In April 2015, the Panama Papers leak of more than 11.5 million financial and legal records exposed a system that hides crime, corruption and wrongdoing in secretive offshore companies. Offshore business entities are legal, but some of the shell corporations in this case posed a high risk of financial crime from illegal activities such as fraud, tax evasion and evading international sanctions.
Police in Panama arrested the founders of the Mossack Fonseca law firm at the center of the scandal on money laundering charges. The event triggered a wave of regulatory actions, investigative reports and calls for more action to combat this kind of financial activity.
The threat ran deep. According to Europol’s head of financial intelligence, companies identified in the Panama Papers were not only linked with economic crimes such as money laundering, but also with terrorism, Russian organized crime groups, drug trafficking, human trafficking, illegal immigration and cybercrime.
Strengthen your defense with next-generation anti-fraud software
Despite investments in staff and anti-fraud software, emerging threats continue to surface. One reason it's hard to keep up is the cost of constantly updating software. Learn how next-generation anti-fraud software from SAS can help.
Download paper now
Who should have known what, when?
In addition to addressing risks through transaction monitoring, financial crimes investigation units (FCIUs) are expected to proactively identify financial crime risk, such as the firm’s exposure to geopolitical events and terrorism financing. It’s not just a matter of protecting the organization from regulatory and reputational risks, but also helping law enforcement combat serious national and global threats.
And if an incident were uncovered, investigators would need to be able to answer questions about who, what, where, when and why. Which parties, accounts and geographies are involved? What products are they using? What transaction trends are seen? Is this an ongoing or short-term risk? What caused it, and what actions are being taken?
Toward a broader risk perspective
Some of the most onerous risks are difficult to detect with traditional, silo-based transaction monitoring systems. One system might flag a transaction as suspicious, but without a complete view of an entity’s relationships, the investigator could deem it innocuous. What if investigators could see the greater context around that suspicious transaction?
What if they could see that the account was linked in some way to another account? They might find that collectively the transactions are suspect, even if they appear normal when viewed in isolation. Imagine the power of having a holistic view of interconnections between accounts and transactions – not just for individual transaction channels and products, but across channels and products. Not just for a customer relationship, but spanning a network of potentially related customers.
These requirements call for a novel financial crime risk framework that connects the dots and identifies hidden risks that are spread across multiple systems, or fall below the thresholds of transaction monitoring systems, or are only revealed in broader context.
Consolidate intelligence from global AML and fraud domains to establish where there are siloed risks that, when brought together, indicate a true threat to the organization.
What matters more – compliance or crime prevention?
Current operations systems are very good at detecting known risks, but that’s not enough. Criminals are clever, and the financial services industry is constantly developing new products and channels. So it’s not enough to be able to identify risks that have appeared in the past. Regulators expect you to be working to uncover unknown, emerging risks. However, analysts have felt constrained by meeting the letter of compliance. Amid stringent audit and SAR requirements, where’s the room for innovation, for digging around to search for new forms of financial crime?
To a certain extent, those goals – compliance and innovation – can be at odds with each other. According to a report by The Clearing House: “Financial institutions currently operate under a strict liability, post-hoc regulatory standard that is both opaque and constantly changing. As a result, they have been forced, in many cases, to deemphasize innovation and the pursuit of real AML/CFT [anti-money laundering/countering the financing of terrorism] risk, and instead focus on adherence to examiner-approved policies and procedures. They ‘work to the rule’ in the worst sense, because this is the best way to insulate themselves from liability. The AML/CFT regime should be geared toward law enforcement outcomes, not only compliance processes.”
Investigative analysts need the flexibility to explore financial crime risks outside of the organization’s established AML/CFT and fraud systems. They need a virtual sandbox where they can develop new techniques for uncovering emerging risks, such as the Panama Papers event, without undue regulatory scrutiny.
This is not about replacing traditional anti-money laundering, CFT or other monitoring systems. It’s about providing a workspace for interactive, ad hoc explorations. The environment would have controls in place at multiple levels, and alerts from existing systems would be overlaid with network analysis to reveal linkages and collusion that would otherwise go undetected.
The path to gaining efficiency
Imagine the power of having a simple-to-use financial crime risk system designed with productivity and efficiency in mind from the start that complements traditional monitoring systems, allowing you to:
- Adapt quickly to an ever-changing landscape with user-friendly data administration and configuration tools. Incorporate new data sources. Evolve processes. Expand intelligence analytics to other areas of the business, or design new components and screens based on changing needs.
- Expose hidden networks faster in an easy-to-use network viewer that lets users see and explore networks, sequences and spatial associations. Drill down into various attributes based on the most current documents and data.
- Conduct more efficient, targeted investigations through interactive visualization and search. Intelligence analysts can import their own data, perform free-text or geospatial searches across data sources, then filter and visualize search results in different ways to reveal key patterns, connections, people and events hidden within complex data.
- Easily document findings with an investigative workspace that allows analysts to collaborate and document their findings by capturing static clips of visualizations and annotating maps, timelines, networks and other content. Use workflows to enforce consistent business processes and foster collaboration.
- Turn insight into action – fast. Get alerts intelligently prioritized for triage, investigation and disposition. Quickly see potential areas of interest and where to focus first. Easily manage alerts and events generated by third-party surveillance processes.
A global Tier 1 bank had a record fine of almost $2 billion, in part for not investigating alerts accurately and failing to consider the alerts as a whole to understand the full extent of risk exposure. The insights could have been there, but instead they were trapped in isolated systems that barely speak to each other.
With technology that is readily available today, this kind of deficiency is unnecessary. By supplementing the data with human intelligence through point-and-click search and drill-down capabilities, entity analytics, and network visualizations, FCIUs can rapidly uncover and address financial crime risks that traditional transaction monitoring would miss.
Learn about SAS® Visual Investigator for FCIUs on the SAS® Viya® open and cloud-ready platform.
- Article How AI and advanced analytics are impacting the financial services industryTop SAS experts weigh in on the topics that are keeping institutions up at night and fraudsters in a job.
- Article Proactive detection – A new approach to counter terrorTo counter terror, investigative teams can better utilize the data they already have by applying a fresh approach with these steps to proactive detection.
- Article 5 steps to sustainable GDPR complianceFollow these steps to achieve GDPR compliance by the May 2018 deadline – and get added benefits along the way.
- Series A modern cybersecurity strategy: Building a cybersecurity planThe main considerations of a foundational component of a cyber strategy: the cybersecurity plan.