Continuous risk management in the field of ‘Financial Economic Crime’ (FEC) has become a bitter necessity for banks. They do take this task very seriously. After many years of remediation initiatives, the outline of structural solutions has been sketched throughout the banking industry. In this article we highlight the most important steps towards an integrated FEC risk management framework. This involves bringing together the many FEC activities, in a rationalised systems landscape and using new technological developments. In our FEC maturity model, we have dubbed this step the ‘Quantum Leap’. We reflect on the challenges ahead and point out suggestions to manage this leap quicker and more effective.
The awareness is there: the approach to fighting FEC needs to change
In a previous article we already touched upon the fact that the effectivity of all FEC initiatives throughout the financial sector leaves a lot to be desired. Despite the extreme investments over the past years, this massive scale-up is yet to yield any significant results. It is necessary to break through this vicious circle of FEC incidents. Often leading to regulatory action, followed by even more additional investments. However, difficult as it may be, it proves to be very difficult to strike a balance between supervisory rules, material risks and the necessary efforts. In summary, the negative consequences are:
- unnecessarily burdening clients with red tape and sometimes even a (unjust) termination of their banking relationship.
- good FEC employees are a scarce resource and not only difficult to find but also quickly bored or burned out.
- banks spend less time than possible (and not enough time) on managing the ‘real risks’.
As such, banks are fully aware that their approach needs to change. They realise that the different focus areas within FEC do not work in splendid isolation. In fact, these areas can strengthen each other and act as communicating vessels. For example:
- An up-to-date and complete picture of the client (Client Due Diligence – CDD) makes it a lot easier to assess whether a particular transaction or transaction pattern (Transaction Monitoring – TM) is explicable.
- For a client with only a payment and savings account and domestic payments, a ‘lighter’ client due diligence investigation may suffice. Analysts’ capacity can then be focused on more complex cases. Such as international payments.
With these thoughts in mind banks have adjusted their operating models. Bringing together the several FEC activities under clear management responsibility forms an important basis for further improvement. This is also reflected in the different stages of our FEC maturity model. When a solid foundation is lacking and the basics aren’t done right, the Quantum Leap simply cannot be made.
Strategy and Systems: the yin and yang of the Quantum Leap
The tremendous efforts needed to grow from the ‘Organise’ stage towards the ‘Integrate’ stage transcend the traditional FEC domain. The benefits though, both in terms of effectivity and efficiency, are huge. The challenges faced are threefold:
- redesign of the data model
- optimisation and integration of the systems landscape
- strategy recalibration.
Although these are challenges of a different character they are strongly connected and interdependent. Defining the strategy is largely dependent on the redesign of the data model on the one hand and on system landscape optimisation and integration on the other. In the next section we will highlight these three challenges and their interdependency.
Redesign of the data model
In order to see the various FEC activities in conjunction, it is necessary that all domains in the organisation work from the same ‘golden source’ of client data. Banking systems are traditionally built for specific products or services, not clients. The result is that these systems contain partial client data, product data or transaction information. The consequence: data spread out over different sources, containing the same data items that can (and do) vary between sources. Separate systems are needed to combine and de-duplicate these multiple data sources, just to create a complete client profile. Solutions like this have their design limits and a limited shelf life.
What is needed is a datalake where all relevant data is stored in a structured way, but with less limitations caused by fixed relations between the datapoints. A data structure that is set up for the current data relations and quality demands, but also flexible enough for future changes and innovation. For example, not only clients’ individual product ownership and product use needs to be transparent. Also insights into relationships with and connections to other clients need to be readily available. For example, clients with a retail account that are also a board member for a business client in the banks’ portfolio. A well designed and implemented data model will give the opportunity to reliably combine the client profiles. This prevents double administration and avoids unnecessary work and negative client interactions. With such single, reliable and compliant client profiles and full client profiles the various FEC domains can make better judgements about the client behaviour.
The creation of such a golden resource requires major system adjustments and redesign of the data landscape. All client and product processes need to be aligned to feed and use the datalake across the entire breadth of the organisation. And the data must be kept up-to-date, much better than often is the case now.
Systems landscape optimisation and integration
With a ‘golden source’ for client data and redesigning the data mode we are not out of the woods yet. A second and equally important step is to reduce the number of systems and processes that use this data. In short, all relevant client data is stored in one location, privacy-proof and only accessible for a specific purpose by those with the right authorisations. An unavoidable consequence is a significant reduction of the number of systems in use. Value-for-use process information is virtually impossible if different business units or country organisations do not use the same systems.
A rationalised systems landscape also enables faster and better using the possibilities of new technological developments. At this point in time, implementation of new technologies is limited and mainly aimed at speeding up existing processes. For example through the use of Robotic Process Automation (RPA), workflow management systems and automatically assigning (provisional) client risk classifications. Or for solving specific process or data gaps, think of facial recognition in the client identification process.
The use of truly groundbreaking new technologies, such as Artificial Intelligence and Machine Learning (AI/ML) is still in its infancy stage. These technologies make it possible to execute processes end-to-end in a much more effective and resource-efficient manner, rather than (sub)optimising parts of the process. Such solutions can only be effective if the aforementioned precondition is met: client data is stored in a structured fashion and actively kept up-to-date.
The efficiency and effectivity gains can be traced back to the way in which outlier behavior is recognised and generated in the current environment. At its core, client behaviour is often still monitored based on pre-determined business rules and a limited number of distinctive features. For example of companies active in high-risk sectors or cross border transactions above specific thresholds. A dynamic algorithm can do much more, when set up and trained correctly. For example, by taking in and weighing static and behavioural variables that seem unrelated at first sight. This offers opportunities for a much more targeted way of working.
Besides the technical challenges, there is a third important factor in creating the quantum leap: Recalibrate the organisation’s strategy and direction. While undertaking such a transition, changes occur in many different business areas at the same time. A clear and unambiguous strategy helps guiding the ongoing evaluation of focus and priorities. Consider:
- weighing the interests and priorities between different business units, subsidiaries and/or country organisations
- giving the proper attention to sector-wide initiatives such as shared platforms for Transaction Monitoring and KYC processes. An additional attention point is the role of the government: involvement of ministries and regulators as an independent juror is needed in discussions where competing (commercial) interests are at stake
- the deadlines for ongoing improvement initiatives to comply with FEC regulation are closely monitored by the regulators, while at the same time the regulatory requirements themselves are in continuous development.
All in all, the strategic challenges are very large and complex. This can have a paralysing effect or cause a predominant focus on short-term solutions. It is therefore inevitable to take this into account when recalibrating the strategic vision and putting the ‘dot on the horizon’. And to keep a keen eye on whether the defined roles and responsibilities within the organisation still contribute to the intended steps.
It can turn out to be quite tricky to translate the challenges described above into actionable improvement initiatives. In the next section we give you three tangible pieces of advice based upon our own experience.
Three success factors to manage the Quantum Leap
- Work from a single target architecture with an iterative transformation approach
Benchmarking the status quo of the organisation is essential. A clear target architecture can be used to realise this benchmark. Intended changes or transition steps can be tested on their contribution to this target architecture. Such an approach should have both incentivising and obligatory elements. As simple as it sounds, in practice it will require a straight back when quick fixes are proposed for urgent problems.
- Work together with relevant departments as well as your clients to keep data up to date
An up-to-date and practically complete client profile is of great value for the entire bank. Not just from a FEC point of view! To this end client ownership must be assigned unambiguously. As a next step, all business domains that have a responsibility for data quality or data being up-to-date need to be involved. Not only in the primary FEC process but throughout the organisation. In doing so, it is important to not forget involving the client too.
Let your clients join your challenge by not only setting up the data model from a client perspective, but also making this data transparent and easy to update for your clients. This puts the client in the driver’s seat of their own data. For example by letting them confirm that the available data is still up-to-date. Or by having them confirm – and if necessary provide extra proof – of an address change reported by a 3rd party information supplier. Once in place, this data model offers the possibility to prioritise transaction alerts. From this foundation AI and ML innovations can be implemented, to improve outlier client behavior detection.
To maximise the chances for success, the role of the client is essential. In the longer term initiatives for digital client identity standards offer vast opportunities for process improvements and client convenience.
- Work with specialist external partners. Do not attempt to develop all solutions yourself
In order to take the Quantum Leap complex and extensive changes are needed. Reluctance in investing in or experimenting with new technologies is not an option. More efficient processes enable analysts to investigate more realistic risk indicators. The potential savings and quality improvements make the break even time on these investments relatively short.
Solutions from outside the organisation can accelerate the process and can be available and rolled out in a shorter time compared to pure internal solution development. Like technology that makes complex client onboarding processes much easier. Or a solution partner that specialises in optimising TM through machine learning. Combining rationalising the internal systems landscape with partnerships and co-creation in an environment of rapid evolution offers the greatest chance of success. An additional advantage is the fast development of industry standards in this business area. This reduces the technological challenges of implementing new technologies or sector-wide initiatives.
Taking the Quantum Leap is a significant challenge. The necessary changes are profound and complex, with many potential pitfalls. Using our extensive FEC experience at senior management level with all the major banks in the Netherlands, we are happy to help you (further) shape and implement this transition.
In upcoming articles of this series we will explore other challenges in the FEC domain. For instance:
- The (im)possibilities to extensively integrate TM and CDD
- Sector-wide cooperation or co-creation to execute (parts of) the FEC process
- Discussions surrounding potential FEC innovation and the clash with privacy considerations
Get in touch with us today to speak to one of our experts.
Contributors: Michel Witte and Ruben Velstra are senior managing consultants at Delta Capita. They advise on, and implement, complex organisational changes and remediation projects driven by legal and regulatory requirements, or by digital transformation requirements.