Senior executives of financial services businesses are now demanding much higher quality data and information from key risk functions to gain reassurance that these risks are being managed appropriately.
Senior officers in the UK, for example, under the new senior manager’s regime, are demanding much better quality Management Information (MI) and they’re not prepared to put up with reports on excel spreadsheets that are out of date the moment they are produced. They want real-time dynamic reporting of accurate information across a variety of issues within the business and nothing exercises the minds of senior executives more than the danger that a business is not adequately or appropriately managing financial crime risks that are inherent in customer relationships.
So they are demanding information: how many potential matches were generated? How quickly were they handled? How many of them were false? How many of them were true? What were the bases on which matches were dismissed? But key risk functions are struggling to supply that information because of the limitations of the technologies they are using.
Audit capability is a key feature that most legacy batch screening engines lack.
Fortunately, however, there are screening technologies that are maturing in line with the ever increasing regulatory burden. New technologies now exist that enable businesses to positively demonstrate their daily screening search history relating to every single customer. So instead of businesses only being able to point to the presence or absence of positive search results, they can positively identity that customers have been screened, at what depth and on which particular occasion.
Having a tool which demonstrates that it captures all of the audit history on the potential matches that have been fired out, in relation to the screening that has been conducted against each customer, is absolutely essential. Being able to run real-time reports on individual customers, or indeed populations of customers, and showing screening results, is fast becoming the norm.
Case study – Non-evidencing due diligence history
A large law firm used a legacy batch screening tool to screen its entire client base on a daily basis. A client of the firm was included in the batch. The batch engine did not throw up any matches for that particular client over a two year period. The client was then arrested on suspicion of drug trafficking prompting a full scale investigation of his financial affairs. The law firm was required by its regulator to evidence its due diligence search history of the client. The law firm could not evidence that the client had been screened. All it could do was evidence there had been no matches. It could not demonstrate that it had tested that the batch screening engine had been working. The law firm was criticised for failing to have adequate controls in place designed to test the efficacy of its AML systems and for poor record keeping in relation to its due diligence processes.
Audit capture and evidencing screening activity
RiskScreen Batch can be described as next-generation batch screening technology. Unlike legacy systems, RiskScreen Batch includes full audit capture functionality, allowing users to record and report the results of all screening that has been carried out using the tool, in addition to which an automatic record is created of all batches in which a customer is screened. The audit capture functionality enables users to provide positive proof of screening activity for all customer relationships.
Case Study – Absence of Real-time Management Information
A group head of risk of a multi-national bank was responsible for overseeing the customer due diligence processes deployed by the bank. 2.7m customers across 23 jurisdictions were screened on a daily basis using a legacy batch screening engine. Unfortunately this outdated batch screening technology did not allow her to analyse the number of potential matches thrown up across each jurisdiction. Nor did the system allow her to track the speed with which the potential matches were being handled in each location. One of those locations was very poor at handling potential matches – so poor in fact, that despite the assurances they gave her, they had a 24 day backlog of potential matches. A handful of those potential matches were true matches relating to customers on watch lists and sanctions lists. During a supervisory visit conducted by the bank’s lead regulator, the backlog was identified and the bank was severely criticised for (i) having been unaware of it; and (ii) for not having adequate customer due diligence processes in place.
Comprehensive Screening MI & Reporting
RiskScreen Batch features a comprehensive dashboard and reporting engine, enabling batch screening results to be viewed multi-jurisdictionally and match handling can be tracked and reported upon in real-time.
Two versions of RiskScreen Batch are available. The first is an ‘onsite’ solution which means that the engine is actually loaded onto your own server so that absolutely nobody else has eyes on it. Customers are screened against the international Dow Jones sanctions, PEP and watch list database (which has between 30,000 and 40,000 data changes every day).
The second option is a ‘hosted’ version of RiskScreen Batch which enables you to upload names and metadata on customers and prospects and manage their screening through our intuitive and laser-sharp web interface.
RiskScreen Batch’s sophisticated screening engine not only uses the names of your customers, but it also utilises the meta data you are obliged to hold on your customers (date of birth, countries of association) and compares it against the Dow Jones dataset in order to provide a precision of results – virtually eliminating false positives. It communicates, through an API, with your core CRM system and each customer risk profile is updated on a daily basis.