By Samantha Sheen, AML Director Europe, ACAMS
20 June 2017

Introduction

At every ACAMS Conference it’s customary for panellists to list out their top three or four takeaways from the session as a whole. This year I’ve adopted that approach across the conference, and have identified my “Top 5” takeaways for the entire event.

  1. Times, they are a changing
    • Whether it’s regulatory requirements, screening tool algorithms or new technologies, practically every session identified the opportunities presented by change to step back and re-assess our anti-financial crime (AFC) programs.
    • The interplay between Data Protection and AML requirements require organisations to consider this:
      • When we perform CDD, do we really need all this information?
      • Why are we holding onto it – if it’s not used in the client assessment process?
    • And during the CDD session panellists asked: How can we rebalance our AFC programmes to devote more energy to the analysis and decision-making phase of on-boarding instead being so focused on the information collection phase?
  2. Disruption of money flows requires better information and collaboration
    • Whether it was proliferation financing, sanctions circumvention, or wildlife trafficking – panellists emphasised the crucial role financial institutions can play in disrupting the flows of illicit proceeds. But they also acknowledged that these forms or criminal activity are complex.
    • In the trafficking session we heard that products, like turtles and ivory, are now worth more than gold. And we learnt about horizontally integrated trafficking – where loosely connected but unrelated groups in separate geographical areas ‘protect’ the illegal activities.
    • The benefits of sharing information between financial sector, law enforcement and NGOs, are great. Identifying trafficking kingpins through their real estate and luxury good purchases could help bring entire trafficking networks down. We also heard about the fine art sector’s collaborative efforts to address trafficking through self-regulation.
  3. The role and knowledge-base of AFC professionals will need to evolve
    • The time of being a specialist in one sub-area of financial crime (i.e. money laundering or bribery and corruption) could be coming to an end.
    • To be (or remain) an effective and influential AFC professional, a broadening of AFC knowledge and the development of diverse skills like change leadership are needed.
    • Creating a sense of urgency and looking for small wins to maintain motivation will be important to ensure changes required by new AFC regulatory initiatives can be implemented.
    • Once the domain of privacy professionals alone, both the 4AMLD and the proposed amendments to it (“5AMLD”) contain references to data protection and privacy. AFC professionals will need to be familiar with these requirements and how they interplay with their current AFC programmes, while ensuring they’ve been trained on both GDPR requirements and their own organisation’s policies on data protection and privacy.
    • Screening tools and other RegTech tools will also become a part of the AFC professional’s working lexicon. This applies not only to those reviewing the results generated by these tools, but also to the 2nd and 3rd lines of defence.
    • AFC professionals will increasingly all need a working knowledge of how technology works, the controls used to mitigate AFC risks and in the case of screening tool scenarios, whether the scenarios used identify the risks they are designed to.
  4. Data, data… but not just any old data
    • Data Quality – is not just a recognised concept under data protection principles, but also a bug bear for many AFC professionals, particularly the quality of information collected for customer CDD onboarding requirements and ongoing reviews.
    • One session noted that large amounts of money are spent by institutions to collect “bad data”. Participants were asked to consider for their data:
      • Why are we collecting this?
      • What are we doing with it?
      • Is what we rely on accurate?
      • Do we really need to keep all of this?
      • How is this being used to help the organisation mitigate its financial crime risks?
    • Organisations also need to consider what data should be used to compile their business risk assessment. A number of sessions discussed the categories these will cover.
    • It will no longer be sufficient to limit business risk assessments to traditional categories like product/services, customer, geography and channel of delivery. Proliferation financing, sanctions, data protection and privacy along with risks relating to tax evasion, will all need to be included to form a complete understanding of the financial crime risks organisations are exposed to.
  5. Nimbleness and agility is the key to survival in the future
    • There was overall agreement that AFC compliance programs can no longer be considered static.
    • The ongoing ever-changing nature of financial crime, the rapidness of technological developments and the ever-increasing regulatory complexity requires that we treat AFC compliance as an iterative activity.
    • As one panelist noted, treating channels of delivery which are “non-face-to-face” as automatically higher risk was an “analogue” approach to mitigating AFC risks.
    • Often regulatory developments and international standard & guidance issuers seem to be playing a game of “catch-up” on the realities of the business environment in which AFC compliance operates.
    • A number of sessions observed that the key to accelerating the evolution of AFC compliance practices would be greater transparency and dialogue between financial institutions, RegTech and FinTech providers, enforcement bodies and regulators about the “real” business situation and what that means for AFC compliance programs.

Final comment from me is to say thanks again to all of our panellists and attendees. It was a very full two-day programme (three for those who attended pre-conference workshops), and the level of engagement and interaction was fantastic. If you haven’t seen the results of polls that we ran throughout the conference, head to www.acamsconferences.org/europe for the link.

I hope to see you all at next year’s conference.