The struggle of financial institutions with anti-money laundering compliance issues and risk-management challenges continues as the uptick in money-laundering scandals continued in 2019. As this is not surprising, the way at which sophisticated organizations such as financial institutions continue to grapple with solving the challenges of AML compliance and face ever-increasing regulatory-enforcement actions is a bother. One of the primary tools used in determining a financial institution’s overall money-laundering risk and exposure, and they are used globally is customer risk-rating models. These risk assessment models are based on the classification of basic customer risk criteria. However, this methodology often leads to miscalculations of true customer risk, potentially incorrectly classifying higher-risk customers, which in turn creates inefficiencies and in tandem increases risk exposure for the financial institution. Given that a sound AML-risk assessment serves as the baseline for developing and enhancing robust internal controls for AML compliance, the importance of adequately assessing money-laundering risk cannot be overstated.
As recent enforcement actions have revealed, robust information technology has proven to be a critical part of AML compliance. The full picture of the involvement of IT in AML compliance should be seen by financial institutions by monitoring and sharing its customers’ transactions across businesses and, potentially, jurisdictions, which will help facilitate the identification of any unusual transactions and behaviors as well as potential sanctions violations. Many financial institutions continue investing in systems or people to manage the output; however, those institutions should consider what will be sustainable for the long term instead of aiming only to meet today’s minimum regulatory standards. As a result of increased regulatory enforcement and activity and the focus on regulatory reporting of suspicious transactions and activities, many financial institutions worldwide have invested heavily in state-of-the-art, sophisticated monitoring systems.
Board of Directors (BoD) bears the sole responsibility for AML compliance even though its role should consist of active oversight and strategy setting. However, an AML program’s everyday management and implementation should be designated to an AML compliance officer but the BoD should examine fully their companies’ compliance strategies and how well senior-management teams execute and implement those strategies. An active, involved and knowledgeable BoD plays an essential role in the successful implementation of an organization’s robust AML and sanctions compliance program. Given the clear indications that regulatory bodies around the world will continue to enforce aggressively AML compliance, financial institutions are advised to take an immediate look at their AML compliance efforts. These organizations need to do so not only from a pure compliance perspective but also from the perspective of operational efficiencies, effectiveness and solutions—how to operate smarter and more agilely as the current marketplace demands.