Sujata Dasgupta provides an analysis of the upcoming Dutch AML utility – currently under feasibility study – and how it can open up a new world of possibilities in unified transaction monitoring.
In the wake of rapidly rising financial crimes, regulators across the globe have toughened their stance on compliance violations and are scrutinizing banks more closely. Penalties on banks are mounting, jeopardizing their reputation along with financial loss. Almost every bank today is focusing on upping their platform, process and people spend in financial crimes compliance. All stakeholders – from regulators to financial institutions (FIs) to regtech (regulatory technology) providers – are exploring ways and means to make AML and other financial crimes compliance more effective and efficient.
Championing this cause, a consortium of five Dutch banks – ABN Amro, Rabobank, ING, Triodos Bank and Volksbank – which have also been under regulatory scrutiny lately, announced in September 2019 one such path-breaking measure, to work toward a combined transaction monitoring (TM) organization. This would help The Netherlands in their fight against financial crimes perpetrated through the Dutch banking networks, as an estimated €16 billion in illicit funds is known to be circulating in The Netherlands currently. Transaction Monitoring Netherlands (TMNL), as it has been christened, will be the first of its kind, as there exists no such utility today where transactions of multiple FIs are monitored under a single umbrella, with information shared across them. While this utility is in a feasibility study phase, facilitated by the Dutch Banking Association NVB, the concept itself has provided the financial industry an impetus to work toward collaboration in AML monitoring.
From Shared KYC to Unified Transaction Monitoring: Stepping up the Fight Against FinCrime
The emergence of utility model with shared KYC utilities: FIs started collaborating on non-competitive IT initiatives in the area of financial crimes compliance more than five years ago, when several shared KYC (know your customer) utilities were launched. The first generation of KYC utilities marked the emergence of the SWIFT KYC Registry, Markit|Genpact KYC Services, Thomson Reuters’ Accelus Org ID and the DTCC-cofounded Clarient Entity Hub in 2014. However, each utility focused on some specific customer segments and geographies, thus leaving the KYC landscape fragmented.
This led to KYC utilities being formed by several banks within a country (e.g., Central KYC Registry in India and CordaKYC in France). The second generation – regional KYC utilities – started taking shape soon after, with “MANSA” in Africa already functional and “Nordic KYC Utility” covering the Nordic countries (Sweden, Denmark, Norway, Finland) planned for a commercial launch in 2020. FIs in the Baltics are also discussing a regional KYC utility launch, covering FIs in Latvia, Lithuania and Estonia.
The first step toward unified transaction monitoring utility: While the KYC utility model has already gone through the initial proof-of-concept phase and is currently maturing, there has been no other AML compliance utility model so far. The Dutch banking fraternity, with their plans to explore a TM utility, have set in motion a disruptive approach toward collaboration in fighting financial crimes. Criminals use multiple banking networks and channels, breaking up large volumes of money into smaller amounts to avoid suspicion and evade the rules of banking AML platforms.
That is why aggregating all the transactions of the five banks initially (and targeting the rest of the Dutch banks in future) to monitor them holistically makes perfect sense. As per reports, the scale of transactions is massive: The five banks process a total volume of 27 million transactions per day and 9.8 billion per year. With sophisticated digital solutions revolutionizing the AML compliance function, a whole lot of intelligence can be unearthed from such huge volumes of data, which can in turn aid in identifying criminal networks.
Transaction Monitoring Utility: Considerations for Optimizing Collaboration on AML
As five Dutch banks are looking forward to a feasibility study for launching TMNL – and to initiating implementation programs once they receive the nod based on the results of the study – we analyze below some key considerations that FIs must evaluate before embarking on such programs.
Regulatory considerations: Pursuant to regulations mandating privacy of customer data, FIs have abstained from sharing data relating to their customers’ accounts, transactions, risk profiles or any other information among each other. However, the entire concept of utilities is based on the premise of sharing customer information among collaborating FIs – be it for KYC (involving customer and associated parties related data) or TM (involving account and transaction data).
This contradiction has prompted a proposal for amendment of the Dutch Money Laundering & Terrorist Financing Prevention Act (WWFT) and Dutch Economic Offenses Act (WED) as a preparatory measure for implementing the TM utility. As per the proposal, the regulated FIs can in general exchange customer information with each other more easily, and specifically when there is a risk of money laundering or terrorist financing as evidenced from the customer behavior. Such legal amendments can boost the success of utility operations, but FIs should also use this regulation very cautiously to avoid misuse of customer data, exercising discretion on how much information is essential to be shared.
Business process considerations: Banks define their own TM framework within the broad AML regulations applicable to their jurisdiction. From customer segmentation to scenario management, threshold tuning, suspicious behavior detection and alert investigation processes, there are bound to be variations across FIs. A TM utility will need to standardize all of these in order to run a unified TM detection, investigation and reporting function for the participating FIs. The FIs, on their side, will need to align to this common framework and take appropriate measures and controls to risk accept the processes handled by a third party (i.e., the utility). FIs must understand that the transaction monitoring activity gets moved to the utility, but not the accountability of compliance, which still rest with the former.
Technology considerations: A TM utility must have a flexible infrastructure to future-proof against changes in regulatory, technology or user experience expectations. The participating FIs’ own infrastructure linked to the utility should also be flexible to adapt to such changes. Data standardization and extraction is another key consideration, as participating FIs will have to agree on common data standards for the TM utility. Each FI’s level of maturity in terms of data quality and models may be higher or lower than that of the utility, so provisions have to be made to arrange for the delta around customer, account and transaction data required by the bank and utility.
Threshold of a New Horizon: Converging AI and AML Utility
A TM utility is expected to handle extremely high volumes and velocity of data and to process such data promptly and accurately while matching them against complex AML monitoring rules. Advanced analytical models and data visualization tools can be very effective in mining such data with agility and accuracy when compared to traditional tools and manual efforts.
Rule-based AML detection systems that have been augmented with AI (artificial intelligence)-based tools in FIs’ in-house AML platforms have already demonstrated better performance. A TM utility will have access to a much wider view of transactions (i.e., across multiple FIs through which the money trail moves). It is, therefore, essential to employ AI-based detection engines, which can map the end-to-end transaction flows and discover criminal networks spread across FIs, a function that rule-based systems are incapable of.
Digital technologies are continuously evolving, and the latest one making waves in the compliance world is social network analysis (SNA). It involves the use of complex data-mining techniques across structured and unstructured data to reveal interconnected entities and objects and to detect linkages originating from web and social media networks to identify criminal rings and entity-level risks of suspicious activity. Implementing SNA in a TM utility can accelerate the AML detection and investigation process, as well as enrich intelligence on criminal networks.
As we anxiously wait for TMNL to take shape, FIs worldwide are possibly contemplating the virtues of such a utility and how the same can be leveraged in stepping up their fight against financial crimes. The first step has been taken, and it is just a matter of time when we witness its proliferation. An interesting journey lies ahead!