So, what does that mean when it comes to core procedures and what they must change and improve on?
We asked Amy Bell, from Teal Compliance, and financial crime compliance specialist Steve Elliot, of LexisNexis Risk Solutions, who shared their thoughts on existing practices and how other regulated industries can learn from banks and implement new technologies to ensure consistent and effective compliance in a recent webinar.
Within the session, which you can watch in full here, our speakers looked at areas such as:
To position the discussion, Amy reflected on the second and latest OPBAS report on the findings from a review of the legal and accountancy sector, which she told us shows a “stark contrast” to the year before, with a “remarkable improvement,” but questions remain.
Grouping the findings into three key areas, Amy started by saying there had been an improvement in the application of the risk-based approach by the 22 Professional Body Supervisors (PBS).
OPBAS found in 2018 that not all PBS had collected information on their regulated populations and therefore had not been able to properly assess the risks. By the end of 2019, 95% of the PBSs had collected the information they needed and 86% were adopting a risk-based approach.
She also highlighted that more PBS are conducting risk based activities, including utilising site visits as part of their activities and, in fact, the number of PBS conducting proactive supervision rose from 10% at the end of 2018 to 81% at the end of 2019.
And, importantly, here she brought out the OPBAS conclusion that there has been an increase in enforcement activity. There is a marked difference between the accountancy and legal sector, with accountants having more, but lower, fines than the legal sector.
In a message to firms for the future, she said:
Expect non-compliance to lead to disciplinary consequences. It is definitely time to make sure you’ve got your regulatory stack ready.
Interestingly, as well as delving into how to evidence a risk-based approach, Amy also shared her knowledge of gaps in firm risk assessments she sees, both firm-based, and client and matter, with some common issues cropping up in the form of:
Handing over to Steve, it was time for him to tell us about how banks conduct KYC and the importance of keeping your AML and anti-fraud processes current, focusing on lessons learnt and what could be taken from those now.
According to Steve, the first thing banks must do is know “who we are” and, adding that current systems gather “very few data attributes” in relation to individuals, he said that what we get instead is personal information, such as name, address, etc. He believes “we are much more than that” – we are our biometric profile, our moral compass, connected ecosystems, and so on.
It is only when you get a true understanding of a person’s ecosystem and of who they are that you will know who they do business with and the risk they possess, he pointed out.
Currently, Steve said, banks are using “very few data attributes to authenticate and risk rate people but they are building in more and more”, which is something he placed great importance on while giving examples of real situations, before emphasising that it is vital to remember that just looking at the first level is not sufficient when looking for the full picture of a person and risk.
Illustrating the need to get it right and why it is imperative that ongoing effort is put into complying with regulations, Steve continued by looking at the cost of compliance. The UK has the second highest number of financial institutions behind the US and the highest cost market within the highest cost region.
After sharing with us his view on how compliance is achieved where he sits at the moment, and the challenges that come with this, Steve provided insight on what could be taken from other industries’ approaches to compliance.
Touching on how the use of AI in specialist areas such as medicine and the aeronautical space could looked at, he reflected:
In financial services, firms are trying to access more data attributes and looking at outcome data… then using AI to reverse engineer back through the data to find attributes they should have been looking at in order to give an early indication that fraud would occur. Those types of solutions are very effective for driving out fraud and money laundering.
Encompass’ intelligent process automation conducts live document and data collection, analysis and integration from public and premium sources to bring transparency to complex corporate structures and ultimate beneficial ownership, delivering the most accurate and complete KYC on demand.