The Price of AML Failure

Avatar for John Leahy
By John Leahy Senior Product Manager
September 8th 2022 | 3 minute read

We can’t go on with suspicious fines

Are your anti-money laundering (AML) capabilities really fit-for-purpose? If the steady flow of news reports about institutions’ AML failings are anything to go by, you may not want to rest on your laurels.

Money transfer firm Wise is the latest case. It has just been hit with a $360,000 fine by Abu Dhabi’s Financial Services Regulatory Authority for its failure to “establish and maintain adequate AML systems and controls to ensure full compliance with its AML obligations.”

The Wise fine comes on the heels of a $30 million penalty meted out to Robinhood Crypto (RHC) by the New York State Department of Financial Services (DFS) for “significant violations of the Department’s anti-money laundering and cybersecurity regulations.”

Compliance deficiencies included an understaffed AML programme; insufficient resources devoted to adequately addressing company-specific risks; and failure to transition from a manual transaction monitoring system that was inadequate for Robinhood Crypto’s size, customer profiles and transaction volumes.

Suspicious activity monitoring

While the fine handed to Wise stems in large part from a lack of proper onboarding procedures (including inadequate source of funds/wealth checks), deficiencies in ongoing customer due diligence are behind the RHC case. Suspicious activity monitoring was found to be a particular weak point.

The DFS consent order notes that both federal and New York State law require financial institutions to devise and implement systems “designed to identify and report suspicious activity and block transactions prohibited by law.”

Robinhood Crypto lacked an automated AML transaction monitoring and case management capability, relying instead on a manual system that was inadequate for the job, especially given its staffing shortages. The result was a backlog of thousands of transaction processing alerts, which flag potentially suspicious transactions that need to be investigated to determine whether a suspicious activity report (SAR) should be filed.

“Transaction monitoring is a cornerstone of an effective BSA/AML program,” observed the DFS order. “It must be conducted thoughtfully, efficiently, and in a manner commensurate with institutions’ business profiles.”

In addition, RHC employed “an extremely high and arbitrary threshold amount to generate exception reports,” according to the order. As a result, only two SARs were filed in response to its transaction monitoring alerts. Such a low number is an indicator of the effectiveness of a financial institution’s monitoring programme, and is a red flag for examiners.

Activity monitoring done right

For firms that don’t want to come up short like RHC, automating suspicious activity monitoring is imperative.

By searching for suspicious transactions and changes to customer/static data, real-time activity monitoring capabilities can identify behaviours that breach users’ parameters and expose potential frauds. With the right tools, firms can spot AML risks, trigger automated alerts of suspicious activity, block accounts or transactions when suspicious events occur, and create comprehensive reports of all the suspicious activity that has taken place at a given point in time.

Automation frees staff from mundane monitoring activities so they can deal with alerts promptly. And by pinpointing issues early, monitoring tools help users respond quickly to potential issues before they become an actual breach. Automation can also ensure that suspicious activity reports are sent to the relevant regulatory body where required and within the 30-day stipulated timeframe.

AML is an increasingly complex, multi-step task that is hard to get right and costly when it goes wrong. Manual processes – whether in customer onboarding or ongoing due diligence – lack the rigour, speed and scalability financial institutions need today.

The solution is an automated, customisable AML framework that delivers real-time monitoring and can flex to different scenarios and jurisdictions’ evolving requirements. Only then can firms combat their money laundering risks effectively and stay compliant.

ABOUT DEEP POOL
Deep Pool is the #1 investor servicing and compliance solutions supplier, providing cutting-edge software and consulting services to the world’s leading fund administrators and asset managers. Our flexible solution suite, developed by an experienced team of accountants, business analysts and software engineers, supports offshore and onshore hedge funds, partnerships, private equity vehicles, retail funds and regulated financial firms. Deep Pool is a global organisation with offices in Dublin, Ireland, the United States, the Cayman Islands and Slovakia. For more information, visit: www.deep-pool.com.

 

 

John Leahy
John has been with the Deep Pool Group since 2012. He drives product development, vision, strategy, and execution across a cross-functional team, serving 3 Fintech/Regtech products. John holds a Postgraduate Diploma in Product Management from Technological University Dublin.
Blog
AI Takes Cyberattacks, and Security, to the Next Level
Artificial intelligence is the Janus of cybersecurity: a dual-faced bringer of war and peace, of beginnings and endings, the opening and shutting of doors, with the power to both help and harm. PwC’s latest CEO survey captured the dilemma. While it found chief executives are increasingly looking to the transformative benefits of generative AI, almost […]
READ MORE
Blog
Cybersecurity Perils of M&A
In this continuing series on cybersecurity with Arnaud Wiehe, author of The Book on Cybersecurity and Emerging Tech, Emerging Threats, we explore the underappreciated cybersecurity risks that can arise any time firms engage in M&A activities. It’s a familiar story for any homebuyer. After intense scouting you find your ideal house. It’s the right size. […]
READ MORE
Blog
Cybersecurity Best Practices: How to be More Proactive in the Fight Against Cyberattack
In cybersecurity, as with medicine, prevention is better than cure. The news headlines are filled with tales of email hacks, phishing scams and ransomware attacks that leave firms scrambling for patches or ways to contain the damage. The fast-moving threat landscape often leaves financial organizations playing catch-up, in a whack-a-mole contest with sophisticated and well-resourced […]
READ MORE
Blog
What Does the EU Artificial Intelligence (AI) Act Mean for Financial Services?
The European Parliament last week approved the world’s first binding law to regulate the use of artificial intelligence (AI), in a move with wide implications for the financial services industry. AI technologies are powering a fast-expanding range of financial market functions, spanning everything from anti-money laundering and cybersecurity activities to customer interactions, tailoring wealth and […]
READ MORE
Blog
Cybersecurity Best Practices from the Man Who Wrote the Book
If cybercriminals can hack the corporate email accounts of Microsoft’s senior leadership team, what could they do to your cybersecurity defences? Cybersecurity was once again the top concern for European banking Chief Risk Officers surveyed by EY and the Institute of International Finance, with 82% ranking cybersecurity risk as the biggest threat to their business […]
READ MORE

SIMILAR RESOURCES

Blog
AI Takes Cyberattacks, and Security, to the Next Level
Artificial intelligence is the Janus of cybersecurity: a dual-faced bringer of war and peace, of beginnings and endings, the opening and shutting of doors, with the power to both help and harm. PwC’s latest CEO survey captured the dilemma. While it found chief executives are increasingly looking to the transformative benefits of generative AI, almost […]
READ MORE
Blog
Cybersecurity Perils of M&A
In this continuing series on cybersecurity with Arnaud Wiehe, author of The Book on Cybersecurity and Emerging Tech, Emerging Threats, we explore the underappreciated cybersecurity risks that can arise any time firms engage in M&A activities. It’s a familiar story for any homebuyer. After intense scouting you find your ideal house. It’s the right size. […]
READ MORE
Blog
Cybersecurity Best Practices: How to be More Proactive in the Fight Against Cyberattack
In cybersecurity, as with medicine, prevention is better than cure. The news headlines are filled with tales of email hacks, phishing scams and ransomware attacks that leave firms scrambling for patches or ways to contain the damage. The fast-moving threat landscape often leaves financial organizations playing catch-up, in a whack-a-mole contest with sophisticated and well-resourced […]
READ MORE
Blog
What Does the EU Artificial Intelligence (AI) Act Mean for Financial Services?
The European Parliament last week approved the world’s first binding law to regulate the use of artificial intelligence (AI), in a move with wide implications for the financial services industry. AI technologies are powering a fast-expanding range of financial market functions, spanning everything from anti-money laundering and cybersecurity activities to customer interactions, tailoring wealth and […]
READ MORE
Blog
Cybersecurity Best Practices from the Man Who Wrote the Book
If cybercriminals can hack the corporate email accounts of Microsoft’s senior leadership team, what could they do to your cybersecurity defences? Cybersecurity was once again the top concern for European banking Chief Risk Officers surveyed by EY and the Institute of International Finance, with 82% ranking cybersecurity risk as the biggest threat to their business […]
READ MORE
Blog
ESG: The Next Growth Area in Fund Administration
The US Securities and Exchange Commission’s decision to pare back its long-awaited climate-risk disclosure rules suggest the blowback against the environmental, social and governance (ESG) movement is gathering strength. The reality is ESG reporting demands are only growing. For many investment managers, the obvious answer is to turn to their fund administrator for help … […]
READ MORE
Blog
Do We Need AI, and Does AI Need Us?
In conversation with The Dark Money Files’ Graham Barrow Are we interceding with artificial intelligence too often and too quickly? asks The Dark Money Files director and anti-money laundering expert Graham Barrow. A week after chip giant Nvidia reported blowout earnings on frenzied customer AI hardware spending and forecast excellent conditions for continued growth, questions […]
READ MORE
Blog
AI in Investment Management: 3 Areas Ripe for Change
How much of a role will artificial intelligence realistically play in the investment management industry? As we discussed in a previous blog, implementing more traditional automation initiatives, to get the foundations right before adding AI complexity and data demands on top, should be firms’ initial priority. But then what? While the potential is seemingly limitless, […]
READ MORE
Blog
Forget AI, Prioritise The Low-Hanging Automation Fruit
If ever there was a case of shiny object syndrome today, then artificial intelligence is it. The release of ChatGPT in November 2022 and subsequent “AI boom” has sparked fevered speculation of where AI can be applied and what it could do for the financial services industry. The latest PwC CEO Survey captures the mood. […]
READ MORE
Blog
UK Banks Feel Pain of Iran Sanctions Evasion Lapses
The Financial Times headline is damaging enough by itself: “Iran used Lloyds and Santander accounts to evade sanctions”. This is exactly the sort of high-profile publicity nightmare financial institutions are desperate to avoid. The reputational risk from such revelations – especially when they’re disseminated by a globally-renowned publication like the Financial Times – can have […]
READ MORE
Blog
ESG at a Crossroads: What Next For 2024 and Beyond?
Environmental, social and governance (ESG) aligned funds were, until recently, a one-way bet for the investment industry. The future looks less assured. ESG has turned into a highly sensitised issue, LSEG Global Head of Research Robert Jenkins noted in a recent article. “The term ESG has become near toxic and arguably weaponized in the U.S.” […]
READ MORE
Blog
Will Your Project End Well?
A project is a mini-series, not a soap opera (although sometimes during a project’s lifecycle it can feel like it will never end). In other words, a contained event with a beginning (initiation and planning), a middle (implementation) and end (delivery and use). A project can be defined as “a complex, non-routine, one-time effort limited […]
READ MORE
VIEW ALL RESOURCES
REQUEST A DEMO
© 2021 DEEP POOL Financial Solutions Limited | All Rights Reserved | Privacy Policy
RHD