Matt Russell, Partner
A piecemeal and reactive approach to implementing and remediating financial crime controls, what we describe as the Frankenstein approach, is a natural response to emerging threats and regulation.
This is typically magnified in times of continued austerity: Firms who are lucky enough to be seeing rapid growth, technological developments and / or are in a position to be making acquisitions need quick solutions to financial crime mitigation – which can mean utilising unnecessary and ineffective controls from the easiest available source. As a consequence, the implementation and remediation of compliance controls are often siloed, limited and driven by cost.
We are not saying the Frankenstein approach is necessarily a bad thing. Concentrating efforts on weak areas of a financial crime operating model is often the only temporary and rapid solution available to institutions, particularly when they are under scrutiny by the regulator.
In our experience, controls, policies, monitoring and screening systems that are fit for purpose can only be achieved by stepping back and looking at the bigger picture. Whilst you are patching up your enhanced due diligence process, or remediating your fraud monitoring rules, what are your other controls doing? Are they operating at the same level of effectiveness as your new and improved controls? Are they interacting and supporting the others’ objectives? Are they applying the same financial crime risk principles to the same degree?
Given the number of interdependencies between financial crime controls, implementing or remediating one will have a knock on effect to others. This might have a positive impact on risk management; however without proper planning it can also have a negative impact on resource efficiencies, cost effectiveness and client satisfaction. For example, when you remediate your policies to meet regulatory expectations and align to your new risk appetite, have you thought about how you are going to manage an increased volume of red flags, or tailor your monitoring technology to a new set of standards?
If financial institutions want to achieve financial crime effectiveness whilst maintaining a cost effective and financially viable portfolio, they must strive to move away from being reactive, and look over the horizon to a more proactive approach of reviewing and assessing the holistic financial crime operating model.
This will feel like a frustrating task, however, in our experience the benefits justify the effort:
The Frankenstein approach is not monstrous, but it is not sustainable. New regulation will continue to demands accountability for financial crime risk in its entirety, indicating the piecemeal approach days are numbered. It is the firms that recognise the need for the holistic approach to their financial crime operating models that will stay ahead of the game and the regulators.