work in technological and organisational terms.
"The compliance landscape in financial services has evolved significantly over the past decade," says Micah Willbrand, director of global AML product marketing at NICE Actimize. "When I first started in AML, it was in its infancy, and we focused on customer on-boarding, basic identity verification and sanctions.
"We confirmed people's details against electronic databases held by credit bureaus or against the electoral register. In the 2000s, especially post-9/11, the focus was more on money transfers to sanctioned individuals - specifically, terrorist organisations.
"The focus was on drilling down within the transaction-monitoring space into the flow of money to these sanctioned entities and driving that out. Now, at Actimize, we have our Suspicious Activity Monitoring [SAM] solution, which is used by a lot of tier-one banks globally to drive out that activity.
"In the past five years, however, we have seen a shift back to where AML started in the 1990s, which is focusing on relationships. We have a good handle now on where money is going, but criminal organisations have shifted back to hiding their activities among other organisations, and that is where we are seeing a lot of the emphasis now," he adds.
NICE Actimize has a team of AML experts who apply innovative technology to protect institutions and safeguard consumer and investor assets by identifying financial crime, preventing fraud and providing regulatory compliance. It provides real-time, cross-channel fraud prevention, AML detection and trading surveillance solutions. Willbrand joined the company just over a year ago, having previously worked at enterprise risk management specialist Acuity and LexisNexis Risk Solutions, as well as Experian, where he specialised in identity verification products. Overall, he has 15 years' experience in the AML space.
"In terms of banks adapting, they have, in the past three to four years, looked to technology to help them because sanctions have shifted from being broad - such as 'don't work with North Korea or Iran' - to a different model that we have seen with the Ukraine crisis during the past two years. The idea is now sectoral sanctions, so we are seeing a shift to targeting specific individuals rather than countries," Willbrand observes.
"After the Ukraine crisis, the West only sanctioned specific individuals and specific organisations that were crucial to the Russian economy as a better method to end the crisis. Gazprom, for example, was part of that sanctions programme, and it has been a challenge for that organisation to get long-term financing for its oil production. Financial organisations have really adapted. They have to drill down and know who their customers are and how they intertwine with all these other organisations."
New kit, new culture
For Willbrand, the IT element of AML only works effectively when it takes place within the right structure and culture of compliance.
"We often see siloes within a bank. The AML function would often be called the 'business prevention office' because entities would come to ask if they could work with a certain individual and the compliance team would say no.
"Recently, the idea of a culture of compliance has emerged. Regulators have been pushing on this. It means compliance is not just the job of the financial intelligence unit, the fraud unit or the AML unit; everyone in the organisation has a responsibility to ensure it remains compliant. It is a top-down approach from the CEO to the branch teller. There needs to be an eye on compliance at every touchpoint," says Willbrand.
"We're seeing that happen. The siloes were mostly in the top banks. That has been broken down now. By breaking down those walls between AML and the rest of the organisation, we see a lot more cooperation. Now, the obstacle is technology, as there are a lot of financial instruments to look at - stock trades, cash deposits, money transfers and many more - and large banks are often not integrated from a technology perspective," he adds.
NICE Actimize has specific solutions that address issues such as AML. The SAM solution provides complete AML transaction monitoring compliance with end-to-end coverage for detection, scoring, alerting, workflow processing and reporting of suspicious activity to help banks ensure that nothing slips through the cracks. SAM supports the full investigation life cycle and, with its integrated case management platform, improves staff productivity to make compliance more cost-effective. Furthermore, it has a library of detection models that are designed specifically for banking, finance, securities and insurance.
The company also recently launched the Actimize CDD Suite - an enterprise-ready, out-of-the-box solution that focuses on branch-to-bank customer risk.
"Financial criminals often poke around until they find the point of entry - the point of least resistance. A global bank might have a very robust AML policy in London, for example, but it if it has just acquired a bank in Namibia, it maybe doesn't have such a strong policy there, so that might be a route for a criminal to get into the bank's headquarters," says Willbrand.
"From an IT perspective, we are breaking down those technology barriers to see across the enterprise. The technology has evolved and, at NICE Actimize, we have worked hard to help financial organisations break down those technical walls, share information and have an enterprise view. That is the biggest technical challenge, though training financial analysts is also a big challenge because of the ongoing changes in regulations. There is a shortage of highly skilled AML people. We are trying to help with that through smarter workflows for analysts to allow the technology to automate some processes."
Automating out of complexity
NICE Actimize has been working closely with customers in the financial services industry to understand the challenges they face in dealing with CDD and KYC regulations. It draws on its legacy in risk assessment to create IT solutions that automate many of the manual processes that have made customer on-boarding less efficient in the past.
Its solutions include a customer risk assessment engine that assigns everyone a risk grading based on factors such as geography, demographics and historical money flows. They also encompass transaction monitoring and customer risk models that determine how a bank should expect a customer to act, rather than waiting for an anomalous event to respond to.
Its customer on-boarding solutions are designed to recognise that no two customers are the same, so banks need a flexible approach. Everyone has a different journey, so financial organisations must be allowed to decide the flow of the on-boarding process. Customer due diligence and risk grading are performed through automated processes rather than historically labour-intensive research that analysts were required to do on individuals, so decisions can be made more rapidly.
"Banks are evolving to handle the KYC issue, though they often have a reputation of not caring about their customers, and compliance requirements were often heavy-handed in their demands for documentation, which can be frustrating for the customer.
"Compared with organisations that customers do business with regularly such as, say, Amazon, where the goal is to get a customer on board and purchasing something within 45 seconds, it can seem a struggle to open a bank account," notes Willbrand.
"But global tier-one banks are recognising that Silicon Valley and new virtual currency technologies are really coming after them. So, banks need to become more customer-centric - that is how they will win the battles, and it will require new technology to automate the process and make it more cost-effective. It is not just about meeting the regulatory challenge."