AML/CFT compliance & RegTech
RegTech is recognised as the use of technology to reduce the time and costs for meeting compliance obligations with legislative requirements. RegTech includes automation and enhancement of manual processes, reducing human resourcing commitments, and as such is strongly influencing discussion between Anti-Money Laundering Compliance Officers (AMLCO), associated regulatory bodies and IT companies. AML RegTech provides the opportunity for businesses to enhance customer experience and lessen the burden placed on scarce human resourcing elements. This is typically achieved through the adoption of simple and effective IT governance, risk and compliance platforms.
As AMLCO’s express, no longer is adherence to AML/CFT regulation simply a ‘quickly adopt and soon forget’ type process. Regulatory compliance, especially relating to AML/CFT, is attracting a heightened level of attention, not solely from regulators in individual countries but also through public facing prosecutions and regulatory enforcement actions. This is in addition to the crimes which generate the illicit funds or the activities that are sponsored through terrorism financing.
What RegTech seeks to achieve is a solution that speeds up the adoption of regulation, driven by inclusivity, wide spread adherence and industry enhanced innovation. This means addressing the problems by evolving the approach that coincides with regulatory demands and oversight obligations. It further provides and directly supports a process through which constant Know Your Customer (KYC) regulatory obligations can be maintained.
Managing operational risk – considered a real time focus for many reporting entities – is also assisted by the adoption of RegTech solutions. Automation linked to work flows can allow businesses to consistently operate to business policy requirements. What risks must be addressed immediately and what risks can be managed overtime can be better understood once an adequate business risk assessment is undertaken. The assessment should have capability of highlighting areas of greater risk, including compounding risk. Only once risk is understood can a business then address the balance between needing to adopt RegTech solutions vs. the actual risk. A further equation is the value of human resourcing and efficiency against cost of a RegTech solution. It should be kept in mind that a RegTech solution can analyse group data holistically or drill down to individual branches, or both. RegTech does not necessarily mean work is more difficult when 20 business branches require monitoring. RegTech can operate just as efficiently and quickly managing 20 business branches as it can managing one. RegTech can therefore deliver consistency across reporting entities – not only from a reporting entities perspective but also in terms of the regulators guidance material which can be linked back to specific RegTech findings.
Critically, a reporting entity through the adoption of a RegTech solution can quickly commence reporting on issues that matter the most. Reporting can be at a granular level through to complex analysis and reporting. When filters can be turned on and turned off, or turned on in conjunction with other filters, RegTech provides flexibility across rules that are managed manually and perhaps not being kept up to date. Granular data then, through the support of Artificial Intelligence (AI), assists in delivering a status and up to date representation of the matters being monitored.
RegTech is further feeding into the space of Supervisory Technology (SupTech). SupTech can be used to support the development of automation in the process of collating, analysing and reporting data. Analysis of complex data can now also take place immediately, making it easier to define findings and make determinations. In the AML/CFT space this would directly support national and sector risk assessments, as well as provide a reliable industry feed for supervisory guidance across individual or group reporting sectors.
Capturing information that is automated and from reliable sources enables regulatory authorities to consistently receive only the data they have a need for. Eliminating hard copy data such as paper, has additional benefits such as the ability for groups of people to be view the most up-to-date information, simultaneously, regardless of their geographic location. There are also less chances for data manipulation or an unintentional oversight occurring.
Research reports are expecting the demand for AML/CFT RegTech to continue to climb over the next 1-10 years. With the increasing number of regulatory fines, as well as prosecution cases, this will also likely result in a refocus of ‘getting it right’. As businesses are finding, the damage caused through inappropriate or absent AML/CFT compliance is not solely the financial costs (if any) but equally the reputational harm.
The interest in RegTech is also growing amongst government bodies responsible for supervision such as conduct of the financial markets and anti-money laundering. The United Kingdom, Singapore and Australia have each established a strong presence in the FinTech and RegTech industries. Their focus will now, if not already, start to turn towards SupTech where automated systems can work 24/7 collating, analysing and reporting data.
Dr Nicholas Gilmour is an Executive Consultant at AML360 and frequent author on various topics relating to AML/CFT compliance – including the development of RegTech and SupTech solutions. Having worked with businesses around the world, Nicholas is passionate about strengthening AML/CFT controls to increase safety and wellbeing for all. In March 2019, he moderated discussions at the 2019 Central Banking FinTech and RegTech Global Supervisory Summit.