Proposed regulatory rollback from Hank Paulson and FinCEN is aimed only at small banks, while the big boys turn to richer solutions for compliance-related burdens.
By John Adams
As a share of the estimated $50 billion-plus pie of bank IT spending, the $147 million U.S. institutions spent on anti-money laundering compliance products last year was barely a flake of crust.
Yet the headache of AML compliance is the casus belli of the banking industry's calls for change. The costs of analyzing and acting on information generated by automated anti-laundering tools has gone well beyond bankers' expectations. Frustration mounts that the more than half-million suspicious activity reports (SARS) filed by banks last year-on top of a nearly similar amount filed by money services businesses, insurance firms and brokerage houses-were of no use to apathetic or overwhelmed government authorities.
Adding to the misery is the heightened scrutiny of regulators now measuring the effectiveness of AML programs, plus the subsequent deluge of false alarms that come from systems wired to be ultra-cautious. "I get a chuckle out of it," says David Caruso, founder and CDO for AML consultancy Dominion Advisory Group, and a former regulator who was tapped by Riggs Bank in 2003 to recover from massive money laundering woes. "These AML compliance groups are hiring statisticians to help better tune the software they spent millions of dollars to implement."
It's no wonder that more senior management executives-71 percent, according to KPMG's 2007 global banking survey on AML systems and processes-plan on taking a more hands-on role with AML in the coming years. The same survey also found the costs of AML/Bank Secrecy Act compliance has risen 58 percent over the last three years-well above the 43 percent increase most banks expected to fork over when last polled in 2004. Over the next three years, U.S. banks, which have been the front-runners in adoption and use of AML solutions, still expect their compliance costs to rise an average of 28 percent.
"I'm not surprised at the increase in costs, because it's not inexpensive to have a good program in place, and it's not a place to cut costs," says Teresa Pesce, head of KPMG Forensic's AML service line and a former federal attorney who specialized in money-laundering cases (including Broadway National Bank, the first bank prosecuted for an inadequate AML program in 2002).
The expense trends have aligned with the regulation-relaxation crusade by U.S. Secretary of the Treasury Hank Paulson. The Treasury and the Financial Crimes Enforcement Network (FinCEN) have proposed a more "intuitive" risk-based exam process for AML compliance.
One problem, however, is that Paulson's plan currently focuses just on community banks-a puzzling move in Caruso's opinion, since small institutions already receive comparatively little examiner scrutiny for AML, he says.
According to Celent, only 10 percent of these lower-tier institutions have AML transaction monitoring in place (compared to 80 percent of large banks) and are increasingly being targeted with scaled-down affordable "AML Lite" software that should lighten their regulatory costs. "The costs involved with some of those [lower-end] products are in the tens of thousands of dollars," says Caruso. "Not a lot of money."
Without their own regulatory white knight on the horizon, the largest banks are turning to new AML apps or fine-tuning their existing systems with more behavioral-based characteristics and analytics. Besides providing more in-depth watchlist analysis and including risk-based views on transactions, the tools are helping alleviate the human-based investigatory work and building synchronous AML compatibilities throughout operations.
In one recent major bank shift in AML oversight, Detroit-based Comerica Bank deployed transaction monitoring software from Actimize to follow money and people across its retail, commercial, securities and trust division. Actimize evp Amir Orad saw that while "retail banking once got all the attention, now the regulators are looking at other financial executions in insurance risk and brokerage" as well as diving deeper to ensure the proper precautions are taking place in the account-opening process. Comerica officials declined to be interviewed for this story.
In an analysis of the vendor space last year, Celent identified 19 providers and the niche areas many have staked out. They are a mix of the watchlist vendors that arose out of the Patriot Act 314(a) guidelines for government info sharing, and the newer-breed transaction-monitoring software developers. To improve automation and effectiveness across business lines, these tools are merging, often through in-house growth or acquisitions that improve case management and data workflow needs.
These players are largely falling into niche tier-level deployments. Analysts and observers note that i-flex solution's Mantas, Fortent (formerly SearchSpace) and SAS are primarily installed with the global Tier 1 institutions, while specialists like Actimize and Norkom Technologies are among providers working primarily with regional banks plus securities and insurance, two verticals that now regularly file SARS. Actimize and Norkom are also gaining traction in bank efforts to stem insider fraud.
Besides bank demand, AML vendors are becoming hot commodities as acquisition targets by other monitoring firms or even core platform companies. Mantas was purchased by i-flex last fall for $122.6 million, and Actimize was bought out by NICE Systems this summer for $280 million. Fortent was formed when private equity firm Warburg Pincus acquired AML systems firm SearchSpace and merged it with the know-your-customer platform of its Semagix subsidiary.
Where vendors see green, banks are seeing red. One of the most deleterious issues for AML compliance is with legacy data silos, where signs of criminal activity may be lost in translation among product divisions, disparate compliance operations and incompatible case management systems. "We have clients where it takes them anywhere from 6-to-12 hours to load data into an AML engine, and that's 6-to-12 hours of exposure every evening when they run their global batch job," says Mark Dunleavy, a data quality manager for data integration firm Informatica. "Because there's no explicit data quality function within their architecture, their concept of data quality ultimately is log file analysis on the other end."
And through that spigot is usually a lot of unremarkable information, which given reams of SARS reports increases the difficulty in spotting connections that could unearth drug money or terrorist financing. SARS have exploded since 2004 (381,671 to 567,080 in 2006), with a majority of bank SARS (61.7 percent) related to the pain point of unregistered money-services businesses. The work on due diligence keeps growing: according to KPMG, 81 percent of banks ramped up scrutiny of new account holders, compared to just 55 percent in 2004.
"There is not a panacea there," says KPMG's Pesce. "It still requires ongoing vigilance in knowing what the system is giving you, and tweaking the system to come up with better scenarios and better typologies to better understand your customers."
(c) 2007 Bank Technology News and SourceMedia, Inc. All Rights Reserved. http://www.banktechnews.com http://www.sourcemedia.com
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment