Adopting a holistic approach to combating crime would provide financial institutions with a single view of customer risk profile.
Instances of financial crime are becoming increasingly frequent. Over 75 cyber-attacks were reported to the Financial Conduct Authority (FCA) in the UK in 2016 compared to just five reports in 2014. The challenges of managing and combatting all facets of financial crime are becoming more and more difficult.
Today, Fraud Prevention, Compliance and Cyber are managed in silos within most Financial Institutions (FIs). The detection and mitigation of financial crime needs to be more collaborative and faster. Adopting a holistic approach would provide FIs with a single view of customer risk profile by using all the available information.
Cyber crime and financial crime speak the same language
The modern criminal realises that emerging technology is providing new channels to hone his craft. As a result, FIs are becoming ever more exposed, whilst organised criminals deploy increasingly sophisticated techniques to target the vulnerabilities that are opening up as customers perform multiple transactions across multiple channels. Additionally, FIs are facing a sizable compliance challenge as regulations tighten and both customers and investors expect more transparency of their financial affairs.
The management silo problem FIs commonly have separates departments responsible for fraud, compliance and cyber resulting in each department being tasked and managed individually from one another, reporting into different executives and sitting under different department heads. Convergence of the three departments and their systems - in order to share IP and expertise - has been encouraged by regulators, yet for FIs it has remained a challenge to move to this new operating model, whilst continuing to manage the challenges of each discipline and their own business goals. Some FIs have made efforts to break down the barriers between departments, however, there is still much more that needs to be done.
Establishing a Financial Crime Ecosystem
There is no one size fits all solution, but in order to establish a robust financial crime prevention ecosystem, FIs might begin by considering the following steps:
- Share risk data – sharing information across compliance, fraud and cyber such as a security breach, a filed Suspicious Activity Report (SAR) on an entity, or insight about an account that was closed for fraud will improve controls within monitoring systems
- Build a standard operating model – creating common methodologies and processes will enable consistent analysis across all risk silos in order to identify the true scale of the impact of an attack and an appropriate response
- Establish an information hub – providing a holistic view of investigations and action plans within an enterprise-level case management system will facilitate internal and external requests for information
A considered approach
With guidance being issued by the global regulatory community, there is a clear shift in the Financial Crime Ecosystem to be better prepared to review and report on all aspects of the movement of suspicious activity. There are no regulations in place to enforce this way of working yet, but regulators have provided recommendations for FIs to consolidate information into a single, comprehensive regulatory report. In the spirit of adopting a holistic approach, it’s best to get ready now and start to consider what the best practices would be for a risked based approach across all facets of financial crime. With one common goal, in protecting the exploitation of our financial system, we must look to innovate, integrate and motivate in response to the speed and adaptiveness of the modern criminal.