Setting up an AML Compliance Program Part IV: AML Case Investigations
June 02, 2021
Setting up a strong AML investigations practice.
When your anti-money laundering (AML) transaction monitoring system flags an activity, or another trigger prompts a review, your compliance team will need to conduct a case investigation. The customer behavior could have a perfectly legitimate explanation. Or it could be a tip that helps law enforcement crack a terrorist financing syndicate.
Case investigations are particularly critical junctures in AML, both for companies as well as regulators. Unfortunately there tends to be a defensive impulse towards over-reporting. It’s understandable, but a blunt approach can backfire in effectiveness, as well as budgets. Approaching case investigations with care, wisdom, and the appropriate technological resources will contribute to more meaningful inputs towards protecting society.
The Association of Certified Anti-money Laundering Specialists (ACAMS) developed the “360 Degree AML Investigation Model” as a professional standard to guide compliance teams through case investigations. Their model advises probing the situation with the following six steps:
Understand the trigger. What was the cue for this review? Is it the first alert you’ve had for this customer? What monitoring system rule prompted this alert? Periodic monitoring, an adverse media alert, a law enforcement referral, or a regulator’s response to reported activity could also be part of this sequence of events.
Understand the customer. Take a closer look at who they are and what they do. You’ll really appreciate your earlier efforts with Know-You-Customer data at this point! Round out the KYC data you have with more information. For instance, consider:
- Has your team investigated the subject before? What did they find?
- Could their cultural background help explain some behaviors?
- Are they a “Politically Exposed Person,” i.e. susceptible to behaviors such as bribery given their power and position, based on guidance from the Financial Action Task Force (FATF)?
- What products do they hold and why?
- Can you find any adverse information associated with the customer or their business, close associates, or family?
Understand the activity. Take all the information—transactions, accounts, locations, entities with whom they interact, and their expanded identity details—and look at how a big picture fits together...or not. What story do they tell about this customer’s story?
Eliminate the norm. Pare away the information that makes sense in order to focus on the parts that don’t fit a normal, legitimate pattern. The information you want to hone in on could be something like a series of in-person transactions in different states at the same time.
Decide if the activity is suspicious. Evaluate the unusual behavior holistically. Transactions on their own may appear insignificant, but the context of the entire account and past behavior can help you to identify them as suspicious. A predicate offense, a recent event such as an adverse media mention or criminal charges, can be very conclusive at this step. Gut-level instincts can also contribute to your decision: ACAMS suggests considering if the behavior “raises questions or gives rise to discomfort, apprehension, or mistrust.”
Report and consider divesting. If you’ve decided the activity rises to the level of “suspicious,” you’ll proceed on to the next practice area, filing a Suspicious Activity Report (SAR) or other related reports. But there’s another question to resolve: Whether or not to keep this customer? Compare the benefits of maintaining this relationship against the risk appetite of your financial services company.
These are not necessarily easy tasks. They demand a combination of clear data and a strong analytical process. Consider how your team will access and organize these disparate pieces of information for an overall view. Consider how RegTech systems could help automate the routine, laborious parts, and direct attention to the most significant details and patterns.