September 201919 The RegTech stage is a crowded place. Although AI/Machine Learning models and Distributed Ledger Technology are the darlings of collective perception, there is a more fundamental paradigm within the Financial Crime Compliance (FCC) space. That of the growing focus on the gap between technical and effective compliance. Regulators are now asking banks to attest to the effectiveness of their key AML systems, namely their screening filters. It is no longer enough to simply have some form of automated screening system generating alerts for names and payments. The questions that banks need to ask themselves are - Can you prove it works, do you understand it, do the settings (lists used, exceptions or private lists) conform to the stated policy, is this consistent across the group and lastly can you show it is tunedfor optimum performance? In short is your system "fit" for the purpose and are you working to get better?Sustained and Consistent Regulatory PressureThe regulatory and industry build-up has been unerringly consistent in their desire for banks to assure their screening controls. They include:· The New York Department of Financial Services (DFS) Part 504 Jan 2017· Hong Kong Monetary Authority (HKMA) thematic review Apr 2018· The Wolfsberg Group "Guidance on Sanctions Screening" Apr 2019· OFAC "Framework for OFAC compliance" May 2019Is it really that unreasonable for regulators to ask financial institutions to confirm that their fundamentals are in working order? This feels more like bringing the systems in-line with the growing accountability thrust onto senior managers as well as the compliance professionals themselves. Otherwise, we are asking regulatory bodies to believe in the theoretical as opposed to the demonstrable abilities of one of the core elements in the AML toolkit.The HKMA guidance in particular is extremely prescriptive. It stipulates independent third party testing, frequent testing (i.e. more than once a year), using dummy data, list scope validation, hit suppressions oversight, consistency with risk policy and a more thorough understanding of the algorithms. This is done with a view to monitor numbers of false positives and false negatives asmetricsof improvement. The irony is that Asia, the traditional double digit growth driver for many firms is now setting the standard for screening assurance and transparency, so EFFECTIVENESS VERSUS EFFICIENCY: THE FCC SANCTIONS CONTROLS BEEP TESTGUY SHEPPARD, HEAD OF APAC FINANCIAL CRIME, INTELLIGENCE AND INITIATIVES, SWIFTGuy SheppardCXO NSIGHTS
< Page 9 | Page 11 >