In a joint event organised by Napier and Mastercard in Singapore, fincrime experts and compliance specialists throughout the region came together at an event entitled “The Truth About FRAML”, to discuss how fraud and AML teams can be integrated to improve detection rates and drive efficiencies.
The discussion focused on the preoccupations of professionals in the fraud, AML and compliance space. The topics covered were wide ranging. Here’s our handy summary:
The current compliance landscape
The digital revolution and the COVID-19 pandemic have accelerated the movement of money, making it easier and faster to transfer funds. The faster the money moves, the harder it is to recover. The switch to fast and frictionless transactions in today’s instant payment systems has made it more difficult to detect and arrest illicit financial activities.
No entity is immune to financial fraud. In the absence of adequate safeguards, multinational corporations and private individuals are equally vulnerable. With technology continually progressing, and consumer behaviour evolving by the day, criminals are finding innovative ways to circumvent controls. That’s why there is a drive, both by industry players and regulators, to stay abreast of evolving fraud risks and countering technologies. It's more important than ever to be vigilant and proactive in keeping dirty money out of the system.
When combating emerging crime typologies, establishing a strong foundation for compliance is essential. This allows for the integration of new detection methods as they come on-stream, and ensures flexibility and adaptability without having to rebuild a system from scratch whenever there’s a new risk assessment need.
With the rise of new payment rails, such as account-to-account payments and inter-operable e-payment platforms, there is growing concern among various regulators and law enforcement agencies about how best to manage fraud, protect consumers and address money laundering risks. In some jurisdictions regulators can have a knee-jerk reaction to data breaches, fraud attacks and cyber-attacks. In Asia Pacific, the Singapore police have cracked down hard on financial crime. The level of collaboration with law enforcement agencies depends both on a country's political climate and its agenda for developing national payment infrastructures.
Merging fraud and AML - the need for a better integrated system
Practitioners in the industry agree that there are differences between how fraud and AML teams operate. For instance, some compliance professionals view fraud prevention as an internal issue, and AML as a regulatory obligation. Others see fraud as a pre-transaction or real time activity, while AML activities happen post transaction. The skillsets and policies and procedures needed within fraud and AML teams are usually different.
However, there are organisations that have achieved some degree of integration between fraud and AML teams. This has enabled them to detect fraud and money laundering cases more effectively and efficiently. The road to achieving such integration is not without its challenges, as there are process, people and technological issues to overcome. The key is to find the right synergies, understand risk appetites, and factor in the impact of this integration on the wider team.
Bringing fraud and AML teams under the same vertical can yield cost savings and advantages. For instance, a fraud at Bank A could become an AML issue for Bank B, and having FRAML functions attuned to both fraud and AML can help banks identify such linkages within the bank itself quickly. In addition, from a data angle, one slice of data might not be conclusive in a fraud or AML investigation. Combining different data sources can help better identify potential risks and patterns. By sharing data on fraud, Know Your Customer (KYC), Enhanced Due Diligence (EDD), and client behaviour, teams can gain a more holistic view of transactions. This facilitates speedy intervention, which in turn aids quicker asset recovery.
Looking beyond cost savings, combining fraud and AML functions is not an easy task. Both functions are organised differently today because each is very specialised. Externally, regulators take a different approach on how banks should respond to or treat fraud and money laundering. Internally, a case or transaction pattern that may be second nature for AML officers to detect may not be so natural to a person used to fraud investigations, and vice versa. Some organisations able to make the necessary changes in approach have been able to achieve some degree of integration, although this often takes years to achieve. An integrated FRAML approach demands a complete mindset change.
For those compliance functions considering integration, it’s crucial to demonstrate to senior management that having a ‘one team’ approach can improve results. With adequate training, this approach can also help eliminate the personal and team politics that may sometimes inhibit effectiveness when teams are working in silos.
The amalgamation of fraud and AML requires a robust data model to support both fraud and money laundering requirements, which have distinct requirements. Designing such data models would need careful balancing of trade-offs, such as those between security, usability and flexibility. There are also legacy fraud and AML systems to deal with.
In addition, the financial sectors today are designed as walled gardens, partly in response to compliance requirements. FRAML integration would require data sharing, and potentially using data points for different purposes than those for which they were collected.
In a perfect world, fraud and money laundering wouldn’t exist, and data integration would not be required; and in a world with no privacy laws or requirements, data sharing would not be a concern. But these scenarios aren’t practical or realistic.
From a technology perspective, trade-offs have to be made when data must be shared to break down data silos or work between walled gardens; for example, when allowing the sharing of personal data used for fraud and money laundering investigations. When you get the right mixture of data, the benefits of sharing likely outweigh the cost in overcoming the people, process and regulatory issues involved. Identifying suspicious activity, then, is just like putting the pieces of a puzzle together - the information already exists, but it’s often disjointed. There are FRAML solutions today that do just that - targeting both fraud and money laundering use-cases by breaking down data silos to facilitate data sharing. The only difference between these solutions and existing specialised fraud and AML products are the rules, data models and content. For example, payment systems blending fraud and AML helps organisations achieve a more holistic view of transactions.
Regtech solutions: Build v/s Buy
The decision to build or buy regulatory systems in financial institutions depends on various factors. Self-developed systems are attractive because they are built on the deep knowledge baked into the business. They can also provide process standardisation and allow for customisation to local conditions in new jurisdictions as the company grows.
On the other hand, using vendor partnerships for regulatory systems may offer a more agile response, and one that improves through feedback. For financial institutions operating internationally, there are added complexities, such as varying income levels and cultural differences to consider. Global vendors may be better equipped to handle these challenges, making them a more practical choice for such institutions.
Ultimately, the end goal remains the same – an organisation must take a risk-based approach to identifying and treating risks. Whatever the approach taken, whether through separate fraud or AML teams or a unified FRAML function, it must be clear about the types of fraud and money laundering risks it is facing and how best to manage those risks.
The convergence of fraud and AML functions under a unified FRAML umbrella is not just a technological upgrade, but a cultural shift towards collaboration and information sharing. By combining the strengths of each team, organisations can create a more robust system that is better equipped to detect, prevent and mitigate financial crime.
There’s still a lot of work to be done in this area. There is no silver bullet or regulatory body that dictates if and how FRAML integration should take place. The industry is driving the FRAML trend on its own by collaboration, and by openly sharing its concerns and ideas at forums such as this one, organised by Napier and Mastercard. Through these frank and honest exchanges of ideas, the industry can improve, proactively engage regulators through public-private partnerships, and test out FRAML approaches, for example with incentives such as tax refunds, grants and regulatory sandboxes.
To that end, we look forward to more industry initiatives to push the boundaries in this space in future.
Improve your compliance processes with an award-winning solution
Beyond this event, if you are interested in finding out about Napier and seeing how our intelligent platform can help your organisation transform its compliance, get in touch with us or request a demo.