COVID-19 has disrupted financial services. The depth of change, and the speed at which it has occurred, has ratcheted up risk levels. The result? An environment ripe for financial crime - especially fraud, cybercrime and money laundering.
To address these risks, and the regulatory and reputational risks that go with them, and create the foundation for greater resilience in the future, firms need to make several key moves.
Already, financial institutions are seeing an increase in pandemic-related fraud and cybercrime, such as phishing emails appearing to be from the World Health Organization, and fraudulent sellers peddling nonexistent face masks. Federal agencies have advised banks to remain alert for malicious or fraudulent transactions and urged investors to be wary of scams.
As threats increase, however, effectively managing financial crime has become more difficult for banks. Staff absences are higher, more employees are working remotely, operational processes have changed, and human oversight is harder to secure.
Using digital technologies to supplement manual effort offers a solution. For example, bots can complete tedious tasks, such as validating customer information against standard databases, more quickly and accurately than people. This frees up staff to concentrate on more complex work requiring human judgment and improves employee morale and experience in the process.
Robotic process automation and artificial intelligence are incredibly effective for labor-intensive functions such as know your customer (KYC) and transaction monitoring processes. And banks can use biometric technologies, such as eye-scanning, to validate customer identity quickly, accurately, and remotely, which is especially useful now that many brick-and-mortar branches are closed.
Banks have also seen recent shifts in customer behavior – including spikes in cash withdrawals, growing use of online and digital financial services, and an increase in cryptocurrency-related activity – attributable to the pandemic. Therefore, banks must now reevaluate and redesign anti-money-laundering processes, such as KYC and transaction-monitoring, which are largely based on the detection of anomalies in customer behavior.
Banks should use these redesign efforts as an opportunity to enforce compliance more consistently and with greater productivity and cost efficiency. Digital technologies can help here too. For example, advanced analytics make it possible for banks to have a more sophisticated and real-time understanding of their clients’ changed, and changing, circumstances.
Today’s challenges have also revealed other underlying weaknesses. Fragmented data and siloed systems have always been painful for banks to deal with, but now they’re making matters even worse. Given new work-from-home arrangements, analysts and investigators will have difficulty accessing the many data sources and systems they need to conduct proper investigations.
Banks should aggregate their company’s data into a centralized data lake and securely democratize data access, empowering investigators to conduct investigations more thoroughly and efficiently. As regional and global volatility continues, an enhanced approach to data management can also be scaled up to handle demand.
Banks have long struggled to fight the risk of new financial crimes with old technologies. Recent events have only made it harder. Financial institutions that have only dipped their toes in the waters of next-generation financial crime risk management (FCRM) technologies now need to take the plunge.
Financial institutions' FCRM operations depend on a complex, interconnected, and often globally distributed network of people and technology. Recent events have tested this network. Not surprisingly, most business continuity plans (BCPs) have been found lacking.
Banks need to revisit their BCPs from the ground up, reviewing policies, practices and controls and tailoring them to the new environment. Banks will increasingly need to train their people to become bilingual – that is, capable of understanding both FCRM and the technologies that underpin it. And banks will need to make sure that controls and safeguards are in place for effective and extended home working. For example, redesigning encryption certification policies may better protect customers’ personal information
Finally, banks need to shift to intelligent cloud computing solutions – whether public, private or hybrid – to ensure business continuity. These solutions offer many benefits, including cost efficiency, ease of remote access to data, multiple data backups and scalability. As some businesses are betting on remote work arrangements enduring even after the current restrictions end, cloud solutions become even more important.