The next wave of billion dollar fines is underway
as authorities are coming to the banks, already
armed with evidence of KYC, AML and CFT
systemic failings due to the way international
money transfers flow through correspondent
banks. This growing evidence shows how
money launderers’ businesses are successfully
laundering over a trillion dollars a year by
circumventing the controls of banks across the
world.
2. Anomaly42.com2
Overview
Banks Race to Defend from further Reputational Damage
page 3
Reputational and Balance Sheet Damage
page 4
Systemic Failings in the First Line of Defence
page 6
Unknown Risks Worry Non-Executives
page 7
AML CFT: The Next Wave of Billion Dollar Fines
page 8
Siloed Organisations, Siloed Data Threatens Everything
page 10
Rethink Data, Rethink Client
page 11
Holistic Data, Smart Decisions
page 12
Living KYC EDD
page 14
The Economics of Enhanced Due Diligence
page 13
Conclusion
page 16
Benefits of Living KYC EDD
page 15
3. Anomaly42.com3
Banks Race to Defend from further
Reputational Damage
The next wave of billion dollar fines is underway
as authorities are coming to the banks, already
armed with evidence of KYCi
, AMLii
and CFTiii
systemic failings due to the way international
money transfers flow through correspondent
banks. This growing evidence shows how
money launderers’ businesses are successfully
laundering over a trillion dollars a year by
circumventing the controls of banks across the
world.
4. Anomaly42.com4
Eric H. Holder, Jr., [the Attorney General of the
United Statesiv
] , is leading the fight against deep
rooted corruption within the banks. We are now
at a watershed as $43bn of fines were given to
just 3 banks in an 18 month period:
Reputational and Balance Sheet
Damage
Eric H. Holder, Jr. Benjamin M. Lawsky
This means the best of class practices deployed
by leading banks is no longer good enough.
Holder is joined by Benjamin M. Lawsky [who is
the first Superintendent of the New York State
Department of Financial Services (NYSDFS),]
which as the regulator works closely with the US
Department of Justice (DoJ).
These two crusaders continue to send shock
waves through the world of financial services.
They are actively focused on using billion dollar
fines and criminal charges to remove ‘bad’
individual bankers from playing any further roles
within large financial institutions.
On the 19th May 2014, a guilty plea by Swiss
Bank Credit Suisse to a criminal chargev
for
its role in helping Americans evade taxes was
coupled with a $2.5 billion fine as part of an
agreement with U.S. Authorities. Separately, the
NYSDFS said it was determined not to revoke
the bank’s license in the state, but by making
this statement raises a further veiled threat. This
threat became reality a short time afterwards.
$13bn JP Morgan Chase (Nov 2013);
$11.6bn Bank of America (Jan 2013);
$9.5bn Bank of America (Mar 2014);
$8.9bn BNP Paribas (Jun 2014).
5. Anomaly42.com5
$8.97 billion fine
Suspension of dollar-clearing operations
through its New York branch and other
U.S. affiliates during all of 2015
Suspension of dollar-clearing as a
correspondent bank for unaffiliated third-
party banks in New York and London for
two years
The resignation/exit of 13 individuals,
including Group Chief Operating Officer
George Chodron de Courcel, from the
bank
The suspension of dollar-clearing
operations means the DoJ and NYSDFS
are to continue monitoring the bank’s
AML / CFTvii
and KYC EDDviii
controls that
need to be considerably strengthened to
avoid further costly delays or damaging
penalties.
This case covered the corporation and did
not include the subsequent investigation into
potential individual culpability. The BNP Paribas
suspension of dollar clearing may prove far more
damaging to the bank’s reputation and balance
sheet as it may struggle to retain business in
the area of international trade and wholesale
banking.
It would not be a surprise that, once systemic
control failings become more apparent in the
international banking sector, the collective
damage could reach £250bn by 2020ix
. Such
exposures could lead to material changes in the
marketplace including a change in the reliance
upon the dollar as a primary currency; the
framework for correspondent banking and a
fundamental rethink about KYC.
On the 30th June 2013, BNP Paribas pleaded
guilty to the concealment of more than $190
billion in transactions between 2002 and 2012
that included the dollar clearing on behalf of
the oil and gas finance business for santioned
countries from Geneva, Paris and Singapore,
the trade finance business from Milan, and for
oil and gas-related clients from Romevi
. This
resulted in:
6. Anomaly42.com6
Systemic Failings in the First Line
of Defence
Major banks involved with international
wire payments are highly dependent upon
automation to identify AML CFT anomalies.
This First Line of Defence (FLOD) is based on
automation, due to the volumes of money
transfer transactions and the time sensitive
nature of international payments.
FLOD automation generates anomalies that
need to be processed by bank administrators
as the Second Line of Defence (SLOD). Based
on our experience, 99.2% of these anomalies
are passed as acceptable by SLOD. These
acceptable transactions are regarded as ‘false
positives’ and have become ‘accepted’ as the
cost of compliance for doing business. But this
needs to be challenged for two reasons:
Unless algorithms are ‘continually’ calibrated to
align with the changing profile of major money
laundering players then the bank is likely to:
The high percentage of anomalies
generated as ‘false positives’ means
significantly higher compliance and
operational costs are incurred that do
little to materially protect the bank’s
reputation. In reality, a high percentage
of ‘false positives’ is a reflection of ‘weak’
decisioning algorithms within the FLOD
automation software.
Asoveratrilliondollarsisbeingsuccessfully
laundered every year, it is a reasonable
assertion that FLOD automation is
allowing money laudering transactions
through the process that ought to be
have been treated as suspicious activities.
These ‘false negatives’ are potentially the
most precarious types to be missed by the
bank’s controls. They are the transactions
that are most likely to inflict reputational
damage if they remain undetected until
found by investigators representing the
regulators and other external authorities.
‘False negatives’ means the bank is
exposed to ‘unknown’ risks, which can
become ‘known’ risks at any point over the
next ten years.
1
2
Miss identifying major money launderers
thus exposing the bank to future
reputational damage;
Incur the rising costs of compliance
and supervision to process exceptions
that really should have been treated as
acceptable STP business;
Face punitive action from the regulators in
fines etc.
7. Anomaly42.com7
Unknown Risks Worry Non-
Executives
From evidence we have examined, it is clear
that most international banks involved with
business-to-business international payments
in excess of one million transactions a year, are
highly likely to have missed identifying major
money launderers.
The reputational and balance sheet damage to
some of the largest banks in the world caused
by systemic AML CFT failings is a current and
serious Board-level issue.
Interestingly, we are finding non-executive
directors are demanding from their executives
to find better controls over ‘unknown’ risks as a
strategic imperative. Justifiably, pressure is also
coming from institutional and other types of
shareholders to create a more stable state for
growth.
The response of executives to these pressures
is to:
In our opinion, the answer is clearly no as they
are not designed to handle the sophistication
of the ‘top performing’ money launderers.
The reason is that major money launderers
have adopted complex ecosystems designed
to bypass the banks’ ‘best of class’ solutions.
These money laundering ecosystems are far
more sophisticated than the traditional money
laundering rings of yesteryear.
Non-executivesandotherBoard-Levelmembers
are now treating this situation with a greater
urgency as regulatory and judicial authorities
become far more challenging about money
being laundered and the financing of terrorism
because of the level of threat to socioeconomic
stability.
But are these materially large investments
enough?
Tighten up policies and procedures;
Materially increase the number of people
involved with governance, risk and
compliance;
Stop doing certain types of business;
Invest in better technology using ‘best of
class’ solutions.
8. Anomaly42.com8
AML CFT: The Next Wave of Billion
Dollar Fines
Our earlier White Paper AML CFT: “Money
Launderers Playing the Long Game” explains
how banks’ controls are systematically
bypassed.
There is growing realisation amongst leading
bankers upon how much of their business
intelligence can be extrapolated from wire
payment transactions that pass from bank to
bank. This level of transparency means the
DoJ and NYSDFS have access to wire payment
transaction data from over 50 banks that
are explicitly or implicitly involved in money
laundering.
This data is the start point for gathering KYC
EDD evidence involving suspicious activities
related to money laundering (including tax
crime) and the financing of terrorism. For every
money transfer where suspicious activity has
been identified, the authorities know the:
Why and how is this happening now?
The advances in Big Data are progressing very
rapidly, which can be illustrated in the following
table:
Wire payment currency and amount of
money.
Dates and times of the wire payment
instructions.
Name, address and country of the
originator firm.
Name, address and country of the bank
that has the originating firm as a client.
Name, address and country of the
originator bank’s correspondent bank.
Name and country of the beneficiary firm –
sometimes includes the address.
Name, address and country of the bank
that has the beneficiary firm as a client.
Name, address and country of the
beneficiary bank’s correspondence bank
and if appropriate their correspondent
bank.
Reason for the wire payment.
Any associated messaging.
BIG DATA 1.0
Collecting, connecting
and correlationg
structured and
unstructured data
BIG DATA 2.0
Artificial Intelligence
processing big data that
complements humans
BIG DATA 3.0
Artificial Intelligence
processing big data that
surpasses humans
BIG DATA 4.0
Artificial Intelligence
using IoTx
for sensing
early and responding
quickly
Past
Present
Future
9. Anomaly42.com9
By using Big Data 3.0xi
solution, advanced
automation can analyse data from SWIFTxii
and CHIPSxiii
to apply risk weightings, linked
with publically sourced data, to accurately find
high risk transactions. By taking these high
risk transactions and performing a “Know Your
Customer (KYC) Enhanced Due Diligence (EDD)”
examination using primarily publicly sourced
data, authorities are able to unveil suspicious
complex corporate structures across multiple
accounts involving multiple jurisdictions,
without any further consultation with the banks
involved.
This new generation of automation is able to
very rapidly find high risk transactions that
were previously missed by FLOD and SLOD.
To try to find such high risk transactions using
AML CFT analysts using contempory technology
and processes it could take 12 months or
more, or it could completely fail to find serious
money laundering ecosystems that are
bypassing the bank’s controls.
The DoJ and NYSDFS are able to identify every
bank that has been explicitly or implicitly
involved with suspicious AML CFT transactions
from studying the life cycle data of each
wire payment from the originator firm to the
beneficiary firm. In other words, when the
DoJ and NYSDFS investigate one bank, the
evidence gathered includes the other banks
involved. The DoJ and NYSDFS stopping BNP
Paribas undertaking dollar-clearing as a
correspondent bank for unaffiliated third-party
banks in New York and London for two years
is a strong signal to other banks involved with
international wire payments.
The type of evidence that can now be obtained
starting from a wire payment transaction and
applying Living KYC EDD using public sourced
data is shocking bankers to the core. This goes
way beyond the type of data banks use from
the traditional providers of information. The
implications are profound as KYC EDD + AML
CFT coupled with international wire payments
signals the next wave of billion dollar fines.
10. Anomaly42.com10
Such siloism is failing to handle increasing rates
of complexity and arguably is the single biggest
cause to the spiralling costs of regulation,
compliance and supervision, whilst constraining
competitive and innovative growth for the
benefits of clients and shareholders alike.
As the rate of complexity, velocity and volatility
increases, siloism cultivates more and more
fragmentation of data and fragmented ways of
working. This is a fertile ground for cultivating
unknown risks that eventually surface to drive
problems and in some cases creates a serious
crisis.
Money Laundering is now a clear and present
danger to banks, especially those involved with
international wire payments.
Siloed Organisations, Siloed Data
Threatens Everything
KYC is core to the values of global banking
business. However, banks are increasingly
hindered from really knowing their customer
by the way they are organised around silos
covering processes, people and data. In reality,
customer data is highly fragmented with at
least 80% of this data being in an unstructured
format (i.e. paper, fact finds, contracts, service
level agreements, correspondence, emails,
instant messaging, phone calls, identity
documents, checklists, spreadsheets, invoices,
complaints, enquiries etc.).
In the case of SDD (simplified due diligence),
CDD (customer due diligence) or when deemed
necessary EDD (enhanced due diligence) there
is a need to collect external sources of data,
which is mostly in an unstructured format.
Siloism by its very nature is a collection of
walled gardens within the same organisation
that engenders protectionism and self-interest
type behaviours, particularly in times of stress.
11. Anomaly42.com11
Rethink Data, Rethink Client
Most wealthy individuals often own firms,
are directors of firms, and are shareholders
of firms. As advocated by the FATFxiv
and the
EC 4MLDxv
it is important to understand the
firms involved with wire payment transactions,
including the true ownership by individuals
even though this may involve complex
structural layering. The natural synergy
between wealthy individuals and corporate
banking, combined with the complexities
of governance, risk and compliance has led
to the trend to converge these two banking
businesses.
Banks have always focused on winning,
retaining and deepening customer
relationships, but nowadays this is far more
complex to undertake for many reasons,
including the ease of creating companies,
establishing bank accounts in different
countries and doing business across many
jurisdictions. Increasingly, executives are
finding that the winning differentiator is no
longer the product or the price, but the level of
engagement in creating an intimate long-term
relationship with the customer. The competitive
differentiation is the way engagement is a
more strategic way of looking at customer
relationships and personalised services.
Taking a holistic view of all customer data, both
structured and unstructured data, from inside
and outside the bank, provides the means for a
strategic engagement to be undertaken.
AML CFT creates further challenges as it also
needs to take into consideration wire payment
transactions, other banks clients and all
correspondent banks involved.
12. Anomaly42.com12
Holistic Data, Smart Decisions
Using this approach, holistic data refers to the creation of a deeper, more meaningful collection
and connection of data about firms and the individuals involved. This requires joined-up data
across the different functional silos of the bank.
The following diagram is a simplistic representation to a strategic reposition to Living KYC
involving internal and external data, including publically sourced and wire payments that involve
inter-bank transactions especially those covering business from a firm / individual to a firm /
individual.
This diagram shifts EDD from a fringe activity to the modus operandi. This requires treating
Enhanced Due Diligence not as a regulatory overhead, but a way to develop new ways to ensure
that customers are engaged in all of their interactions with the bank and that such richness of
data enables the bank to be more proactive in anticipating customer needs and expectations,
and fulfilling them more effectively and efficiently. This shift is fundamental for smarter decisions
that results in treating customers fairly and driving new levels of automation for AML CFT and
other relevant regulator demands.
EDD
InternalData
KYC: Know Your Customer
EDD: Enhanced Due Diligence
TCF: Treat Customers Fairly
AML: Anti Money Laundering
CFT: Combating the Financing of Terrorism
Data
Data Data
Wire Payment
Data
ExternalData
Living
KYC
TCF
AML
CFT
13. Anomaly42.com13
The Economics of Enhanced Due
Diligence
Traditionally, banks perform SDD or CDD. The
latter is time consuming and for some banks
it can take many weeks or even months to
perform client on-boarding. EDD (Enhanced
Due Diligence) is regarded as an exception as
it involves higher costs and longer time periods
to perform.
EDD automation changes the economics of KYC
as it collects external data from a diverse set of
sources than can be used to prefill structured
data formats. The ability to use automation to
extrapolate data from unstructured formats
at costs lower than SDD or CDD, is a game
changer. There is still the manual process of
identity verification by providing documents
such as a passport, but even in this situation
there are new forms of self-service using smart
phones.
Advanced EDD automation that fundamentally
lowers the costs by doing more for less means
EDD becomes the modus operandi and
replaces the need for SDD and CDD. Inevitably,
this will become the golden standard for
KYC with AML CFT being a beneficiary of this
change.
This new approach we call Living KYC EDD
that drives market and revenue growth, whilst
lowering costs and risks.
14. Anomaly42.com14
Living KYC EDD
Living KYC EDD is about having up-to-date data about the customer. As ownership of firms are
continually changing there is a need to move beyond the constraints of customer on-boarding
and periodic reviews. The provisioning of daily updates from external data sources provides the
means for the bank to be aligned with change being treated as the norm.
The following diagram shows a simplistic graphical data visualisation in context to a single wire
payment. Naturally, reality is more complex than this illustration but it is enough to show that all
the structured and unstructured client data nodes (circles) have relationships (lines) and both
have properties (text).
15. Anomaly42.com15
Today, advanced technology enables Living KYC EDD to become a reality and the ability to
reconstruct structured and unstructured data into dynamic visualisation formats and develop
new forms of automation to detect positive and negative anomalies.
Benefits of Living KYC EDD
By taking a holistic and dynamic view of Living KYC, there is a fundamental shift that takes the
capabilities of the bank to a new level. The benefits of Living KYC are profound:
Protects the brand and balance sheet
from reputational damage and reduces
the provisions needed for ‘conduct risk’.
Protects senior bankers from criminal
litigation and losing their licence re: Senior
Persons Regime
Provides better assurance to board
members and shareholders alike of
putting controls in place designed to
tackle better ‘unknown risks’.
Uses automation in a step change to
reverse the continual costs of governance,
compliance and risk control.
1
2
3
4
5
6
7
Provides a new capability of getting to
know customers better, meeting emerging
customer demands and anticipating future
customer needs.
Enables better customer engagement and
more personalised products and services.
Develops the next generation of middle
office automation by bringing unstructured
and structured data together in redefined
formats to carry out work that before
needed subject matter experts to process
the work.
16. Anomaly42.com16
Conclusion
The worrying exposures banks now have, in terms of the authorities using advanced technologies
to find negative anomalies in wire payments data, means proactive and pre-emptive action is
needed. This emergent threat again raises serious questions about the role of the ‘Big Four’
auditors and their ability to detect systemic control weaknesses. Both the banks and auditors
are also exposed to Sarbanes Oxley legislation for ensuring proper policy and procedures are in
place.
A different type of strategic solution is needed rather than throwing armies of people at
the problem. By wisely taking a different perspective it means there is now the capability to
repurpose defensive costs to become a strategic investment that reduces the exposure of brand
contamination, whist laying the foundation for market and revenue growth. Such new capability
enables banks to sense early for informed timely decisions in quick response to ever changing
circumstances for refining and expanding the value proposition to its customers.
NYSDFS announces PricewaterhouseCoopers regulatory advisory services will face a 24-month
consulting suspension, pay a $25 million fine; and will have to implement reforms after
misconduct during work at bank of Tokyo Mitsubishi.xvi
17. Anomaly42.com17
References
i
KYC = Know Your Customer
ii
AML = Anti-Money Laundering
iii
CFT = Combating the financing of terrorism
iv
Eric H. Holder, Jr. was sworn in as the 82nd Attorney General
of the United States on February 3, 2009 by Vice President Joe
Biden. http://www.justice.gov/ag/
v
Credit Suisse pleads guilty to U.S. criminal charge in tax probe
http://www.reuters.com/article/2014/05/19/us-creditsuisse-
investigation-idUSBREA4I0E620140519
vi
France’s BNP to pay $9 billion in U.S. sanctions case, face
dollar-clearing ban http://www.reuters.com/article/2014/06/30/
us-bnp-paribas-settlement-idUSKBN0F52HA20140630
vii
AML anti money laundering; CFT combating the financing of
terrorism
viii
KYC know your customer; EDD enhanced due diligence
ix
The $250bn estimate for damages is based on taking the
market cap for the top 21 banks as at 31st March 2014 (source:
http://www.relbanks.com/worlds-top-banks/market-cap). At this
time the total market cap for the 21 banks was valued at US$
2,712 bn. By using a formula of using the BNP Paribas $8.9bn
fine as a percentage of their market cap, we have calculated the
equivalent across the 21 banks. This puts a value of the potential
damage to be around US$ 251.40bn. A further consideration is
the damage to the banks’ balance sheets, including provisioning
for conduct risk; the impact upon the brand contamination
to shareholders; the loss of trust by clients and other banks
to revenue generation; and the possible suspension of dollar
clearing including as a correspondent bank.
x
IOT Internet of Things
xi
Big Data 1.0 Searching Connected Data; Big Data 2.0 Artificial
Intelligence Complementing Humans; Big Data 3.0 Artificial
Intelligence Surpassing Humans
xii
SWIFT Society for Worldwide Interbank Financial
Telecommunication http://www.swift.com/
xiii
CHIPS is the largest private-sector U.S.-dollar funds-transfer
system in the world. https://www.chips.org
xiv
FATF Financial ActionTak Force http://www.fatf-gafi.org/ is
the leading authority for combating money laundering and the
financing of terrorism, which is backed by the department of
treasury from leading countries.
xv
EC 4MLD The European Commission (the “Commission”)
Fourth Money Laundering Directive (“4MLD”)
xvi
http://www.dfs.ny.gov/about/press2014/pr1408181.htm