5 trends shaping financial crime compliance for banks

October 12, 2022 3:54 PM

Even as banks automate some financial crime compliance chores, human labor constitutes a majority of the cost of fighting financial crime.

That is among the top findings of an annual survey of U.S. financial institutions conducted in May and June by the global market research firm KS&R. LexisNexis Risk Solutions, which provides data sources and technology to help banks fight financial crime, commissioned the survey, but KS&R did not identify the company as the sponsor of the research when conducting interviews.

The survey covered a wide range of financial crime compliance functions, including know-your-client due diligence, anti-money-laundering regulations, and sanctions and screenings for politically exposed persons. The laws governing these functions include the Patriot Act and the Bank Secrecy Act.

One reason automation has not taken over the financial crime compliance function for financial institutions has to do with the data that feeds those systems, according to Eric Young, senior managing director at the consulting firm Guidepost Solutions.

"Machine learning and AI need to have data integrity to analyze true and accurate data fed from multiple legacy, front office and other systems, which do not always or often talk to each other," Young said. "Financial institutions are typically the amalgamation of multiple mergers and acquisitions still using legacy deposit, loan and trading systems. Therefore, they have to invest to ensure data from all these legacy systems are first cleansed and regularized or reformatted to accurately feed to machine learning systems and AI."

Cleansing and coding that data still requires humans, Young said, and humans are also the ultimate deciders in determining whether suspicious activity reports are warranted.

Financial crime compliance costs continued to rise this year, but at a slower rate than in previous years despite recent regulation that drastically changed banks' anti-money-laundering efforts. Young said part of the explanation is that banks have not yet been spurred by major enforcement actions.

"The costs will spike significantly once the first and second major enforcement actions against the banks, and nonbanks and suppliers, are publicized," said Young, who was formerly chief compliance officer at BNP Paribas Americas, Royal Bank of Scotland and S&P Global ratings, and who is an adjunct professor at Fordham University. "That might not happen for another year or two. But like the sun rising, the sanctions enforcement actions will happen and the cost of compliance will magnify."

KS&R interviewed 121 people at U.S. financial institutions who oversee some financial crime compliance functions, such as know-your-customer remediation, sanctions monitoring, financial crime transaction monitoring, or compliance operations. Organizations included in the survey included banks, investment firms, asset management firms and insurance firms. KS&R also interviewed 29 decision makers at equivalent Canadian firms, but all results reported here regard U.S. firms.

The cost of compliance continues to increase

Financial institutions continued to invest more in both technology and labor to prevent financial crime. Among the surveyed financial institutions, 73% of respondents reported their financial crime compliance costs had increased over the past 12 months.

Among institutions with more than $10 billion of assets, the average annual cost this year is $31.7 million. Spending this year is up 14% from 2021, which in turn was up 36% over 2020. Among financial institutions of any size, average spending on financial crime compliance has more than doubled since 2019.

Just over half (56%) of this spending goes toward labor and resources, which includes both salaries and training. Another 37% goes toward technology costs for financial crime compliance and know-your-customer software and remote working costs. The remaining 7% are costs associated with outsourcing or similar fees.

Spending on the human capital behind financial crime prevention remains higher than spending on the technology given the sophisticated and organized nature of financial crime, according to experts in the field. One such vendor, FiVerity, calls such technology a force multiplier of the expertise within fraud prevention teams rather than a replacement for them.

Banks cited increasing geopolitical risks as the top external trend driving increased costs, with 82% selecting it as one of their top three drivers among four other choices: evolving criminal threats (65%), increasing data privacy requirements (56%), customer demand for faster payment (51%) and increasing anti-money-laundering regulations and regulatory expectations (46%).

A 2020 anti-money-laundering law is still driving up compliance costs

The Anti-Money Laundering Act of 2020, which became law as part of the National Defense Authorization Act in early January 2021, constituted an "overhaul" of the Bank Secrecy Act, according to LexisNexis Risk Solutions, and was "the most consequential anti-money laundering legislation passed by Congress in decades," according to law firm Holland & Knight.

The consequences of that law continued to settle into the compliance space this year, and LexisNexis Risk Solutions cited the law as a major driver of increasing financial crime compliance costs. In particular, 61% of banks that responded to the survey said they increased manual activities as a result of the law's passage. That figure was 74% last year.

One element of the Anti-Money Laundering Act was an amendment to the Bank Secrecy Act that clarified it to have it state, consistent with how regulators had already interpreted the law for years, that those who exchange or transmit value that substitutes for currency (including cryptocurrency) are subject to the law's registration and compliance requirements.

Banks cited that provision of the law as a top impact to their financial crime compliance operations, with 46% of U.S. respondents saying it had affected them.

Exposure to crimes involving crypto is a major cost driver

When asked about the degree to which respondents felt exposed to certain forms of crime, firms primarily reported increased exposure over the past 18 to 24 months to financial crimes involving cryptocurrency (70%); proceeds from human, wildlife and drug trafficking (70%); and the use of money mule accounts to launder criminal proceeds (66%).

The kind of financial crime to which firms said their exposure had increased the least during that period was laundering proceeds through offshore structures (48%), according to the LexisNexis Risk Solutions report, potentially as a result of heightened requirements related to ultimate beneficial ownership.

Sanctions, politically exposed persons are particularly challenging

Among the greatest challenges financial institutions face in complying with financial crime regulations are identifying politically exposed persons and entities on sanctions lists. These challenges are apparently the result of a lack of data sources banks can use to learn about potential client businesses.

Among respondents, 55% reported positive identification of politically exposed persons as a top challenge in their compliance screening operations, and 52% cited sanctions screenings. But just below those two, regulatory reporting was a top challenge for 42% of respondents, and customer risk profiling was a top challenge for 32%.

In the due diligence process behind these operations, the top challenges were identifying critical attributes of a business (51%), identifying relationships between business entities (50%) and noncooperation from the client business (50%).

Among the least difficult aspects of the due diligence process for banks were authenticating identities through digital channels (10% cited as a top challenge), distinguishing legitimate identities from impersonations (2%) and conducting due diligence on crypto or digital payments (0%).

Time spent on customer due diligence is down

As some customers return to branches and at the same time, banks adapt to screening prospective account holders without face-to-face interactions, the average time spent on customer due diligence has decreased to near pre-pandemic levels.

Time spent on customer due diligence peaked in 2020 and 2021 for every line of business among U.S. financial institutions, according to the LexisNexis Risk Solutions survey. For example, firms said they have spent an average of 43 hours on due diligence per domestic midmarket corporate customer this year. That is down from 52 hours in 2021 and up from 25 hours in 2019.

Firms spent the longest on large and foreign business accounts. For each small and medium-sized firm, financial institutions have spent 58 hours on due diligence this year, compared with 77 hours last year and 38 hours in 2019.

Time spent completing due diligence on individuals is roughly on par with pre-pandemic levels. For each domestic retail customer, financial institutions said they spent on average nine hours on due diligence, the same amount of time they reported spending in 2019 and down from a high of 17 hours in 2020.

For each foreign individual, time spent on due diligence this year has been 18 hours, versus 23 hours in 2019 and 33 hours last year. For each politically exposed person, average time spent has been 23 hours this year, down from 35 hours last year and slightly up from 21 hours in 2019.