Anti-Money Laundering: How the FinCEN Files Exposed a Broken AML System

Recent reports on leaked FinCEN Files shine the spotlight on weaknesses within the global anti-money laundering system once more. Why are these processes failing and what is the way forward? This 2-part article series features input from industry specialists to provide deeper perspective. 

Money now moves anywhere quickly and easily thanks to modern technology, so it is no surprise that financial crime continues to rise. Posing a massive risk to the world economy, global money laundering is estimated to total $800 million to nearly $2 trillion per year. 

This puts pressure on Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT) programs to be highly efficient so they can fight threats more urgently than ever. But diligent compliance and detailed reporting are big responsibilities, and financial institutions seem to be falling short – or is the system flawed?

fincen files raise doubts

The latest financial crime scandal, the FinCEN Files, raises doubt on the efficiency of AML regulations and banking practices. The case involves 2,657 leaked documents from the US financial crimes authority FinCEN (Financial Crimes Enforcement Network), including 2,121 Suspicious Activity Reports (SARs), that reveal over $2 trillion in potentially illicit transactions were processed by major banks from 1999 to 2017. 

Publicized by BuzzFeed News and The International Consortium of Investigative Journalists (ICIJ), these files are being investigated by over 100 news outlets around the world who say banks – namely Deutsche Bank, JPMorgan Chase, Standard Chartered Bank, Bank of New York Mellon, Barclays and HSBC – were not being diligent or quick enough in stopping the transfer of these illicit funds.

“The FinCEN Files give the impression that financial institutions willingly allow suspicious transactions to flow through their systems for profit; indeed it can seem morally unacceptable to the public eye,” says Thibaut Kellam, who worked as a compliance analyst for a French bank. He now helps companies and governments detect and investigate financial crime networks at Linkurious

“However, banks can’t block every suspicious transaction. They operate on a risk-based approach, which is a key principle of any AML program. We must accept that they place priority on the riskiest areas of their business so they can continue providing financial services to the world economy.” 

sars reporting and responsibilities

Meanwhile, banks also can’t be expected to tackle financial crime as if they were non-profit institutions or state agencies. Their responsibility lies in collecting data and information, as well as closely monitoring and drafting exhaustive reports, on suspicious activities. 

Kellam says: “Financial institutions are doing their best to deliver on requirements, and have put significant investment into resources. In fact, AML compliance, in terms of staff, training and tools, is one of top three costs for banks in the US and Europe.” 

At the core of any AML program but not automatic proof of criminal activity, SARs are filled out individually by banks (reported from their perspective and based on available data), and then passed on to financial intelligence units (such as FinCEN in the US and Tracfin in France) for investigation and to determine if law enforcement action is needed. However, with a lack of funding and a substantial backlog of SARs, regulators are struggling to thoroughly investigate each and every case. 

global aml system weak spots

Understanding this wider scope of responsibilities, it is clear that the FinCEN leaks expose the errors and challenges related to the reactivity in processing SARs, not the wrongdoing of banks, and that improvements are needed across the entire AML ecosystem. 

What needs to be fixed?

  • Lack of Visibility

Financial institutions struggle to harness data and have a limited view on transactions, which is a huge disadvantage to both finding hidden connections and for Know Your Customer (KYC). They are diligent at identifying simple, recurring money laundering patterns, but connecting elaborate schemes or international players, accounts, interactions and payment methods is much harder, allowing criminal activities to fly under the radar. Speaking from years of experience as an AML expert, Miguel Aguado, Senior Manager of the Financial Intelligence Unit at RIA Financial, adds: “Detecting suspicious activities is challenging, particularly in a very changing environment where new trends appear constantly. Likewise, an effective detection methodology that is effective today may not be effective tomorrow. Moreover, managing large databases with millions of customers and transactions is an additional challenge.” 

  • Outdated Information Systems 

Traditional AML and KYC applications use relational databases that store data in tables, which is an approach well-adapted for simple analytics, but not suited for sophisticated investigations. Another weakness is that financial institutions have detection rules that use action-based logic focused on only simple transactional behavior, which will never successfully identify complex money laundering operations.

  • Mixed Signals

On top of that are mixed signals to manage. “On one hand, intelligence agencies (like FinCEN) ask banks for data and SARs; and advise them not to ‘de risk’ or block suspicious activity, which makes the money harder to trace because it gets sent to off-shore institutions in less-compliant jurisdictions,” describes Kellam. “On the other hand, regulators say they must block suspicious transactions.”

  • Changing Regulations

Financial institutions also have to keep up with changing laws, regulations and standards set by the Financial Action Task Force (FATF), or face hefty fines. And the cost of failure is climbing, with $8.14 billion in global AML penalties handed out in 2019, double that of the year before.

moving forward with modern investigation methods

Overcoming current challenges requires that authorities and financial institutions collaborate more closely to develop strategies that better detect threats and drive efficiency across the whole process. 

AML systems also lack the ability to harness data and share valuable information between stakeholders, and need to adopt more modern investigation methods. “Financial institutions have a responsibility to best use their data to find links between isolated suspicious activities to uncover larger networks. Discovering connections in history and patterns requires solid analytical tools, and without these, banks will continue to trail behind criminals,” stresses Kellam.

There has never been a more critical moment for financial institutions to embrace new analytics and automation technologies to improve AML. This modernization of processes is essential to help financial institutions build better SARs by adopting a safer risk-based approach through improved monitoring and analyzing of data – and only then will it be possible to uncover hidden connections and weak spots within their organization.

Check out part 2 to find out the solution to these challenges in an interview with an AML expert and a Data Specialist. 

FinCEN Files in Numbers

 

Tags: , , , ,