Making Compliance Pay. IBA Seminar 22nd October 2005. Ian Larkin. Head of Risk and Compliance LogicaCMG UK. Regulatory Compliance. The harsh reality is: Cost of regulation is huge Implementation, then operation & maintenance £200m for a Tier 1 bank, £1bn in 2005 for B2 across Europe
IBA Seminar22nd October 2005
Head of Risk and Compliance LogicaCMG UK
The harsh reality is:
Regulatory compliance is not just an overhead - it should add value!
Don’t do it because the regulator says so;
do it for business benefit, and comply “en passant”.
Manage high volume of alerts from detection systems
A multi faceted beast…
Prove that the organisation is following the correct processes
Investigate crime holistically across the organisation
Investigation and Case Management
Use case data proactively to protect the organisation
Conduct processes more efficiently and reduce workload
criminals using FIs to make dirty money clean by placement, layering and integration
identity theft, ATM fraud, counterfeit cards, cheque kiting, credit-card fraud, skimming
late trading, market timing, front running parking investments,
theft of cheques, misappropriation of funds, removing money from customer accounts
financial crimeFinancial crime is more than AML
Take a Proactive Holistic Approach
to fight the Growing Threat of Financial Crime
With a unified, holistic approach, financial institutions benefit from:
Combining Crime Areas Directly Impacts Your Bottom Line
Know Your Customer By Name
Know Your Customer’s Business
Watch List Filtering
Customer Due Diligence
Good news: Simple to implement, simple to understand, does not require historical data
Bad news: Can not detect unknown activity, may miss high risk or ML activity if too narrowly written, or if written too broadly, will increase number of false positives
Only Known Scenarios Can Be DetectedLeaving New Schemes to Go Unnoticed
Profiles of entities are dynamically created based on account activity over time. Used to detect deviations from historical or peer group behaviour. Simpler systems profile only on summarised and discrete account data,e.g. end of day balance. More advanced systems create a statistical fingerprint of multiple account data. The speed of adapting the profile may be linked to the look back period. A shorter look back would result in the profile adapting quicker.
Some systems differentiate between Profiles and Outlier Detection. Profiles relate to a customer’s normal behaviour.
Outlier Detection relates to activity against Peer Group. Anticipatory profiles require information about how the
customer is expected to behave, e.g. max withdrawals, average assets etc.
Finds entities that are linked by common transactions,either directly or at a distance. Can also find entities that appear unrelated but have matching account details. In some systems, link analysis will be used to trigger alerts. In others, link analysis can only be used to investigate an entity that is already alerted. Individuals in terrorist cells often have common addresses, KYC id, phone numbers etc.
Used for complex, time-dependent problems and when data is received in a series over time.
A network of nodes that are organised into layers. The input layer reads values of data attributes and the output layer identifies the class of risk and risk score. After the network has been trained with defined input data and expected results it can be used to classify new inputs into predefined classes. The drawbacks are lack of transparency into why decisions were made and the need to retrain the network as business and risks change.
A Combined / Hybrid
A combined approach that includes filtering, profiling, rules and link analysis will deliver the best results, with the fewest false positives, and greatest chance of finding fraudsters and money launderers
A Combined Approach Delivers the Greatest Detection Accuracy and Results
Integrated & Comprehensive Framework
Risk Measurement, Reporting and Control
Ian N. Larkin
Head of Risk & Compliance
direct +44 (0)20 7446 5150
mobile +44 (0)7802 462 067
66 Countries, in 2 years. On Time! On Budget!
Multi - Jurisdiction
Multi – Business Unit
Multiple Data Sources
Region Specific Monitoring, with Transparency for the Regulator
Rapid Time to Market
A New Country in 2 Months,
½ Day User Training
Centralised Processing, Flexible Routing
Each hub acts independently against a set of standards published by Head Office.
Hub Installation, 5 Countries at a time.
Leverage Resources, Share know how
Singapore Surveillance Team (Wholesale & Retail)
European Surveillance Team (Wholesale and Retail)
LatAm Surveillance Team (Retail Only)
Client Hub Locations
LogicaCMG has taken reasonable care to ensure that the information contained herein is correct at the time of publication. Before using or relying on any content in this presentation, independent verification should be obtained. LogicaCMG accepts no liability nor responsibility for any use of or reliance upon the content of this document.