With real-time transactions gaining popularity and new legalised product markets (such as cannabis) emerging, anti-money-laundering (AML) regulations are getting tougher and more complex.
New payment transaction types allow money launderers to apply smarter schemes. The adoption of peer-to-peer payments via services such as Google Pay, PayPal, Popmoney, Square Cash, Venmo, Xoom and Zelle complicates tracing funds and catching money-laundering activities. Cryptocurrency payments are on the rise, along with related money-laundering activity. This allows money launderers to employ covert new account opening, layering and structuring schemes to facilitate faster and less detectable money laundering.
At the same time regulators are creating more-complex compliance regulations at breakneck speeds. The list of mandates related to AML is getting longer every year. Regulators are responding to and keeping up with an increasing number and sophistication of money-laundering schemes. New AML regulations effective from January 10, 2020, mandate that new kinds of organisations, beyond traditional financial services, must perform AML activities.
Preventing and reporting money-laundering activities is a key issue for financial institutions, insurers, gaming and gambling organisations, utilities and telecoms, especially during periods of economic and budgetary constraints such as the one we are currently experiencing. Forrester expects that, in the next three to four years, firms that enable customers to create an account and store and move money in and out of that account will have to comply with AML regulations in their appropriate jurisdiction:
- Third-party data integration is driving AML deployments: Your decisions are only as good as the data you base them on. More and more firms are using productised vendor integration between their AML solution and third-party watchlists, alongside device ID and IP address reputation hotlists, to deliver better decision support.
- AML and fraud case management are slowly unifying: Firms face pressure to unify AML and fraud case management to reduce the costs of data integration, model development and investigative labour. Since AML and fraud management both use pattern and behavioural anomaly identification, it makes sense to break down their operational silos and establish a unified fraud plus AML strategy (FRAML).
- Handling AML risk-scoring models is getting harder and attracting more scrutiny: Today’s financial institutions have to maintain an agile and explainable process for continually improving their models. Lifecycle of model development has to be explicitly supported by AML solutions from the ground up.
Integrate once, communicate often
Failing to improve a business’ AML regime can expose it to regulatory fines, sanctions and even higher levels of fraud. In today’s complex and online-first environment, where faceless registration and application is the norm, it’s important to coordinate and unify efforts to build on existing data ingestion methods and create new unified methods for as few AML suites as possible. At a minimum, there should be an internal sharing database with tight access controls to disseminate hotlists about known money launderers’ identities.
It’s also important to supply as much alert and case context to investigators on one screen as possible. Solutions are getting much better at being able to customise case management screens to include map information and link analysis, and predictively recommend other cases to look at or to investigate. Having a single-pane-of-glass view of transactions and entities reduces the likelihood of investigators missing important case details.
Find out more about Forrester’s research topics on Fraud Management and Financial Services here.
by Andras Cser, VP and Principal Analyst, Forrester
