By Neil Katkov
Prior to COVID-19, digital capabilities could be used to automate processes. Typically, banks used those capabilities to deliver information to human analysts, who then made decisions for compliance and risk management purposes. With new workforce and workload challenges, the pandemic is accelerating not just the demand for efficiency and automation. It’s pushing for the availability of solutions that rely on digital technologies, including end-to-end, 100 percent automated solutions.
Today, everything related to risk management is impacted by the pandemic. The siloed and slow, often manual, processes of the past are giving way to new efficiencies of automation and cloud-based solutions.
How we got here and where we are headed
Three pillars of risk are central to contemporary risk management conversations. First, financial risk management famously failed during the global financial crisis a decade ago. At that time, siloed information did not catch up to the situation of cascading financial risks. Firms have since put effort into connecting these silos for enterprise-wide views of financial risk. What firms don’t have now: the ability to do this in real time. Ad-hoc, rapid, collaborative risk management for the current pandemic requires modern data management and analytics—not Excel spreadsheets.
Second, operational risk keeps a firm going forward in operational terms, looking at a wide range of functions, such as IT, cybersecurity, staff functions, business continuity and some financial analysis of operational capital. Responses to fast moving events have been hampered by silos (by lines of business and operational functions) and the lack of real time data. Over the past decade, new technologies have been implemented, but much is not very digitally connected, requiring manual review.
Finally, an element of operational risk merits special attention. Financial crime (including money laundering, fraud, and the related concern of cybersecurity) is enjoying a heyday in response to the conditions of the pandemic, challenging financial institutions to respond quickly to new threats. Fraudulent transactions were up 35 percent in April, according to FIS. Fraud poses both reputational and regulatory risks. New models are needed to separate legitimate transactions from fraudulent ones; similar challenges exist for anti-money laundering operations and know your customer routines. Work from home also exposed new gaps.
Challenges in existing risk systems
Celent recently surveyed more than 70 CROs and other risk executives at financial institutions to examine the challenges they see in their existing risk systems and data. With 54.4 percent of respondents indicating that their “fragmented approach to tools and information repositories” are problematic, data silos must be addressed. Not far behind are the problems of “data and information quality” (48.5 percent), “inadequate reporting functionality and granularity” (45.6 percent), and “inflexible, unable to quickly respond to ongoing changes.”
These challenges lead to limitations in how banks respond to business model changes, comply with reporting transparency obligations, contain cost and keep pace with digitization and innovation. Organizations could seize more opportunity, insights and risk management agility with the right data, in real-time configurations and supported by all the tools of data science and digital technologies. The pandemic appears to be focusing more attention in this area. Ideally firms will take data, integrate it, analyze it using AI techniques, then distribute it through advanced visual interfaces so that analysts and other risk professionals can use the insights. Firms aren’t very far along in this scenario yet.
How technology can improve responses to financial crime
Increasing new schemes are spurring banks to accelerate initiatives for more automation. Manual processes, like reviewing large numbers of alerts, require armies of analysts to sift through data; automated models would free those teams to focus on value-added analytics.
Increasingly, solutions are deployed in the cloud to deal with operational challenges. Financial crime compliance, in particular, is moving to the cloud; 47 percent of AML systems in production are off-premises and 65 percent of AML off-premises systems are now cloud-based. Many of these off-prem solutions are cloud native. Even without any of the special challenges that are driving pandemic-related acceleration, there’s a strong trend toward automation and cloud deployment for financial crime solutions.
Within five to 10 years, most solutions will be heavily automated, with many of them in the cloud. COVID-19 is certainly speeding the transition to automated and cloud-based systems, getting banks to focus on the issues and embrace the financial promise that technology can address.
A lot of activity is pushing for the digital evolution of financial crime compliance solutions. Innovations are coming both from new entrants, including regtech pure plays (which often include cloud-native startups) and traditional tech vendors who are investing in bringing new technologies to their offerings.
The digital toolkit for financial crime compliance, along with sample use cases, include:
- APIs: seamless connectivity to data services and other third-party providers; support for real-time KYC for payments and fintech/digital services.
- Artificial intelligence/machine learning: semantic analysis to enhance name matching; enhanced transaction monitoring insights; false-positive suppression based on previous analyst decisions.
- Cloud-based analytics: accelerated access to on-demand, high performance computing; big data storage; and AI/advanced analytics.
- Unstructured data analysis: contextual search of adverse media and other external data; identify relationships with politically exposed persons or high-risk entities.
- Natural language generation: entity profile compilation; automated creation of case narratives.
- Robotic process automation: automated routine processes, such as data entry; when coupled with artificial intelligence, delivery of smart robotics to support holistic AML, retention resolution and beneficial ownership analysis.
In the financial crime arena, a combination of these tools may be used for any given use case. For example, for KYC operations, NLG is used to understand and compile profiles of customers based on external data. RPA is used to efficiently create profiles for very large customer bases. AI and ML are used to cull these profiles to generate alerts for high-risk customers who should be investigated more closely.
While digitization of risk management may not be a customer-facing activity at banks, new tech can definitely lead to improvements. Look away from the silos and toward the cloud.
Neil Katkov oversees the risk and compliance space at Celent, a global research and advisory firm focused on technology and business strategies in the financial services industry
