In many ways, the world has been a different place since the Sept. 11, 2001, terrorist attacks in New York – and financial regulators toughening up compliance standards to stop terrorists from accessing dirty money is just one of them.
Anti-money laundering technology has existed in some form for decades. But the industry has seen real growth in just the seven years since the US put the Patriot Act into place. The act required financial institutions to crack down on money laundering, or “terrorist financing” as it put it.
The model outlined by the Patriot Act is quickly becoming emulated by regulators around the world, says Neil Katkov, a Tokyo-based consultant. A managing director for Celent LLC, the financial services IT analyst group headquartered in Boston, Mass., he regularly advises on anti-money laundering efforts.
“The Patriot Act didn’t write in that technology was required,” he says. “But the way the act is constructed, technology helps.”
Money laundering is on the rise globally and will soon pass the $1 trillion mark in late 2008 or early 2009, Celent projects.
The majority – 82 per cent – of this money is introduced via banks and then “layered” through investment firms, Katkov says. But insurance companies are an increasingly popular target, accounting for 10 per cent of money laundering this year. Typically, fraudsters will invest heavily into a life insurance fund and then cancel it and have the money transferred to a bank.
“Money laundering mirrors the legitimate economy,” in terms of growth, Katkov says. “I think it’s kind of a fact of civilization, to be philosophical.”
As the illicit industry has grown, so too has the software market that seeks to stop it. Globally, $3.6 billion will be spent on anti-money laundering programs this year, according to Celent.
With all that money being spent on the software, Katkov shares the necessary features a program must have to be up to the standards of the Patriot Act.
This software feature scans transaction data and analyzes it for aspects that match suspicious money-laundering activity. For example, maybe a wire transfer to a suspicious overseas bank will raise a flag.
Simpler technology uses a rules-based system that is defined by the user and searches for transactions that match that criteria, Katkov says. More advanced technology puts predictive analytics to work to identify money-laundering in more complex ways.
“For a larger institution, the heavy duty analytics are going to be more effective,” the Tokyo-based analyst says. “For smaller institutions, the rules approach is probably appropriate because it requires less IT expertise… there aren’t going to be as many nooks and crannies to hide in to do schemes.”
The key features of a good anti-money laundering tech solution.
Watch list filtering
In a day and age where various governments issue lists of suspected terrorists and known criminals, banks will want to see if one of their account holders is on such a list.
“These people could possibly wreak havoc at a bank,” Katkov warns.
This is a hot area of the anti-money laundering market right now, he adds. The need for banks to keep the bad guys out has spawned a business around real-time filtering capability and independent providers of the lists.
“We call them enriched providers and they have databases full of people and organizations that are thought to be high-risk,” Katkov says.
The market leader in that sector is World-Check, a company that claims to serve over 2,500 institutions, including 47 of the world’s 50 largest banks.
Real-time watch-list filtering checks outgoing transactions against the lists as the transactions occur. When an alarm is tripped, the transaction is held temporarily until an investigator either clears it or blocks it. Most vendors that provide all-encompassing anti-money laundering products will provide this service, Katkov says.
When it comes to regulations compliance, there is no shortage of paperwork. Anti-money laundering software can help shoulder the burden of filing reports by automatically pulling the appropriate data and placing it on properly formatted reports.
“The better functionality would take any available data in the system and automatically populate an Excel file or a PDF with the information,” Katkov says. “Then an analyst fills out anything that isn’t done automatically.”
Workflow and case management tools
Once software has identified suspicious activity and generated an alert, it’s up to a human being to take action. Using a case-management system to deal with the added workflow helps ensure all the alerts are dealt with in a timely manner.
“I think it’s the most important part of the solution,” Katkov says. “If you don’t have effective workflow and an easy-to-use system to manage all these alerts and all the investigation that analysts are supposed to do, then it’s very difficult to keep up with all the work to do.”
As a result, many banks are updating their case management systems with more modern software. Business Intelligence vendors like the SAS Institute are getting into this space to provide functional systems.
When regulators come looking for information about specific accounts with a court order in hand, a financial institution has to be able to respond quickly.
Products create a trail in different ways. Some make a record of all the alerts generated by the system, while others capture every action made by a system’s user.
For companies that want an even greater ability to keep an eye on things, Katkov suggests a risk-based dashboard that gives top-level executives an overview of what’s happening within the institution on a single screen. Not only will it provide a user-friendly interface, but the data consolidation required for such a system will help with compliance.
“It’s kind of like the holy grail,” he says. “A lot of institutions are talking about it and a lot of vendors are trying to offer solution. But it’s a very unwieldy and huge data integration issue.”