What Is Needed for a Successful AML Program
The fight against money laundering has been the focus of financial regulators all over the world for a very, very long time. Crypto exchanges, banks, payment services and other companies spend a lot of money and resources to ensure compliance with anti-money laundering regulations. However, the number of AML breaches and the total amount of fines grows steadily and is at the all-time-high at the moment. So why do businesses fail to comply and what do you need to implement a successful AML-program?
Causes of failure
AML-programs always fail due to multiple compounding causes. There is no AML-compliance failure case where one can honestly say that “The company got everything right, but this one factor ruined it”. So let’s peel this “failure onion”.
Lack of compliance culture
Often company managers and leadership don’t understand the importance of AML programs, and perceive AML regulations as an annoying obstacle for their business. Basically, the only reason to comply is to avoid fines, in their opinion. Moreover, a lot of managers are willing to turn blind eye towards suspicious activities for high gains.
This leads to lackluster effort in implementing AML-programs, insufficient training, lack of competent compliance managers and a variety of other issues. Lack of compliance culture plays into most other factors leading to AML-program failure and fines from regulators.
Lack of a standardized client data processing
Client data in different companies and financial institutions is stored in systems that are not compatible with each other. This prevents effective cooperation between businesses for AML purposes. Moreover, in some cases disparate digital systems that cannot talk to one another are used to store clients data even within one company.
Moreover, companies often try to solve this problem in-house and develop proprietary solutions, despite the fact that they do not have the necessary expertise.
“Top-managers often do not trust experts and AML-solutions providers. Some even openly say that we try to profit from unnecessary government interference in their business. Therefore, they develop KYC-system in-house “on the cheap”. It leads to improper KYC procedures, data leaks and failing to comply with AML regulations”,
– explained Dmitri Laush, CEO of GetID, identity verification solution provider, part of Checkin.com Group.
Lack of an effective transaction monitoring system
Transaction monitoring is another complicated issue that a lot of financial institutions try to skimp on and develop in-house. And the results are not great. It is estimated that such systems generated over 95% false-positives. Not only does it cause a waste of time and money on false investigations, but also encourages people to ignore the system or to de-facto switch it off.
What do you need for a successful AML-program?
First: a strong compliance culture in the company. Yes, it is impossible to just tell people to “become good” and expect that they will comply. However, the company’s leadership must understand that strict adherence to AML regulations and value is beneficial for both their business and society. And this culture must begin from the top and spread its way down to the lower echelons - it won't work otherways.
Second: a comprehensive training program. It is not enough to just train your compliance department. All employees that interact with clients, operations office employees, top-managers and auditors need AML training. Also, in-house compliance officers are a necessity and they should refresh employees' training regularly.
Third: a reliable and well-proven third-party KYC solution and transaction monitoring system. This way you’ll get a high-end system, developed and supported by professionals in the AMl field. Such systems will prevent both client’s data leaks and fines from regulators for improper KYC.
Fourth: regular third-party audits and risk assessments. This is the only way to ensure that AML procedures and practices are not only implemented, but followed in practice. In addition, you can be sure that third-party auditors are not involved in any potential collusion between employees and clients, so they won’t turn blind eye towards any transactions.
But the most important requirement is to treat the AML-program as an essential component of your business, not as an afterthought.
Back to the list