WHITE PAPER

Reducing the cost of AML compliance

SAS® Anti-Money Laundering: An integrated framework for risk scoring,
alert generation, investigation and reporting
 Reducing the cost of AML compliance

Table of Contents

Executive summary..........................................................................................1
The costs of AML compliance..........................................................................2
What would you gain with a more effective AML technology platform?......3
Monitor risks across the institution...................................................................3
Allocate resources to the most meaningful cases.............................................4
Adapt to keep pace with changing risks...........................................................5
Demonstrate knowledge of high-risk accounts and their activity.......................5
®
SAS Anti-Money Laundering..........................................................................6
Create an enterprisewide view of customers and risks...............................7
Benefits of a centralized AML data repository..............................................8
Monitor customers as low-, medium- or high-risk based on
ongoing KYC risk scoring.............................................................................8
Monitor transaction activity against multiple detection techniques...........10
Beyond simple rules and thresholds..........................................................11
Key methods to detect potentially suspicious activities...................................11
Provide a structured environment for investigating and
documenting alerts.....................................................................................13
Generate required regulatory reports and supporting documentation.......15
Provide senior management with information on key performance 
metrics........................................................................................................15
Monitor and manage system access and utilization..................................17
Closing thoughts.............................................................................................18
SAS Anti-Money Laundering.......................................................................19
Checklist for selecting an anti-money laundering solution........................20
About SAS.......................................................................................................21

i
 Reducing the cost of AML compliance

Executive summary

Money laundering has far-reaching implications. It makes organized crime pay. It

allows drug traffickers and smugglers to expand their operations. It undermines
government tax revenue and the financial community in general because it
siphons vast sums of money from legal endeavors. The events of 9/11 added yet
more incentive to stem the flow of illicit financial transactions.

Many institutions initially made modest technology investments to meet minimum

anti-money laundering (AML) requirements. However, this minimalist approach
actually increased the total cost of ownership due to inefficient investigations,
higher staffing costs, the need for successive technology investments and the
fact that little value was contributed to other functions, such as marketing and
loss prevention.

Financial institutions are finding it necessary to strengthen their AML platforms

to meet new regulatory mandates and strategically manage compliance risk.
For enterprises with moderate to high risk exposures, this calls for a rigorous
automated system based on dynamic risk assessment.

With SAS Anti-Money Laundering, institutions can create an enterprisewide view

of customer relationships and risks, monitor activity using multiple detection
methods, investigate and document suspicious cases, and produce required
regulatory reports – all within an integrated solution built on award-winning SAS
data management and analytic capabilities.

The SAS solution is differentiated by its:

• Transparency. Compliance officers can easily see, understand and modify the
underlying methodology and explain to regulators why alerts were generated.

• Adaptability. Scenarios and risk factors are driven directly from the
institution’s AML risk assessment and can be easily changed as its AML
environment changes.

• Depth of coverage. Beyond simple rules and matching, the solution uses
multiple detection techniques and data resources to surface more suspicious
activity than ever before possible.

At the same time, SAS Anti-Money Laundering reduces the cost of complying
with regulatory expectations – first, through process efficiency and automation;
second, by enabling investigators to work more productively; and third, by
mitigating the risks of penalties and bad publicity that could result from deficient
processes.

1
 Reducing the cost of AML compliance

The costs of AML compliance

Criminals and terrorists have been resourceful and persistent with their money
laundering activities, accounting for an estimated US$500 billion to $1 trillion a year,
globally. Although most laundered money stems from drug trafficking and organized
crime, the events of 9/11 put the spotlight on funding for terrorist activities, which
has traditionally been much more difficult to detect.

The USA PATRIOT Act expanded the requirements for detecting and reporting
suspicious activities that could indicate money laundering or terrorist financing.
So did equivalent AML regulations around the world, such as the Third EU Money
Laundering Directive. Implemented in 2007, the directive creates a uniform regime
of compliance that expands the definition of “client due diligence,” broadens
requirements for client/account monitoring and raises the expectation for banks to
adopt risk-based management approaches.

More recently, the headlines have focused on high-profile enforcement actions – with
as much as $160 million in associated fines and the risk of “cease and desist” orders
that prevent the institution from engaging in mergers, acquisitions or expansion.
Such sanctions have caused stock values to plummet as much as 20 percent in a
single week.

However, the more pressing, day-to-day concern for financial institutions is simply
the rising cost of compliance. In an effort to control the cost of meeting basic
requirements, many institutions chose AML systems based on low entry price.
Unfortunately, a minimalist strategy can actually be quite costly over the long term,
for several reasons:

• The Know Your Customer/Customer Identification Program (KYC/CIP) system is

usually not integrated with a transaction monitoring system, so high-risk entities
might not receive adequate scrutiny.

• Shallow insight into customers or behaviors makes it difficult to determine where

compliance costs unnecessarily exceed the risks.

• Sparse information about a potentially suspicious event or party can lead to

longer and more error-prone investigations.

• “Black-box” systems adapt poorly to a changing AML environment; the institution

may be locked into continual upgrades for a proprietary, closed system.

• If there is no integrated environment for investigating and managing alerts,

analysts spend too much time documenting their actions.

In short, with a basic solution, upfront cost might be low, but so is long-term value.
An AML program based on such a system would ultimately be insufficient for
managing the evolving risks and regulatory requirements.

2
 Reducing the cost of AML compliance

Even if very basic capabilities were seen as sufficient, financial institutions would
have to ask: “Is the niche vendor going to be in business for the long haul to support
our growth and customization requirements?” and “How well can proprietary
software contribute to our overall management of risks across the organization?”

For many financial institutions, there’s still much work ahead, according to the
Deloitte & Touche survey. Even with added emphasis and expenditure on AML
programs, 30 percent of respondents said process duplication had actually
increased, only 10 percent reported that compliance information was always
effective, only 15 percent thought it was timely, and only 55 percent reported that
their institution used quantitative metrics.

Financial institutions need an AML technology platform that offers the

following capabilities: ■ Financial institutions that chose
• Captures and organizes all customer activity across disparate data sources. static, packaged systems based on
low initial cost of ownership have
• Monitors that activity against multiple rules, scenarios and risk factors.
found themselves needing to replace
• Uses analytically derived indicators of risk, not just simple rules and matches. and retool.

• Accurately alerts compliance staff to potentially suspicious activity.

• Provides a structured environment for investigating and documenting alerts.

• Generates required regulatory reports and supporting documentation.

What would you gain with a more effective

AML technology platform?

An effective AML compliance platform must deliver capabilities lacking in low-end

systems, such as the ability to:

• Monitor risks across the institution, using data from many legacy systems.

• Allocate resources to the most meaningful cases while reducing false positives.

• Adapt to keep pace with the changing risk environment, internally and externally.

• Apply knowledge of risk exposures to update your Enterprise Risk Assessment.

Monitor risks across the institution

The constraints: Financial institutions have vast repositories of information about

their customers, transactions and external databases. The trouble is, much of that
data isn’t integrated into AML programs. With typical AML systems, compliance
analysts are doing well to just detect basic trends and simple matches against
known illegal activities.

3
 Reducing the cost of AML compliance

Few organizations can correlate potentially suspicious behaviors across disparate

systems and a multitude of risk factors. As a result, most automated AML systems
only look at transactions and do not take advantage of broader institutional
knowledge, such as CIP data, prior high-risk events, risk lists and previous
investigations – either for identifying or examining potentially illegal activities.

What is needed: The AML solution should be based on a centralized financial ■ A risk-based monitoring and
services industry data model that includes a broad range of product types, channels,
entities and non-monetary events. The alert-generation process should monitor
investigation system is a vital
multiple risk factors with a single pass through the data – even for very large component of an effective and
databases. compliant AML program. Financial
institutions now have a proven
In the process, regulatory risk would be reduced, because the institution would
way to detect and track suspicious
gain a more accurate view of an entity’s behavior across all products, businesses,
channels and risk factors. patterns of behavior relative to
their unique risks, instead of just
one-size-fits-all rules and account
Allocate resources to the most meaningful cases
name lookups.
The constraints: Many AML systems apply the same, limited set of if/then rules to
identify suspicious transactions. With time, compliance officers and regulators often
discover these rules are overly broad or not specific to the institution’s real money
laundering risks. These institution-specific risks are easy to overlook, leaving the
institution exposed to greater regulatory scrutiny and putting compliance staff under
greater pressure.

Just as troubling, the rules-based system can trigger too many false positives and
overwhelm compliance staff with busy work. At the very least, the increased volume
of work items may diminish the credibility and energy of AML monitoring staff and
distract front-line staff from their primary responsibilities.

What is needed: Financial institutions need a way to:

• Integrate a customer’s account opening (“on-board”) risk classification into

ongoing transaction monitoring.

• Automatically reassess risk rating and support a risk-based monitoring process.

• Adjust scenarios and risk factors to minimize the incidence of false positives.

• Combine multiple scenarios and risk factors to generate high-quality alerts.

4
 Reducing the cost of AML compliance

• Identify cases that are significant, rather than chasing all simple alerts.

• Identify the highest-priority cases to be investigated, based on a customer-level

risk score.

These capabilities would reduce the cost of AML compliance by making processes
more accurate and efficient.

Adapt to keep pace with changing risks

The constraints: AML is a fast-moving target. Criminals are constantly probing AML
systems to discover new techniques to move their funds. Risks also change as a
bank expands into new markets or adds products and services and as regulators
increase their expectations.

Banks that have implemented first-generation AML solutions often find it difficult to
evolve these systems to keep up with changing requirements. Many banks have
been hit by formal enforcement actions – fines or business restrictions – for AML
program shortfalls. Others have expended significant resources on vendors and
consultants to force-fit new methodologies and techniques into old, static systems.

What is needed: Before being judged insufficient at the next round of regulatory
review, financial institutions need a better way to adapt their scenarios and risk
factors to a changing world.

The AML system should allow easy modification of the data model, rules and reports
to include new data feeds, monitor new risks, meet new regulatory requirements
and present relevant information to auditors, regulators and managers. With
these capabilities, institutions could respond quickly to change without engaging
consultants for significant system upgrades.

Demonstrate knowledge of high-risk accounts and their activity

The constraints: AML monitoring staff need to justify their review actions to
regulators. But what if the AML system simply flags incidents as high-risk, yet
doesn’t say why? Many AML systems hide their analytic routines and system logic,
making it virtually impossible to explain why an alert was triggered or why one entity
is deemed more risky than another. With a “black box” system, how can compliance
users justify the validity of the system’s methodology to regulators?

5
 Reducing the cost of AML compliance

Furthermore, many AML systems do not present a comprehensive view of customer

relationship, much less customer risk. Investigators may have trouble tracking
activities that led up to the alert. Case history can be fragmented, especially if a case
passes through multiple review layers. Regulatory reports often must be produced
manually, which makes it difficult to use this vital information to fine-tune the system
to identify more relevant work items and enhance monitoring strategies.

What is needed: The ideal AML solution explains why an event or entity represents
a high risk to the institution, and it displays enough information to the investigator
to support a clear decision process. Compliance analysts could adjust risk weights
based on their experience or feedback from the system. All actions, comments,
reports and documents should be attached to the alert and documented in an
audit trail.

With these capabilities, compliance managers would have greater confidence in

monitoring policies and investigation outcomes. Auditors and regulators could easily
review the decision process for a given case.

SAS® Anti-Money Laundering

SAS Anti-Money Laundering integrates a number of functions that often live in silos
within an organization, such as:

• Data management from diverse internal and external sources.

• Know your customer (KYC) scoring and risk classification.

• Transaction monitoring based on multiple detection techniques.

• Watch-list filtering and sanction screening.

• Alert management.

• Generation of required regulatory reports.

• Management reporting and secure system administration.

All of these capabilities are provided in a comprehensive solution built on award-

winning SAS data management and analytic capabilities. Institutions can secure
all of these functions as part of a holistic solution – or choose just a portion of the
functionality, such as watch-list filtering. They can also choose to have the solution
in-house or obtain it as a hosted service.

Let’s take a closer look at the key capabilities of the solution.

6
 Reducing the cost of AML compliance

Create an enterprisewide view of customers and risks

SAS Anti-Money Laundering synthesizes data from currently incompatible data

sources on almost any platform and format – such as front-office systems, back-
office systems and spreadsheets – into data models designed for AML programs.

Data about customers and transactions. Customer profile information and

transaction activity is aggregated into one consistent view of the customer across
all business units and transaction/instrument types. If the institution has already
consolidated the requisite information in a data repository, SAS can map directly to
the existing repository.

This data model stores detail and summary data related to historical customer
behavior, such as:

• Customer, account and household attributes.

• Frequency and monetary attributes of transactions.

• Activity by time period, customer account, channel and product.

Up to 13 months of data is retained in the AML core schema to support advanced

detection, profiling and trending.

Data about alert and investigation processes. The system also maintains a
“Knowledge Center” where scenarios and risk factors are defined, user privileges
and group membership are maintained, and alerts and investigative activities are
documented. All actions, comments, documents and decisions are documented and
retained in the Knowledge Center to support independent audit and review.

7
 Reducing the cost of AML compliance

Benefits of a centralized AML data repository

Create an enterprisewide view of risk across customers, products, business units

and channels.

Manage and correlate risks across multiple global subsidiaries from a central
location.

Reduce hardware redundancy while monitoring more risks.

Ensure consistency and adherence to data governance and compliance policies.

Build related applications, such as enterprise risk and financial crimes systems,
on the same data repository.

Monitor customers as low-, medium- or high-risk based on

ongoing KYC risk scoring

Driven by the European Union “Third Directive,” SAS has expanded the due diligence
features in the latest release of the SAS Anti-Money Laundering system.

The system enables institutions to integrate customer risk profiles collected during
the account opening process with their ongoing transaction monitoring system.
Ultimately, the system suggests the customer’s actual risk profile based on a
combination of static risks and behavioral risks. Summary reports are provided
to illustrate metrics on High Risk customers, subsequent alerts and regulatory
submissions.

8
 Reducing the cost of AML compliance

The process begins with importing the customer’s money laundering risk score or
customer profile – typically scored as High, Medium or Low.

Once the risk scores have been assigned, customers can be segmented or stratified
based on their specific risk groups. For example, an institution may monitor High Risk
customers more closely for variances in their outgoing wire activity versus a Medium
Risk customer. This illustrates a risk-based approach to monitoring.

Risk analysts can manage lists of risk classifiers that help document whether a
customer’s behavior is similar to the profile that was measured at account opening.
Classifiers include risk attributes of high-risk products, customer types, services and
geographies. For example, SAS pre-populates high-risk attributes such as Foreign
Financial Institutions and Politically Exposed Persons. During the course of due
diligence, the risk analyst can add accounts or customers to various lists, so there is
greater transparency into their risk attributes.

Every month, the system analyzes the presence of risk classifiers for each party and
recalculates the suggested customer risk score. Each classifier carries a unique
weight depending on the severity of the classification. Customers who carry a High
Risk profile, or are recommended for a new High Risk profile, will be automatically
scheduled for a periodic assessment. The system schedules periodic assessments
based upon the institution’s AML policies.

Sample risk classification screen.

In this example, any customer who matches the Private Banking flag in the data
model will receive a risk weight of 10 on a scale of 1-10.
9
 Reducing the cost of AML compliance

Monitor transaction activity against multiple detection techniques

The alert engine accesses the data management component to evaluate all daily
transactions and other information, such as watch lists. It then applies rules and
scenarios derived from financial institutions and regulatory requirements to detect
patterns that could point to money laundering.

Sophisticated risk ranking algorithms determine the likelihood that illicit activity
could be concealed in any combination of scenarios and risk factors. Alerts that
show key risk factors, as determined uniquely for each institution, can then receive
higher priority. False positives can be identified before they consume unnecessary
resources. Companies can fine-tune scenarios, risk factors and business logic based
on feedback provided by the system’s reports.

The robust scenario engine goes beyond simple if/then logic and uses multiple
techniques to identify potential suspicious activity:

• Rules (scenarios and risk factors). Does this transaction or entity match any
business rules or scenarios set forth for this risk classification?

• Peer grouping, clustering and segmentation. Does this entity share attributes
with known or suspected criminal entities?

• Behavioral profiling. Does the entity display a behavior indicative of

criminal activity?

• Pattern recognition. Does the transaction history match known patterns of

illicit activity?

• Link analysis. Is there redundant personal information or suspicious associations

with high-risk entities?

• Predictive modeling. Does some combination of factors or activities show cause

for investigation, where one factor or one transaction alone would not? Does
transaction behavior match the expected behavior, based on KYC information?

Tightly define how scenarios are defined and applied. Compliance officers can
configure the parameters for all scenarios, setting thresholds to meet the institution’s
specific needs and actual experience. In addition, each scenario may be further
constrained by any attribute available in the data, such as geography, account type,
customer type or line-of-business, so that the scenario or risk factors only apply to
specific groups of customers or accounts.

Scenarios can be turned on and off or suppressed at the company, account

or customer level. Scenarios could be suppressed manually by investigators or
automatically by a preset rule – for example, “When an alert is generated, do not
generate another alert for the same customer and scenario for X number of days.”

10
 Reducing the cost of AML compliance

Identify and rank potentially suspicious activity daily. Nightly batch routines run
scenarios and risk factors against the core data, which typically consists of 13
months or more of account, party, household, cash flow, associate and KYC/CIP
information. The system can apply multiple scenarios in a single pass against the
database, monitoring more risks in less time than SQL-based systems that have to
make numerous database scans.

If any of these detection methods identifies activity that could signal money
laundering, the solution generates an alert and ranks its significance based on
which scenario(s) triggered the alert, other risk factors that apply to the same entity,
the likelihood that the alert will result in a regulatory report, and alerts previously
generated for that entity.

Each alert is assigned a ranking both for money laundering risk and terrorist financing
risk. Investigators can then focus their energies on the highest-scored or most
important alerts. ■ When multiple detection techniques
are combined, the system increases
the success rate of detecting
Beyond simple rules and thresholds
criminal activity while reducing
Key methods to detect potentially suspicious activities the number of false-positives. The
system can then rank suspicious
Far beyond simple if/then rules, the SAS solution can:
behaviors based on any number
• Check entities against watch lists such as Office of Foreign Assets Control of factors, including statistically
(OFAC) or other high-risk watch lists from any internal or external source. derived probabilities.
A match to an external watch list, such as an Interpol or World-Check list, could
be factored into the customer’s risk ranking or automatically trigger an alert.
The bank can create and maintain an internal list to track customers they want
to monitor more closely (perhaps the bank generated an investigation on that
customer in the past) or to avoid spending time investigating trusted entities.

• Use analytics to reveal hidden risks instead of relying on labor-intensive and

error-prone manual processes.
The SAS solution can assess combinations of risk factors – as many factors
as you want to include. For instance, it is helpful to know that a customer
suspected of structuring has been the subject of a prior regulatory report or has
other accounts currently under investigation. Overlapping high-risk transactional
behaviors can be considered in concert with high-risk KYC attributes and
automatically flagged for presentation to investigators.
Authorized administrators can add or change risk factors without having to rely on
IT staff.

11
 Reducing the cost of AML compliance

• Continually incorporate risk scores based on KYC/CIP data into transaction

monitoring, not just at account opening. ■ Know Your Customer regulations
Which customers are members of high-risk groups, as defined by your own risk have required institutions to collect
assessment? Based on summary profiles of historical transactions, the SAS
information on expected activity,
solution can calculate expected behavior. The system then applies scenarios and
risk factors to monitor variances against normal or expected behavior. citizenship, source of funds and
Examples include dormancy, velocity of funds transfers, increased activity or
other risk indicators at account
higher-than-normal transaction value. Is this a business that expected to engage opening. Risk scores based on this
in one type of activity but now is demonstrating entirely another pattern? Has the information should also be used
business deviated greatly from expected deposits or transaction value per month, to differentiate how the institution
or from past trends?
monitors a customer’s behavior
This kind of insight is a big emphasis for regulators, who expect AML monitoring
over time.
systems to review and document why actual activities are seen as inconsistent
with normal behavior.

A combination of risk factors and scenarios determines the final alert

prioritization score.
In this example, the customer on the bottom row matching Scenarios 1, 3 and n and
Risk Factor 1 would have a significantly higher risk score than the customer on the
top row who only matched Scenario 1.

12
 Reducing the cost of AML compliance

Provide a structured environment for investigating and

documenting alerts

A secure, Web-based interface gives investigators an automated, efficient way to

process alerts. This interface presents aggregated profile and activity information in
one central location, which saves time and energy. The system can display alerts
generated by other transaction monitoring systems. Alert items can be investigated,
sent for reporting or exported to a third-party case management system, if desired.

Know the what and why. The intuitive interface empowers analysts to quickly see
the totality of a customer’s behavior, determine what’s normal for the subject, review
triggering transactions and access CIP and other demographic information. Having
a clear description of why the alert fired with supporting information means analysts
can make decisions more quickly, consistently and efficiently.

Auto-create an audit trail. When compliance officers/investigators open and

process alerts, a system of record is automatically captured. The case file stores
comments, attached documents, pertinent dates and actions, etc. With this self-
documenting facility:

• Users can add comments, attach documents, e-mail cases to colleagues, link to
previous alerts or file regulatory reports directly from the investigation interface.

• Investigators can focus their energies on processing alerts rather than on

manually documenting their actions.

• All case detail is transferred if the case is reassigned or escalated to a higher level
for review.

• The institution can show regulators that every action was governed by established
policies, procedures and controls, thereby reducing the risk of legal action,
penalties or added scrutiny.

During an investigation, all relevant data is captured in the Knowledge Center data
repository. This historical data provides an investigative audit trail and supports
continuous self-learning that makes the solution more effective at predicting
suspicious activity and reducing false positives. Administrators can fine-tune user
permissions to mirror the roles, security policies and processes of the institution.

13
 Reducing the cost of AML compliance

Sample alert workflow management screen

A secure, Web-based interface gives investigators an efficient and automated way to
process alerts.

Sample risk factors – transparency

In this sample, we can see that a subject conducted an unusually large number of
wire transactions but also has other high-risk characteristics, such as global trade
finance and foreign wire activity.

14
 Reducing the cost of AML compliance

Generate required regulatory reports and supporting documentation

Streamline regulatory reporting. If an alert warrants reporting to authorities,

investigators can launch a secure, Web-based facility to generate files for electronic
submission of regulatory reports – as well as tracking reports that detail the origin,
contents and activity history of each submission. Many fields are pre-populated with
information available from the system to increase productivity and reduce the chance
of human error.

Dramatically cut the cost of regulatory filings. An investigator can create a new
regulatory submission for an alert, save the in-progress form and retrieve it later to
work on it some more. Once the investigation is complete, the completed report
is flagged for filing. This automated function dramatically reduces the cost of these
required reports, which can be as high as $8 to $15 per submission using manual
methods.

Provide senior management with information on

key performance metrics

Document AML performance. Senior compliance and risk management officers

can have real-time access to the key performance metrics of the AML monitoring
system. The Web-based portal can provide summary information on the types of
alerts generated, staff productivity, geographic exposure and effectiveness of analytic
techniques. Providing this information on demand reduces the dependence on IT
staff and ensures transparency among stakeholders.

Sample standard management report

The SAS solution includes a number of standard management reports for reviewing
alert output, analyst productivity, alert aging and more.

15
 Reducing the cost of AML compliance

Optimize the AML system. Given the escalating costs of AML compliance and the
current economic climate, financial institutions need to do more with less – mitigate
their most significant risks more efficiently, often with smaller staff. In addition,
regulatory examiners expect institutions to justify their rule parameter settings using
statistical methods.
■ With advanced analytics to mine
For all of these reasons, SAS Anti-Money Laundering includes award-winning SAS historical alert and investigation
analytics that can be used to fine-tune the system. With advanced analytics, you can data, the system can be tuned to
mine past historical alerts and investigations and use that knowledge to set optimum generate more relevant work items
thresholds for any parameter. Policies can then be tuned to generate more relevant
and suppress low-value alerts.
work items and suppress low-value alerts. Compliance departments then focus their
resources on actual risk exposures based on proven experience.
Compliance departments can
optimize their policies based on real
The sample decision tree below was generated with SAS Enterprise Miner™ knowledge – and use staff time even
software to score alerts based on known “good investigations.” In this example, more effectively.
knowledge provided by the application enables an analyst to determine the optimal
threshold for number of wire transactions.

A decision tree created with SAS Enterprise Miner helps fine-tune the AML system to
increase hit rates and reduce false positives.

16
 Reducing the cost of AML compliance

SAS business intelligence software is bundled with the solution

Managers can take advantage of drill-down dashboard reporting to monitor the
overall health of the AML program.

Monitor and manage system access and utilization

In a user-friendly, point-and-click graphical environment, authorized system

administrators can manage security and system parameters for:

• System access – Authorized users/groups and their permissions to use various

system functions.

• Data extract, transform and load (ETL) processes – Source and target data
structures, data transformation logic, load parameters and refresh cycles.

• Alert-generation methods – Scenarios, rules, risk factors and detection models

that reflect the most up-to-date knowledge of customers and world conditions.

• Investigative workflow – Customized rules for distributing the workload to

compliance analysts, conducting investigations and making regulatory filings.

17
 Reducing the cost of AML compliance

Closing thoughts

A number of niche vendors offer basic transaction monitoring systems that generally
offer limited detection abilities and no integrated environment for investigating and
managing alerts. Even with higher-end systems, transparency and scalability can be
issues. AML staff might not be able to drill into the logic and transaction history that
triggered an alert or be able to adapt the methodology as needed.

Financial institutions that chose static, packaged systems based on low initial cost of
ownership may now find themselves having to replace and retool.

SAS Anti-Money Laundering enables more accurate, efficient and adaptable AML
processes while reducing the overall cost of compliance. A unified technology
platform integrates the key capabilities of an end-to-end AML technology solution,
including:

• Industry-specific data models to provide an essential, enterprisewide view of

customer and account activity across disparate data sources.

• Transaction monitoring against multiple scenarios and detection techniques to

identify potentially suspicious associations, patterns or transactions.

• Know Your Customer (KYC) classification and assessment, at automatic

intervals, and used to uniquely monitor customer segments based on risk profile.

• Watch-list filtering to identify matches of customers or counterparties who

appear on government sanctions lists or black lists.

• Advanced analytic techniques that monitor behavior typologies, including

transactional networks of unrelated parties and accounts having similar behavior
to known illicit accounts.

• Automated generation and submission of regulatory reports to appropriate

financial intelligence units.

• Compliance analytics to refine monitoring systems, improve hit rates, reduce

staffing requirements and minimize risk exposure.

The monitoring process is transparent, and the entire platform is adaptable to each
institution’s unique risk profile. Scenarios and risk factors are driven directly from the
institution’s AML risk assessment and can be easily changed as risks change for the
organization or for the industry as a whole.

18
 Reducing the cost of AML compliance

SAS Anti-Money Laundering has proven its value for financial institutions on every
continent, with assets from less than $1 billion to more than $1 trillion, representing
all financial sectors.

Because no two financial institutions have the same AML monitoring needs, SAS
offers the proven methodology via distinct solution offerings:

• SAS Anti-Money Laundering provides an integrated risk scoring, alert

management and reporting platform for Tier I, Tier II and mid-market institutions
($1 billion to more than $100 billion in assets).

• SAS Money Laundering Detection provides the same robust SAS methodology
in a solution tailored for small to mid-sized financial institutions.

• SAS Solutions OnDemand give customers in the Americas the option of having
SAS host the AML application as a service.

To find out more about how to mitigate risk while reducing the cost of compliance,
visit us on the Web at www.sas.com.

SAS Anti-Money Laundering

Accurate – Monitor transactions using multiple detection techniques and

enterprisewide knowledge.

Scalable – The solution monitors more than 1 billion transactions nightly for one
of our largest customers.

Efficient – Focus resources on the most likely high-risk events rather than
chasing all simple alerts.

Flexible – Adapt to keep pace with changing customer knowledge and

regulatory requirements.

Transparent – Easily understand the monitoring process, including the “what”

and “why” for any given alert.

19
 Reducing the cost of AML compliance

Checklist for selecting an anti-money laundering solution

While searching for such an anti-money laundering solution, financial institutions

should be looking for four key capabilities and asking some critical questions:

Adaptable methodology: To keep pace with change

• Will the system grow as the institution grows?

• Can the system adapt to new money laundering risks as they emerge?

• Can the system adapt to new channels, such as mobile banking and
e-payments?

Configuration with transparency: To match unique business processes and risks

• Will the system incorporate our in-depth knowledge of policies, procedures

and controls?

• Will the system be tailored to monitor all risks identified in our risk
assessment?

• Will the system enable us to adequately explain the rationale behind our
decisions to auditors and regulators?

Accurate detection: To reduce false positives and unnecessary investigations

• Does the system provide a scoring/prioritization method for allocating work

items?

• Does the system learn from prior investigations to generate more relevant
work items?

• Does the system provide feedback reports that drive changes to

monitoring policy?

• Does the system support ad hoc analytics to improve hit rates?

Open and extensible architecture: To reduce total cost of ownership

• Is the system open and extensible so my staff can be trained to take

on support?

• Will I have to upgrade to a new release every time regulations change?

20
 Reducing the cost of AML compliance

About SAS

SAS Anti-Money Laundering is developed and supported by SAS, the leader in

business intelligence software and services with millions of users at more than
45,000 sites in 111 countries, including 91 of the top 100 companies on the 2008
FORTUNE Global 500® list.

SAS software delivers business intelligence for more than 3,000 financial institutions
worldwide, including 97 percent of banks in the FORTUNE Global 500®. In fact,
financial services is SAS’ largest industry segment – representing 42 percent of
revenues in 2007.

Only SAS offers leading data integration, intelligence storage, advanced analytics
and traditional business intelligence applications within a comprehensive enterprise
intelligence platform. Since 1976, SAS has been giving customers around the world
THE POWER TO KNOW®.

21
SAS Institute Inc. World Headquarters +1 919 677 8000 To contact your local SAS office, please visit: www.sas.com/offices
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration.
Other brand and product names are trademarks of their respective companies. Copyright © 2008, SAS Institute Inc. All rights reserved. 103744_479096.1208