Economic crime is clearly an important issue for governments, regulators, banks and companies. This interesting article by Adam Ibrahim, Benjamin Fellows and Zoe Jensen from DLA Piper looks at three recent cases and provides guidance on the implications of them - ending with four useful points for guidance.
In respect of transaction monitoring, there are a number of key areas that need to be appropriately considered to enable this to be undertaken efficiently and effectively. These include not only a practical and regulatory assessment of potential suspicious transactions but also the data that is included within the process, how that data is processed and the rules that are applied to it in order to generate potentially suspicious transactions.
In respect of the first of these, the data included, it is arguably the most important factor to get right, because if the right data is not used then any subsequent analysis and findings can be flawed. This means not only pulling the data from the right systems, rarely is a single system sufficient, but also ensuring the completeness, accuracy and integrity of the data.
How that data is then processed is also key. This can also often include data normalisation and amalgamation of data from different systems to ensure a complete data picture is utilised. To be able to effectively assess transactions they cannot be looked at in isolation, but the flows around them and information around the relevant parties also needs to be taken into consideration.
Finally, the rules that are run across the data also need to be clearly defined, this includes making sure that they are fit for purpose, operate as they were designed and the results are accurately presented. There are a vast amount of different rules that can be applied, some based on single transactions, some based on relationships between transactions and some based on the overall activity of an entity rather than the specifics of the transaction in isolation.
In addition to all of the above, artificial intelligence and machine learning algorithms are also starting to be used more widely in this field - helping to identify transactions and patterns of transactions that would not normally be identified as being potentially suspicious. These technologies can be very powerful but need to be implemented in a considered and documented fashion to ensure that they achieve the necessary goals and can pass regulatory scrutiny.
Although obviously not the only relevant component of transaction monitoring, data and technology are key elements of the process and without addressing them correctly, whatever follows will not be effective.
helpful and practical guidance on what banks should do to manage...suspicious transactions. Ensure transactions are properly monitored, in a way that will enable the detection of suspicious transactions. Where suspicions of fraud are triggered, these should be escalated and the transaction suspended until the bank has made reasonable enquiries to satisfy itself that the payment instructions are properly made (for suspicions of money laundering the requirements in the Proceeds of Crime Act 2000 should be followed). A record should be kept of how and why the instruction was investigated and resolved; demonstrating the reasonable steps taken by the bank to guard against the facilitation of fraud. If a bank intends to expressly exclude the Quincecare duty from a banking relationship, it will need to include very clear wording in the contracts governing that relationship (probably in a specifically labelled clause).