As the world continues its path to becoming more digital, risks are increasingly finding their way into transaction processes, and that calls for a different approach to transaction monitoring.
FinTech companies have been doing their best to take disruptive approaches that are more automated and efficient than those of their traditional financial services counterparts. That’s been out of necessity: Though large banks have the resources to hire 10,000 people to look at documents, FinTech firms must comply with all the same standards with a staff of only 50, 20 and, in some cases, less than 10.
Now, however, regulators are seeing the need for new tools and approaches in this new environment, even for larger organizations. They are moving away from the old-fashioned “check box” approach to compliance, instead favoring a risk-based approach, as per the U.S. Bank Secrecy Act, as well as recommendations by the Financial Action Task Force (FATF).
IdentityMind Global CEO Garrett Gafke said that traditional players are taking a leaf out of FinTech’s book and exploring automation around compliance, leveraging digital identities to reduce risk.
It's no secret that many traditional systems, which were once enough to get the job done, now appear woefully inefficient beside their modern counterparts. Gafke said this is largely due to where regulatory and banking access take place — i.e., further up the governmental chain. Governments, he said, don’t tend to be the most efficient, and that pace trickles down into the traditional banking space. This, in turn, creates complacency and, ultimately, deeper risks.
Today, money is moving through digital wallets, alternative remitters and cryptocurrencies at a pace that’s never been seen before. In recent years, there’s been a growing awareness of the threat to people and the integrity of marketplaces as money moves in different ways, traveling along disintermediated paths.
Checking off compliance boxes just isn’t enough anymore, said Gafke. It’s time to take a risk-based approach that is more detailed and actionable, focused on what may alert the platform rather than reviewing every transaction equally. That way, organizations can focus their manpower where it’s most needed, and to greater effect than before.
Let machines check off the boxes, Gafke said. Reconcile false positives — automatically. File suspicious activity reports (SARs) for transactions over $10,000 — automatically. Automation takes the onus off organizations, especially smaller FinTech companies and startups that may not know how to file SARs, or know that there is even a need.
Speed isn’t the only casualty of a manual compliance process, said Gafke. Accuracy also suffers when processes rely on humans.
Gafke noted that better accuracy starts with better data, which digital identities can provide by pulling information from physical, digital and social sources, then normalizing it into a form that organizations can view as a whole. How data is normalized for consumption is a major factor in how organizations can action it in any given area, he said.
Gafke said there are three keys to driving accuracy in anti-money laundering (AML) compliance results: real-time data (rather than batch), alert-based reviews (rather than blanket) and multi-sourced data that is normalized in an actionable way. This, he said, provides “an unclouded lens” of accuracy.
Depth and Breadth of Data
Onboarding is one of the most challenging parts of the customer engagement lifecycle, said Gafke — not because it’s difficult, but because it needs to be the most thorough yet efficient, and those are difficult to get right when placed together. It establishes a baseline identity. Therefore, initial reviews must dig deep to ensure that the organization is starting with an accurate portrait of the customer.
But, Gafke added, review can’t stop after onboarding. It must be continual. This is how good customers build a reputation — and how bad ones get spotted before they can do too much damage.
Gafke said that seemingly good customers can go bad, and when they do, it can happen fast. Sometimes businesses can get hit by bad actors who pass muster at the onboarding process, then sit dormant for a while before taking action. Other times, trusted customers may start interacting with known bad actors, which can wreak lasting financial and reputational damage on an organization.
There’s no pleading ignorance on AML hits, said Gafke. It’s on the organization to monitor for such things. That’s why continual monitoring — a broad view over time — is key to showing if reputational aspects begin to degrade, alerting the organization to look for anomalies in the customer’s electronic DNA.
Gafke said digital identity is the key to the future of transaction monitoring, from efficiency to accuracy, providing insights that are both deep at the point of onboarding and broad over time. The deeper transaction monitoring partners, such as IdentityMind, can dig – and the more broadly they monitor, the more the industry can come to trust digital identities, and the greater benefit such identities will provide.