Synovus Bank: Navigating the New Landscape of Compliance and Risk

Strong fraud protections, anti-money laundering (AML) compliance and seamless user experiences go together in today’s marketplace.

Financial institutions (FIs) must navigate a new landscape of risk, maintaining compliance with strict AML regulations, fighting new iterations of fraud and cybercrime that power money laundering networks and ensuring that consumers’ experiences remain frictionless at touchpoints.

According to Kevin Gowen, chief information security officer of Synovus, a financial services company with more than $45 billion in assets under management, a smart compliance and risk management strategy powers better user experiences and long-term anti-fraud success.

Gowen, who comes from an engineering background, said he thinks FIs can successfully navigate the complexities of compliance and fraud risk with a better understanding of technology and bad actors seeking to leverage it to exploit consumers and FIs.

“The pandemic exacerbated the digital transformation [in financial services],” he said. “We moved further away from things that require a physical presence. So, it causes loss to happen more quickly, it takes away that time you had to detect [potential fraud] and react, so you just be so much faster. I think that’s a place where technology [comes in]. So much of it becomes about having large, large amounts of data. And the more information you have, the more quickly you can get a picture of what normal activity looks like, and it makes it a little easier to identify abnormal [activity].”

Having access to the right data is one piece of a powerful anti-fraud strategy, according to Gowen, but it is also critical for FIs seeking to effect strong AML protections and educate consumers about how their identities can be misused by cybercriminals committing everything from simple fraud to complex money laundering schemes.

“One of the things that’s changed significantly is the value and the proliferation and misuse of people’s personally identifiable information,” said Gowen.

Compliance and fighting fraud require a strong policy of consumer education and the right technology to halt cybercrimes such as money laundering or fraud at the transaction level.

“Technology allows us to take information not just about your transaction activity, but the device and the location and other patterns of your interaction,” he said.

Gowen said advanced technologies are tools that make compliance and anti-fraud efforts more effective by optimizing the value of data through intelligent data management.

“To use the [needle in a haystack example], you’ve got [a] huge stack of hay, and everything in there are legitimate transactions,” he said. “There’s a very small number of things that are fraud, and those are the needles. And one of the things technology helps you do is get a lot of a hay off of that stack.

You can run analytics, you can use machine learning, you can draw the benefit of the community info from other institutions about known fraud events or known sources or known fraud actors, and get data with a much smaller pile so you can find the things that look unusual much more quickly.”

When that data becomes more manageable, said Gowen, it becomes actionable and leads to better decision-making. That’s essential because many cybercriminals are not opportunists; they approach their efforts with seriousness and considerable technical expertise. They are aware of modern technology and the most common ways that FIs may attempt to fight fraud and money laundering using legacy systems, and they craft their strategies to match.

“They’re very sophisticated businesspeople, and they do research and development,” Gowen said. “[FIs] have formidable adversaries with a lot of money on the line. So just like fraudsters and criminals are investing in always looking at what’s coming, we do the same thing.”

According to Gowen, FIs have a powerful resource to combat money launderers and fraudsters in the use of advanced AML and anti-fraud technology in tandem with existing security systems.

“The great thing about technology like machine learning is that it is designed to continue to evolve,” he said. “We’re always [asking] are we using the systems we have to their greatest capabilities? What are the opportunities to extend what it does to make it better, smarter, faster? Are there new and emerging technologies that can help us be more effective in identifying suspicious activity? Analyzing things?”

That sense of obligation to stay one step ahead of money launderers and other criminals is not just a matter of compliance, but it is also about maintaining efficiency in operations.

“One of the other big advances is the ability to automate the response to things, so that it’s not showing up on someone’s screen and our human being has to look at it because that’s where the things that take too long happen,” he said.

Staying vigilant about maintaining efficient methods of transaction monitoring is a key component of AML, anti-fraud compliance and positive user experiences. According to Gowen, consumers want convenience and security, and FIs must be able to use their existing tools with good effect as they adjust to the role of new technologies in fighting fraud and other crimes.

Gowen said this doesn’t mean that he sees a limited role for human intelligence in AML and anti-fraud transaction monitoring. People are essential in developing ways to augment existing strategies to develop powerful, future-proof, anti-fraud and AML efforts.

“As an engineer by background, I put it that you’re always looking to know your adversary,” he said. “It’s [using] threaded intelligence about your adversaries. What do they do? And what’s successful? What are their tactics? And how can I try to get back ahead of them and stay ahead of this ongoing back and forth?”

At the end of the day, according to Gowen, effective risk management and compliance strategies come down to protecting customers and earning their trust. FIs seeking to be a consumers’ primary trusted financial partner need to deliver value-added experiences grounded in both convenience and security.