This is part 3 of a five-part series with Tom Fox and the FCPA Compliance Report on defining and building an effective compliance program. The series will consider key challenges in compliance, why compliance needs a seat at the table, how to do compliance on a budget, compliance training and culture, and what is on the horizon for compliance.
Given the current health crisis and economic dislocation, it is now more critical than ever to leverage teams and skillsets for broader compliance purposes. For some companies, this means doing more with less; for others, it involves more fully leveraging tools already in place. For example, some institutions have begun to leverage anti-money laundering (AML) tools to support their anti-bribery/anti-corruption (ABC) compliance program.
Other institutions have successfully looked both inside and outside the AML and ABC functions to make the most of their resources’ “utility”—or ability to be used in various functions across an organization. A few examples:
- There is opportunity to customize the tools regularly used for AML programs to create case management tools used to support other types of client programs—including some that may be less operationalized for compliance. This has the added benefit of allowing compliance professionals to track and document both the steps and the decisions that they’re making.
- Repurposing the tools that gather the data used for metrics reporting. Those same tools can often be used as monitoring tools, which can be a cost-effective way to implement a monitoring capability.
- Financial institutions find a lot of the same tools and lists are being used for ABC and AML compliance purposes—meaning the same data used to monitor transactions and file suspicious activity reports can be expanded around case management (e.g., processing alerts involving sanction screening).
- Utility teams can be set up for due diligence purposes. This means you could have a consolidated team that supports client onboarding, third-party due diligence, and even vendor due diligence because some of the underlying processes and tools used for that type of due diligence are fairly similar.
Teams have been formed around the process of developing risk assessments, where you have a centralized group that is responsible for developing risk assessment questionnaires, rolling them out to the businesses for completion, and also collecting data to support the risk assessment process.
This is the time for organizations to think about how they use resources a bit differently—to broaden their view past traditional silos to encompass institution-wide synergies.
Often, compliance programs tend to be less focused on technology and more focused on policy administration and policy guidance. This creates an opportunity to use more technological tools in ABC compliance, such as using case management tools designed for transactional alert reviews to support an ABC program by documenting escalations submitted to the ABC compliance team around transactional due diligence and potential connected hires. This can lead to more efficient advice on those types of escalations and more efficient guidance. The use of case management tools for such a strategy can also create a documented audit trail for regulators.
Moreover, the legacy information and historical data can be leveraged down the road. Some of the tools available in the market for reporting metrics and risk indicators are great tools that can be used for an ABC program and can often prove to be a more cost-effective solution. Smaller organizations with less of a global footprint may actually have an advantage when it comes to implementing some of these tools because they can use them more broadly, with one tool able to be used to assess multiple types of compliance risk and meet screening requirements needed to effectively manage risk. This is because smaller entities have fewer databases, making it easier to draw the information and normalize data sets that are needed to feed the screening tools and the processing engines that are used within these financial crime compliance programs.
However, while people are starting to talk about leveraging resources, it’s not happening as much as it could. Often, it comes down to the managers of the compliance programs. These managers need to think outside of their own program, talk to other managers who are responsible for other financial crime compliance programs, and imagine how some of the tools and capabilities could be more broadly used. Taking a step back in terms of ownership, teams should think more holistically about the good of the organization and the benefit to the organization, and implement tools and practices from there.
To listen to the next podcast in the series, please click here.