Six years after the PATRIOT Act was passed, implementing and maintaining a program to detect, investigate and report suspicious activity remains the financial service industry's most pressing challenge.
The best suspicious activity detection and investigation programs have six vital components that when implemented properly will ensure avoidance of the most fatal AML compliance error - failure to file SARs.
1. Establish Clear Standards of Investigation and Write Them Down
Suspicious activity reporting compliance depends upon establishing clearly defined standards that mirror those presented in the 2003 FinCEN publication: "Guidance on Preparing a Complete & Sufficient Suspicious Activity Report Narrative." If your institution's investigations do not follow this guidance exactly, then make it priority number one.
Standards take life in written procedures that describe in detail not only what a Financial Intelligence Unit (FIU) does but how the FIU does it.
2. Implementation of distinct monitoring, investigation and quality control processes
FIUs work best when there is a distinction and division of responsibilities between three core functions: monitoring, investigations, and quality control.
Transaction monitoring is designed to identify transactions that are potentially suspicious and close those that are not. Monitoring software produces countless alerts, the vast majority of which never turn into SARs. While most of the alerts are "cleared" or "false positives", among those hundreds or thousands of alerts are matters that need to end up as a SAR.
This is where the importance of a distinct monitoring process comes in - to cull out those alerts that are not worthy of an investigation and properly document the reasons why in a few well written paragraphs that explain the reasons for the decision along with a description of the supporting evidence. Simply stating, "transaction activity consistent with customer" is not a properly resolved alert.
3. The Right People
Among the most significant challenges facing the financial services industry is finding, hiring and retaining skilled and experienced AML analysts, investigators and managers. Institutions that did not build FIUs back in 2003 and 2004 find themselves scrambling to hire talent and often fail to find qualified people in the market. The challenge for small and mid-size banks is even greater since the salaries for experienced AML investigators have soared, in many cases, to well above $100,000 a year.
4. Establish Defined Work Flow
Success of a suspicious activity reporting program hinges on implementing defined work flow. Work flow is defined as a repeatable process carried out by people with specific roles and responsibilities. These people tend to have job titles like "monitoring analyst", "investigator", or "quality control reviewer." The work flow produces decisions (file a SAR or not) and produces documented analysis and investigation case files. The work flow is not subject to the unique style or skills of any one individual, but rather is something that can be executed by any well trained AML professional over and over again. This brings consistency to how matters are resolved, a requirement for any program that wants to be considered compliant.
5. Tuning Transaction Monitoring Software
Making sense of the vast number of alerts generated from transaction monitoring software is a burden for too many banks. Any bank that has spent the time and money needed to implement these systems knows that there is no "out of the box" solution. The scenarios, rules or logic supposedly used to detect potentially suspicious activity casts far too wide a net and often leaves users with unmanageable work loads of so many alerts with little or no meaning that the level of frustration among staff and management is hard to describe.
To combat this it is necessary that these systems be regularly "tuned." By this we mean rules, scenarios, and thresholds should be regularly reviewed to determine if they are providing valuable alerts that turn into SARs.
6. Management Information Reporting
An FIU's success depends upon its ability to track and report key data and information
Those who manage FIU and AML programs need regular and reliable management information reports to know whether operations are effective. For institutions that do not have adequate case management systems, reliable reporting can be a serious challenge.
Key FIU reports should include:
· Case aging reports
· Number of open Investigations (by date, by assigned investigator, by source, by type)
· Number of closed Investigations (by date, by assigned investigator, by source, by type, by SAR/No SAR)
· Open Alerts (by type, by assigned analyst, by source, by type)
· Closed Alerts (by type, by assigned analyst, by source, by type, by decision - close or refer to investigation)
· Investigator and Analyst productivity
· "Life-Cycle" reports that show how long it took an alert to work its way to conclusion
· Quality Control reports that show how many and how often investigations are rejected for errors in decisions; errors in documentation; or, technical errors
Suspicious activity reporting programs are not easy to build and maintain and seem to be in a perpetual state of backlog. While this is likely a reality for some years to come, a proven method for protecting against AML compliance failure is to follow these six steps.
