Blog By: Julien Mansourian, Strategy and Transformation Executive.
The purpose of an Anti-Money Laundering application is primarily to enable the reporting entities (finance-related industries) to detect and disclose any suspicious transactions above a predefined threshold (depending on jurisdictions) by compiling and submitting a SAR (Suspicious Activity Report) to FIUs (Financial Intelligence Units). The report includes information about known or suspected violations of law or suspicious activity observed by financial institutions. The number of SAR filings made to FIUs is considered a key performance indicator of the overall AML regime and its efficiency by the regulators.
As per the statistics issued by FinCEN, the reporting entities have filed more than 3 million SARs in 2017, against only 150,000 in 1996. In Europe, 1.5 million SARs were filed in 2017 across the 28 EU Member States, almost double the number received in 2006. UK, The Netherlands, Italy, Latvia and Poland are the top 5 SAR issuers in Europe. Today, we really talk about an explosion of SAR submissions and many financial organisations are currently questioning the reliability/objectivity of SAR filing.
The explosion of the SAR filings reflects a combination of increased regulatory requirements, a broader range of institutions subject to BSA/AML regulations, stronger compliance programs at financial institutions or possibly a weak detection system generating too many alerts (false negatives and false positives) analysed and promoted to cases and disclosed to the regulators.
Although, SARs have been instrumental in enabling law enforcement to initiate or supplement major money laundering or terrorist financing investigations and other criminal cases, it still represents a significant burden on budgets and earnings for financial institutions. Filing too many SARs does not mean there is a stronger detection process in place and it considerably increases the workload of compliance functions as they must deal with a combination of too many alerts, cases and consequently SARs.
In fact, many financial institutions are still missing out the real criminal activity if we look at the number of fines over the last 7 years. According to Boston Consulting Group, banks globally have paid $321 billion in fines from 2009 to 2016 for an abundance of regulatory failings from money laundering to market manipulation and terrorist financing. Although the bank penalties have decreased from 2015 onwards, the volume of SARs have considerably increased (3 million in 2017 against 1.9 million in 2015).
FinCEN and other FIUs worldwide have never disclosed what percentage of SARs result in successful prosecution. It looks like the SAR filing is a black box and nobody wants to talk about the accuracy and consistency of the filed SARs. In some organisations, filing a manual SAR takes more than 2 hours and this is a real burden for compliance functions and must immediately be automated through digitisation of the template and generalisation of E-Filing via governmental portals.
Moreover, with the growing number of cyber-attacks, regulators are considering the introduction of a new set of requirements when it comes to filing SARs, and there will be a Cyber SAR increasing the current workload of the compliance office.
In 2016, FinCEN issued some advisory notes to request reporting entities to include Cyber-Related information in their SAR templates. Additional events should be included in the form:
For more information about the note, please click here.
Europol has recently published a paper outlining some key findings over the effectiveness of the FIUs in Europe:
Financial organisations have put in place the required processes, work force and systems to prevent, detect and report suspicious activities. They indeed have increased the number of SAR filings over the last decade pushing their overall cost of compliance to the roof. In parallel, regulators have ramped up enforcement efforts concomitant with the rise in SAR filings and have fined many reporting entities.
Banks have a general sentiment of being trapped in an ocean of heavy and frequent regulations coupled with an increasing cost of compliance and impressively high cost of ownership caused by complex system implementations.
The continuing rise in SARs is an indication of the current workload in AML compliance. The majority of the SARs are produced within banking. However, there are emerging trends rising in financial institutions across the industry in particular credit institutions.
Over-reporting to mitigate regulation risk is undermining the SAR Regime and is resource-intensive for firms.
Compliance Officers should focus on improving the SAR reporting quality and its automation to eliminate the existing ocean of unproductive SARs.
To support the reporting entities in their SAR optimization journey, FIUs should redesign a global SAR template covering all jurisdictions including the same set of data requirements.