How to avoid complex financial crime models
Financial institutions need to review huge volumes of customers and transactions as part of standard Customer Due Diligence and Anti Money Laundering procedures, leading most to develop modelling software to perform the task. But these models use rules that subject matter experts and senior stakeholders need to define and agree – a tough task as the various parties try to balance effective risk mitigation with an efficient system.
In theory, taking risk-based decisions should be straightforward – the risk-based approach is, after all, the first of the Financial Action Task Force (FATF) recommendations for global standards against money laundering. But accepting compromise – in both risk appetite and system efficiency – can be hard, leading to those who should be making risk-based decisions instead asking for over-engineered workarounds. This increases costs, with the more complex model taking longer to develop, being more likely to include an error and taking more effort to validate. And the end users might not understand the over-engineered workarounds, seeing the final model as a ‘black box’ they don’t really trust.
So, how can financial institutions avoid the operational risks of complex financial crime models? In our experience, there are three elements to a successful strategy for building an effective model – get the right person with the right remit in a position to make decisions, start simple before enhancing the model, and periodically review and iterate to maximise efficacy.
1. Define the role and responsibilities of the decision-maker
Select your decision-maker carefully. They need a detailed understanding of the technology and requirements, as well as the authority to make risk-based decisions. That’s because there are multiple factors that impact decisions, such as development time, effort involved and ongoing support requirements; and only someone with both technical and business expertise will be able to grasp the detail while holistically assessing the wider context.
As those with the detailed knowledge required often lack the seniority to be accountable for a financial crime model, you need to clearly define the decision-maker’s responsibilities. That’s why, with one of our banking clients, the RACI matrix we implemented helped simplify governance and expedite decision-taking by defining clear roles for the responsible and accountable stakeholders when taking financial crime model decisions.
2. Start simple, then enhance
Start with a simple model design that focusses on core values. You could even define the model as a ‘Minimum Viable Product’ to win over stakeholders, highlighting that you’ll be able to add features over time if required. This approach brings three key advantages:
• better design
It’s easier to add new features than it is to strip away redundant ones later. You’ll also be able to add truly useful features based on evidence from running the simpler model.
• improved governance
It’s easier for stakeholders to agree to add complexity than it is to agree to remove it, as complexity suggests the model will do more and reducing it can appear to be a step backwards.
• easier to support
The complexity of the financial crime model should match the maturity of the capability to manage it. As the supporting team gets comfortable managing the model, the complexity can rise.
At one bank we work with, we saw how they matured simple rules-based scenarios for AML Transaction Monitoring into more complex logic using peer comparison before eventually adding artificial intelligence to their model. Enhancing the effectiveness of the model gradually allowed a smooth transition to the target result that improved AML risk mitigation which everyone was comfortable using.
3. Periodically review
You’ll need to respond to changes in the risk landscape, regulatory requirements and products, so schedule regular checkpoints to revisit existing models – one of our banking clients reviews customer risk assessment models every 12 months. You’ll need to embed periodic reviews and development of the model as part of BAU, using the team members with the right skills to review the model holistically and, where necessary, make recommendations. You’ll also need create a governance process to accept recommendations and authorise the work needed to make changes, and ensure the resources are available to make such changes.
The key is to see model development as a journey through a series of enhancements followed by steady-state phases. Have the confidence to implement a simple model first with the assurance that you can mature it later if required.
Financial institutions must avoid complex financial crime models
As financial institutions turn to technology to mitigate risks through financial crime models, it’s vital to balance functionality and efficiency. A complex model might have some nice-to-have features, but if the added complexity delays implementation or means risk managers don’t use it properly, the risk-reward ratio can quickly degrade.
To avoid this, it’s vital to put the right expert with adequate authority in charge of the model, to start simple before adding optional functionality, and to periodically review and iterate the functioning model. By following this simple strategy, financial institutions can create effective financial crime models.