Anti-Money Laundering Model Risk Management

The OCC definition

To identify suspicious transactions or customers banks rely on quantitative analysis models. These models come with a series of potential pitfalls both in their conception (“optimizing the number of alerts generated”) and in their maintenance (“how to justify a threshold modification”). For these reasons the Office of the Comptroller of the Currency (OCC) issued a “Supervisory Guidance on Model Risk Management” in 2011.

In that report a model is defined as “a quantitative method, system, or approach that applies statistical, economic, financial, or mathematical theories, techniques, and assumptions to process input data into quantitative estimates.”

This guidance applies to Anti-Money Laundering models frequently used by banks to identify suspicious activity and report on it. Model Risk Management also happens to be one of the key novelties of the 4th EU Money Laundering Directive and one of the more complex aspects of this new regulation which warrants a few explanations and tips.

What is a model made of?

There are three basic constitutive elements in an AML model:

1. Inputs that are based on assumptions and constitute the data fed into the model,
2. Detection runs the model and provides alerts,
3. Reporting which translates results into useful business information about both detections and efficiency of the model.

All three require specific attention to make sure they are in line with the risk policy of the bank.

What challenges need addressing?

Below are a few of the areas that financial institutions need to tackle and address in order to manage models efficiently:

1. The design and definition of the model needs to correspond to the regulation. This may seem obvious but there often is room for interpretation in the regulation and if the purpose of the model is not aligned nothing else will be.
2. Standardized solutions do not correspond to the financial institution’s AML risk exposure. Banks aren’t all the same therefore products, channels and geography need to be taken into account on a case by case basis when setting up a model.
3. Incorrectly used models that contain logic errors and miss out on certain customers or transactions create real regulatory loopholes. Models can prove to be overly complex and their coverage needs to be carefully calibrated.
4. Incomplete documentation to support the risk base approach. Tuning and optimization exercises need to be aligned with the risk typology faced by the bank regardless of other considerations. In a reasonable manner resource considerations need to be set aside.
5. Correct resources and expertise are needed to maintain models that may have been implemented years ago. Data scientists and statisticians may be needed to apprehend the complexities of the models.
6. Banks need to update their models. As AML risk, products, customer base evolve over time so should the models to reflect the current state of the bank.

In conclusion

Analytics and predictive models are key to maintaining a balance between stopping money laundering and the false positives that impact legitimate customers. However, they are neither one size fits all nor set in stone. Time and effort are needed to regularly understand how they are working from the inside to best address money laundering risk.

Tags : #risk models, #compliance, #aml, #financial institution