Combining Data Analytics with Transaction Monitoring Capabilities to Identify Suspicious Behavior. AIBA Compliance Seminar March 3, 2015

Transcription

1 Combining Data Analytics with Transaction Monitoring Capabilities to Identify Suspicious Behavior AIBA Compliance Seminar March 3, 2015

2 Agenda i About K2 Intelligence K2 Intelligence Team Foundation of an AML Compliance Program Transaction Monitoring Risk - Based Approach Regulatory Landscape Technology Risk Scenarios and Parameters Investigation and Analysis AML Compliance Transaction Monitoring Testing Data Analytics + Transaction Monitoring Know Your Data Case Study - Transaction Anomalies

3 About K2 Intelligence 1 K2 Intelligence, an investigative and integrity consulting firm founded in 2009 by Jeremy M. Kroll and Jules B. Kroll, the originator of the modern corporate investigations industry, conducts investigative, analytic and advisory assignments that begin with intelligence and end with an implementable risk management and mitigation strategy. By employing a wide range of traditional techniques, amplified by cutting-edge technology, state-of-the-art data analytics and the most advanced intelligence gathering methods necessary for complex legal problems, K2 is able to provide solutions that not only protect a company's bottom line but also their brand and reputation. K2 s multi-disciplinary teams of experts are comprised of former prosecutors, regulators and Bank Compliance officers, intelligence officers, investigative journalists, technology experts, forensic accountants, and cybersecurity experts. With offices in New York, London, Madrid and Tel Aviv, K2 acts as advisors to governments, companies and individuals in business areas including: Complex Investigations & Disputes; Board Advisory; Anti Money Laundering and Regulatory Compliance; Integrity Monitoring & Compliance; Data Analytics & Visualization; and Cybersecurity Investigations & Defense.

4 K2 Intelligence Team 2 As leader of the Anti-Money Laundering (AML) and Regulatory Compliance Practice, Tom Bock brings more than 20 years of anti-money laundering, sanctions, regulatory compliance, fraud investigations and risk management consulting experience to K2 Intelligence. Prior to joining K2 Intelligence Tom served in leadership positions for CIT Group LLC, where he managed teams responsible for the design and implementation of global transaction monitoring systems; KPMG, where led anti-money laundering engagements for multi-national financial institutions; Daylight Forensic & Advisory LLC; and Republic National Bank of New York. Vincent D Amelio is the Executive Managing Director at Thacher Associates, a K2 Intelligence Inc. company where he specializes in forensic accounting investigations relative to Ponzi schemes, asset misappropriation, financial statement fraud, fidelity insurance claims, independent monitoring and regulatory compliance in complex accounting and litigation matters. He has assisted counsel of a major international financial institution that served as the custodian and/or administrator to numerous feeder funds to the Madoff Ponzi scheme and served as the forensic accounting advisor to the trustee for the Agape World Ponzi scheme. Mitch Silber, Executive Managing Director for Intelligence and Analytic Solutions, is responsible for building and managing the Data Analytics practice. This includes identifying and partnering with venture stage companies that are creating cutting edge analytics and cyber security capabilities, designing new uses for them in the business intelligence and investigations arena and creating new business practice areas around them. Prior to his role at K2 Intelligence, Mitch was the Director of Intelligence Analysis for the New York City Police Department (NYPD) where he supervised the Intelligence Division s entire portfolio of ongoing terrorism-related investigations. He also built and managed both the Analytic and Cyber Intelligence Units. He is a co-author of Cyberwarfare and the Law (Fall 2014).

5 Foundation of an AML Compliance Program 3

6 Transaction Monitoring Risk - Based Approach 4 Clients Products & Services Geographic Regions High net worth individuals Financial Institutions Non-traditional banking businesses Money Services Business Charitable Organizations/Not for Profits Any type of business identified by Government Authorities as high risk for Money Laundering Correspondent Banking Private Banking Payable Through Wire Transfers Virtual Currencies Areas listed by the Financial Action Task Force (FATF) Middle East Latin America

7 The Regulatory Landscape 5

8 Regulatory Landscape 6 Sophisticated analysis vs. Static Threshold filtering Financial Intelligence Infrastructure across business units, geographical areas & product groups Information that is refined, accurate & actionable Customer behavioral assessment, not simply threshold data Profiling based on known customers and related transactions Detection, Analysis, Escalation, Decision-making & Reporting Long-term Approach versus Exam-specific efforts Financial Crime Deterrence Internal Controls & Technology

9 Technology 7 Vendor Selection Data sourcing, mapping and reconciliation - ETL Design and implementation of risk scenarios and parameters Continual fine tuning and testing Exception Reporting

10 Risk Scenarios and Parameters 8 High Risk Geographies High Risk Industries High Risk Entities/Persons Deviations from Anticipated Activity Repetitive and Patterning

11 Investigation and Analysis 9 All suspicious activity is somehow unusual. suspicious. To find the suspicious, analyze the unusual. Resolve/escalate and report potentially suspicious activity Analyze the underlying activity that triggered the alert Review complete and historical account(s) and available KYC information and assess whether the activity is in line with the expected behavior Research available information on counterparties involved in the activity. This can include third party public records including LexisNexis, Factiva and public Internet search engines But not all unusual activity is

12 Investigation and Analysis - The Big Questions 10 Where is the money coming from? Is the activity consistent with what is known about the client (KYC)? Is the activity consistent with the product/account type? Where is the money going? Who are the ultimate beneficial owners?

13 AML Compliance Transaction Monitoring Testing 11 Independent testing of the overall compliance program is one of the four pillars of an effective AML Program. effectiveness of the program. The goal is to: 1. Reduce laundering and/or terrorist financing 2. Anticipate requirements of the regulatory BSA/AML exams 3. Identify deficiencies or opportunities for improvement in the transaction monitoring program It is designed to evaluate the integrity and

14 AML Compliance Transaction Monitoring Testing (Continued) 12 Test the established internal controls for: 1. Source system data and reconciliation process 2. Accuracy and timing of reports (SARs, incident reports) 3. Clearing and escalating alerts 4. Parameter thresholds 5. New Account KYC and CIP procedures 6. Periodic and timely review of accounts including all medium and low risk relationships 7. Staffing models

15 AML Compliance Transaction Monitoring Testing (Continued) 13 The transaction monitoring testing program must ensure the following: 1. The scope is documented 2. The review process is documented 3. Whether the review has identified any weaknesses 4. The results, including any corrective actions, are documented

16 Data Analytics + Transaction Monitoring 14 Data analytics helps reveal behavior, whether analyzing past data or monitoring for ongoing risk. Monitoring programs should be a combination of daily/monthly reviews and reviews over an extended period of time Short time spans will identify suspicious parties and activity at a point in time; trends are often recognizable only over an extended period of time Effective time periods range from 3-12 months, depending on the amount of data to be reviewed and the type of activity reviewed

17 Know Your Data 15 What source systems are generating transactional and customer data? Where does it reside? Who understands how to produce it? Where is the system documentation, including, but not limited to, data dictionaries and mapping requirements?

18 Case Study - Transaction Anomalies 16 A Regulator enforced lookback required a financial institution the review of 100 million transactions from disparate data sets An authoritative list of transactions must be produced, which may entail de-duping and merging It is often necessary to create new unique identifiers for account holders and account numbers that appear in multiple data sets under different names

19 Case Study - Transaction Anomalies 17 It is now necessary to design custom risk scenarios. For example, we may want to identify any account: That has exceeded its average transaction value by a high percentage during a given period Whose average transaction value declined by a high percentage during a given period That has exceeded its average aggregate transaction count by a high percentage Whose average aggregate monthly transaction count has declined significantly That has had a significant increase in average transaction count during a given period That has shown a significant increase in average transaction amount during a given period That has had months of inactivity surrounded by months of activity

20 Case Study - Transaction Anomalies 18 It is often necessary to build a threat matrix to see which accounts and account holders consistently demonstrate high threat scores.

21 Case Study - Transaction Anomalies 19 Risk Scenarios Once scenarios are run, it will be necessary to Move these customer records into a case management system Bring on investigators to run checks on customers, and vetted their research with three layers of quality assurance managers and supervisors Check a large random sampling of non-suspicious customers as a control group We reported suspicious customers to stakeholders Regularly meet with regulators, demonstrate your methodology, and make sure regulators consider your approach to be sufficiently rigorous

22 Questions 20 Thomas Bock Executive Managing Director Vince D Amelio Executive Managing Director vdamelio@k2intelligence.com Mitch Silber Executive Managing Director msilber@k2intelligence.com