By Joe Robinson and Lyn Farrell
The recent news stories based on thousands of suspicious activity reports, shined a harsh spotlight on the anti-money laundering practice area when they broke in September. Regulation compliance professionals are now, very reasonably, wondering about the possible repercussions from this negative take on their hard work. Will they face tighter scrutiny, new regulations, criminal culpability, or just vague insults from their half-informed neighbors?
Here’s what we see first-hand in most bank risk management organizations: a lot of smart, responsible people are trying to do their best with legacy systems and fragmented data sources.
The curious thing about this media coverage: Once you get past the sensational headlines and dramatic graphics, there’s a storyline that rings true. Making sense of the data in a collection of SARs is a beast of a project.
In fact, there’s an entire article in the original series about the enormous effort to organize and analyze the information. The investigative process took a consortium of more than 80 journalists, using custom-built tech tools, over a year. This particular sentence about parsing the narrative section of SARs jumped out: “We tried writing computer programs to automatically extract this crucial information, but we quickly discovered that it was not possible.”
If you approach this story with an empathetic mindset, you don’t have to connect too many dots to see a big parallel: Reporters, compliance teams, law enforcement, and regulators alike get mired in the mess of data. There’s a degree of uncertainty about the future of AML regulation, but it’s absolutely clear that cleaner data would help everyone (except the criminals).
Compliance professionals have been struggling with the data problem for quite some time. Waves of M&A consolidation over the last several decades have led to disparate sources of raw data locked up in legacy systems and proprietary formats. The scope of the complications can be overwhelming to the most determined, talented, and ethical of professionals.
Compliance teams need ample resources and time to clean up the data. In contrast to the media portrayal of corporate apathy, many of the larger banks are interested in the underlying problem and have been investing in migrations to “data lakes”—consolidated warehouses of unstructured data where modern APIs, scripting, and analytics are possible.
At the board and executive level, these initiatives need strong, long-term support. At the team level, the people grappling directly with these issues on a daily basis need to break the challenge down into manageable steps. Here are a half-dozen AML data focal points for sorting out the digital past and preparing your financial institution for a data-driven future.
Structured insights: Ensure that investigator insights such as categorizations, decisions and other findings are captured as structured data that can be parsed for analytics.
Machine-readable formats: Store supporting documentation in a centralized repository in machine-readable formats. Spreadsheets and tabular data are much easier to work with than written documents or proprietary formats like PDFs.
Standardized schemas: Organize case information into a standardized data schema, adding structure to things like subject profiles, transactions, account information, addresses, and device information (such as IP addresses).
Modern APIs: Ensure that tools you use for regulatory compliance have modern APIs that are well documented and kept up to date.
Summarized extracts: Choose tools that go beyond charts and graphs and provide summarized data extracts in tabular or machine-readable formats—for example, APIs or .csv downloads of important case information and findings.
Interoperability: Look for systems that can natively connect your case findings back to the case sources. For example: Does the compliance management system take in transaction monitoring alerts, and then allow you to see the outcomes for those alerts in a structured format?
Some of these imperatives, though geared for AML compliance, could probably apply to other data-intensive practice areas within a financial institution as well. The most optimistic media coverage in banking tends to highlight the frontiers of AI. Bleeding-edge goals do serve to inspire and motivate us, but the truth on the ground is that there are still many bank processes lacking basic automation.
Fragmented data has been a recurring challenge for converting manual processes to automated systems. Technology will play a central role in how the financial industry moves forward with compliance, and these solutions will need to consume vast quantities of data. We may not know exactly what regulatory shifts are on the horizon, but doing what we can right now to improve the quality of existing and expanding datasets will be well worth the effort across a broad range of potential outcomes.
Joe Robinson is co-CEO and co-founder, and Lyn Farrell is a regulatory strategy advisor, at Hummingbird.