Documente Academic
Documente Profesional
Documente Cultură
Table of Contents
Executive summary..........................................................................................1
The costs of AML compliance..........................................................................2
What would you gain with a more effective AML technology platform?......3
Monitor risks across the institution...................................................................3
Allocate resources to the most meaningful cases.............................................4
Adapt to keep pace with changing risks...........................................................5
Demonstrate knowledge of high-risk accounts and their activity.......................5
®
SAS Anti-Money Laundering..........................................................................6
Create an enterprisewide view of customers and risks...............................7
Benefits of a centralized AML data repository..............................................8
Monitor customers as low-, medium- or high-risk based on
ongoing KYC risk scoring.............................................................................8
Monitor transaction activity against multiple detection techniques...........10
Beyond simple rules and thresholds..........................................................11
Key methods to detect potentially suspicious activities...................................11
Provide a structured environment for investigating and
documenting alerts.....................................................................................13
Generate required regulatory reports and supporting documentation.......15
Provide senior management with information on key performance
metrics........................................................................................................15
Monitor and manage system access and utilization..................................17
Closing thoughts.............................................................................................18
SAS Anti-Money Laundering.......................................................................19
Checklist for selecting an anti-money laundering solution........................20
About SAS.......................................................................................................21
i
Reducing the cost of AML compliance
Executive summary
• Transparency. Compliance officers can easily see, understand and modify the
underlying methodology and explain to regulators why alerts were generated.
• Adaptability. Scenarios and risk factors are driven directly from the
institution’s AML risk assessment and can be easily changed as its AML
environment changes.
• Depth of coverage. Beyond simple rules and matching, the solution uses
multiple detection techniques and data resources to surface more suspicious
activity than ever before possible.
At the same time, SAS Anti-Money Laundering reduces the cost of complying
with regulatory expectations – first, through process efficiency and automation;
second, by enabling investigators to work more productively; and third, by
mitigating the risks of penalties and bad publicity that could result from deficient
processes.
1
Reducing the cost of AML compliance
Criminals and terrorists have been resourceful and persistent with their money
laundering activities, accounting for an estimated US$500 billion to $1 trillion a year,
globally. Although most laundered money stems from drug trafficking and organized
crime, the events of 9/11 put the spotlight on funding for terrorist activities, which
has traditionally been much more difficult to detect.
The USA PATRIOT Act expanded the requirements for detecting and reporting
suspicious activities that could indicate money laundering or terrorist financing.
So did equivalent AML regulations around the world, such as the Third EU Money
Laundering Directive. Implemented in 2007, the directive creates a uniform regime
of compliance that expands the definition of “client due diligence,” broadens
requirements for client/account monitoring and raises the expectation for banks to
adopt risk-based management approaches.
More recently, the headlines have focused on high-profile enforcement actions – with
as much as $160 million in associated fines and the risk of “cease and desist” orders
that prevent the institution from engaging in mergers, acquisitions or expansion.
Such sanctions have caused stock values to plummet as much as 20 percent in a
single week.
However, the more pressing, day-to-day concern for financial institutions is simply
the rising cost of compliance. In an effort to control the cost of meeting basic
requirements, many institutions chose AML systems based on low entry price.
Unfortunately, a minimalist strategy can actually be quite costly over the long term,
for several reasons:
In short, with a basic solution, upfront cost might be low, but so is long-term value.
An AML program based on such a system would ultimately be insufficient for
managing the evolving risks and regulatory requirements.
2
Reducing the cost of AML compliance
Even if very basic capabilities were seen as sufficient, financial institutions would
have to ask: “Is the niche vendor going to be in business for the long haul to support
our growth and customization requirements?” and “How well can proprietary
software contribute to our overall management of risks across the organization?”
For many financial institutions, there’s still much work ahead, according to the
Deloitte & Touche survey. Even with added emphasis and expenditure on AML
programs, 30 percent of respondents said process duplication had actually
increased, only 10 percent reported that compliance information was always
effective, only 15 percent thought it was timely, and only 55 percent reported that
their institution used quantitative metrics.
• Monitor risks across the institution, using data from many legacy systems.
• Allocate resources to the most meaningful cases while reducing false positives.
• Adapt to keep pace with the changing risk environment, internally and externally.
3
Reducing the cost of AML compliance
What is needed: The AML solution should be based on a centralized financial ■ A risk-based monitoring and
services industry data model that includes a broad range of product types, channels,
entities and non-monetary events. The alert-generation process should monitor
investigation system is a vital
multiple risk factors with a single pass through the data – even for very large component of an effective and
databases. compliant AML program. Financial
institutions now have a proven
In the process, regulatory risk would be reduced, because the institution would
way to detect and track suspicious
gain a more accurate view of an entity’s behavior across all products, businesses,
channels and risk factors. patterns of behavior relative to
their unique risks, instead of just
one-size-fits-all rules and account
Allocate resources to the most meaningful cases
name lookups.
The constraints: Many AML systems apply the same, limited set of if/then rules to
identify suspicious transactions. With time, compliance officers and regulators often
discover these rules are overly broad or not specific to the institution’s real money
laundering risks. These institution-specific risks are easy to overlook, leaving the
institution exposed to greater regulatory scrutiny and putting compliance staff under
greater pressure.
Just as troubling, the rules-based system can trigger too many false positives and
overwhelm compliance staff with busy work. At the very least, the increased volume
of work items may diminish the credibility and energy of AML monitoring staff and
distract front-line staff from their primary responsibilities.
• Adjust scenarios and risk factors to minimize the incidence of false positives.
4
Reducing the cost of AML compliance
• Identify cases that are significant, rather than chasing all simple alerts.
These capabilities would reduce the cost of AML compliance by making processes
more accurate and efficient.
The constraints: AML is a fast-moving target. Criminals are constantly probing AML
systems to discover new techniques to move their funds. Risks also change as a
bank expands into new markets or adds products and services and as regulators
increase their expectations.
Banks that have implemented first-generation AML solutions often find it difficult to
evolve these systems to keep up with changing requirements. Many banks have
been hit by formal enforcement actions – fines or business restrictions – for AML
program shortfalls. Others have expended significant resources on vendors and
consultants to force-fit new methodologies and techniques into old, static systems.
What is needed: Before being judged insufficient at the next round of regulatory
review, financial institutions need a better way to adapt their scenarios and risk
factors to a changing world.
The AML system should allow easy modification of the data model, rules and reports
to include new data feeds, monitor new risks, meet new regulatory requirements
and present relevant information to auditors, regulators and managers. With
these capabilities, institutions could respond quickly to change without engaging
consultants for significant system upgrades.
The constraints: AML monitoring staff need to justify their review actions to
regulators. But what if the AML system simply flags incidents as high-risk, yet
doesn’t say why? Many AML systems hide their analytic routines and system logic,
making it virtually impossible to explain why an alert was triggered or why one entity
is deemed more risky than another. With a “black box” system, how can compliance
users justify the validity of the system’s methodology to regulators?
5
Reducing the cost of AML compliance
What is needed: The ideal AML solution explains why an event or entity represents
a high risk to the institution, and it displays enough information to the investigator
to support a clear decision process. Compliance analysts could adjust risk weights
based on their experience or feedback from the system. All actions, comments,
reports and documents should be attached to the alert and documented in an
audit trail.
SAS Anti-Money Laundering integrates a number of functions that often live in silos
within an organization, such as:
• Alert management.
6
Reducing the cost of AML compliance
This data model stores detail and summary data related to historical customer
behavior, such as:
Data about alert and investigation processes. The system also maintains a
“Knowledge Center” where scenarios and risk factors are defined, user privileges
and group membership are maintained, and alerts and investigative activities are
documented. All actions, comments, documents and decisions are documented and
retained in the Knowledge Center to support independent audit and review.
7
Reducing the cost of AML compliance
Manage and correlate risks across multiple global subsidiaries from a central
location.
Build related applications, such as enterprise risk and financial crimes systems,
on the same data repository.
Driven by the European Union “Third Directive,” SAS has expanded the due diligence
features in the latest release of the SAS Anti-Money Laundering system.
The system enables institutions to integrate customer risk profiles collected during
the account opening process with their ongoing transaction monitoring system.
Ultimately, the system suggests the customer’s actual risk profile based on a
combination of static risks and behavioral risks. Summary reports are provided
to illustrate metrics on High Risk customers, subsequent alerts and regulatory
submissions.
8
Reducing the cost of AML compliance
The process begins with importing the customer’s money laundering risk score or
customer profile – typically scored as High, Medium or Low.
Once the risk scores have been assigned, customers can be segmented or stratified
based on their specific risk groups. For example, an institution may monitor High Risk
customers more closely for variances in their outgoing wire activity versus a Medium
Risk customer. This illustrates a risk-based approach to monitoring.
Risk analysts can manage lists of risk classifiers that help document whether a
customer’s behavior is similar to the profile that was measured at account opening.
Classifiers include risk attributes of high-risk products, customer types, services and
geographies. For example, SAS pre-populates high-risk attributes such as Foreign
Financial Institutions and Politically Exposed Persons. During the course of due
diligence, the risk analyst can add accounts or customers to various lists, so there is
greater transparency into their risk attributes.
Every month, the system analyzes the presence of risk classifiers for each party and
recalculates the suggested customer risk score. Each classifier carries a unique
weight depending on the severity of the classification. Customers who carry a High
Risk profile, or are recommended for a new High Risk profile, will be automatically
scheduled for a periodic assessment. The system schedules periodic assessments
based upon the institution’s AML policies.
The alert engine accesses the data management component to evaluate all daily
transactions and other information, such as watch lists. It then applies rules and
scenarios derived from financial institutions and regulatory requirements to detect
patterns that could point to money laundering.
Sophisticated risk ranking algorithms determine the likelihood that illicit activity
could be concealed in any combination of scenarios and risk factors. Alerts that
show key risk factors, as determined uniquely for each institution, can then receive
higher priority. False positives can be identified before they consume unnecessary
resources. Companies can fine-tune scenarios, risk factors and business logic based
on feedback provided by the system’s reports.
The robust scenario engine goes beyond simple if/then logic and uses multiple
techniques to identify potential suspicious activity:
• Rules (scenarios and risk factors). Does this transaction or entity match any
business rules or scenarios set forth for this risk classification?
• Peer grouping, clustering and segmentation. Does this entity share attributes
with known or suspected criminal entities?
Tightly define how scenarios are defined and applied. Compliance officers can
configure the parameters for all scenarios, setting thresholds to meet the institution’s
specific needs and actual experience. In addition, each scenario may be further
constrained by any attribute available in the data, such as geography, account type,
customer type or line-of-business, so that the scenario or risk factors only apply to
specific groups of customers or accounts.
10
Reducing the cost of AML compliance
Identify and rank potentially suspicious activity daily. Nightly batch routines run
scenarios and risk factors against the core data, which typically consists of 13
months or more of account, party, household, cash flow, associate and KYC/CIP
information. The system can apply multiple scenarios in a single pass against the
database, monitoring more risks in less time than SQL-based systems that have to
make numerous database scans.
If any of these detection methods identifies activity that could signal money
laundering, the solution generates an alert and ranks its significance based on
which scenario(s) triggered the alert, other risk factors that apply to the same entity,
the likelihood that the alert will result in a regulatory report, and alerts previously
generated for that entity.
Each alert is assigned a ranking both for money laundering risk and terrorist financing
risk. Investigators can then focus their energies on the highest-scored or most
important alerts. ■ When multiple detection techniques
are combined, the system increases
the success rate of detecting
Beyond simple rules and thresholds
criminal activity while reducing
Key methods to detect potentially suspicious activities the number of false-positives. The
system can then rank suspicious
Far beyond simple if/then rules, the SAS solution can:
behaviors based on any number
• Check entities against watch lists such as Office of Foreign Assets Control of factors, including statistically
(OFAC) or other high-risk watch lists from any internal or external source. derived probabilities.
A match to an external watch list, such as an Interpol or World-Check list, could
be factored into the customer’s risk ranking or automatically trigger an alert.
The bank can create and maintain an internal list to track customers they want
to monitor more closely (perhaps the bank generated an investigation on that
customer in the past) or to avoid spending time investigating trusted entities.
11
Reducing the cost of AML compliance
12
Reducing the cost of AML compliance
Know the what and why. The intuitive interface empowers analysts to quickly see
the totality of a customer’s behavior, determine what’s normal for the subject, review
triggering transactions and access CIP and other demographic information. Having
a clear description of why the alert fired with supporting information means analysts
can make decisions more quickly, consistently and efficiently.
• Users can add comments, attach documents, e-mail cases to colleagues, link to
previous alerts or file regulatory reports directly from the investigation interface.
• All case detail is transferred if the case is reassigned or escalated to a higher level
for review.
• The institution can show regulators that every action was governed by established
policies, procedures and controls, thereby reducing the risk of legal action,
penalties or added scrutiny.
During an investigation, all relevant data is captured in the Knowledge Center data
repository. This historical data provides an investigative audit trail and supports
continuous self-learning that makes the solution more effective at predicting
suspicious activity and reducing false positives. Administrators can fine-tune user
permissions to mirror the roles, security policies and processes of the institution.
13
Reducing the cost of AML compliance
14
Reducing the cost of AML compliance
Dramatically cut the cost of regulatory filings. An investigator can create a new
regulatory submission for an alert, save the in-progress form and retrieve it later to
work on it some more. Once the investigation is complete, the completed report
is flagged for filing. This automated function dramatically reduces the cost of these
required reports, which can be as high as $8 to $15 per submission using manual
methods.
15
Reducing the cost of AML compliance
Optimize the AML system. Given the escalating costs of AML compliance and the
current economic climate, financial institutions need to do more with less – mitigate
their most significant risks more efficiently, often with smaller staff. In addition,
regulatory examiners expect institutions to justify their rule parameter settings using
statistical methods.
■ With advanced analytics to mine
For all of these reasons, SAS Anti-Money Laundering includes award-winning SAS historical alert and investigation
analytics that can be used to fine-tune the system. With advanced analytics, you can data, the system can be tuned to
mine past historical alerts and investigations and use that knowledge to set optimum generate more relevant work items
thresholds for any parameter. Policies can then be tuned to generate more relevant
and suppress low-value alerts.
work items and suppress low-value alerts. Compliance departments then focus their
resources on actual risk exposures based on proven experience.
Compliance departments can
optimize their policies based on real
The sample decision tree below was generated with SAS Enterprise Miner™ knowledge – and use staff time even
software to score alerts based on known “good investigations.” In this example, more effectively.
knowledge provided by the application enables an analyst to determine the optimal
threshold for number of wire transactions.
A decision tree created with SAS Enterprise Miner helps fine-tune the AML system to
increase hit rates and reduce false positives.
16
Reducing the cost of AML compliance
• Data extract, transform and load (ETL) processes – Source and target data
structures, data transformation logic, load parameters and refresh cycles.
17
Reducing the cost of AML compliance
Closing thoughts
A number of niche vendors offer basic transaction monitoring systems that generally
offer limited detection abilities and no integrated environment for investigating and
managing alerts. Even with higher-end systems, transparency and scalability can be
issues. AML staff might not be able to drill into the logic and transaction history that
triggered an alert or be able to adapt the methodology as needed.
Financial institutions that chose static, packaged systems based on low initial cost of
ownership may now find themselves having to replace and retool.
SAS Anti-Money Laundering enables more accurate, efficient and adaptable AML
processes while reducing the overall cost of compliance. A unified technology
platform integrates the key capabilities of an end-to-end AML technology solution,
including:
The monitoring process is transparent, and the entire platform is adaptable to each
institution’s unique risk profile. Scenarios and risk factors are driven directly from the
institution’s AML risk assessment and can be easily changed as risks change for the
organization or for the industry as a whole.
18
Reducing the cost of AML compliance
SAS Anti-Money Laundering has proven its value for financial institutions on every
continent, with assets from less than $1 billion to more than $1 trillion, representing
all financial sectors.
Because no two financial institutions have the same AML monitoring needs, SAS
offers the proven methodology via distinct solution offerings:
• SAS Money Laundering Detection provides the same robust SAS methodology
in a solution tailored for small to mid-sized financial institutions.
• SAS Solutions OnDemand give customers in the Americas the option of having
SAS host the AML application as a service.
To find out more about how to mitigate risk while reducing the cost of compliance,
visit us on the Web at www.sas.com.
Scalable – The solution monitors more than 1 billion transactions nightly for one
of our largest customers.
Efficient – Focus resources on the most likely high-risk events rather than
chasing all simple alerts.
19
Reducing the cost of AML compliance
• Can the system adapt to new money laundering risks as they emerge?
• Can the system adapt to new channels, such as mobile banking and
e-payments?
• Will the system be tailored to monitor all risks identified in our risk
assessment?
• Will the system enable us to adequately explain the rationale behind our
decisions to auditors and regulators?
• Does the system learn from prior investigations to generate more relevant
work items?
20
Reducing the cost of AML compliance
About SAS
SAS software delivers business intelligence for more than 3,000 financial institutions
worldwide, including 97 percent of banks in the FORTUNE Global 500®. In fact,
financial services is SAS’ largest industry segment – representing 42 percent of
revenues in 2007.
Only SAS offers leading data integration, intelligence storage, advanced analytics
and traditional business intelligence applications within a comprehensive enterprise
intelligence platform. Since 1976, SAS has been giving customers around the world
THE POWER TO KNOW®.
21
SAS Institute Inc. World Headquarters +1 919 677 8000 To contact your local SAS office, please visit: www.sas.com/offices
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration.
Other brand and product names are trademarks of their respective companies. Copyright © 2008, SAS Institute Inc. All rights reserved. 103744_479096.1208