Tech Stumbles As Banks’ Compliance Pressure Rises

When reports last week in the Financial Times (FT) highlighted the thousands of offshore bank accounts frozen by Lloyds Banking Group, the news thrust the issue of anti-money laundering (AML) into the global spotlight, once again, as banks ramp up efforts to comply with more stringent regulations.

According to the FT, Lloyds closed an estimated 8,000 accounts after customers failed to provide adequate identify verification data — despite the bank requesting that information for three years. The accounts were frozen just weeks after reports emerged that Deutsche Bank warned about 1,000 of its corporate customers that it would take similar action if they failed to adhere to AML requirements.

Regulators are adding pressure to financial institutions (FIs) and corporates to tackle money laundering and other financial crimes. In response, data — both the aggregation and analysis of it — is increasingly vital to remaining compliant, and fighting financial crime.

Nick Parfitt, head of market planning at Acuris Risk Intelligence, pointed to the latest saga with Lloyds as an example of how FIs react to changing and intensifying AML requirements.

“The aspects of source of wealth and source of funds are becoming ever more important, from a global regulatory perspective,” Parfitt told PYMNTS in a recent interview. “Lloyds suspended offshore accounts because it wasn’t getting the level of information from account holders it needed under AML regulations. It’s the first time that I’ve heard of a financial institution getting stricter in needing that information.”

Acuris Risk Intelligence positions itself as a service provider for FIs, allowing them to access the information they need to manage compliance. Banks can indeed request information from their clients, but to know that that information is accurate, up to date and enough to complete a holistic risk profile cannot be achieved by simply requesting data.

However, the challenges of compliance data go far deeper, noted Parfitt. Even when FIs collaborate with a service provider, “no one single data vendor is going to give you 100 percent coverage globally,” he said. “We all have our strengths and weaknesses.”

Those strengths and weaknesses are a result of regulators continually adjusting what information must be assessed on both a national and global scale. Different jurisdictions may have different focuses when determining who qualifies as a politically exposed person (PEP), an individual who may be more likely than the average consumer to acquire funds through questionable or illegal means.

FIs of various sizes will almost certainly face different compliance challenges, too. Some of the largest FIs often come with legacy back-office infrastructures that make it difficult to receive the necessary data, and be flexible enough to adjust data aggregation efforts in different areas as regulators change requirements.

As FIs and their service providers ramp up data collection from their clients, the web and an array of other sources, ensuring that that information is accurate and complete remains among the tallest of hurdles.

No High-Tech Silver Bullet

Technology is undoubtedly opening up opportunities for FIs to address these pain points. The Software-as-a-Service (SaaS) business model and APIs are increasingly important for compliance data service providers like Acuris to connect FIs with data on PEPs, AML, cybersecurity and other risks stemming from their customers that could land those FIs in noncompliant waters.

Considering the growing importance of data analysis in this field, it’s unsurprising that technologies like artificial intelligence (AI) and machine learning are now common parts of the financial services compliance lexicon. However, Parfitt warned that flashy, high-tech buzzwords won’t guarantee compliance or a more effective fight against financial crime.

“Regulators in the U.S. are quite vocal about the use of novel technology to deliver business results, and improve the quality of findings,” he said. “But, in practice, people are nervous about doing that, particularly with artificial intelligence. How do you prove to a regulator or business that the results are accurate and repeatable, and understandable, from a risk management perspective?”

There are concerns that AI and machine learning can increase the instances of false positives, for example.

A recent case from Deutsche Bank revealed another challenge for compliance technology: In May, the bank discovered a glitch in its AML software that had been in place for years, with two of 121 parameters incorrectly defined.

One of the biggest hurdles for AI in this space is that when an FI submits a Suspicious Activity Report (SAR) to a regulator, that regulator typically doesn’t provide information back to the bank as to whether that activity was indicative of illegal activity — thus, preventing that FI and its machine learning systems to “learn” and improve upon existing processes, said Parfitt. That’s not to say that data analytics technology won’t have a place in compliance and financial crime-fighting, though it will take time for tech like AI and machine learning to reach its full potential.

In the meantime, said Parfitt, both banks and their clients need to recognize the new reality of compliance: data sharing and collection.

“There won’t be one technology that will be one-size-fits-all, and transform the organization,” he said. “But the spotlight on transparency is only becoming more important and, in many respects, it behooves individuals and organizations to get with the program and change, rather than trying to buck it.”