AML model risk management and validation

Similar documents
Session 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA

The credit card industry: navigating an evolving environment. EY Advisory Services

Evolution of shadow accounting for fund managers. July 2013

Make money, save money and manage risk

represents a likely source of cost savings, improved business performance and stronger customer-facing capabilities.

Model Risk Management

ANTI-MONEY LAUNDERING SERVICES EXPERTS WITH IMPACT

Integrating COSO s Fraud Risk Management Guide on an Enterprise Scale

Effective Risk Management With AML Risk Assessment. January 25, 2017

Supplier risk compliance obligation or source of competitive advantage? Improve supplier reliability to lift business performance

Cloudy skies. How to bring clarity to your cloud platform in order to optimize your investment. September 2016

FMS New York/ New Jersey Chapter Meeting January 14, The Impact of Models. by: Scott Baranowski

RSM ANTI-MONEY LAUNDERING SURVEY BEST PRACTICES AND BENCHMARKING FOR YOUR BSA/AML PROGRAM

EY Center for Board Matters. Leading practices for audit committees

CFO attestation: building a sustainable process

Surveillance Program Design and Behavioral Analytics Implementation

Crowe Caliber. Using Technology to Enhance AML Model Risk Management Programs and Automate Model Calibration. Audit Tax Advisory Risk Performance

Is inclusive leadership a powerful catalyst for growth?

Managing the move to SMI How EY helps clients get the most from a multisourced environment Service management integration (SMI)

Growing opportunity, growing business. EY s financial services practice in ASEAN

ERM vs. Internal Audit

Industry insight and global experience: the intelligent connection

REGULATORY HOT TOPICS FOR INTERNAL AUDITORS: EVALUATING THE USE OF AML TECHNOLOGY

Governing the cloud. insights for 5executives. Drive innovation and empower your workforce through responsible adoption of the cloud

Thomson Reuters SCREENING RESOLUTION SERVICE

Managing complexity and change in a new landscape. June 2014

Make money, save money and manage risk. The benefits of well-designed environment, health, safety and sustainability programs

Financial Services. Testing anxiety Bank Secrecy Act/Anti-money laundering independent testing survey

Financial advisor compensation. The changing approach to advisor incentives

The Challenge of AML Models Validation

The velocity of change

Chief Executive Officers and Compliance Officers of All National Banks, Department and Division Heads, and All Examining Personnel

The winning tax transformation trinity. Data, technology and operations

AML and Tax Compliance in the Asia-Pacific Region: Investing in KYC Systems, Data, and Processes

Auditing for Effective Training

Operational Transaction Services

Crowe Activity Review System

Driving sustainable performance in the oil and gas sector. Supporting your health, safety, environmental and social goals

AML Model Validation in Compliance with OCC 11-12: Supervisory Guidance on Model Risk Management

Next steps for CCO compliance. Helping financial services institutions respond to the UK s new corporate criminal offence

Ready for takeoff? Overcoming the practical and legal difficulties in identifying and realizing the value of data. Self-assessment guide

Madison Consulting Group. An Introduction to Our Compliance and Regulatory Consulting Services

EY Advisory: Driving business performance

The new revenue standard

report that their financial impact of all fraud, corruption and/or money laundering incidents is over per incident

A guide to assessing your risk data aggregation strategies. How effectively are you complying with BCBS 239?

The past, present and future of service organization control reporting

How does treasury adapt to the finance function of the future?

Risk Based Approach and Enterprise Wide Risk Assessment Edwin Somers / Inneke Geyskens-Borgions 26 September 2017

Stand out for the right reasons Getting your approach to CASS right

TOO BIG TO SUCCEED. Top 5 AML Challenges in These forces produce a set of common challenges:

Integrating a robust third-party risk management program with the vendor onboarding process

Cross-border compensation gathering

Take-aways from EY s series of Internal Audit Analytics roundtables over 2016

Effective implementation of COSO s new anti-fraud guidance

Making a fast start for your capital projects. Power and Utilities Maturity Model and Architecture

Synergies between Risk Modeling and Customer Analytics

RECRUITMENT 1 RECRUITMENT

WELCOME. 1

Go global: positioning your family business expansion across borders. Key considerations for accelerating your growth

ANTI-MONEY LAUNDERING, SANCTIONS & ANTICORRUPTION SOLUTIONS EXPERTS WITH IMPACT

How to discover ways to sustainable anti-money laundering operations*

Banking on gender differences? Similarities and differences in financial services preferences of women and men in a digital world

Compliance Risk Management Powers Performance

A trade name of Wells Fargo Clearing Services EMPOWERING SOLUTIONS FOR YOUR BUSINESS

IBM AML compliance solution

Michael Lammie Director, PricewaterhouseCoopers

Making culture count. Strengthening culture for better risk and compliance outcomes. February 2018

Guidance Note: Corporate Governance - Audit Committee. January Ce document est aussi disponible en français.

ACA excise tax compliance. The crunch is here in 2016

Advisory Services Governance, Risk & Compliance

Get ready for robots: why planning makes the difference between success and disappointment

RiskTech Quadrant 2017 Watchlist Monitoring Solutions

Client onboarding and Legal Entity Data Solutions from Thomson Reuters

AML for MSBs & FinTech: The Compliance Conundrum. Insight Article. Copyright 2016 NICE Actimize. All rights reserved.

Extended Enterprise Risk Management

RC & TACKLING TRADE BASED MONEY LAUNDERING (TBML) risk compliance RISK & COMPLIANCE MAGAZINE. risk & compliance REPRINTED FROM: APR-JUN 2018 ISSUE

Financial Services Compliance

THE IMPORTANCE OF DEVELOPING A SOCIAL MEDIA COMPLIANCE POLICY

FINRA 2090/2111 Solutions & Expertise

Best practice workshop. Training course outline

Anti Money Laundering (AML) Advisory Services Effective solutions for complex issues Deloitte Malta, 2017

ENCODING, PRINTING & VALIDATING RFID TAGS WITH PORTALTRACK

Implementing and maintaining ISAE 3402

AML Transaction Monitoring

Transforming the HR function for high performance. kpmg.com

Disruption and resilience in agricultural supply chains

Measuring digital advertising revenue to infringing sites

CGMA Competency Framework

CITIBANK N.A JORDAN. Governance and Management of Information and Related Technologies Guide

Financial regulatory compliance.

Arjun Kalra - Senior Manager - Crowe Horwath Risk Consulting Practice Chuck Taylor BSA Officer City National Bank

Customer Due Diligence (CDD) Market Survey. Survey Results. Copyright 2016 NICE Actimize. All rights reserved.

RiskTech Quadrant 2016

Actimize Essentials AML. Cloud Based Anti-Money Laundering Solutions

Thomson Reuters: Anti-Money Laundering Survey Insights

KPMG Intelligent Diligence An automated approach to KYC. kpmg.com/uk

Integrated reporting. Communicating sustainable value creation

Information paper. Transaction filtering, systems testing and annual certification: driving business benefits

ACAMS Utilizing Internal Audits to Pinpoint Gaps in Your Institution s AML Program

Transcription:

AML model risk management and validation

Who we are EY s Anti-Money Laundering (AML) and Regulatory Compliance Technology practice is a global team of client-serving, financial services professionals. Our team members come from a variety of financial services, regulatory and technology backgrounds. Together, we leverage years of experience and deep content knowledge to help our clients solve challenging problems in a demanding regulatory environment. What we do We help our clients as they work to fulfill their regulatory and compliance requirements by providing services to meet their immediate needs and their long-term goals. Specifically, we develop technology architecture and program road maps, gather business requirements, assist with vendor selections, develop functionality specifications, and assist in system implementation, testing and quality assurance. Our AML technology service offerings cover a broad range of regulation and products, including: Technology strategy Know your customer (KYC)/enhanced due diligence (EDD) Watch list/sanctions Transaction monitoring Optimization and model validation Case management Using a highly sophisticated and customizable tool set specially developed by EY to address our clients needs and challenges, we help clients meet key objectives: Brand and reputation protection by preventing disciplinary action and fines Sustainable frameworks that can adapt to dynamic corporate policies and regulatory requirements Loss prevention against unauthorized financial transactions Elimination of redundancy in activities performed to manage risk and comply with multiple regulations and standards 2

The trend across all aspects of AML risk management is toward greater analysis and statistical validation of models and processes. As they increase their focus on analytics, regulatory bodies are involving analytics and statistics specialists more in their examinations and reviews. AML model risk management and validation Today s Bank Secrecy Act/Anti-Money Laundering (BSA/AML) programs are becoming increasingly reliant on quantitative models in detecting suspicious activity, measuring risk and supporting key business decisions that drive operational efficiencies. A contributing factor to this trend is a regulatory environment that has a greater focus than ever before on managing the risks associated with quantitative models. Over the past few years, regulatory examination teams have added quantitative specialists, released supervisory guidance and issued regulatory enforcement actions related to sound and effective management of model risk specific to AML. In 2011, the Office of the Comptroller of the Currency (OCC) jointly with the Board of Governors of the Federal Reserve released a bulletin entitled Supervisory Guidance on Model Risk Management. The guidance, commonly referred to as OCC 2011-12 or FRB 11-7, describes the elements of a sound program to effectively manage model risk. The guidance has a broad scope that includes multiple aspects of model risk management, expanding on existing guidance and industry experience. A key element of this and previous guidance is the need for independent review and model validations. In addition to OCC 2011-12, the OCC added a team of financial economists to more effectively address issues related to the use of quantitative methods and models for bank compliance activities, including anti-money laundering. A primary role of the financial economists, among several other functions, is to perform reviews of quantitative methods and provide advice to national bank examiners and to bankers on model validation and model control processes. The team, whose official name is Compliance Risk Analysis Division, also known as CRAD, recruits PhD economists and statisticians with expertise in quantitative statistical and mathematical modeling within the financial services sector. With the inclusion of CRAD in AML examinations and the release of OCC 2011-12, regulators are placing a much greater emphasis on statistically valid processes and methods. Enforcement actions issued over the past two years include language challenging whether banks are using statistically valid processes, controls and validation techniques. As a result, financial institutions under the supervision of the OCC and Federal Reserve are investing in their AML model risk management and model validation programs, by incorporating them into their enterprise model risk management functions, and enhancing AML programs to be better aligned with regulatory expectations. While at many institutions the driving force behind these investments may be a shift in regulatory expectations and focus, the outcome can be better decisionmaking, continual improvement in operational efficiency and reduced risk of costly remediation. AML model risk management and validation 1

What are models and where are they in AML? The first step in understanding the benefits of model risk management and validation is to understand what models are and where they exist in an AML program. A simplified interpretation of the definition of a model found in Supervisory Guidance on Model Risk Management is the use of mathematical techniques to provide an output that is quantitative in nature. The guidance goes on to state that a model consists of three components: An information input component, which may consist of quantitative data, qualitative data, expert judgment and assumptions A processing component, which applies the mathematical technique to transform the inputs into a quantitative estimate While this is the broad definition, institutions with established enterprise model risk management programs will have more specific definitions that have been accepted by regulators and are used to drive their model risk management and validation processes and controls. Where models exist within an AML program is in part driven by the exact definition of a model within your institution. However, the broad definition of a model and elements of a sound model risk program will apply across most areas of an AML program, including: Customer due diligence Customer risk rating Transaction monitoring Alert and case risk scoring OFAC sanctions and watch list screening Money laundering risk assessment A reporting component that translates the quantitative estimate into useful business information that drives decision-making and downstream processes What is a model? (1) A simplified definition of a model is the application of mathematical techniques to provide an output that is quantitative in nature (2) Supervisory Guidance on Model Risk Management refers to a model as a quantitative method, system or approach that applies statistical, economic, financial or mathematical theories, techniques and assumptions to process input data into quantitative estimates. 2

Figure 1: AML model risk management framework Governance, policies and controls 2 3 4 1 KYC models to identify EDD requirements Risk scoring models used to drive AML monitoring processes Rules/scenarios and methods for determining monitoring system thresholds Configuration of scoring parameters based on monitoring policies and risk areas Methodology and documentation 1. Customer due diligence 2. Customer risk rating 3. Transaction monitoring 4. Alert and case risk scoring 5. OFAC sanctions and watch list screening Model development, implementation and use Model validation Evaluation of conceptual soundness Ongoing monitoring Outcomes analysis 5 Models used to perform watch list matching and screening The added benefits of model risk management and validations While the evolving regulatory environment may be the driving force behind many banks instituting improved risk management and validation around models, additional benefits beyond regulatory compliance can be achieved: Improved decision-making and confidence in models Continuous improvement and enhancement Reduced risk of remediation projects and look-backs Improved decision-making and confidence With the vast amounts of information available to decision makers, gut feel business decisions are not sufficient to satisfy internal auditors, or examiners. Decisions must be supported with well-documented rationale and evidence, and tracked to evaluate whether assumptions hold true initially and over time. Managing decisions according to sound risk management practices, and validating those decisions over time, builds confidence not only in examinations and audits but across business lines and functions within the bank. For instance, a single business line s well-documented processes based on sound models, quantifiable benefits and ongoing validation procedures is likely to be adopted by other business lines, jurisdictions or legal entities, as well as other key stakeholders, such as AML investigation teams and AML compliance. In addition, the results of validations may be used as key factors in identifying and prioritizing projects. The validations will not only examine whether known limitations and AML model risk management and validation 3

assumptions are aligned with risk tolerances; they may also identify trends as to where future risks lie. Validation results also provide increased awareness of the impact of business decisions, both past and present. Continuous improvement and enhancement Model building techniques are inherently designed to maximize effectiveness while reducing operational inefficiencies. For example, case risk scoring models are designed to distinguish between the highest- and lowest-risk cases, which may support downstream activities such as automated escalation of high-quality cases that bypasses the initial triage stage. However, these downstream efficiencies can only be realized if all stakeholders, including audit and regulators, are confident in the model s ability to accurately rate the quality of a case. Sound risk management and validation is aimed at providing the evidence required to build that confidence and evaluate whether a model s performance is improving or deteriorating over time. Models do not exist in a silo. They are integrated into an institution s broader AML program. Models depend on data from systems of record and data warehouses, and feed business reports and processes that are used for a range of decisions, from how to allocate investigative, technical and analytics resources to how to prioritize programs competing for limited resources. Reduced risk of remediation projects and look-backs A main objective of a sound model risk management and validation program is to better understand the risk and implications of a model producing inaccurate output with respect to the intended business use, or of a model being misused. Inaccurate model results or misuse can lead to costly remediation projects and look-backs, impacting reputation, budgets, availability of resources and time, and the potential to grow or become more efficient. Ideally, model errors are detected prior to deployment, and models are sufficiently robust to adapt to changing business, technology and operational environments. A sound model risk management and validation program reduces the risk of model errors and misuse and provides a framework to detect them in a timely fashion. If an issue is detected, it is much better to remediate it after a few weeks or months than a few years. Figure 2: Benefits of AML model risk management and validation Model risk management and validation Improved decisionmaking and confidence Reduced risk and impact of remediation Continuous improvement and enhancement 4

Bottom line Over the last few years, changes in the regulatory environment have spurred an evolution toward greater use of quantitative models. Model risk management and validation is becoming a standard practice in the BSA/AML compliance space. Despite these exercises stemming from regulatory pressures, risk management and validation of models do not have to be viewed as check-the-box compliance activities. A robust model risk management program represents an opportunity for realizing tangible benefits that go beyond compliance with regulations. With support from senior management and key stakeholders, banks may be able to realize the benefits of improved business decisions, a continuous increase in operational efficiency and a reduction in the financial and non-financial costs of remediating errors that go unnoticed. Ernst & Young LLP Contacts AML and Regulatory Compliance Advisory Ron Giammarco Partner +1 212 773 3409 renato.giammarco@ey.com Erin McAvoy Principal +1 212 773 7636 erin.mcavoy@ey.com Robert Mara Executive Director, +1 212 773 1025 robert.mara@ey.com Orlando Lopez Senior Manager +1 212 773 3178 orlando.lopez@ey.com Quantitative Analytics Advisory Qingji Yang, PhD Principal +1 212 773 1490 qingji.yang@ey.com Gagan Agarwala Principal +1 212 773 2646 gagan.agarwala@ey.com AML model risk management and validation 5

EY Assurance Tax Transactions Advisory About EY EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities. EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com. Ernst & Young LLP is a client-serving member firm of Ernst & Young Global Limited operating in the US. EY is a leader in serving the global financial services marketplace Nearly 35,000 EY financial services professionals around the world provide integrated assurance, tax, transaction and advisory services to our asset management, banking, capital markets and insurance clients. In the Americas, EY is the only public accounting organization with a separate business unit dedicated to the financial services marketplace. Created in 2000, the Americas Financial Services Office today includes more than 4,000 professionals at member firms in over 50 locations throughout the US, the Caribbean and Latin America. EY professionals in our financial services practices worldwide align with key global industry groups, including EY s Global Asset Management Center, Global Banking & Capital Markets Center, Global Insurance Center and Global Private Equity Center, which act as hubs for sharing industry-focused knowledge on current and emerging trends and regulations in order to help our clients address key issues. Our practitioners span many disciplines and provide a wellrounded understanding of business issues and challenges, as well as integrated services to our clients. With a global presence and industry-focused advice, EY s financial services professionals provide high-quality assurance, tax, transaction and advisory services, including operations, process improvement, risk and technology, to financial services companies worldwide. It s how EY makes a difference. 2013 Ernst & Young LLP. All Rights Reserved. SCORE No. CK0674 1306-1095828 NY ED 0114 This material has been prepared for general informational purposes only and is not intended to be relied upon as accounting, tax, or other professional advice. Please refer to your advisors for specific advice. ey.com

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback