Transaction monitoring (TM) tools have lulled many large banks into a false sense of security, according to anti-money laundering specialists, Datanomic Ltd.
This is not because they are failing to alert banks to irregular or suspicious activity, but because TM tools only ever make these alerts when a transaction is made - and only then if an alert is actually triggered.
Datanomic claims that this means terrorists, criminals and fraudsters are currently lying dormant inside many of the world’s major banks today because they have not yet been caught doing something suspicious.
Money laundering and the heavy penalties it imposes, is a growing, sophisticated threat.
Datannomic warns that taking such a reactive approach to a proactive, spiralling problem is addressing the issue far too late in the process.
Banks should not wait until a transaction takes place before they are alerted to unethical activities or individuals.
They should be regularly and systematically screening their entire client base to avoid any association with such individuals in the first place.
Tool never once identified a terrorist
The firm calls it worrying that sophisticated criminals and terror cells have woken up to what triggers a transaction monitoring alert inside a bank’s system and have adapted their behaviour accordingly.
The foiled Heathrow terror plot was funded for less than £100,000, and every single transaction looked normal, and therefore went undetected by the TM systems of the banks involved.
“The fact is that a TM tool has never once identified a terrorist,” said Dr Jonathan Pell, CEO of Datanomic Ltd.
He explains that this is because TM tools were never designed to fulfil the obligation of systematically screening a bank’s entire customer base. They were simply designed to alert behaviour that is out of the ordinary.
Lawsuit against Lloyds TSB
Relying entirely on transaction monitoring tools for compliance with AML legislation equates to waiting to catch criminals in the act of doing something wrong, before admitting to their existence.
“Transaction monitoring is reactive. It waits for a transaction. Automated client screening is proactive. It takes proactive steps to guard against unknowingly dealing with such individuals much earlier in the event chain,” Pell added.
In October 2007, US prosecutors filed a $130 million (£64 million) lawsuit against Lloyds TSB for knowingly helping to launder the proceeds from a large scale securities fraud.
Lloyds TSB had been using transaction monitoring but not automated client screening.
Likewise, in 2007 the Serious Fraud Office launched an investigation into Investec over an arms scandal. Investec was using transaction monitoring but not a client screening.
Yesterday's answers to today's threats
Pell warned that the world has fundamentally changed since TM tools were first introduced and installed, which is why legislation has changed along with it.
“If your organisation is simply relying on transaction monitoring tools for anti-money laundering, then you’re applying yesterday’s answers to today’s threats. More worryingly, you have a serious hole in your risk mitigation strategy,” he concluded.
Datanomic has screened close to one billion customer records to date, and found that in some instances the identity of an individual was an exact match to a terrorist or criminal – with no alias or false identity being used at all.
The company has outlined five golden rules for anti money laundering for banks and financial institutions.
- Don’t rely on TM tools for anti-money laundering. Simply waiting to be alerted to suspicious behaviour is burying your head in the sand.
- Don’t just rely on Bank of England and OFAC lists. Supplement them with comprehensive third party Sanctions and PEP lists.
- Just because you have a sanctions list, does not necessarily mean it is being used in the right way. Only checking against sanctions lists when a transaction takes place is a waste of the intelligence at your fingertips.
- Systematically screen your entire client base, not just your transactions.
- Ensure your risk mitigation strategy is aligned with your business operations. Criminals, terrorists and fraudsters have become increasingly sophisticated. Make sure you keep ahead of the game with equally sophisticated client screening tools.
- Enron-scale scandal could happen here
- Revenue & Customs stop crime syndicate
- Financial fraud doubles in three years
- Sentencing in £20 million fraud case
- Text analysis may help detect finance fraud
- Boards careless about IT governance
- How can we prevent the next SocGen scandal?
- Banks concerned over staff breaches
- Do you know who you are employing?