Our Chief Strategy Officer, Luca Primerano, had the pleasure of joining an expert panel at the Financial Crime & Sanctions Forum Nordics 2021 on effective risk management.
The event was hosted by Informa Connect, and the forum panel comprised:
- Mark Bulter, Compliance Chief Officer, Nordic Investment Bank (NIB)
- Pekka Vasars, Head of Anti Money Laundering Division, Finnish Financial Supervision Authority (FIN-FSA)
- Vilius Pečkaitis, Head of AML Compliance and Risk, Phoenix Payments
- Luca Primerano, Chief Strategy Officer, Napier
- Mia Falk (moderator), Head of Corporate Crime & Compliance, Vinge
If you missed the event; we’ve summarised a selection of some of the excellent recommendations made by the panel for identifying and managing money laundering risks.
1. Start with a formal risk assessment
It’s important to start by understanding your vulnerabilities and the risk of your organisation being used for money laundering purposes. Ask questions like:
- How could your products be misused for the purposes of money laundering?
- How do your customers usually behave?
- What does ‘good’ behaviour look like in terms of customer activity?
- How well do you know your customers and how much have they changed since you onboarded them?
Traditional approaches focusing on KYC risk or transaction monitoring risk in isolation are not as effective as they used to be, as criminals have learned to leverage the lack of controls at the boundaries between the two. They will therefore not help you to accurately manage and mitigate risk.
Crucially, purchasing generic risk assessment templates online is not enough – they will not help you to accurately identify and understand the unique risks your organisation faces. In any organisation, there are multiple shades of risk to consider, such a regulatory risk, compliance risk, transaction monitoring risk, sanctions risk, KYC risk and geographical risk.
2. Regularly refresh risk assessments (keep your customer risk assessment up to date)
Scheduled risk assessments are often not adequate nor flexible enough to properly identify risks. Flexibility is important because thorough risk assessments need to be completed as soon as unusual behaviours are detected which increase risk for your organisation, as they must be kept current and correct. This means that risk assessment refreshes are triggered by unusual events, whenever they may occur, even multiple times a day if required.
3. Consider perpetual KYC
Adopting a holistic and current view of client risk is critical to manage your compliance risk. Customers’ risk should not only be assessed at onboarding and refreshed on a fixed scheduled, on the contrary they should be continuously monitored throughout the lifecycle of your relationship with that customer.
Multiple processes are required to process customer data collected at onboarding and compare it with data extracted from regular activities such as transactions, payments, or bank transfers. Analytical applications become essential when you want to combine multiple datasets and identify anomalies, as they can help detect risks and support your decision-making workflow.
Finally, a holistic approach not only reduces risk but also improves your teams’ efficiency by consolidating all the required information about a customer, highlighting anomalies using machine learning, and simplifying workflows by recommending the best course of action. Implementing this type of solution improves consistency in your team and ensures similar risks are managed in the same way going forward.
4. Define risk metrics and use machine learning
Identifying and using risk metrics is also important for assessing how the customer is behaving and for comparing activities over multiple periods of time. They should be used to highlight if there is a deviation in behaviour as soon as this occurs.
If you measure how a customer is behaving, using the right leading and lagging indicators, you can then feed such data to unsupervised and supervised machine learning models and effectively gain an additional pair of eyes with which to spot developing risks.
these models can identify anomalies and help analysts to a better job at continually assessing customer risk.