In the last blog in our AML series, we outlined the major developments which are driving rapid regulatory changes across the world. Today, we are going a step further by suggesting seven ways companies should respond to these emerging regulatory risks. Implementing these best practices for compliance and due diligence will not only help companies to meet regulators’ expectations, but it should protect their business from the growing complexity of money laundering risk.
1. Proactively monitor regulatory developments
This might seem obvious advice, but it is important that companies understand the current regulatory framework in all jurisdictions in which they, their third parties and their customers operate. Not only that, but they should monitor legislative proposals and national debates within each jurisdiction to gain an understanding of the likely direction of travel for AML regulations in the future. Legal sources and media articles are useful sources for this information, as well as seeking advice from country experts.
2. Go beyond a box-tick exercise of meeting regulations
Although it’s crucial to comply with the requirements of every relevant regulation, this is no longer enough for companies to satisfy regulatory expectations. Instead of approaching regulations like a ‘tick-box’ exercise, firms should understand and implement the best practices around due diligence and AML policies and processes. FATF’s recommendations on AML and the Wolfsberg Principles for banks are two good sources of advice. This approach works best when compliance is treated as a priority by the board and senior management, and training and guidance is offered to all employees – not just left to the compliance team.
Companies that take a holistic approach to compliance from the top down can be confident that, when more regulatory change inevitably comes, they are better prepared because they are already taking the right steps to identify and mitigate money laundering risks.
3. Don’t seek to cut costs on your compliance budget
The spread of global AML regulations has been accompanied by a sharp growth in fines by enforcement agencies. Banks and other financial institutions received 50% higher fines for AML and other financial crime breaches in 2022 than they were in 2021, according to Fenergo. Companies that fail to meet AML requirements therefore face greater financial and regulatory risks than ever before.
The global economic downturn since the onset of the pandemic has forced many companies to seek to cut costs, and compliance can superficially appear a tempting target because it does not directly generate income. But cutting the compliance budget is a grave error for any company. The risk of a fine for an AML breach, as well as the reputational impact on the business, far outweighs the cost of investment in compliance. Moreover, compliance has been shown to provide opportunities for companies, including attracting customers and investors who seek to buy from and invest in more transparent and ethical firms.
4. Ensure your due diligence is truly global
Our last blog on AML regulations showed that combating money laundering and other financial crimes has become a regulatory priority across the world – not just in the US as may have been the case 20 years ago. In recent years, many countries have introduced new AML risk assessments and regulations across the Asia-Pacific region, South America and the Middle East. Companies therefore need to be able to carry out AML due diligence on their third parties and suppliers covering every jurisdiction in the world in which they operate. They need access to reliable sources from multiple countries, as well as translations to understand the full picture from these sources across many languages.
5. Take advantage of technology
Technology is at the heart of recent trends around AML. Criminals are using technology to launder illicit funds in increasingly sophisticated ways – the use of some crypto exchanges is one such example. In turn, regulators are responding by using technology to gain greater visibility of companies’ due diligence processes and to identify suspicious transactions. Moreover, experts predict a fast-approaching trend for companies’ compliance approach is that regulators will require them to use technological tools to monitor for money laundering and terrorist financing activity. Most executives who responded to Kroll’s 2023 Fraud and Financial Crime Survey predicted regulators will look more closely at how they use technology for AML compliance in 2023-24.
As a result, companies are advised to invest in technological tools that can help them to identify suspected money laundering risks more quickly, accurately and cost-effectively. For example:
- Some firms (and regulators) are using AI and Machine Learning to detect suspicious patterns of transactions.
- Many firms have successfully deployed technology tools that can automate elements of the due diligence process and surface insights from large, authoritative and up-to-date datasets. This can detect risks which would not be discoverable from manual searches.
6. Carry out ongoing monitoring
Regulations are changing all the time, and so are money laundering risks depending on a company’s industry or jurisdiction. Most AML regulations therefore require companies to carry out monitoring of AML risk on an ongoing basis, rather than doing it once and deciding they are compliant. Technology platforms like Nexis® Solutions can help with this by automatically flagging any changes in risk profiles of companies and their third parties based on large datasets of financial, company and news records.
7. Focus on reporting
Several recent AML regulations have mandated companies to report on their AML activities and their suspicions of a compliance breach. While digital platforms recently set up by regulators in the Netherlands and Singapore require banks to share information on customers’ AML risks–both between each other, and with the regulators. Additionally, compliance teams that produce regular reports for their management are usually more likely to secure buy-in on necessary actions.
All of this puts a premium on companies being able to produce clear and accurate reports on their AML processes and due diligence assessments, with a link back to the dataset or source for the information. Technological tools like Nexis® Solutions can also help with this process by instantly pulling tailored, risk-scored reports from the database and sending them to users for onward distribution to managers, companies and regulators. This saves considerable manual staff time and effort that would otherwise be required.