With ever-changing business environments, regulations, and customer behaviours, Colin Dixon, Jade ThirdEye's expert AML account and product manager, unpacks the world of AML reporting. Colin provides some great insights and advice for reporting entities looking to modernise the regulatory reporting aspects of their AML programme.
FATF recommendations and national laws require reporting entities to submit reports about suspicious activity to their Financial Intelligence Unit (FIU). These are variously known as suspicious transactions reports (STRs), suspicious activity reports (SARs) or suspicious matter reports (SMRs). Some countries, including New Zealand and Australia, also require the reporting of prescribed transactions such as large cash transactions and international funds transfers. These are all important reports as they enable the FIU to generate intelligence which can lead to conviction or disruption of money laundering and its predicate offenses. While one such report may seem insignificant, when pieced together with reports from other reporting entities plus other forms of investigation, the combined intelligence can help create a very clear chain of evidence.
Because of the sheer volume of transactions that many reporting entities are required to monitor, it’s virtually impossible to accurately identify suspicious activity – unless reporting entities are prepared to contribute significant human resources. Therefore, automation has two roles to play: detection and ease of reporting. Detection of the small amount of money laundering in large volumes of data is ideally suited to automation, which can detect patterns of activity that are indicative of money laundering. Automation can also be used for the simpler task of detecting prescribed transactions to ensure that nothing is missed. Information required by FIUs in the reports needs to be thorough and accurate to enable good intelligence to be created. This places a burden on reporting entities to submit all the data required. Automation can help with the creation of the reports, checking for missing data and submission to the FIU.
Prescribed reports are common across all sectors, which means automated AML software can handle them all the same. While various sectors and the reporting entities within each sector have different risk profiles, AML software can be tweaked to handle these differences by enabling the reporting entity to create the rules it needs for its specific case. Once an alert has been raised, the process of completing and submitting an STR is the same for all reporting entities. When comparing AML solutions, it’s worth considering how easily the systems can be tuned to ensure they are fit for purpose. What is essential for implementing and maintaining automated reporting? Firstly, the rules should be set up to match the risk assessment of the reporting entity. The rules should be tested and tuned to make sure they are not missing anything (false negatives) or creating too many useless alerts (false positives). Rules need to be constantly monitored to ensure they remain fit for purpose. If there are changes to the operating environment that an organisation works in - such as a reporting entity expands its product or service offering, criminals alter their patterns of behaviour, and regulation changes - rules should be updated to meet all these changes. Secondly, the content of the STRs should be complete and accurate. FIUs rely on the reporting entities to send them good data, otherwise incorrect data may compromise the intelligence reports they produce and miss identifying offenders.
Jade ThirdEye is our automated AML software programme, which uses rules to detect prescribed transactions and patterns of activity that are potentially suspicious. Jade ThirdEye enables reporting entities to set up and test rules that match its own money laundering risks. The software creates the reports that are needed, populates the data and flags missing or invalid data. This means the human effort is just to check the accuracy of the reports and complete missing data. Jade ThirdEye also submits the reports automatically to the FIU in New Zealand and AUSTRAC in Australia.
The Jade ThirdEye team has worked with the New Zealand FIU and AUSTRAC to ensure that reporting entities can automatically submit valid reports. The team helps reporting entities to create the rules that meet their business risks and set up the reports to correctly populate the data from their data model. This takes a lot of pressure off AML compliance officers, as they know the reports they are submitting have all the necessary information.
The Jade ThirdEye team have been working on a new version of the user interface, which will make users’ jobs easier for reporting and all the other parts of Jade ThirdEye. We have been doing this with feedback from our clients about what is good or bad about the original interface and incorporating all the feedback into the design to provide a better user experience.