Navigating the waters in today’s business environment can be tricky, with many questions emerging at the forefront of leaders’ minds: How can financial organizations get ahead of the next set of regulations or sanctions? What should they be watching out for as they approach 2020?
As organizations look to confront and overcome the risks to their business, Thomas Bock, executive managing director and leader of K2 Intelligence’s Regulatory Compliance practice, discusses these questions and more with FEI Daily.
FEI Daily: What are the most pressing risks financial organizations are facing today? How can financial executives help mitigate these risks?
Bock: Financial services institutions have a challenging mission. Not only are they are required to manage the assets of their clients and depositors responsibly, but they are also expected to execute government policies on sanctions, trade restrictions, and anti-money laundering while countering the relentless attempts by bad actors to circumvent those same restrictions. That is on top of the threats posed by technology-enabled fraud, so it is important for organizations to have a holistic view of their risk profile to make informed decisions about their business.
FEI Daily: How can financial executives keep up with evolving sanctions and regulations across the regions in which they operate?
Bock: It’s an ever-changing environment we are watching closely for clients. At K2 Integrity, we have been doing a lot of work helping firms respond to global regulators, which are in some cases becoming more in sync, and in others, may have differing regulations. With our recent acquisition of the Financial Integrity Network (FIN), we’re further bolstering our global view to help client understand requirements at home and abroad.
As noted, organizations today must have a 360-degree, global view of their business and compliance operations. We advise clients to conduct regular enterprise risk assessments of their vulnerabilities across financial crimes compliance and sanctions, as well as internal risks like antibribery and corruption, and fraud. Taking a proactive approach not only helps identify and mitigate potential pain points, but also demonstrates to regulators that an institution is taking a hands-on approach to meet varying requirements.
FEI Daily: How can institutions stay ahead of the game when it comes to AML/CFT/Financial Crimes Compliance?
Bock: There are three key areas organizations can stay ahead of the curve. First, the challenge day in and day out, is the prevention and detection of illicit activity like money laundering and/or terrorist financing—and ensuring regulators that a control environment is in alignment with the bank’s enterprise-wide risk. So as mentioned, a regular enterprise risk assessment is key.
Second, financial institutions should increase communication between functions, such as AML and fraud. We were recently at ACAMS Annual AML & Financial Crime Conference, where participants in one session on fraud and AML were polled on communication between the two departments. Less than half of those polled said the two communicated daily and only a quarter of those polled communicated monthly or quarterly. This is a major opportunity for organizations to help fill-in blind spots with existing data and intelligence.
Third, organizations can normalize their data and create data lakes that allow for them to more easily spot trends, gather intelligence, and use technology to filter through transactions for streamlined Suspicious Activity Reports (SARs) or Matters Requiring Attention (MRAs). By making data more useful, organizations can deploy technology to help sift through ongoing, volume-heavy activity, and free up their professionals to perform higher-level tasks.
FEI Daily: How is the evolving risk landscape impacting the role of financial executives?
Bock: Linking compliance requirements with business objectives will grow in importance for financial organizations of all stripes. As rules and regulations are constantly evolving, leaders have to empower compliance in fundamental business decision making—whether it be launching new products, deploying new processes, or creating new systems.
While leadership may have a vision and an ideal timeline for a product or service, it is important to remember that it is significantly easier to build compliance from the ground up rather than to reverse engineer it. Taking the time to ensure compliance is built into the process will mitigate unnecessary delays and ultimately generate cost savings.
FEI Daily: What is the role of emerging technologies in risk mitigation?
Bock: Previously, new technology was expensive and often times, did not meet the exact needs of an organization. Today, however, there are new technology solutions regularly coming to market with more customizability, ease of implementation, and often more cost-effective for institutions, particularly small-to-midsize institutions that may be on a limited budget.
While AI and machine learning are buzzing around the industry, we are still at early stages to see where these technologies will fit into risk and compliance, particularly with regulators assessing how comfortable they are with deploying them. But there are signs of forward progress for innovation, such as the Financial Crimes Enforcement Network (FinCEN) recently announcing a program called FinCEN Innovation Hours, which facilitates discussions with financial institutions, technology providers, and other financial services firms on products, services, and approaches to enhance AML/Counterterrorism Finance (CTF) compliance. While innovation will take more than an appointment for discussion to actually be effective, financial institutions can begin by identifying ways to leverage their large datasets for greater intelligence and detection of suspicious or illicit activity.
FEI Daily: What are some of the most important things for financial executives to monitor on the risk landscape?
Bock: The landscape is evolving all the time, but I have found that with clients, there are always two fundamental questions they ask: “What are regulators thinking, including what area of our program should we be focusing on?” and “How is the bank across the street dealing with the same challenges we have?”
Imagine $4 trillion just in New York City—$4 trillion a day—going into financial systems worldwide. As technology becomes an important tool for institutions to mitigate financial crime, it’s also a tool for bad actors to help conceal their activity. As a result, organizations must be hyper vigilant and have the right controls and tools in place—like cybersecurity—to guard against risks that may otherwise be unseen.
FEI Daily: With organizations being increasingly held responsible for the dealings of members of their value chain, what are the things that organizations need to look out for?
Bock: In today’s interconnected world, financial institutions need to be mindful of their correspondent banking relationships to assess the current level of risk.
An example of this would be with sanctions: Any financial institution who provides correspondent banking services to institutions located in jurisdictions that may border current or former war zones or areas that appear to be associated with terrorist financing should conduct a thorough review of those correspondent relationships immediately.
Our clients face scrutiny by regulators every day, the world moves quickly. But if we can be quicker, we’ll be successful in helping clients to confront and overcome a wide range of evolving business, economic, and security threats facing their business.
A version of this Q&A originally appeared in FEI Daily (27 Oct. 2019).